Cookie Scoped to Parent Domain Example

Report generated by XSS.CX at Sun Mar 20 09:19:03 CDT 2011.

XSS.CX Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog
Loading

1. Cookie scoped to parent domain

1.1. http://canvas.myyearbook.com/canvas

1.2. http://cts-log.channelintelligence.com/

1.3. http://home.myyearbook.com/Countries

1.4. http://home.myyearbook.com/feed/BlindDateFeedItems

1.5. http://home.myyearbook.com/feed/battlesFeedItems

1.6. http://home.myyearbook.com/feed/causesFeedItems

1.7. http://home.myyearbook.com/feed/flirtFeedItems

1.8. http://home.myyearbook.com/feed/gamesFeedItems

1.9. http://home.myyearbook.com/feed/giftFeedItems

1.10. http://home.myyearbook.com/feed/matchFeedItems

1.11. http://home.myyearbook.com/feed/myMagFeedItems

1.12. http://home.myyearbook.com/feed/ownedFeedItems

1.13. http://home.myyearbook.com/feed/profileFeedItems

1.14. http://home.myyearbook.com/feed/quizFeedItems

1.15. http://home.myyearbook.com/feed/stickersFeedItems

1.16. http://home.myyearbook.com/feed/tvFeedItems

1.17. http://live.myyearbook.com/

1.18. https://ssl.myyearbook.com/login

1.19. http://usadmm.dotomi.com/dmm/servlet/dmm

1.20. http://www.lanebryant.com/

1.21. http://www.myspace.com/Modules/PostTo/Pages/

1.22. http://www.myyearbook.com/

1.23. http://www.myyearbook.com/

1.24. http://www.rkdms.com/sid.gif

1.25. http://www.shockwave.com/home.jsp

1.26. http://www.stjude.org/stjude/v/index.jsp

1.27. http://www.stumbleupon.com/submit

1.28. http://www.t-mobile.com/

1.29. http://www.t-mobile.com/Company/Community.aspx

1.30. http://www.t-mobile.com/Company/PrivacyResources.aspx

1.31. http://www.t-mobile.com/Company/Working.aspx

1.32. http://www.t-mobile.com/PartnerServices.aspx

1.33. http://www.t-mobile.com/Promotions/twodevicehotspot.aspx

1.34. http://www.t-mobile.com/Templates/ListAllPhones.aspx

1.35. http://www.t-mobile.com/Templates/ListAllPhones.aspx/

1.36. http://www.t-mobile.com/business/Information.aspx

1.37. http://www.t-mobile.com/locator.aspx

1.38. http://www.t-mobile.com/promotions/generic.aspx

1.39. http://www.t-mobile.com/promotions/resourcetemplate.aspx

1.40. http://www.t-mobile.com/shop/addons/Accessories/Default.aspx

1.41. http://www.t-mobile.com/shop/phones/

1.42. http://www.t-mobile.com/shop/phones/Default.aspx

1.43. http://www.t-mobile.com/shop/phones/prepaid.aspx

1.44. http://www.t-mobile.com/shop/plans/Cell-Phone-Plans-Overview.aspx

1.45. http://www.t-mobile.com/shop/plans/Prepaid-Plans-Overview.aspx

1.46. http://140cc.v.fwmrm.net/ad/l/1

1.47. http://140cc.v.fwmrm.net/ad/p/1

1.48. http://a.collective-media.net/adj/cm.mtv/games_010111

1.49. http://a.tribalfusion.com/i.cid

1.50. http://a1.interclick.com/Segment.aspx

1.51. http://action.media6degrees.com/orbserv/hbpix

1.52. http://ad.trafficmp.com/a/bpix

1.53. http://ad.trafficmp.com/a/bpix

1.54. http://ad.trafficmp.com/a/bpix

1.55. http://ad.trafficmp.com/a/bpix

1.56. http://ad.trafficmp.com/a/bpix

1.57. http://ad.trafficmp.com/a/bpix

1.58. http://ad.trafficmp.com/a/bpix

1.59. http://ad.trafficmp.com/a/bpix

1.60. http://ad.trafficmp.com/a/bpix

1.61. http://ad.trafficmp.com/a/bpix

1.62. http://ad.turn.com/server/ads.htm

1.63. http://ad.turn.com/server/ads.js

1.64. http://ad.turn.com/server/pixel.htm

1.65. http://adclick.g.doubleclick.net/aclk

1.66. http://ads.adbrite.com/adserver/vdi/712181

1.67. http://ads.adbrite.com/adserver/vdi/742697

1.68. http://ads.adbrite.com/adserver/vdi/753292

1.69. http://ads.lfstmedia.com/exclude

1.70. http://ads.lucidmedia.com/clicksense/pixel

1.71. http://ads.pointroll.com/PortalServe/

1.72. http://ai.realmedia.com/

1.73. http://ak1.abmr.net/is/showadsak.pubmatic.com

1.74. http://ak1.abmr.net/is/www.burstnet.com

1.75. http://altfarm.mediaplex.com/ad/js/10433-118675-1629-11

1.76. http://altfarm.mediaplex.com/ad/js/1551-47634-23636-2

1.77. http://altfarm.mediaplex.com/ad/nc/1551-47634-23636-1

1.78. http://altfarm.mediaplex.com/ad/nc/1551-47634-23636-2

1.79. http://api.choicestream.com/instr/csanywhere.js

1.80. http://b.scorecardresearch.com/b

1.81. http://b.scorecardresearch.com/p

1.82. http://bh.contextweb.com/bh/rtset

1.83. http://bh.contextweb.com/bh/set.aspx

1.84. http://bidder.mathtag.com/iframe/notify

1.85. http://bp.specificclick.net/

1.86. http://bs.serving-sys.com/BurstingPipe/adServer.bs

1.87. http://bstats.adbrite.com/click/bstats.gif

1.88. http://buzz.yahoo.com/submit/

1.89. http://c.statcounter.com/t.php

1.90. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s81389546408317

1.91. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s82792049169074

1.92. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s84338280088268

1.93. http://clk.redcated/CNT/go/302593025/direct

1.94. http://clk.redcated/M0N/go/285781800/direct

1.95. http://clk.redcated/M0N/go/285781803/direct

1.96. http://clk.redcated/M0N/go/285954644/direct

1.97. http://clk.redcated/M0N/go/285954646/direct

1.98. http://clk.redcated/M0N/go/285954649/direct

1.99. http://clk.redcated/M0N/go/287619747/direct

1.100. http://clk.redcated/M0N/go/289553602/direct

1.101. http://clk.redcated/M0N/go/289553603/direct

1.102. http://clk.redcated/M0N/go/293182495/direct

1.103. http://clk.redcated/M0N/go/293182496/direct

1.104. http://clk.redcated/M0N/go/304190340/direct

1.105. http://clk.redcated/go/142856443/direct

1.106. http://clk.redcated/go/302593025/direct

1.107. http://clk.fetchback.com/serve/fb/click

1.108. http://cm.nick.overture.com/js_flat_1_0/

1.109. http://cms.ad.yieldmanager.net/v1/cms

1.110. http://conv.opt.fimserve.com/conv/1345/

1.111. http://d.audienceiq.com/r/dm/mkt/44/mpid//mpuid/8392341830659049202

1.112. http://d.audienceiq.com/r/dm/mkt/73/mpid//mpuid/8392341830659049202

1.113. http://d.mediabrandsww.com/r/dm/mkt/3/mpid//mpuid/8392341830659049202

1.114. http://d.p-td.com/r/dm/mkt/4/mpid//mpuid/8392341830659049202

1.115. http://d.xp1.ru4.com/meta

1.116. http://d7.zedo.com/img/bh.gif

1.117. http://developers.facebook.com/plugins/

1.118. http://feedburner.google.com/fb/a/mailverify

1.119. http://gam.adnxs.com/gtj

1.120. http://goods.adnectar.com/analytics/get_avia_js

1.121. http://haku.vizu.com/a.gif

1.122. http://i.w55c.net/ping_match.gif

1.123. http://ib.adnxs.com/acb

1.124. http://ib.adnxs.com/getuid

1.125. http://ib.adnxs.com/getuidnb

1.126. http://ib.adnxs.com/mapuid

1.127. http://ib.adnxs.com/ptj

1.128. http://ib.adnxs.com/ptj

1.129. http://ib.adnxs.com/ptj

1.130. http://ib.adnxs.com/seg

1.131. http://ib.adnxs.com/setuid

1.132. http://idpix.media6degrees.com/orbserv/hbpix

1.133. http://image2.pubmatic.com/AdServer/Pug

1.134. http://image2.pubmatic.com/AdServer/Pug

1.135. http://image2.pubmatic.com/AdServer/Pug

1.136. http://image2.pubmatic.com/AdServer/Pug

1.137. http://image2.pubmatic.com/AdServer/Pug

1.138. http://imp.fetchback.com/serve/fb/adtag.js

1.139. http://imp.fetchback.com/serve/fb/hover

1.140. http://imp.fetchback.com/serve/fb/imp

1.141. http://leadback.advertising.com/adcedge/lb

1.142. http://map.media6degrees.com/orbserv/aopix

1.143. http://media.fastclick.net/w/tre

1.144. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1060813121@x15

1.145. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1089778095@x15

1.146. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1192949115@x15

1.147. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1347059161@x15

1.148. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1370404784@x15

1.149. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1440296334@x15

1.150. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1498193368@x15

1.151. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1553265252@x15

1.152. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1707718303@x15

1.153. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1919814581@x15

1.154. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1226497562@Top1

1.155. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1268323048@Top1

1.156. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1537585327@Top1

1.157. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1603656518@Top1

1.158. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1675436300@Top1

1.159. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1712827513@Top1

1.160. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1806760340@Top1

1.161. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1819946762@Top1

1.162. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1974512687@Top1

1.163. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1987467131@Top1

1.164. http://p.opt.fimserve.com/bht/

1.165. http://pixel.mathtag.com/creative/img

1.166. http://pixel.rubiconproject.com/tap.php

1.167. http://pixel.rubiconproject.com/tap.php

1.168. http://pixel.rubiconproject.com/tap.php

1.169. http://pixel.rubiconproject.com/tap.php

1.170. http://r.openx.net/set

1.171. http://r.turn.com/r/bd

1.172. http://r.turn.com/r/beacon

1.173. http://r.turn.com/r/tpclick/id/tm7NsgCBljeFlAgAcwABAA/3c/http:/ad.yieldmanager.com/clk

1.174. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000884204/cstr=20240822=_4d860041,3743237811,787693^884204^1183^0,1_/xsxdata=$xsxdata/bnum=20240822/optn=64

1.175. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=21883119=_4d85ff8c,0550568154,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=21883119/optn=64

1.176. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=25446075=_4d85f9eb,2610684043,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=25446075/optn=64

1.177. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=45191372=_4d8600f7,7766046076,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=45191372/optn=64

1.178. http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000759958/cstr=16369623=_4d85fc08,4560463311,787694^759958^1183^0,1_/xsxdata=$xsxdata/bnum=16369623/optn=64

1.179. http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=69689444/optn=64

1.180. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=20240822/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

1.181. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=21883119/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

1.182. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=25446075/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

1.183. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=45191372/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

1.184. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=16369623/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

1.185. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=5805484/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

1.186. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=69689444/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

1.187. http://r1-ads.ace.advertising.com/site=797066/size=300250/u=2/bnum=53391539/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.livejournal.com%252F

1.188. http://safebrowsing.clients.google.com/safebrowsing/downloads

1.189. http://sales.liveperson.net/hc/51764537/

1.190. http://segment-pixel.invitemedia.com/pixel

1.191. http://segments.adap.tv/data/

1.192. http://showads.pubmatic.com/AdServer/AdServerServlet

1.193. http://showads.pubmatic.com/AdServer/AdServerServlet

1.194. http://showads.pubmatic.com/AdServer/AdServerServlet

1.195. http://showads.pubmatic.com/AdServer/AdServerServlet

1.196. http://showadsak.pubmatic.com/AdServer/AdServerServlet

1.197. http://showadsak.pubmatic.com/AdServer/AdServerServlet

1.198. http://showadsak.pubmatic.com/AdServer/AdServerServlet

1.199. http://showadsak.pubmatic.com/AdServer/AdServerServlet

1.200. http://syndication.mmismm.com/mmtnt.php

1.201. http://tags.bluekai.com/site/2731

1.202. http://the-n.112.2o7.net/b/ss/the-n/0/FAS-2.7.1-AS3/s84684399310499

1.203. http://then.112.2o7.net/b/ss/the-n/1/H.20.3/s84437876590527

1.204. http://then.112.2o7.net/b/ss/the-n/1/H.20.3/s86924710085149

1.205. http://trgc.opt.fimserve.com/fp.gif

1.206. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s83280030332971

1.207. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s87646805769763

1.208. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s89657289509195

1.209. http://www.abmr.net/is2ncp/ai.realmedia.com

1.210. http://www.burstnet.com/enlightn/7641//A790/

1.211. http://www.burstnet.com/enlightn/7641/A790/

1.212. http://www.facebook.com/share.php

1.213. http://www.facebook.com/sharer.php

1.214. https://www.facebook.com/login.php

1.215. http://www.linkedin.com/groups

1.216. http://www.nick.com/sbcom/data/json/poll_to_json.jhtml

1.217. http://www.reddit.com/submit

1.218. http://www.reliant.com/en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp

1.219. https://www.riftgame.com/en/products/index.php

1.220. http://www.t-mobile.com/Discover/DiscoverSubContent.aspx

1.221. http://www.t-mobile.com/Popup/Generic_Popup.aspx

1.222. http://www.t-mobile.com/Templates/Popup.aspx

1.223. http://www.t-mobile.com/shop/plans/


1. Cookie scoped to parent domain
There are 223 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

1.1. http://canvas.myyearbook.com/canvas  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://canvas.myyearbook.com
Path:   /canvas

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /canvas?2e77d HTTP/1.1
Host: canvas.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://live.myyearbook.com/?2e77d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eadfd64910ba=1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-193244728-1300624490343; __utma=138725551.528389796.1300624489.1300624489.1300627604.2; __utmv=138725551.|1=gender=unknown=1,; PHPSESSID=52f776710184304877da085942e36b39; mybRegTheme=Live; mybRegData=%5B%5D; POSTAff2Cookie=Live; MYB_TARGET=_unknown_1000_____

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:11:01 GMT
Server: Apache
Set-Cookie: PHPSESSID=52f776710184304877da085942e36b39; path=/; domain=.myyearbook.com
P3P: policyref="/w3c/p3p.xml",CP="NOI DSP COR CURa OUR STP UNI"
Cache-control: no-cache
Pragma: no-cache
Content-Length: 34456
Connection: close
Content-Type: text/html; charset=UTF-8;

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="UTF-8" xml:lang="UTF-8">
<he
...[SNIP]...
1.2. http://cts-log.channelintelligence.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://cts-log.channelintelligence.com
Path:   /

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?vid=49058906&eid=49&tid=null&sku=undefined&tag=landing&ref= HTTP/1.1
Host: cts-log.channelintelligence.com
Proxy-Connection: keep-alive
Referer: http://www.lanebryant.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: serverstamp=34CF9E1C-B9D7-5863-015D-4DF84217AD2C

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:51:56 GMT
Server: Jetty(6.1.22)
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: sessionstamp=EB23485D-93CA-8F2F-4510-48D191D26498;Domain=.channelintelligence.com;Expires=Sun, 20-Mar-11 13:51:56 GMT
Cache-Control: private,no-store
Content-Length: 42
pragma: no-cache
content-type: image/gif
X-Powered-By: Mirror Image Internet
P3P: CP="OTI DSP COR CURa ADMa DEVa OUR DELa STP"
Via: 1.1 dfw175164010000 (MII-APC/1.6)

GIF89a.............!.......,........@..D.;
1.3. http://home.myyearbook.com/Countries  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /Countries

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Countries?callback=jsonp1300624487158 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:49:56 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
P3P: policyref="/w3c/p3p.xml",CP="NOI DSP COR CURa OUR STP UNI"
Expires: Mon, 21 Mar 2011 12:49:56 GMT
Etag: 923ae38321990fdd7ae4cbc9f33c837b
Vary: Accept-Encoding
Connection: close
Content-Type: application/javascript
X-MyPoolMember: 10.100.10.192
Content-Length: 9532

jsonp1300624487158({"countryList":[{"id":3,"code":"AF","name":"AFGHANISTAN"},{"id":4,"code":"AX","name":"ALAND ISLANDS"},{"id":5,"code":"AL","name":"ALBANIA"},{"id":6,"code":"DZ","name":"ALGERIA"},{"i
...[SNIP]...
1.4. http://home.myyearbook.com/feed/BlindDateFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/BlindDateFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/BlindDateFeedItems?callback=jsonp1300624487166 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:19 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 6b5f27ae87aedf52a98221ea4be59b4a
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.201
Content-Length: 9375

hblFeed({"feed":"BlindDateFeedItems","data":[{"age":1,"user_a":{"name":"Richard","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2Nzk3Nzc0","image":"hbl\/167977
...[SNIP]...
1.5. http://home.myyearbook.com/feed/battlesFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/battlesFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/battlesFeedItems?callback=jsonp1300624487167 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:35 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:35 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 8670033577aa27a5da461a4c9f33556f
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.192
Content-Length: 10155

hblFeed({"feed":"battlesFeedItems","data":[{"age":2,"user_a":{"name":"Kristin","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2ODEzNjgx","image":"hbl\/16813681
...[SNIP]...
1.6. http://home.myyearbook.com/feed/causesFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/causesFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/causesFeedItems?callback=jsonp1300624487165 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:12 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:12 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 6212d7073c71d1d7072b867592c76621
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.193
Content-Length: 47

hblFeed({"feed":"causesFeedItems","data":[]});
1.7. http://home.myyearbook.com/feed/flirtFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/flirtFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/flirtFeedItems?callback=jsonp1300624487170 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:50 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 809d173a12656b8fed7d1964e6d8bc81
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.192
Content-Length: 6631

hblFeed({"feed":"flirtFeedItems","data":[{"age":1,"flirt":"I'm not drunk, I'm just intoxicated by you.","user":{"name":"Megan","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2Zp
...[SNIP]...
1.8. http://home.myyearbook.com/feed/gamesFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/gamesFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/gamesFeedItems?callback=jsonp1300624487157 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:49:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:04:55 GMT
Last-Modified: Sun, 20 Mar 2011 12:45:04 GMT
Etag: 9d958c9b035b05799f68f168a64fbd50
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.201
Content-Length: 8847

hblFeed({"feed":"gamesFeedItems","data":[{"age":0,"user":{"name":"Jennifer","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE3MDEyNDcw","image":"hbl\/17012470.jp
...[SNIP]...
1.9. http://home.myyearbook.com/feed/giftFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/giftFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/giftFeedItems?callback=jsonp1300624487160 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:04:18 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:19:18 GMT
Last-Modified: Sun, 20 Mar 2011 13:00:04 GMT
Etag: 0b618fd0b5f6830f8cb31dab83699e11
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.193
Content-Length: 12244

hblFeed({"feed":"giftFeedItems","data":[{"age":2,"user_a":{"name":"Lauren","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2ODEzODc5","image":"hbl\/16813879.jpg
...[SNIP]...
1.10. http://home.myyearbook.com/feed/matchFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/matchFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/matchFeedItems?callback=jsonp1300624487164 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:11 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:12 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 1f0376d01c696513fbebf68e5ba4a2a2
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.193
Content-Length: 9009

hblFeed({"feed":"matchFeedItems","data":[{"age":1,"user_a":{"name":"Jason","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2Nzk2MTk2","image":"hbl\/16796196.jpg
...[SNIP]...
1.11. http://home.myyearbook.com/feed/myMagFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/myMagFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/myMagFeedItems?callback=jsonp1300624487161 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:05:50 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:20:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 1e39eb39f5622d305cfef0e14683336a
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.194
Content-Length: 8760

hblFeed({"feed":"myMagFeedItems","data":[{"age":4,"user":{"name":"Joshua","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE3MDA1NTgz","image":"hbl\/17005583.jpg"
...[SNIP]...
1.12. http://home.myyearbook.com/feed/ownedFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/ownedFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/ownedFeedItems?callback=jsonp1300624487169 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:50 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 91c55213245b0e51f43d236bb48b1d25
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.193
Content-Length: 9940

hblFeed({"feed":"ownedFeedItems","data":[{"age":3,"user_a":{"name":"Sean","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE3MDE2NjYz","image":"hbl\/17016663.jpg"
...[SNIP]...
1.13. http://home.myyearbook.com/feed/profileFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/profileFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/profileFeedItems?callback=jsonp1300624487162 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:05:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:20:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 7fac9e44317035dffd951b43e2404fa0
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.201
Content-Length: 6771

hblFeed({"feed":"profileFeedItems","data":[{"age":3,"user":{"name":"Sara","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2ODEzODYx","image":"hbl\/16813861.jpg"
...[SNIP]...
1.14. http://home.myyearbook.com/feed/quizFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/quizFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/quizFeedItems?callback=jsonp1300624487163 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:05:50 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:20:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: 3eab1236a7a9dd0a2a4cc8c6a851a4ca
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.192
Content-Length: 13127

hblFeed({"feed":"quizFeedItems","data":[{"age":5,"user":{"name":"John","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2Nzk3Nzk2","image":"hbl\/thm_thm_phpRNDuY
...[SNIP]...
1.15. http://home.myyearbook.com/feed/stickersFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/stickersFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/stickersFeedItems?callback=jsonp1300624487168 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:22:50 GMT
Last-Modified: Sun, 20 Mar 2011 13:05:05 GMT
Etag: bacf8f1e7a76b72fd60a70661c07c47f
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.201
Content-Length: 13589

hblFeed({"feed":"stickersFeedItems","data":[{"age":2,"user_a":{"name":"Daniel","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2ODE3ODMw","image":"hbl\/16817830
...[SNIP]...
1.16. http://home.myyearbook.com/feed/tvFeedItems  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://home.myyearbook.com
Path:   /feed/tvFeedItems

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/tvFeedItems?callback=jsonp1300624487159 HTTP/1.1
Host: home.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __utmb=138725551.1.10.1300624489; __qca=P0-193244728-1300624490343

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:56:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Sun, 20 Mar 2011 13:11:51 GMT
Last-Modified: Sun, 20 Mar 2011 12:55:05 GMT
Etag: 2b56cf2080c36cb4d03bf3ffb02a7d08
Vary: Accept-Encoding
Connection: close
Content-Type: text/javascript;charset=UTF-8
X-MyPoolMember: 10.100.10.201
Content-Length: 10761

hblFeed({"feed":"tvFeedItems","data":[{"age":0,"user":{"name":"Jesse","profile":"http:\/\/www.myyearbook.com?mysession=cmVnaXN0cmF0aW9uX3Byb2ZpbGUmdXNlcmlkPTE2ODE3Njc5","image":"hbl\/16817679.jpg"},"s
...[SNIP]...
1.17. http://live.myyearbook.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://live.myyearbook.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: live.myyearbook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:02:31 GMT
Server: Apache
Set-Cookie: PHPSESSID=ab205f83ffdb802c3df4b241e3260e85; path=/; domain=.myyearbook.com
Set-Cookie: mybRegTheme=Live; expires=Sun, 27-Mar-2011 14:02:31 GMT; path=/; domain=.myyearbook.com
Set-Cookie: mybRegData=%5B%5D; expires=Sun, 27-Mar-2011 14:02:31 GMT; path=/; domain=.myyearbook.com
Set-Cookie: POSTAff2Cookie=Live; expires=Mon, 19-Mar-2012 14:02:31 GMT; path=/; domain=.myyearbook.com
Set-Cookie: nid=deleted; expires=Sat, 20-Mar-2010 14:02:30 GMT; path=/; domain=.myyearbook.com
Set-Cookie: mcim=deleted; expires=Sat, 20-Mar-2010 14:02:30 GMT; path=/; domain=.myyearbook.com
Set-Cookie: meeboCIM672=deleted; expires=Sat, 20-Mar-2010 14:02:30 GMT; path=/; domain=.myyearbook.com
Set-Cookie: MYB_TARGET=_unknown_1000_____; path=/; domain=.myyearbook.com
Cache-control: no-cache
Pragma: no-cache
Content-Length: 15918
Connection: close
Content-Type: text/html; charset=UTF-8;

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/2002/REC-xhtml1-20020801/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="UTF-8" xml:
...[SNIP]...
1.18. https://ssl.myyearbook.com/login  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://ssl.myyearbook.com
Path:   /login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /login HTTP/1.1
Host: ssl.myyearbook.com
Connection: keep-alive
Referer: http://www.myyearbook.com/
Cache-Control: max-age=0
Origin: http://www.myyearbook.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3
Content-Length: 61

username=Email&password=&submit.x=25&submit.y=13&quicklogin=1

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 13:36:17 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Set-Cookie: COOK_LOGIN=deleted; expires=Sat, 20-Mar-2010 13:36:16 GMT; path=/; domain=ssl.myyearbook.com
Set-Cookie: COOK_LOGIN=deleted; expires=Sat, 20-Mar-2010 13:36:16 GMT; path=/; domain=.myyearbook.com
Set-Cookie: COOK_INDICATOR=deleted; expires=Sat, 20-Mar-2010 13:36:16 GMT; path=/; domain=.myyearbook.com
Set-Cookie: COOK_USERNAME=deleted; expires=Sat, 20-Mar-2010 13:36:16 GMT; path=/; domain=.myyearbook.com
Set-Cookie: COOK_USERID=deleted; expires=Sat, 20-Mar-2010 13:36:16 GMT; path=/; domain=.myyearbook.com
Location: http://www.myyearbook.com/?mysession=cmVnaXN0cmF0aW9uX3JlZ2lzdHJhdGlvbiZyZWZlcnJlcj0wJm9sZD0xJmxvZ2luX2ZhaWx1cmU9dHJ1ZSZlbWFpbElkPWVtYWls
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
X-MyPoolMember: 10.10.10.75

1.19. http://usadmm.dotomi.com/dmm/servlet/dmm  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://usadmm.dotomi.com
Path:   /dmm/servlet/dmm

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /dmm/servlet/dmm?rurl=http%3A//ads.dotomi.com/ads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&pid=13200&dres=iframe&mtg=0&ms=18&btg=1&mp=1&rwidth=728&rheight=90&pp=0&cg=2084&tz=300&cturl=[INSERT%20ENCODED%20CLICK%20URL%20HERE] HTTP/1.1
Host: usadmm.dotomi.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?qkaAABt0GAA0ZScAAAAAALO6DQAAAAAAAgAIAAYAAAAAAP8AAAABCXmeHQAAAAAAtXkMAAAAAAAGchMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAFz.G3LWE2z8RWDm0yHbmP2C6SQwCK-U.SOF6FK5H8T-lcD0K16PxP83MzMzMzPw.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACVVRtfaeDOCedv6r-OQrGz3DpvjTjKic0z2v78AAAAAA==,,http%3A%2F%2Fwww.therugged.com%2F,Z%3D728x90%26s%3D1602587%26_salt%3D2529262999%26B%3D10%26u%3Dhttp%253A%252F%252Fwww.therugged.com%252F%26r%3D0,ea7cbbf6-52f2-11e0-a172-003048d6d5de
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DotomiUser=330200604563575498$0$875515842; DotomiNet=2$DjQqblZ1RXVBDW1dBgd8WgBHKSpAJ25FCVxoWiwcJzNkew0OAQhAWwIPV0JcHwkeC2BYem5uVnVFdUENbV0GB3xaAEcjPFl7AFNdDCQGPRwoPwl9Cg4BBEJcAgdRQEtCRFtjZVpoNiETe0RzSw1gWwMEc1wCU3xvWDRSSgpJNAYWGA8qLj9mCgUIS1IDBVZFT05IXGZqXn5tdwQ1AXxCEDAMR1MUXwNVeXZiL0IeTQIiQwcBIBBkfwgACAhAXwIAXkRISElbZmVPKDsnBhkQOQJrZl8AAHZd

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 20 Mar 2011 13:06:50 GMT
X-Name: dmm-o03
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
Set-Cookie: DotomiNet=2$DjQqblZ1RXVBDW1dBgd8WgBHKSpAJ25FCVxoWiwcJzNkew0OAQhAWwIPV0JcFAYDaWJPKSIjOHRGd0YJZV4DBnhUCVN4fgNxAVNVHzNaUEl0IyQ7BAkGCUNZAABSR0hNQFpwNgo4OwwCPgUeQAdiWQ4DeF0BVHt4DHMEQA5cdAQRDW1%2FcitYTFRmFhdCaVRGSUJMX2diWHtualV0TXRAA3AJUkYqMgJQe38JEFgEUBk%2FFUYcKD8JfQkJDQRCXAIGUE5KSkNWYWBcaD4yEycqJApEC18BAXlQAA%3D%3D; Domain=.dotomi.com; Expires=Tue, 19-Mar-2013 13:06:50 GMT; Path=/
Set-Cookie: DotomiSession=1_330200604563575498$0$875515842$21677106$2736; Domain=.dotomi.com; Path=/
Location: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
Content-Length: 0
Content-Type: text/plain

1.20. http://www.lanebryant.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.lanebryant.com
Path:   /

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.lanebryant.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 20 Mar 2011 12:45:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=9EBD2309D5631680F48317C9286D4B20; Path=/
Set-Cookie: PIPELINE_SESSION_ID=d34cbc84c0a8bb6738e580e1adc350aa; Domain=.lanebryant.com; Expires=Fri, 07-Apr-2079 15:59:51 GMT; Path=/
Content-Length: 68080

<!DOCTYPE html>
<html lang="en">
   <head>
        <meta name="robots" content="noodp" />
<link rel="shortcut icon" type="image/x-icon" href="http://www.lanebryant.com/assets/lb/assets/favicon.ico"
...[SNIP]...
1.21. http://www.myspace.com/Modules/PostTo/Pages/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.myspace.com
Path:   /Modules/PostTo/Pages/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Modules/PostTo/Pages/ HTTP/1.1
Host: www.myspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: /auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252fwww.myspace.com
Server: Microsoft-IIS/7.5
X-Server: 855e5fbb1974a4392f9cffd4d5c9fa6c3666dbd8ccd2985d
Set-Cookie: MSCulture=IP=173.193.214.243&IPCulture=en-US&PreferredCulture=en-US&PreferredCulturePending=&Country=VVM=&ForcedExpiration=634362011896760352&timeZone=0&myStuffDma=&myStuffMarket=&USRLOC=QXJlYUNvZGU9MjE0JkNpdHk9RGFsbGFzJkNvdW50cnlDb2RlPVVTJkNvdW50cnlOYW1lPVVuaXRlZCBTdGF0ZXMmRG1hQ29kZT02MjMmTGF0aXR1ZGU9MzIuNzgyNSZMb25naXR1ZGU9LTk2LjgyMDcmUG9zdGFsQ29kZT03NTIwNyZSZWdpb25OYW1lPVRYJkxvY2F0aW9uSWQ9MA==&UserFirstVisit=1; domain=.myspace.com; expires=Sun, 27-Mar-2011 13:59:49 GMT; path=/
Set-Cookie: SessionDDF2=S+mtaGZddS8f0yrNL/43ynRLhEyUbn2B0mPdGCUhFti7XBtUreoKBp1sH8PBUhtNJt5w05WXmCJJuZRXn4YhJQ==; domain=.myspace.com; expires=Thu, 20-Mar-2031 13:59:49 GMT; path=/
X-AspNet-Version: 4.0.30319
X-PoweredBy: Pixie Dust
Date: Sun, 20 Mar 2011 13:59:49 GMT
Content-Length: 249
X-Vertical: integrationframework

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/auth/loginform?dest=http%3a%2f%2fwww.myspace.com%2fModules%2fPostTo%2fPages%2fdefault.aspx%3fu%3dhttp%253a%252f%252f
...[SNIP]...
1.22. http://www.myyearbook.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.myyearbook.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?mysession=cmVnaXN0cmF0aW9uX3JlZ2lzdHJhdGlvbiZyZWZlcnJlcj0wJm9sZD0xJmxvZ2luX2ZhaWx1cmU9dHJ1ZSZlbWFpbElkPWVtYWls HTTP/1.1
Host: www.myyearbook.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mybRegTheme=hbl; mybRegData=%5B%5D; POSTAff2Cookie=HBL; MYB_TARGET=_unknown_1000_____; __g_c=w%3A1%7Cb%3A2%7Cc%3A301947237237767%7Cd%3A1%7Ca%3A0%7Ce%3A0.01%7Cf%3A0; __g_u=301947237237767_1_0.01_0_5_1301056485872; __gads=ID=f3640abbd1b1cdb3:T=1300624489:S=ALNI_MbrX_Emgz4sKka8nHjyRqG1O3ly8w; __utmz=138725551.1300624490.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=138725551.528389796.1300624489.1300624489.1300624489.1; __utmc=138725551; __qca=P0-193244728-1300624490343; PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:36:21 GMT
Server: Apache
Set-Cookie: PHPSESSID=fdf70e60bc7204869a6429bf4a1984b3; path=/; domain=.myyearbook.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: mcim=deleted; expires=Sat, 20-Mar-2010 13:36:20 GMT; path=/; domain=.myyearbook.com
Set-Cookie: meeboCIM672=deleted; expires=Sat, 20-Mar-2010 13:36:20 GMT; path=/; domain=.myyearbook.com
Set-Cookie: _mybUtype=deleted; expires=Sat, 20-Mar-2010 13:36:20 GMT; path=/; domain=.myyearbook.com
P3P: policyref="/w3c/p3p.xml",CP="NOI DSP COR CURa OUR STP UNI"
X-Server-Name: web54
Connection: close
Content-Type: text/html; charset=UTF-8
X-MyPoolMember: 10.100.10.121
Content-Length: 11841

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>myYearbook </title>
<meta name="description" content="Mee
...[SNIP]...
1.23. http://www.myyearbook.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.myyearbook.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.myyearbook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:38:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: PHPSESSID=801dea07b4525bb09a00f44dbe2a1e38; path=/; domain=.myyearbook.com
Set-Cookie: mybRegTheme=deleted; expires=Sat, 20-Mar-2010 12:38:53 GMT; path=/; domain=.myyearbook.com
Set-Cookie: mybRegData=deleted; expires=Sat, 20-Mar-2010 12:38:53 GMT; path=/; domain=.myyearbook.com
Set-Cookie: mybRegTheme=hbl; expires=Sun, 27-Mar-2011 12:38:54 GMT; path=/; domain=.myyearbook.com
Set-Cookie: mybRegData=%5B%5D; expires=Sun, 27-Mar-2011 12:38:54 GMT; path=/; domain=.myyearbook.com
Set-Cookie: POSTAff2Cookie=HBL; expires=Mon, 19-Mar-2012 12:38:54 GMT; path=/; domain=.myyearbook.com
Set-Cookie: MYB_TARGET=_unknown_1000_____; path=/; domain=.myyearbook.com
Cache-control: no-cache
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8;
X-MyPoolMember: 10.100.10.201
Content-Length: 25700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
1.24. http://www.rkdms.com/sid.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.rkdms.com
Path:   /sid.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sid.gif?mid=lane&ref= HTTP/1.1
Host: www.rkdms.com
Proxy-Connection: keep-alive
Referer: http://www.lanebryant.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:50:09 GMT
Server: Apache
Content-Length: 43
Cache-Control: no-store,no-cache,must-revalidate
Content-Type: image/gif
Set-Cookie: sessionid=h-2dc6cd285b0ef908ee10a4bcd44446c1_t-1300625409; domain=.rkdms.com; path=/; expires=Mon, 19-Mar-2012 12:50:09 GMT
Pragma: no-cache
P3P: policyref="http://www.rkdms.com/w3c/p3p.xml", CP="CURa ADMa DEVa OUR COM NAV INT CNT STA NID DSP NOI COR"

GIF89a.............!.......,...........D..;
1.25. http://www.shockwave.com/home.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.shockwave.com
Path:   /home.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /home.jsp HTTP/1.1
Host: www.shockwave.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a Resin/3.1.2
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Sun, 20 Mar 2011 12:34:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 12:34:14 GMT
Connection: close
Set-Cookie: JSESSIONID=bdeuXmvzkMAan8skJqt7s; domain=.shockwave.com; path=/
Content-Length: 106714


   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.
...[SNIP]...
1.26. http://www.stjude.org/stjude/v/index.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.stjude.org
Path:   /stjude/v/index.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /stjude/v/index.jsp HTTP/1.1
Host: www.stjude.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Sun, 20 Mar 2011 14:00:19 GMT
Server: Apache
Set-Cookie: vgnvisitor=VISITORbnsahcCoZSgAAB9dLyUAAAAC; path=/; domain=.stjude.org; expires=Sat, 15-Mar-2031 14:00:19 GMT
Set-Cookie: vgnsession=SESSIONbnsahcCoZSgAAB9dLyUAAAAC; path=/; domain=.stjude.org
Set-Cookie: JSESSIONID=gXtmNGLFt9MbrsVn2jsVGFFm6NCq8WyJQ65dTCRc8ts4scnZjX4y!675635000; path=/
Cache-Control: max-age=0
Expires: Sun, 20 Mar 2011 14:00:19 GMT
Connection: close
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Co
...[SNIP]...
1.27. http://www.stumbleupon.com/submit  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.stumbleupon.com
Path:   /submit

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /submit HTTP/1.1
Host: www.stumbleupon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: PHPSESSID=pum9hnn3bdunt56a0ofatro7v6; path=/; domain=.stumbleupon.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cmf_i=951451754d860874b76491.56605561; expires=Tue, 19-Apr-2011 14:00:20 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_spr=A%2FN; expires=Tue, 19-Apr-2011 14:00:20 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: cmf_sp=http%3A%2F%2Fwww.stumbleupon.com%2Fsubmit; expires=Tue, 19-Apr-2011 14:00:20 GMT; path=/; domain=.stumbleupon.com
Set-Cookie: su_c=bff7d854c609c95b238bbd9ab4fa355a%7C%7C10%7C%7C1300629620%7C206527c4a33696717af33f4888dbbd30; expires=Wed, 17-Mar-2021 14:00:20 GMT; path=/; domain=.stumbleupon.com
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 7389
Date: Sun, 20 Mar 2011 14:00:20 GMT
X-Varnish: 1870155613
Age: 0
Via: 1.1 varnish
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:fb="http://www
...[SNIP]...
1.28. http://www.t-mobile.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.t-mobile.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: TMobileCommon=TeaId=e5b6e15b-e1f3-44cc-a822-02aa0b845364; domain=.t-mobile.com; path=/
Set-Cookie: ASP.NET_SessionId=iitjira4o5wnvw2jqptea455; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: TMobileCommon=TeaId=e5b6e15b-e1f3-44cc-a822-02aa0b845364; domain=.t-mobile.com; path=/
Set-Cookie: ASP.NET_SessionId=iitjira4o5wnvw2jqptea455; path=/; HttpOnly
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+12%3a56%3a22+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 12:56:22 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 12:56:22 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 12:56:22 GMT; path=/
Set-Cookie: TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; domain=.t-mobile.com; path=/
Set-Cookie: TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; domain=.t-mobile.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 12:56:21 GMT
Content-Length: 89145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.29. http://www.t-mobile.com/Company/Community.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Company/Community.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Company/Community.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a24+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:24 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:24 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:24 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:23 GMT
Connection: close
Content-Length: 39371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.30. http://www.t-mobile.com/Company/PrivacyResources.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Company/PrivacyResources.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Company/PrivacyResources.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a23+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:23 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:23 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:23 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:23 GMT
Connection: close
Content-Length: 41409

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.31. http://www.t-mobile.com/Company/Working.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Company/Working.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Company/Working.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a26+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:26 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:26 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:26 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:25 GMT
Connection: close
Content-Length: 40089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.32. http://www.t-mobile.com/PartnerServices.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /PartnerServices.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /PartnerServices.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a37+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:37 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:37 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:37 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:36 GMT
Connection: close
Content-Length: 35471

Unable to process request to PartnerServices (Service from PartnerService request not specified)<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-t
...[SNIP]...
1.33. http://www.t-mobile.com/Promotions/twodevicehotspot.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Promotions/twodevicehotspot.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Promotions/twodevicehotspot.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a43+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:43 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:43 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:43 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:43 GMT
Connection: close
Content-Length: 70381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.34. http://www.t-mobile.com/Templates/ListAllPhones.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Templates/ListAllPhones.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Templates/ListAllPhones.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a56+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:56 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:56 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:56 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:56 GMT
Connection: close
Content-Length: 503209

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.35. http://www.t-mobile.com/Templates/ListAllPhones.aspx/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /Templates/ListAllPhones.aspx/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Templates/ListAllPhones.aspx/ HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a57+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:57 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:57 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:57 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:58 GMT
Connection: close
Content-Length: 503233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.36. http://www.t-mobile.com/business/Information.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /business/Information.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business/Information.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a23+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:23 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:23 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:23 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:23 GMT
Connection: close
Content-Length: 40087

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.37. http://www.t-mobile.com/locator.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /locator.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /locator.aspx?referer=%2fDefault.aspx HTTP/1.1
Host: www.t-mobile.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; cmTPSet=Y; TMobileSession=WT=&DCS=; mbox=PC#1300624507874-511379.17#1301836695|check#true#1300627155|session#1300627094627-816279#1300628955; mr_referredVisitor=0; TMobileSpanish=IsSpanishUser=false; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300616298452:ss=1300616298452

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+1%3a32%3a11+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 13:32:11 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:32:11 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:32:11 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 13:32:11 GMT
Content-Length: 42163

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.38. http://www.t-mobile.com/promotions/generic.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /promotions/generic.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /promotions/generic.aspx?PAsset=Pro_Pro_MastHeadCoverage HTTP/1.1
Host: www.t-mobile.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; cmTPSet=Y; mbox=PC#1300624507874-511379.17#1301836695|check#true#1300627155|session#1300627094627-816279#1300628955; mr_referredVisitor=0; TMobileSpanish=IsSpanishUser=false; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300616298452:ss=1300616298452; TMobileSession=WT=&DCS=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+1%3a32%3a55+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 13:32:55 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:32:55 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:32:55 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 13:32:54 GMT
Content-Length: 33370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.39. http://www.t-mobile.com/promotions/resourcetemplate.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /promotions/resourcetemplate.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /promotions/resourcetemplate.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a39+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:39 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:39 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:39 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:39 GMT
Connection: close
Content-Length: 32723

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.40. http://www.t-mobile.com/shop/addons/Accessories/Default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/addons/Accessories/Default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/addons/Accessories/Default.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a44+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:44 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:44 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:44 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862&SELECTEDDEVICE=00000000-0000-0000-0000-000000000000; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:44 GMT
Connection: close
Content-Length: 92826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.41. http://www.t-mobile.com/shop/phones/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/phones/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/phones/ HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a45+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:45 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:45 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:45 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Set-Cookie: TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$; domain=.t-mobile.com; expires=Sun, 20-Mar-2011 14:05:45 GMT; path=/
Date: Sun, 20 Mar 2011 14:00:45 GMT
Connection: close
Content-Length: 286146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.42. http://www.t-mobile.com/shop/phones/Default.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/phones/Default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/phones/Default.aspx HTTP/1.1
Host: www.t-mobile.com
Proxy-Connection: keep-alive
Referer: http://t-mobile-coverage.t-mobile.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; cmTPSet=Y; TMobileSession=WT=&DCS=; mr_referredVisitor=0; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300616306182:ss=1300616298452; mbox=PC#1300624507874-511379.17#1301836707|check#true#1300627167|session#1300627094627-816279#1300628967; fsr.a=1300627109957; 53643872-VID=44502044936234; 53643872-SKEY=692143054958629433; HumanClickSiteContainerID_53643872=STANDALONE; TMobileSpanish=IsSpanishUser=false

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; domain=.t-mobile.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=e55a5d69-b1a4-4867-ab78-e9a4b2b03ebf; domain=.t-mobile.com; path=/
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+1%3a34%3a47+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 13:34:47 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:34:47 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 13:34:47 GMT; path=/
Set-Cookie: TMobileSegmentation=UserId=f955351c-4767-4078-90ac-9ffda643ac59; domain=.t-mobile.com; expires=Fri, 16-Sep-2011 13:34:47 GMT; path=/
Set-Cookie: TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$; domain=.t-mobile.com; expires=Sun, 20-Mar-2011 13:39:47 GMT; path=/
Date: Sun, 20 Mar 2011 13:34:47 GMT
Content-Length: 286233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.43. http://www.t-mobile.com/shop/phones/prepaid.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/phones/prepaid.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/phones/prepaid.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a47+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:47 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:47 GMT
Connection: close
Content-Length: 298848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.44. http://www.t-mobile.com/shop/plans/Cell-Phone-Plans-Overview.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/plans/Cell-Phone-Plans-Overview.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/plans/Cell-Phone-Plans-Overview.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a47+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:47 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:47 GMT
Connection: close
Content-Length: 46789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.45. http://www.t-mobile.com/shop/plans/Prepaid-Plans-Overview.aspx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.t-mobile.com
Path:   /shop/plans/Prepaid-Plans-Overview.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/plans/Prepaid-Plans-Overview.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a50+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:50 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:50 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:50 GMT; path=/
Set-Cookie: TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; domain=.t-mobile.com; path=/
Date: Sun, 20 Mar 2011 14:00:50 GMT
Connection: close
Content-Length: 68057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" media="
...[SNIP]...
1.46. http://140cc.v.fwmrm.net/ad/l/1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://140cc.v.fwmrm.net
Path:   /ad/l/1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ad/l/1?last=0&metr=127&s=b113&t=13006299744430945&adid=353298&reid=213607&arid=0&auid=&cn=defaultImpression&et=i&_cc=353298,213607,,12150.,1300629974,1&tpos=0&iw=&uxnw=&uxss=&uxct=&init=1&cr=http%3A//aperture.displaymarketplace.com/audmeasure.gif%3FliveconclientID%3D3500399010465%26CreativeID%3D17707166323%26PlacementID%3D17707353296%26EventType%3DImpression%26rand%3D734946280 HTTP/1.1
Host: 140cc.v.fwmrm.net
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/assets/swf/Fan.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _auv="g146942~5.1300545414.0,20486.1300545381.0,20489.1300545414.0,^"; _pr="1300545414.8x3q1dfpr5.266627~266628~,1300545413.y789t005dy.266627~266628~,1300545398.y789t005dyb8d9be6c550f47ce9a53dc03.266627~266628~,1300545397.b8d9be6cb0a7dc9508a95061.266627~266628~,"; NSC_twmbewjq3.gxnsn.ofu=ffffffff09097e3a45525d5f4f58455e445a4a423209; _sid="b113_5586163202527773928"; _uid="c007_5577003974315604268"; _vr="1300629975..339317~353298~,"; _cph="1300629974.606.1.1,"; _sc="sg148550.1300629974.1300629975.28800.0.0,"; _wr="g148550"

Response

HTTP/1.1 302 Found
Set-Cookie: _uid="c007_5577003974315604268";expires=Mon, 19 Mar 2012 14:06:21 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _auv="g148550~1.1300629981.0,14576.1300629981.0,^";expires=Tue, 19 Apr 2011 14:06:21 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _vr="1300629980..339317~353298~,";expires=Tue, 19 Apr 2011 14:06:21 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _cph="1300629974.606.1.1,";expires=Tue, 19 Apr 2011 14:06:21 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _sc="sg148550.1300629974.1300629981.28800.0.0,";expires=Tue, 19 Apr 2011 14:06:21 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _wr="g148550";expires=Tue, 19 Apr 2011 14:06:21 GMT;domain=.fwmrm.net;path=/;
Location: http://aperture.displaymarketplace.com/audmeasure.gif?liveconclientID=3500399010465&CreativeID=17707166323&PlacementID=17707353296&EventType=Impression&rand=734946280
Content-Length: 0
Date: Sun, 20 Mar 2011 14:06:20 GMT
Server: FWS
P3P: policyref="http://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

1.47. http://140cc.v.fwmrm.net/ad/p/1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://140cc.v.fwmrm.net
Path:   /ad/p/1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /ad/p/1? HTTP/1.1
Host: 140cc.v.fwmrm.net
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/assets/swf/Fan.swf
content-type: text/xml
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _vr="1299939837..333670~333678~343034~345187~359443~366038~,"; _cph="1299938380.273.1.1,1299937795.439.1.1,"; _uid="c007_5577003974315604268"; _auv="g146942~5.1300545414.0,20486.1300545381.0,20489.1300545414.0,^"; _pr="1300545414.8x3q1dfpr5.266627~266628~,1300545413.y789t005dy.266627~266628~,1300545398.y789t005dyb8d9be6c550f47ce9a53dc03.266627~266628~,1300545397.b8d9be6cb0a7dc9508a95061.266627~266628~,"; _sc="sg146942.1300545379.1300545414.28800.0.0,"; _wr="g146942"; NSC_twmbewjq3.gxnsn.ofu=ffffffff09097e3a45525d5f4f58455e445a4a423209
Content-Length: 1642

<adRequest profile="82125:MTVN_live" version="1" networkId="82125"><customDistributor /><capabilities><supportsSlotTemplate /><explicitVideoTracking /><expectMultipleCreativeRenditions /><supportsAdUn
...[SNIP]...

Response

HTTP/1.1 200 OK
Set-Cookie: _sid="b113_5586163206822908636";domain=.fwmrm.net;path=/;
Set-Cookie: _uid="c007_5577003974315604268";expires=Mon, 19 Mar 2012 14:06:15 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _vr="1300629975..339317~353298~,";expires=Tue, 19 Apr 2011 14:06:15 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _cph="1300629975.606.1.1,";expires=Tue, 19 Apr 2011 14:06:15 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _sc="sg148550.1300629975.1300629975.28800.0.0,";expires=Tue, 19 Apr 2011 14:06:15 GMT;domain=.fwmrm.net;path=/;
Set-Cookie: _wr="g148550";expires=Tue, 19 Apr 2011 14:06:15 GMT;domain=.fwmrm.net;path=/;
X-FW-Power-By: Smart
Content-Type: text/xml
Pragma: no-cache
Vary: Accept-Encoding
Date: Sun, 20 Mar 2011 14:06:15 GMT
Server: FWS
P3P: policyref="http://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Length: 9984

<adResponse version='1'><rendererManifest version='1'>&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;
&lt;adRenderers version=&apos;1&apos;&gt;&lt;adRenderer adUnit=&apos;video,slate,
...[SNIP]...
1.48. http://a.collective-media.net/adj/cm.mtv/games_010111  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a.collective-media.net
Path:   /adj/cm.mtv/games_010111

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adj/cm.mtv/games_010111;sz=728x90;ord=[timestamp]? HTTP/1.1
Host: a.collective-media.net
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/hserver/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cli=11e4f07c0988ac7; rdst11=1; rdst12=1; dp2=1; JY57=35YvzfrqY8QJ9XL2-I1ND8AO_jR1EdT1Qzx7gTonjUIP66jUwQOVTIg; dc=dal-dc-sea

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Content-Type: application/x-javascript
P3P: policyref="http://a.collective-media.net/static/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 419
Date: Sun, 20 Mar 2011 12:34:20 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: dc=dc-dal-sea; domain=collective-media.net; path=/; expires=Tue, 19-Apr-2011 12:34:20 GMT

var cmPageUrl; if(self == top) cmPageURL = document.location.href; else cmPageURL = document.referrer;
var ifr = (self==top ? '' : 'env=ifr;');
document.write('<scr'+'ipt language="javascript" src="ht
...[SNIP]...
1.49. http://a.tribalfusion.com/i.cid  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a.tribalfusion.com
Path:   /i.cid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /i.cid?c=191233&d=30&page=landingPage HTTP/1.1
Host: a.tribalfusion.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ANON_ID=a1nBcyMwTmJ8ZbdFnnJTg0Rbo4oZdpIuptEQBn4ftdNoNTMOTWHSvLDOGwDvsIv2Zc7KdsEX7Kx6UJItbLV9xPSWaQiO4j7maQ3xLy84vCwgjaDI9dwl6qlJBvHsN5116K3QqaajhKZcC0c2imrtSgLT6hYkeZbRabZch7w5YDw3CsZaC6AlwEe2NVMajCXiZaOaBxVpmeOd7nVNjwZdnQSo24cGPsAHuFY2voOwwRZajtSGwZdGHgPvaQQKgI4mk30Iur7l2oSAp1mkZat3f8mZbQIrRP5mnq6JcqYV6fwwv5C1SfWVaZaOZaXgEAHLj1vdt8Zb4ILZcgS9AMxG6eLCdF0QvZbcPpGYaVR83qhT8TH9jigN6MZaXbFkgrcDqy3khy2LZaFbR4OxS1gnk7b4sNaIOoZaaStdBc1MRR6B4tO6ZdlIikvK0AdJJOSJSvCvJ5A0Nyhyh0FDSiMElpEpcV41Eh9QYWXcEKLa4muZcb3205OQSC3XnZahc5p2Y5MDAfLDL1AVvT8BpxWZc6Zdof5qJGp1dnx4LVAHereyLZbSyPcX0XP

Response

HTTP/1.1 200 OK
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 307
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: private
Set-Cookie: ANON_ID=acnDG4r2PTgtjQIP3ZcXv8T8XxvaUf1nKEURmrHHhlfKLN8HM2UfJUKNpIvCPvsANNhn3pGYQy3ur7FcraA6sZbfNS7idgC3Gogeen8n8xNLbJkrg78VpZdS8LH19tNv1ZaC7ImWJZaPP96njY0ZbVTxwXlqvSFwZdob29XVhrxvJ3o3ioLkxZaqf4dWMZdb3tlF5KyARKFfpEeV6wranDPR9b344qhj8dxgVhbbOhvk6Yfu9f3K0asiQOdTZcXJkLfZdQjFMZdXojpQ5gRaZcFZbZbVa9mXWPLZdGuho6d0FXZb1N6OS1sqLxNWj17Vyah5EEZc0nFsEZbIdRT4mb3AxZaIwemGnby0rtCAuHWihc6GpFEsgeEkEvkV4rKtk0Hw7eCYpVR9kUtyUdRMqpp8OZcR53HysN6Ys194RJ6Bi9wk2ZasxQ6IavMxdQx28TtEEIrpIXHyuOZcZblGj4x0c9buRSlOy02D8WrYsjJfON2ovs6ygfp6ILc4IGxPhFcNI58vO0ailbcimuJuelNuKjSr8fPeAGEEiI9fyMa39VK8nYOsZclAOhZc6WUL7bBAb4GdLhOHoT; path=/; domain=.tribalfusion.com; expires=Sat, 18-Jun-2011 13:05:52 GMT;
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive

GIF89a.............!.......,........@..D..;
1.50. http://a1.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a1.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=e4861490-c905-4ddd-9d3d-fc30ca62062b&disable=true HTTP/1.1
Host: a1.interclick.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=0d5e149d-b2a0-4090-b52e-6905494cce3c; tpd=e20=1300807752317&e90=1299888487304&e100=1299888487510; Aqprep_Banner300X250=144092=634348644376887103:13143&142607=634348656773610607:13143&82224=634349591179445848:51671&105993=634350384345825946:51423; Aqprep_Banner728X90=82225=634348629583609432:13143&136724=634348624942179668:51671&136722=634348629167549668:51671&125651=634348629625842915:13143&111932=634348630831932915:13143&142608=634348650692760136:50482&125642=634350395245367173:51423; Li=1=734202&30=734187; Aqprep_Banner160X600=126729=634351246463545724:51423&120069=634351247165255724:51423; sgm=7435=734183&389=734183&307=734184&8278=734200&7596=734199&7382=734196&5114=734197&9086=734197&942=734198&9496=734198&10277=734199&9583=734199&7901=734200&9135=734201&853=734202&7304=734204&774=734205&10726=734209&9105=734208&8629=734211&6881=734211&8144=734212

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=7435=734183&389=734183&307=734184&8278=734200&7596=734199&7382=734196&5114=734197&9086=734197&942=734198&9496=734198&10277=734199&9583=734199&7901=734200&9135=734201&853=734202&7304=734204&774=734205&10726=734209&9105=734208&8629=734211&6881=734211&8144=734212; domain=.interclick.com; expires=Sat, 20-Mar-2021 13:08:41 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Sun, 20 Mar 2011 13:08:41 GMT

GIF89a.............!.......,...........D..;
1.51. http://action.media6degrees.com/orbserv/hbpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://action.media6degrees.com
Path:   /orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=5841&pcv=53 HTTP/1.1
Host: action.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: acs=015020a0e0f0g1lgoi03xzt1v99axzt11hdgcxzt11hdgcxzt1v99a; orblb=2lgpp5n0326610u011fv4u1v210u010zuoi2d410u0100000; clid=2lgoi03011706pgp44i37uxw1oe9z00v27010d0130h; ipinfo=2licwa20zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; rdrlst=41q0ig1lgs3mp0000000t27010ijvlhk64g0000000d27010fxhli5kah0000000427010hs1li5kah0000000427010jryli5kah0000000427010zyrlhpju50000000b270100jcli07ej0000000627010khali5kah0000000427010ahxli5kah00000004270110f7lhpju505kuf0041x000w3alhpju50000000b27011196lh8s3k0000000m27011195lhabm80000000j27010olwli5kah0000000427011194lh8s3o0000000l270110eylhpju505kuf0041x000zgdlhpju50000000b27010cacli5kba0000000327010faali5kah00000004270100c2li5kah0000000427011193lhc9m70000000i2701008sli5kah0000000427011192lh8s3u0000000k270110tylhjr9d0000000f270103dpli5kah0000000427010ij7lhn5jf0000000c27010xqalhk59s0000000e27010ot2li5kba0000000327010xukli5kah00000004270110polhhwg80000000g270110telh1s3s0000000p27010chclhwpdy00000007270110e2lhpju50000000b27010n39li5vgf0000000227010xwhlhpju50000000b270110rdlh8s3f0000000n27010kbxli5kah0000000427010agcli5kah00000004270100czlhpju50000000b2701111xlhpju50000000b270108ublhqxoy0000000a27010w4xli5kah0000000427010p1clhpju50000000b270111zzlhpju50000000b27010mjelgzmsv0000000q27010j60li5kah0000000427010i75lgpp5n0000000u27010bsdli07ek0000000527010l26lhpju505kuf0041x000okelhpju50000000b27010lw3lhpju50000000b27010l24lhpju50000000b27010a41li5kah00000004270106q3licwa20000000127010o5alhpju50000000b270101rhlhuoyb0000000927010xw7lhpju50000000b27010afoli5kah0000000427010ojwlhpju50000000b270107o9li5kah0000000427010e4vli5kah0000000427010x1plhpju50000000b2701; sglst=20z0sab4lgzmsv0k4gi00q27010d0130h78jlgpp5n1n74f00u27010d0130hb05lhjr9d0000000f27010d0130fc24lhjr9d0000000f27010d0130f8nblhjr9d0000000f27010d0130f2gglhjr9d0000000f27010d0130f8aclhjr9d0000000f27010d0130f0solhpju50ncfx00b27010d0130b61hlhjr9d0000000f27010d0130f9gglhjr9d0000000f27010d0130f4tuli5kah07bzl00427010d013047onlhjr9d0000000f27010d0130fag2lhjr9d0t50p00f27010d0130f9zalhjr9d0000000f27010d0130fbnwlhjr9d0000000f27010d0130f9q6lhjr9d0000000f27010d0130f8c9lhjr9d0000000f27010d0130f433lhjr9d0000000f27010d0130facjlhjr9d0000000f27010d0130f9gtlhjr9d0000000f27010d0130f0kllhjr9d0000000f27010d0130f4xclhjr9d0000000f27010d0130f68nlhjr9d0000000f27010d0130f9zmlhjr9d0000000f27010d0130f9cblhjr9d0000000f27010d0130f9l8lhjr9d0000000f27010d0130f0telgyxuj1dyfj00s27010d0130h81dlhjr9d0000000f27010d0130f4wnlgzmsv0k4gi00q27010d0130h9hllhjr9d0000000f27010d0130f5q8lhjr9d0000000f27010d0130f70ylhjr9d0000000f27010d0130f4wblhjr9d0000000f27010d0130fac9lhjr9d0000000f27010d0130fa76lhjr9d0000000f27010d0130f; vstcnt=3lgoi03020r014exd412011bpeu1l084fclw12080ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m1201135by3roz126i135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa4exr5122h1hdkk1hdkj1hdki1hdkh1hdkg1hdkf1hdke1hdkd1hdkb1hdka1hdk91hdk81hdk71hdk61hdk51hdk41hdk31hdk21hdk11hdk01hdjz1hdjy1hdjx1hdjw1hdju1hdjr1hdjq1hdjp1hdjo1hdjn1hdjj1hdji1hdjh1hdjf1hdje1hdjd1hdjc1hdjb1hdja1hdj91hdj81hdj71hdj61hdj51hdj41hdj31hdj21hdj01hdiz1hdiy1hdix1hdiw1hdiv1hdiu1hdit1hdis1hdir1hdiq1hdip1hdio1hdin1hdih1hdig1hdif1hdid1hdic1hdib1hdia1hdi91hdi81hdi71hdi61hdi51hdi11hdhz1hdhy1hdhx1hdhw1hdhv1hdht1hdhs1hdhr1hdhq1hdhp1hdho1hdhm1hdhl1hdhi1hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2lgoi03011706pgp44i37uxw1ofoe00w27020d0230i; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:05:05 GMT; Path=/
Set-Cookie: orblb=2lgpp5n042jp10u011n8iu26610u011fv4u1v210u010zuoi2d410u0100000; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:05:05 GMT; Path=/
Set-Cookie: rdrlst=41r0ig1lgs3mp0000000u27020ijvlhk64g0000000e27020fxhli5kah0000000527020hs1li5kah0000000527020jryli5kah07de000527020zyrlhpju50000000c270200jcli07ej0000000727020khali5kah0000000527020ahxli5kah00000005270210f7lhpju505kuf0041x000w3alhpju50000000c27021196lh8s3k0000000n27021195lhabm80000000k27021194lh8s3o0000000m27020olwli5kah00000005270210eylhpju505kuf0041x000zgdlhpju50000000c27020cacli5kba00000004270200c2li5kah0000000527020faali5kah0000000527021193lhc9m70000000j27021192lh8s3u0000000l2702008sli5kah00000005270210tylhjr9d0000000g270203dpli5kah0000000527020ij7lhn5jf0000000d27020xqalhk59s0000000f27020ot2li5kba0000000427020xukli5kah00000005270210polhhwg80000000h270210telh1s3s0000000q27020chclhwpdy00000008270210e2lhpju50000000c27020n39li5vgf0000000327020xwhlhpju50000000c270210rdlh8s3f0000000o27020kbxli5kah0000000527020agcli5kah00000005270200czlhpju50nduc00c2702111xlhpju50000000c270208ublhqxoy0000000b27020w4xli5kah0000000527020p1clhpju50000000c270211zzlhpju50000000c2702107alicxoh0000000127010mjelgzmsv0000000r27020j60li5kah0000000527020i75lgpp5n1n8iu00v27020bsdli07ek0000000627020okelhpju50000000c27020l26lhpju505kuf0041x000lw3lhpju50000000c27020l24lhpju50000000c27020a41li5kah00000005270206q3licwa20000000227020o5alhpju50000000c270201rhlhuoyb0000000a27020afoli5kah0000000527020xw7lhpju50000000c27020ojwlhpju50000000c270207o9li5kah0000000527020e4vli5kah0000000527020x1plhpju50000000c2702; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:05:05 GMT; Path=/
Set-Cookie: sglst=2100s61hlhjr9d0000000g27020d0230g0solhpju50nduc00c27020d0230c9gglhjr9d0000000g27020d0230g4tuli5kah07de000527020d02305ag2lhjr9d0t6f400g27020d0230g7onlhjr9d0000000g27020d0230g9zalhjr9d0000000g27020d0230gbnwlhjr9d0000000g27020d0230g9q6lhjr9d0000000g27020d0230g8c9lhjr9d0000000g27020d0230g433lhjr9d0000000g27020d0230gacjlhjr9d0000000g27020d0230g9gtlhjr9d0000000g27020d0230g0kllhjr9d0000000g27020d0230g4xclhjr9d0000000g27020d0230g68nlhjr9d0000000g27020d0230gab4lgzmsv0k4gi00r27020d0230i9zmlhjr9d0000000g27020d0230gax3licxoh0000000127010d01301b05lhjr9d0000000g27020d0230g78jlgpp5n1n8iu00v27020d0230i9cblhjr9d0000000g27020d0230gc24lhjr9d0000000g27020d0230g9l8lhjr9d0000000g27020d0230g0telgyxuj1dzty00t27020d0230i81dlhjr9d0000000g27020d0230g9hllhjr9d0000000g27020d0230g4wnlgzmsv0k4gi00r27020d0230i5q8lhjr9d0000000g27020d0230g70ylhjr9d0000000g27020d0230g8nblhjr9d0000000g27020d0230g2gglhjr9d0000000g27020d0230gac9lhjr9d0000000g27020d0230g4wblhjr9d0000000g27020d0230g8aclhjr9d0000000g27020d0230ga76lhjr9d0000000g27020d0230g; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:05:05 GMT; Path=/
Set-Cookie: vstcnt=3lgoi03020r014exd412011bpeu1l084fclw12080ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m1201135by3roz126i135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa4exr5122h1hdkk1hdkj1hdki1hdkh1hdkg1hdkf1hdke1hdkd1hdkb1hdka1hdk91hdk81hdk71hdk61hdk51hdk41hdk31hdk21hdk11hdk01hdjz1hdjy1hdjx1hdjw1hdju1hdjr1hdjq1hdjp1hdjo1hdjn1hdjj1hdji1hdjh1hdjf1hdje1hdjd1hdjc1hdjb1hdja1hdj91hdj81hdj71hdj61hdj51hdj41hdj31hdj21hdj01hdiz1hdiy1hdix1hdiw1hdiv1hdiu1hdit1hdis1hdir1hdiq1hdip1hdio1hdin1hdih1hdig1hdif1hdid1hdic1hdib1hdia1hdi91hdi81hdi71hdi61hdi51hdi11hdhz1hdhy1hdhx1hdhw1hdhv1hdht1hdhs1hdhr1hdhq1hdhp1hdho1hdhm1hdhl1hdhi1hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:05:05 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?t=2&id=1170092&id=1140687&id=929705&id=278592&id=967651
Content-Length: 0
Date: Sun, 20 Mar 2011 13:05:04 GMT

1.52. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=100&id=10&format=image&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=3271208533551.544?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_axqf=ex1%3A1nakl%3A1; rth=2-lgpn7t-ex1~1nakl~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:32:11 GMT
Connection: close
Set-Cookie: T_axqf=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_64pz=j7p%3A1nbpv%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:32:12 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-j7p~1nbpv~1~1-ex1~1nakl~1~1-53b~1n933~1~1-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:32:12 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.53. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=100&id=2&format=image&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_3gwb=eo7%3A1iogx%3A1; rth=2-lgpn7t-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 12:35:19 GMT
Location: http://ads.lucidmedia.com/clicksense/pixel?id=102567&t=i
Connection: close
Set-Cookie: T_3gwb=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_62qj=53b%3A1n933%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 12:35:20 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-53b~1n933~1~1-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 12:35:20 GMT; Path=/
Content-Length: 0

1.54. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_99eq=ex1%3A1nakl%3A1; rth=2-lgpn7t-ex1~1nakl~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:26:03 GMT
Connection: close
Set-Cookie: T_99eq=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_a50y=ex1%3A1nbfn%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:26:04 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nbfn~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:26:04 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.55. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_iu69=ex1%3A1nakj%3A1; rth=2-lgpn7t-ex1~1nakj~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:26:02 GMT
Connection: close
Set-Cookie: T_iu69=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_fea7=ex1%3A1nbfm%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:26:03 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nbfm~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:26:03 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.56. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=100&id=10&format=image&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_3gwb=eo7%3A1iogx%3A1; rth=2-lgpn7t-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:03:49 GMT
Connection: close
Set-Cookie: T_3gwb=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_dvft=j7p%3A1nael%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:03:50 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-j7p~1nael~1~1-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:03:50 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.57. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_9b15=ex1%3A1nak9%3A1; rth=2-lgpn7t-ex1~1nak9~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:24:39 GMT
Connection: close
Set-Cookie: T_9b15=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_gzl4=ex1%3A1nbdb%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:24:40 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nbdb~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:24:40 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.58. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_l0t1=j7p%3A1n933%3A1; T_62qj=53b%3A1n933%3A1; rth=2-lgpn7t-53b~1n933~1~1-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:20:32 GMT
Connection: close
Set-Cookie: T_l0t1=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_62qj=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_fzqx=ex1%3A1nb6g%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:20:33 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nb6g~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:20:33 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.59. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=100&id=2&format=image&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=3271208533551.544?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_axqf=ex1%3A1nakl%3A1; rth=2-lgpn7t-ex1~1nakl~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:18:17 GMT
Location: http://ads.lucidmedia.com/clicksense/pixel?id=102567&t=i
Connection: close
Set-Cookie: T_axqf=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_1gqt=53b%3A1nb2o%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:18:17 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-53b~1nb2o~1~1-ex1~1nakl~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:18:17 GMT; Path=/
Content-Length: 0

1.60. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_60d=ex1%3A1naki%3A1; rth=2-lgpn7t-ex1~1naki~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:25:06 GMT
Connection: close
Set-Cookie: T_60d=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_i2t9=ex1%3A1nbe2%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:25:07 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nbe2~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:25:07 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.61. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=41&id=123&r HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1299284156207; uid2=46f1d48e0-947e-40ca-a51c-175a7c935a2f-gk88cxhl-10~2011030211314518281421320827~c8e51980-fb29-4db0-8467-3b0be5a75683; dly2=3-lhk7h6-P~ivx~1ud3-P~loe~x13-; dmg2=2-1fbsgynlre.pbz%7CS20752%7CWfbsgynlre+grpuabybtvrf+vap.%7CJ178%7CHHF%7CX769%7CIGK%7CR%40541.244%7CLqnyynf%7CDoebnqonaq%7CQ587.232%7CZfbsgynlre+grpuabybtvrf+vap.%7C-; hst2=3-lhk7h6-1~ojtufnzlvzku~bwu~2ohc~0-1~1pac95yo2nr9h~bwv~310i~ax-1~16eefehyvzt4b~bwv~4toh~1en-1~140kgoccv6f8u~hq7~434j~gwrf-1~1bsnn1xr8sjt2~hq7~434j~gwri-1~2chnfu804bjy~gye~43c1~kkql-; T_jwhr=ex1%3A1najs%3A1; rth=2-lgpn7t-ex1~1najs~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sun, 20 Mar 2011 13:22:40 GMT
Connection: close
Set-Cookie: T_jwhr=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_icxa=ex1%3A1nb9z%3A1; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:22:40 GMT; Path=/
Set-Cookie: rth=2-lgpn7t-ex1~1nb9z~1~1-53b~1n933~1~1-j7p~1n933~1~0-eo7~1iogx~1~1-e98~1iog2~1~1-cr6~1gchu~1~1-agw~1fx34~1~1-cjh~1fx2n~1~1-agu~18jtp~1~1-901~zwmd~1~1-aw6~zwmc~1~1-ex0~xmrt~1~1-gyx~uk9d~1~1-exw~uiwo~1~1-45~uij1~1~1-44~s470~1~1-f5h~s2k0~1~1-d9e~qdly~1~1-9bc~qdls~1~1-77m~2z8a~1~1-; Domain=trafficmp.com; Expires=Mon, 19-Mar-2012 13:22:40 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;
1.62. http://ad.turn.com/server/ads.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.turn.com
Path:   /server/ads.htm

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /server/ads.htm?&pub=2701141&code=5711646&cch=5711644&l=300x250&nonjs=1&sli=1989695&bli=1320666&exPub=298720&city=Dallas&acp=0.6000&rnd=1300626455&3c=http%3A%2F%2Fad%2Eyieldmanager%2Ecom%2Fclk%3F2%2C13%253B510576aa26d330cd%253B12ed360bc30%2C0%253B%253B%253B1101847734%2CKnKABBt0GABsPzUAAAAAAClFDgAAAAAAAgEAAAIAAAAAAP8AAAABCXmeHQAAAAAAP1weAAAAAADaJhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAMLxg0y4BAAAAAAAAADA1NmVjYmI2LTUyZjMtMTFlMC04YWZhLTAwMzA0OGQ2ZDM4NgA4nyoAAAA%3D%2C%2Chttp%253A%252F%252Fbuzzya%2Ecom%252Fcategory%252Fplus%2Dfive%252F%2C&url=http%3A%2F%2Fbuzzya%2Ecom%2Fcategory%2Fplus%2Dfive%2F HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?KnKABBt0GABsPzUAAAAAAClFDgAAAAAAAgEAAAIAAAAAAP8AAAABCXmeHQAAAAAAP1weAAAAAADaJhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAA9yhcj8L12D.3KFyPwvXYPzQzMzMzM-M.NDMzMzMz4z80MzMzMzPjPzQzMzMzM-M.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABesxCRluDOCViSxm-ZYl7hHK-ojY2ZD-xTzD1fAAAAAA==,,http%3A%2F%2Fbuzzya.com%2Fcategory%2Fplus-five%2F,Z%3D300x250%26s%3D1602587%26_salt%3D2720804788%26B%3D10%26u%3Dhttp%253A%252F%252Fbuzzya.com%252Fcategory%252Fplus-five%252F%26r%3D0,056ecbb6-52f3-11e0-8afa-003048d6d386
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=aWm1M4LjK5VIpxyiby4XYxEDYW1PshQ3vpBZa8uxHEph-L3XcPmT4hHXOQgApIlYh1NXgtHFGzzHzNFmm-KzX_9FnfDLNktuAMS6JsTomdlVpY3HjWkw231zQDelLH8_7MDefgoTZqF-bd3v_Qfs6OEZRtFGqduPVkD_gkg8VfV0ExsZAquLx2WiGNWvrnUszuICt27wBWASQBET6OeAytEy0WeBXOvyGLo3g2RyRxPMuJkSor3PooeE5HOb8MagG3H1Yh6KJus8Al0Tyl-_P0B_pSthw6Osds3vCU1DTz-z4otjDK2ixFI9HIYofu_jbt-1znRWuv4f0NnBSjg_DEGifQpKlSlg2JPncxaZQ7rJS-D340zJ0KEew_mwtQGaH27SKaSCTrWZJYQAanRpUpKgERJUW1YdGsZik0-okt7FAHdoDG0wmwYyeCzPe0spi39LGtEsLYa2RHjeXVKaXwxjz621UnXRIPElrss_9Bf3D5kPD76YDvIMjmnYUSqxgxaji_-otMFqmG9mmaQliekdOq3dCdMpBBYB6oxrLl9pdFEKrE3dKUxNz_PPP_A0oljWnUH_uUv0DheX3sKsfdGakli0ckXet5HgWuGAxOwjSx4LjXgDbmHu6Eh19fbovGRasNivyUiC-5nZMh1vJZclJZpWuXGcTDMvl_OekRPjS2MhCKHwMNU_BYoLCyOP7MDefgoTZqF-bd3v_Qfs6KVd2oSKolIwwEiITDQU2Lx0ExsZAquLx2WiGNWvrnUsd_PYU2DwATVpcslEDyf8hqiet1AIT80-jJlBpoUU7boLVM3uUWyLgHu6saG6i5PsBUqFp4KiueJFiSLkI0xYhQXlpwfxpWQdK7j4LVji2FVRCmp-Ng4uMeq-zvqbvux36ic_sEQwn-Xt_ClqlX8t_6DGXbcfdjdN_4BNnqMpaZCNRQCl9OpEhGua7KdmVMA9H27SKaSCTrWZJYQAanRpUjDmKTcPQFqbSQ5GlElX4-OPXp3pozvJlBPwzvc_9CbX0Eax0_okMfml7XV2gTBl77zbnfMNJ_ejhUj1ijcB8BL3D5kPD76YDvIMjmnYUSqxVTm50zwheMZKXjYTELCaRTMB1dlAsjcT9rVrLvj2jmVUL-jDhuW_PG6kDXW49rX2tzfWChaLz8qHVMsj8mXTQ5X_BsIvcSN0BmMTK-BlFS19ozX7FlWqx06TTt3zJMoidpDfoquYgeQVRQJMAHbPNzKbdG5BDLNqFInvCReDtR22Ma4NnjcBIUkCx_bHhhCO7MDefgoTZqF-bd3v_Qfs6BrVkQpn3sMfisSjNFR6Lph0ExsZAquLx2WiGNWvrnUsxG4zdt6QMXamb0MlO9-6e1Et3epiS-kFwEUk3ma5DYQLVM3uUWyLgHu6saG6i5PsCif1zoSmfZSqcudOf2tI_AtUze5RbIuAe7qxobqLk-whOajgwxbhQ2etCzicpyVTBeWnB_GlZB0ruPgtWOLYVT4g_J2kF4TffMfKOos7tSGYqdD0JO4s0XymPmMJRJDcQaJ9CkqVKWDYk-dzFplDuqwCXV-t7S-pFZ84tfYt394fbtIppIJOtZklhABqdGlSk3kOykyDTiOMXrl_1hSXbVPgP28vTqELfpOybpGjlbL1u2jaCL-G-9iQxe-i1zj0qnIvgJ1Cs1GitaawX0kTqPcPmQ8PvpgO8gyOadhRKrGUhUdZl_uWemjmxoBkqtZPlC4l-GnLAeLfqIKDfL1UZBu13BiEoKhy1nfBN8OlmthGyJL9eBp3R0ktcXzadt6Dlf8Gwi9xI3QGYxMr4GUVLSGbq4jqoA2S5xXIqloiZ1rJnlvqvTZp82d7AV1or2dUFOEFVYJjQMgMb7lS0C-xbKEPGbIcW-yfL1eczIB0nv7swN5-ChNmoX5t3e_9B-zo4ADEFwcAd4j4QaxZfExMqHQTGxkCq4vHZaIY1a-udSxde4MjDw009tPzSo6eSSgxdwNGJND06t-bjtn5J7KDlQtUze5RbIuAe7qxobqLk-zD_xVADK1Q9dfnRiJgoiDiBeWnB_GlZB0ruPgtWOLYVWRtxKwDSHoQbxPxzfXop_PGqBSQ6KpYW-OwrvDg8i80oMZdtx92N03_gE2eoylpkOa03F8PGEVyWKeOTLdjQBsfbtIppIJOtZklhABqdGlSTAOVu8HAwVUaLipJ9sHGrk8xcWupMSKM_8JiETgP7y2Lf0sa0SwthrZEeN5dUppfBHqNpdRWaYXKfEufY1_jM_cPmQ8PvpgO8gyOadhRKrEH2jhGaC4HJh3Lvv-bHhjZXJrqY1uo21_GLL5pntP7d1Qv6MOG5b88bqQNdbj2tfZUQpq4yPuFsSVWlf6dSHtGLEWhr4abofxDhC7P6sGwew4euBkqrCOJYGXaH5f2No8_2RdAhJaMbFOWHdRsIhatZ3trG8hf0eQqY8g-UGnErVl0dXhBHCfFaURcg86EWtLlFbsvCmEPdz0GvB-V7jB5awi2yagXokGer-T3duHYImsItsmoF6JBnq_k93bh2CJrCLbJqBeiQZ6v5Pd24dgi0fy9yH3cJpXYWOo6nSGwttH8vch93CaV2FjqOp0hsLaOT-BQHXXH-uznhhEs9x_Sw0tfzF6HcwwheEdKac2B-sNLX8xeh3MMIXhHSmnNgfoM2KaPI-sR5WE58gV6S3h5xnv5U9q3RmUdEcfcdtut4fcJCZU_BttKMXTDyrBfshtsU5_j_mocn2P_zfZY4qmabFOf4_5qHJ9j_832WOKpmug_cxXaULqo5K_--uRzgNIR8R--H-SzG21IeFe3_WqV2oTj14ksQ27ZtJZzx1gXZNqE49eJLENu2bSWc8dYF2TahOPXiSxDbtm0lnPHWBdk9C_Pu3wPYr2A_3dDgXogwmd09iZDTMtxv05d2hJrzm1ndPYmQ0zLcb9OXdoSa85tfCWfACzyR22c78m9rm0opXwlnwAs8kdtnO_Jva5tKKWGDrBTI6MoEsB4IrTcND0RHO90Ba4DNelbdwYVufELDtX6BfAY2sgFWzSh0EbYcfTBpmpd9hwiXKZXJsWFQCQVBsjiFrNHSK-_Gebf3rUW-DiUdeTQauTko8JT6bU5H7U4lHXk0Grk5KPCU-m1OR-1OJR15NBq5OSjwlPptTkftTiUdeTQauTko8JT6bU5H7WBDZuAVb1fiTqGwbz13XI0gQ2bgFW9X4k6hsG89d1yNIENm4BVvV-JOobBvPXdcjQoc_EAqGm2Vr9TWaHYU9GddhjhUYi9yiSqjz4yirqEttGX0otsn1Eo9ASeAp22-RzCmJKLA4L8yqghdd3XRDx7qf1MrHd4wjjnlzZT7-OanKn9TKx3eMI455c2U-_jmpyp_Uysd3jCOOeXNlPv45qc4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhxo3TegpnNfA0YZyu_rcByep30ZvJV6vlji6z2sRrikTqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKROp30ZvJV6vlji6z2sRrikRAeKyhQvuA1Am1Hf99RKswWh2QKPH2KLJ2oGR8lOZM1ANe8zLs_kHddS6hlrOxdDk; fc=k01_H3DQgin2gUWbqEfHVnEgVJOySuH7g303wn-3ThPBhSQ9y8oNWj2jHjllm2qL9SGC6KvWqijMODBe-PTw-vVibMqUG0iKKCPAs_vD_eA0A7iP8ARnu5R4osC1ayLKRfOX1MD02-o6SZ1b0c_HcdJnnDxsS-ubYBpridlzat8; uid=8392341830659049202; pf=QNmKTCt50B8Kpjg3isR9W_Ir3yoWOiSMkKJqMqoVPY2F1SOb8aRLeTLNl-G3fsUKhUysT6tP_1ec7xFTzmyTOvZhkC75wKwc88nuAokFvQ9ZYY2MlOzDLPTu4F-Uvdt_4YcdqwNhq09cj3lKBwXbCI3NqI2oQask0RxIcweDv6GMvGOoSAiXlEejBUI4bVTZiG0CD7SN4iQwbZFOht5_PcUKhyzjZJcScR_VHmzU_n_fhPhtP5eGOnqRNnt1-OV92xXlB7VgscrJbhGIf_JilPRDCeImrEZCGkpU4h_63CxWG5zEusESadpgYRYL2p5MG_RdoPtoKDEjrNYQG7__lKjDMABh_QQeaoDba2RSMKg6e-hV0PbjfU-R5RsfY_iXHHJjlc65ejsfGk_Bhi8TLHmektSTNGWFbueds9H23VJFfVN5kj-_puNaGveyJPzS0OWMGE9a6E0drdXZhYMeXsC4vcynPn9Dotf0EEwoLz7AbGDzP165MyHrx4tSx2B8O9qIPoIdnpPJQCQT3fsKxMAWYsdDJ5k_sdNi8uFJSCQ255k6vYnNOgM7sltoObfRe7Nfdm5bvla8XcCi8mpJcxR9SWcdexG9cU6HZV_VJhdn40SIet0iwwqKbdSj4CL2bkG8vxygw5PYjAzgbfXuQGcN6QW2n8XRLy7UoAmSdBRnwSKp2TDgd2Lcz_qJvz2UQIXGjoBZ78Wshqhm4tb0CSAVFfu30wLyYuo1y7aS82LTLnxA3ggK2gyTUssar2d0VZEEXq24P2id3ypkSYZxDaGrEW4mATCBJcdbUsS6U6WlB0V5Jnrj8cA_1KNYNCmayGOF0nn5E6TLc-A2frbzWLZ78bJLnb6L0KoAtnvLV2pP81X4ANdqArViOJeQtd_KBgfW6zrQLmaDIleZdb-lWXaspIKRhbM6EZgcd53-A29aOa0ye1UD40069XkSXwnuCh-RAXxtefbOimbdrtxWQwySgP2B497OTuJjk4h_xz7h1RsCnD2sD6SzTA6FS0L5qaDwuUB-gusjbKGTbdorNQKIus_NVuwacB_n_GJkCjDeRWnTTHOTAUzRX7jz2Dtha6IYgwK4KHy8_huNe8GKEihRoyUkOlvRlegTV48BDCOJkf60Zr6_RPbt9P03q9zqXbkMIiHhRyraLmWVTI7LPDO0V_cWY7-ccITIWG4cEAVOX3OaMNRzdBC4-0RsvFyXuRiJhp9j10eguQj26V8UKLkQP0cLS8-CaS_G0biaU-lkiE1m1Xn_hKe9NfZLnwyCK2ncrj6VabuuuFr6c_o5qaCQ6oN7sH1l3MIGQoK8X6stp0kTmdEXBwprTQawoH105HoGs1Q83lthTB7Fi-VTyyXy_vCtpJySQt4PX48ZzIpuwEShzbmTtAHP6iCkM-HhsMYZ7YWC2tZwu4Tb45eBwQ2XRr6BMB9fSsap5sDS6rpQ2bGi-sM44BgEdgBbOlmMluxfbyihgyJXJzx1jJXLpuPXHdjanaO2pJ8yqKNT5UMTIw2oYtTZbgmSLFmFfbvQzRfufLqyfgPcMtBAkmyxKq4X6cfi80nt471PDAY1h5rLy4hs1GeJifs51BsOk2bX; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; rds=15054%7C15054%7C15054%7C15050%7Cundefined%7C15054%7C15054%7C15038%7C15054%7C15054%7C15054%7C15054%7Cundefined%7C15054%7C15050%7C15054; rv=1

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8392341830659049202; Domain=.turn.com; Expires=Fri, 16-Sep-2011 13:29:52 GMT; Path=/
Set-Cookie: bp=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bd=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: adImpCount=a6IdZs1opxHnzOHz8oFkkzkUetLz_CmwKsOLnKdb8uxh-L3XcPmT4hHXOQgApIlYHYX4_NcWdx3_ane6F4B-10LjetnAXP8P8UUmhTCSeh1GaLnf0zlcY_NlRLgfVWu_Ryr2PrOVwm1mZQiByzuJb1daZJtc92NbTZOJmvbfITKrfpUaKeFcSMZdU1LpdOcwFh3h8y-lTYbAFttcJZJpHifMZtqW06LRo26dh_6mdAGJGTELtL4GqGulFNiuT83_JW8PFWxYJ1q2_24dlRk_ah5icQ-UlIA9kPFGJHuyqaq5VL3rxbStQ7qJq0UYbCEIsUtODQcKNwexAxOYVwN1nK5X96dOre3quYO9Z-8ufvZDTyl_SWg8JF85Vro55plfoTgVQZo2IE3aGhkEGjHTkTFiBYl1Y5wme5TkSr2cG_wgfqVSXeBNVe3tcWgG-cKlb6X9zJjlpwSm9YUJH9a4gJTCk-tuxUia_8m_xGP0ng-vamqLuW_YXqfv_SJ_aE8WewT_9aYmy1_kglD2-j2O9xEN2WSuwULQaF3F5bjuxzhmEuJsfxP5f1y2CMVwcPBKjitRrpYhjNWTpkhfFGNz1pMs9g0Q0vhgJiFRvR8WD6y1byxKhk0zupa7mhXtOt59TSvsYEqhZ0OHSuNp70BrBPgFZPUXsLmq7zd2bgatqFEtgpfxqN_T7QEW7hJnuqjPvjaUahkeh2AIOXYNj81E2z9CvciRuIEJCv8yxQ13OGBfB4P3wQx6U2WiVVEP-_Y7EOaV0vIfQZsAGrAD9lknuVDiL3nhapvU0GeEL2HT-L8OVgkB2bwToPK0KdNC16-jTfAO5O3oP_bfifepQZJrTx5icQ-UlIA9kPFGJHuyqarB6alCNElibRNjAQJxQ3wScEcZhGdHz3dGIuUYDCisolLji3VTL1tjXfqm-esg2sewf4n0X2poBn_JF16R7_JpoTgVQZo2IE3aGhkEGjHTkeeFQfumNuZsM8qSWC1YO88e0aAoBCNnU0MrQhAnhIPCOUygdo-nXLnZpGMXrI7zLHABVz72fi9fhT0whWU6oVuvamqLuW_YXqfv_SJ_aE8WghrAn-Vi2vPEwMGFNlZbYxEN2WSuwULQaF3F5bjuxzh7HBG162ww7piqD1aguph5yjHL13DurDt14-jGkVE335Ms9g0Q0vhgJiFRvR8WD6ypA0SKEqBppDDJhLx8qKy9TSvsYEqhZ0OHSuNp70BrBFPAk0ENEI9AkFKrpbmzGs3jQ_DNJLeHeL0m2Znba1buvjaUahkeh2AIOXYNj81E2-JjZ5NuKJfCva75n_nDp_hfB4P3wQx6U2WiVVEP-_Y7anyk5GyGEYfAPBsxHQjGZSlxmSbeaAgfibEHTq6nsWGJGTELtL4GqGulFNiuT83_aWjrAVXVlG7OWMAFleaNmJbd5mJVeqDBeYockQCeOAxxDWE5tfMM7qZbrjn2eVJNHmJxD5SUgD2Q8UYke7KpqkQLRuw_4qwIZ0RgbwcKb_zPkrK-DNPDU2d6IfOlnKh298JoqNIrcIOFh27SKktj64bitenuXABFvYGLN_FjpjihOBVBmjYgTdoaGQQaMdORRSUpCyAfviw4AHYe3ZFe1j_H39CNFZoidFAH_Wwsr2KYkmu9Efz59RTTwRXe0-z-VzZOXR8fEEZYabQJ5OvIrK9qaou5b9hep-_9In9oTxYDFxyCqW2pHLJpyn6DipzREQ3ZZK7BQtBoXcXluO7HOHYn_JVSl2TRope3S5e7WdCOJuOFdBL4jJzlrGgOb4HBkyz2DRDS-GAmIVG9HxYPrCWrE7nz-KJuRo7xf7_4TaxNK-xgSqFnQ4dK42nvQGsE6ABEyeT6GgYO9T7bPr2uOIHF81yXCYglNgztjlxXYaK-NpRqGR6HYAg5dg2PzUTbalw8lqs5Yl_9jBwMs9Tj-V8Hg_fBDHpTZaJVUQ_79jtEExTCNts46MM726dOHk03EHP-IMF08vrzIT3Bb7Svo5bd5mJVeqDBeYockQCeOAxOo3HTnz6UEXwFhetL-lkMHmJxD5SUgD2Q8UYke7KpqjCzTD1GHFKXcyzidRcl9QVgKfB9VVbr4TUFv2p7bOInOewUt5gP_VlI1Ump9cof8bgUMqrglLkQZ2MmUdI_wRihOBVBmjYgTdoaGQQaMdORXsA1mfR2ULXMKrWuUdGM7RySCcjLsN_cxeO5d6Ll7ah1ym-8DGu-cUq_NzKN12epXgVQXjOJNmBQaMF-8bSNxK9qaou5b9hep-_9In9oTxbS-ghZdhmAasmF69aaImA6EQ3ZZK7BQtBoXcXluO7HOMQfuZ4AWvTJ-mwSNztcWshzAqXI_s6r0eNAoWe_e9VLkyz2DRDS-GAmIVG9HxYPrH5VjA_u5FxGvMqUnf9TQBxNK-xgSqFnQ4dK42nvQGsEmI9YI0NszyrnjSHCBrHOFxza7XGJk02qpauwWR7fdpZzHpbFxYCHf8ECnS552zQGcx6WxcWAh3_BAp0ueds0BnMelsXFgId_wQKdLnnbNAZzHpbFxYCHf8ECnS552zQGcx6WxcWAh3_BAp0ueds0Bq9Zeq-SSh_Sl3LXZc1HvVSvWXqvkkof0pdy12XNR71Ur1l6r5JKH9KXctdlzUe9VK9Zeq-SSh_Sl3LXZc1HvVSvWXqvkkof0pdy12XNR71UBUwKXxotsZ5wN398q3s3LAVMCl8aLbGecDd_fKt7NywFTApfGi2xnnA3f3yrezcsBUwKXxotsZ5wN398q3s3LMCaLwNSJrENmm7V1soGFz1PPYJ8usI-1hBBRr5uFxgFqfvBa32ACLSnDYXKF1oBeqn7wWt9gAi0pw2FyhdaAXqp-8FrfYAItKcNhcoXWgF6qfvBa32ACLSnDYXKF1oBeqn7wWt9gAi0pw2FyhdaAXq0Agj2dwrNNJ_4JlENwRdLeDq2PHxBb0G93bZOUEV_B3g6tjx8QW9Bvd22TlBFfwd4OrY8fEFvQb3dtk5QRX8HeDq2PHxBb0G93bZOUEV_Bz1F86Sl6DDY5Z3karVfdIA9RfOkpegw2OWd5Gq1X3SAPUXzpKXoMNjlneRqtV90gD1F86Sl6DDY5Z3karVfdICTA05Wuw6tFWAfUzmDvhmSFch-eoCuDk8x64052zPt2RXIfnqArg5PMeuNOdsz7dkVyH56gK4OTzHrjTnbM-3ZFch-eoCuDk8x64052zPt2RXIfnqArg5PMeuNOdsz7dmtfy5ud8CHYuLxZS3nEa0BE1zi3eUCecg106GXWo6ZhRNc4t3lAnnINdOhl1qOmYUTXOLd5QJ5yDXToZdajpmFcsF2TrKXHO28WTPH9fnpI_PSjW7H5Jkol9-9LsOFip_z0o1ux-SZKJffvS7DhYqf89KNbsfkmSiX370uw4WKn8yxKiKiTWPKkkiOcoAi4XKZa6cUR-KH2UMf-39oRIqSmWunFEfih9lDH_t_aESKkre8mUo35pyb_Uyl8_iI_jTd33erOmBTEWjk8EHWq8r_3d93qzpgUxFo5PBB1qvK__1RbVR9dS7n-36zeZhB68IWfp2FZ5JVuAq1se7SHkKdzzWCryk-h24TxI9jrNDh6Qy6mS_4UzvyBOZzWa9LlPM; Domain=.turn.com; Expires=Fri, 16-Sep-2011 13:29:52 GMT; Path=/
Set-Cookie: fc=k01_H3DQgin2gUWbqEfHVnEgVJOySuH7g303wn-3ThPBhSQ9y8oNWj2jHjllm2qL9SGC6KvWqijMODBe-PTw-vVibMqUG0iKKCPAs_vD_eA0A7iP8ARnu5R4osC1ayLKRfOX1MD02-o6SZ1b0c_HcdJnnDxsS-ubYBpridlzat8; Domain=.turn.com; Expires=Fri, 16-Sep-2011 13:29:52 GMT; Path=/
Set-Cookie: pf=-ogS4wUPp2uOthlAhkua7efecn2SRWQfzZHRnDXGAba6o4VUW939ncJz_M9dzB62dqrSo0rlQrgRZPnrV25dosiO_2dDHnR4-kSqUJ-Qkzk9LbrWX20-UrBjicbubJadUP_jXyHjnmjK3rrz51boI6CBxA1xPMI6FIxSqVGspWCSKqnEyrwCKenpGxRQV_T5jSa4oDXhxZzP0dJh6rPSnc3vKSZRPdlwmRVNzIEeWUEL0x8wFB4ST8OfQRd0AHkWNMyVJERjf-FGSRAtXD4Nhi-unhgxoADyHNLh6ZDzCvrf226xnTIQQQmq5EgT_iESfo-zyO2mzOd-Ch5JgiT1BrBRqZWHPzi54l3Mmy73qMYYephq_CTqNSwxH1pwvb85f0uXstituK4BLz5PJm_wP-PMU83diYb3Y7rpEHLNMQMpBOgDXF1T8wK6QnvAMocQ8c2fJyJeVO-VkDGuoHZoX961OccaC9LXa8TZbmhrtplN8Wv_lboyvPuVgkwWlyueoXrtnkQeCARtQrPGlAjjp_7TZje4YoYaVdxgHe70aWZO3jSbIiK-1ezhwhOSA__6Z9ex2ErzUPCDmXHPVip7liY2Qh6CaTHwP1FBJp6RrEmjFnmOhwYX94V3gbOTfK9JGJY4fF04_Xfkft25X76d7kpl4DxOQY91EWvajOdwUHJQQH5v8Tt-aYcpJ7mu3QSv0s7owuJGUDMkgd-lrYxlqsTw9Tyhs5-Lx2i-xccfpwakxyKbsTp7iwJkB5aBkvxQg3iTh7EJteIJxc3MMJpCWuKgQ8ZlmPUZsxOX4w-f66_WkEkcO9UmX4UESRvBPLCIQ8CnL0HqIS_oeQVIZx-kkk41zR9Dzd_LsvCsLyvPcxkHvsGBIlOL9YQyxjcczMLmBD5QuMG_P68KP296xTfSUKDZr1y42fW0Gp8hhYtibaTLP8yKitG5b79rtm0lM9hovySSItes1M7pqw_gT0NZbY-JRI28XUe3I_wibFgIfX0ItbUL2laTCY4uwlPM5yLhHirjZY2i8uALOlPJahZrAqIuNVsviQj2PAjAIIXz6eQ8eoEI4sgLSHGy6RAG-E-0ABI9WFjZ5jQ2afTPjHR41kxFdwO2AOmQl_ejbEhy-tzc8HFK-9DM5Ky9EwXdGW0BIpD6i7xs06BVFi02IieV5W0j1cd7tPYvwMWMM9bJJCpdUmvcXrd0BRBgx2si0fBNrAv7l31yA8hU0DTXIKvdCrqkXn-v_AtdloUzYpPUf3yKZF_Z_llO_BCN9M32kK_AqSds3f0y3LOnRAnfGQ9xW7Q-514KtnNO3DDfwJnVSi8RbzvYVg3rh0EbDIc8E_e2zLtY8hgIv7zj4dU-WZHIT5roxsjyE6sdhHHPvtgrBB5H9iBOvD7olsUnsrN1yGsn_lyVeHNxOykVE34Te4Roltn-QS63rrfi7qOR_2snq1yE9m-hEeKSnfaSKyWbi9FNJwChI073rWJlPatNx0dyP3UCik4VbEo1AKSAXIBNd1P2WP7zAmgNITc0E_1skmBGA9sOeQP4ljjECUChGrh3Bw; Domain=.turn.com; Expires=Fri, 16-Sep-2011 13:29:52 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 20 Mar 2011 13:29:52 GMT
Content-Length: 2477

   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
   <html>
   <head>
   <title>Turn Ads</title>


                                                                                   </head>
       <body style="bac
...[SNIP]...
1.63. http://ad.turn.com/server/ads.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.turn.com
Path:   /server/ads.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /server/ads.js?pub=5757398&cch=5766863&code=5766875&l=300x250&aid=25369308&ahcid=535345&bimpd=ZjNFN2hZ4i-YlydCdXsT0zZTuD8IubLL42BCS9LH_kU7Yi7NnmKey7h5ce7BWIM3Rux1S_qG8vICQji47dy2E024eYgQT0HpFSZWVesdccUgQeaQijGiqit_QPicgHK5ZZMUs7NpCCTHXflWLyQ9gG-3wDj3m_hPLqVkJ_2jOq48xNSvPXXIt__p10AGZJLfhVd0yR51mYGgtr88kk9pKdB4KuxJT2VpTSwLNXwZXg4zCpHIfbwNI9gJXjnp9W21ujPToIsuRZGfl8WEkkUw9Ua8Y_pn6CI8FT2XEgvyDGuPJv9385Kf6G5E3heIgSIs687bp01UqXCTTP9aXrmld7-TAYHSK0sv3Lw3yXzZz4paS9RecWGAeiDyekIyHp83tNp7CQptCawVC-54p-UewRw2jc1G4rEkoLiW0MRZIYy0V62KSSlYnX0LIbOpP3Jz00_3gOdpgmrTp3Jy74JTl73wc-cQ7FRKnITKYzO3zYVwdOuxgdv5_CYp89cY01huOiySebhNVquMNpVX58Yf46HG1sTGVle5vnwDWXwqi3RFY4bguUnvRTz9bsqCxNCQcmxkY_zvBwV6oRrqmbjeXea4OcyT17faPheb_5alGxB6vDyiosWvDSM9GQ_OeB_RT9rMK7M0d9tZKhGFc8ggTaSfPRztPAxd7KicgD3lJEcNkr_RW7y1hSGjdb2Qvr9O0cwgc6AhycSnUsmX6q1X86NfrrOorlvGJGSqB0P9f_Q&acp=2.828999&3c=http://track1000.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=RGcAAEVnAAACVQAA6AEAAAAAAAAAAAAAAAAAAAEAAAAAAAAA8wAAACwBAAD6AAAAAAAAAAIAAAA0M0E4QUJGQS03NDk3LTQ3MUEtOUFGNi0yOTc0RDE3RUYzMzUAAAAAAE5DT0xPUgAAAAAATkNPTE9SAAAAAABOQ09MT1IAAAAAAE5DT0xPUgAAAAAATkNPTE9SAAAAAA==_url= HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=Wonw4SKQzJYWGPurqxtl0nuUzYJk6jXTg2kkRxPsf5PfaqaDzVRu9ZiuBStYaftYL8XNm3b3wEFLrI-bYDGMZspa2dzalgG5fKshqZFQ0gPE-iovOq8fXLrOOSDX_7RE4aP5h09o7k3cRcJp8kFALhcUtCbH2AU91mt_IKIcvF-dnVEIXl_o2VKbCOQ18gKB3TdfaSMq8ZmQLhPF-HDmXEO0DkgoB2K7NtvRYr_WLBLd_glL1pkpHKTZt_lIPJBER1eWajsac7h1LLqoQJdxq_LVmIVMjE0CeQFu2rmZbM75ztlAPWqlo6WakHRHQDJIug3BBFPTzPZU9a_De5ObQfS-FOkT22lzSBi1SyH2rdOEyvGy9ARJOsbfKu5zwAtywK2T6I_iNDRolqjg1OzTcmOmBomBI971b1aEnAXt992jScb5ykHoHXGqgsU2JXsEhKy7DL4leWeiolkQACcMJeDFfNLII8GWE_POOZEqdvSAlwAd2SMpuXja-1oqTvA74Bv87ktR-V-CI_fBW8ozCqpHrzMG7a1O-Bw1uWV3nCTXMMhqubSRk012wJ9TI5YEXDd38XvwUG3nRYRagkvUuiCki6dv9_ZBTPOR80NtxF90Tx9NnkbuE9oFmALVgGEUfnOnpPStJvBD7eMTp4e86K9aYVqIo0QJ8uo_fgCPTXl4d6AzZ5kL0Q3seR-QMTT54aP5h09o7k3cRcJp8kFALqjI0RR666J6yMcKhWq6NL-dnVEIXl_o2VKbCOQ18gKB5OTiSkIyAtUIxcH0kc2Z_r8mFTCd5ttVGpgCWv23BFzd_glL1pkpHKTZt_lIPJBEcjaG10wigUMyya21D2XcWPLVmIVMjE0CeQFu2rmZbM6gr6LeWJgmS_GYEF0jBxMut0ENHBIEVq_lRqV1FbhAaWaIpCiKWJzFCjE_rpqGSQ_AMLkX3xVdMEoiwUWtkl_8wK2T6I_iNDRolqjg1OzTckKhKx8gNr7j1i4lKSwVZVo5786SEOCxaDqnPJjkYPAbhKy7DL4leWeiolkQACcMJcv5JGu7PR53V4XHAO3Io4OAlwAd2SMpuXja-1oqTvA7Sby-AWn9Ao08NtBsZeyI32iQebtfIQ-g95Am5CKbjjGdX9SGy_mLofSIrTkkkZy7q_kymVsfRU5lp0Pu2QVi0ARmUVnGxwLABzMMwaHgl6ZZhmeV2wkprz8192ZLKDYi5nfmk03YwEf-csTjfghefqxfpgzc1VS-2ZSEBy1bfilWXaAbFc49ghutKx-kX83sFbZDNzeTaTd_CskNnL-gJYUhrqV02c7lrfNhksNY6EUSKZoIDqD4G7bFKUqmMV-obRSQfOqKLvEIVYVzZt3x7fyt1kS60aRmpMuHWG916ExzRX1Syet26XYSL2aR6sdzgDpDtFR-MhBo4SKLASMedrNlhtwwehJKZV_vqQ6TPomFT0b0CNqL1yDov6pCERYHrjdcB3-hMeuXpkthOjrlfmpI2EXioEJjgLbV10VkcXuhwiZ-NmqDn980RgRl5YCRsSMBuuGGbFuPRJa8whW0k6IDQXAakeNb4-iGLLL6vhICsdnGaSRoEnqOcIv7G5CzrcZxzHUt8FlPxz9qsQnKe4yFw3wjTmxxOfzbjyejukYkwsYpf4klfvVA_XCLxuitV-DkChzNBAZA7664Ecm9sJ8KpnA_mwIUzpMMvoHHE8H69Nv8ZmvmIfccRX7ppIDmK81F_-m52Kk6mklb9Gkz7cULXDK_DJBsJiPg260VBuB21BharSCDQyZkIvsj3tYWKCBcgK1KIuX3WD1wJn8hu0zvl4YurMpkt_KNXf21GXmMh3NIrtrwJ-PytJzw0bCN1JbrGOVJbR84q2JjTjm8h96r_zTQjil_yu87szG0AJSpAmYGrgDwofgjre60aLEVwGQ7VXceHmC6gPGCEolElhIpmggOoPgbtsUpSqYxX6hAIdI1m55J5HPTGq2yMrwQrQe8folUTs7yHBhE3jXdIqirG5pEDTVYoLJvdXZlZ78KIcHzd1FxJAPOlCIDY7YsrjdcB3-hMeuXpkthOjrlfnsK60K6G5zIvDNin7d_-XihwiZ-NmqDn980RgRl5YCRK7JzRSpPkaFxPAb0V4qxxlETd_XsDWTPOMhkKKyRYsQCsdnGaSRoEnqOcIv7G5CzlX-q_nDsklvWZp_SxUEVsoyFw3wjTmxxOfzbjyejukagr6LeWJgmS_GYEF0jBxMulbT4k7I3RFcH9USEGB8d7ehp9hmy5VmQ13eGV0p5qLQhVwiAdydT3PpB-fIjCiWZK81F_-m52Kk6mklb9Gkz7Z0a7PGvOJoJ72EBTvuMQxml7tqppY6LFE2g2xxURyWGmrwVBz_RVN4-Di2560zu3yYkwvb4gvrvji-WnwN0XjuMh3NIrtrwJ-PytJzw0bCNnaladC9RU6ry0d69z-Zz7SkUb9qGemCfvAL5h3MLwHvc3yMGel4rk0Sx0kOS5kYLJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWZQlrT0o0JDb5JXBZDXw8ZNGElOiRir5xHZ8kAaarjTbBhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbJUxYTKvEAE3JAT4SvkHOGiVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGgqNhuM1tUzQHYZ3GHdzM7ZKjYbjNbVM0B2Gdxh3czO2XJ9Sw3jdHwwRW1AzobtH9t81_gjdGUYVukJY8YG-hGu4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhgiUFl9FgDtOej2CKmEQRocaN03oKZzXwNGGcrv63Acnqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKRPkX-td7VA8q5XtcSwY3rEtaHZAo8fYosnagZHyU5kzUakfxoAiYEuqsAs6lVyErOLNUzJM8pvIuJwp8fvrU-Bkl0_218ihPPlMqx1CDk0FmJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWYl0_218ihPPlMqx1CDk0FmUJa09KNCQ2-SVwWQ18PGTRhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbNWAVpIeQy-_rvNmNJZl0MuVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGi4IMq_Q-b1Bsvq4IHMVMMGKjYbjNbVM0B2Gdxh3czO2So2G4zW1TNAdhncYd3MztkqNhuM1tUzQHYZ3GHdzM7ZF_hnwsZOFT5I4eRW46LWcrCzHp4KI8EJF3gYURnVkXqwsx6eCiPBCRd4GFEZ1ZF6ONWHBOP2kK7zVWFthcPDncbv-tY65jMfDKTbdfT8ug3G7_rWOuYzHwyk23X0_LoNxu_61jrmMx8MpNt19Py6Dcbv-tY65jMfDKTbdfT8ug1ygQv0vtIAWYRj1Bwp4i9DzbefliSJ1pdkKBMKwCbwM7hvU7dM3_gDWrNcfv9Lfj8; fc=P8r1GRRUBPzt1rj093eSUyd0kIOGQ-01IqHp4E6nJR0sgJfvPMxam1XE0VXjRZkHDvAB7dj0g9rEc92kPRVoFw0-m0BkBmdsMbfLJKocp81E28M44OKTmpkvbjqqib7MAp1BJ3k6cxFoa6z2wZnSQRA23o3kcOf_vksOCkd4aIk; pf=UGHb8zI4aWtxtAmZyNeJNOHVFbSxqG9hsprN4v3Lz7LQ4qp2i9jCVLo21ITPxTJXB9En7PzxQcEcevWyHskThbQXXj1jA2FyUlkwwkhF7Ro2ZM7BNfD3Nrq6VH58nArltBKmEiDSJc28wBcf6WsZnUwqlFt-IvrL3Cyer2N_b_mQBT67XG3r_GqqLNCDP6TWM6QtivX9DfUZcKCbSzspOG4m4SNemiZsDiwHpMom7zAuHGj61Fo18HFz7Miw6CJ_lAToSBCIK8xd4Nhi3WZ5RVrFAd6zRhrKdfWaTudRRtzdw3uPJsigd4Z03fwI832qp0yYZ8xsq2g2JzvVLF3m0wYmvQ-7zazlMMeR5t48rmodxWJcKS5DgWnPQyOG3H9dle4JdVl67EbeBoMsCr3yKTNk5q5Z7Ye-yqAjt8FV6TEs0w1Mf61wa5sbZduLkMcmu6BxGVr1a1EtZ6VakW9qP0UsyZ23YtDx8Hp9aqDHgS7TLwotn8ChX3Ao59tcjALmIsfXlHObMd1dM-9EmR9zq1feDyJ1JsMdvufmKTEv8zYWEcVWdTIfg0R3HCs5Zgu8aqqZRUbE5cNgHLG-cyhwp9zF6bIQmuyiOkEVXhOR34lY8hTahfCesI1SII1o7GCSTkQctMdsR8ol26b8wwOWRulLcAuUbWv5XradSS5Og7yWq1NAPlM-71DUoari4r4P1Y5A3tzwkjyyX8-0gYHGU5jnzszrbJmm4ATS7VE3nQTOLZuOv6rXl3lXT98xe_hpQk1J2tMJ7uf0wgawDl5tZsTT5kN5mzq7cQ_zim8SvdxF5k8za64BvapgLtKI75QWoFdHsE8JeyafKsb518Z8yG2rlDCHXdIcSLBgYtlkloVO9_IUqGf6VJi47Jt9VzE1iUilagnqDfZezBDAgKeQJqma1IxzDiCoqn5pMBzKyly1EGZOdFA2-qArtbtQRT50YdNPvJqt7eLAf5C0e2pQiKZbm53MKuxT-xACBztAh4jFDcYPKkwR30hpsQ3QHTsbR1jwb4Tknj1lRvA_43zRPga4UleoT5uXiADlzwkOVA067MXkh4FAeKVzg1ACtjgSr5Gp6DR1BdDSotYHbfNzBgKBFuNAXObQP9_MMOI3eG1WGdO281P8amOaY7gqA06Qz3ZYqAavLj_IiDm0PZqfexb3wevMxi_3MpY_DV3nsHFBx31PTcSHvXJd2U5JBFuC4zIXCy6m3DgsRU-dDxSk0aAqkW75gcATwU4afh3aZM0faU7ttedZBHKMSUKU2-CLArzpv1sCFqKO2OO_7QHd61ElSVhkX8nCFJ8XYbO8pgqPz6rxA2zJp0kRUBjlvUbWcclJ3ktilOIca42ILmxDGq12QBEWUhzuVA36zOFcdBowxbu4TWEkjnoG3y3BQoeZ0WJ4-WctW3Z_ONfcXbWfjQNvc84m9Ucmpn2n7616Wmjkp_YRqKp502Bw_HclXEDNxATqSEvwR6YWNJOibQmjAIOFfhKbFkHTBHoHJsdi8MjHFkcfi4c9KAVErlkS3F2SFWLNhm5B3_eb2Qy3toXmjExHhirQMRh4tcgyEqZ-0Ko; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; rds=15054%7C15054%7C15054%7C15050%7Cundefined%7C15054%7C15054%7C15038%7C15054%7C15054%7C15054%7C15054%7Cundefined%7C15054%7C15050%7C15054; rv=1; uid=8392341830659049202

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: public
Cache-Control: max-age=172800
Cache-Control: must-revalidate
Expires: Tue, 22 Mar 2011 12:42:40 GMT
Set-Cookie: uid=8392341830659049202; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:42:40 GMT; Path=/
Set-Cookie: bp=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: bd=""; Domain=.turn.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: adImpCount=yIwFGXG_ONNXYT9KVa7ARgYdhMdutDjUYx3YtxoIw_Nh-L3XcPmT4hHXOQgApIlYh1NXgtHFGzzHzNFmm-KzX4g90G1H2vpZoNOb9achAhCIt1gxQlepUlp4ml3sdNG97MDefgoTZqF-bd3v_Qfs6OEZRtFGqduPVkD_gkg8VfV0ExsZAquLx2WiGNWvrnUs66TrumjmrgmOt_6bhgpouBxkPuTLEr5IiK0NPDoDdGZ4Jv2wOThiY_xtrMTwfOMAaAyMOd4uGF3MC-CGXX4vMW1u4GqmTEyg7jKVZpHKQe_PD4Xt-Js7qCjW6RNzUibJvhpXhsNU9dle8CO-Yq58yguZYY-JrvoL-qJXZJ1yuPxYvM25ZoHa0yz0_GF1-k26H27SKaSCTrWZJYQAanRpUp6-8ItWMu0zx8opffmAg80Q2NcoZq2DmOiL11Y1aSDa0Eax0_okMfml7XV2gTBl7_RilTlv7STTUt74jXnFmkxXmw30aAMs65cz_bx2zPbI-_ewAyRcl8PlkxKSnlGjeIn_EmNzOs9qkghvEthcqEgT7mtD-WyULU_RZ6fVg1KoOEsanzEgq58e7v0MXv-Zt5X_BsIvcSN0BmMTK-BlFS0PB-14JrUhoFLPnz5aKcvNvGRasNivyUiC-5nZMh1vJRLdlT7zaGlPa6bZSrikfyuR1XYHjyrzNA4VOnu-u85G7MDefgoTZqF-bd3v_Qfs6Ea-nsCtv-M0FVyWmgTaYJR0ExsZAquLx2WiGNWvrnUskfkh1c6UGWIS5N3Qjcruf8kSTz_yj_0xSYdw0Z1SFxELVM3uUWyLgHu6saG6i5Ps9kP5ppIhskAoCcoCTrAghAXlpwfxpWQdK7j4LVji2FWvMv2YxyHmLdaNustJLe4wL8t9STRgxor-Wv7_2JAlU0GifQpKlSlg2JPncxaZQ7oV42htM5jx1YoospMm3LO2H27SKaSCTrWZJYQAanRpUjDmKTcPQFqbSQ5GlElX4-OPXp3pozvJlBPwzvc_9CbX0Eax0_okMfml7XV2gTBl77zbnfMNJ_ejhUj1ijcB8BL3D5kPD76YDvIMjmnYUSqxo0veabwYiVBq7X_zb-YZYDMB1dlAsjcT9rVrLvj2jmV-EF7DnzPm9aZLOC1nQbZtlKVwFIz0fG1Bs_b6nhyhEpX_BsIvcSN0BmMTK-BlFS19ozX7FlWqx06TTt3zJMoidpDfoquYgeQVRQJMAHbPN_WiDC-9tPc3fXOMseuvq--K-zgO7NoLM_jmXGcGtU327MDefgoTZqF-bd3v_Qfs6Oxkijh9oVlxu6lBUms7z7J0ExsZAquLx2WiGNWvrnUsOVVvRY4AYRs50cGAbbAbGGZruOvapKdVErBX-QzpM90LVM3uUWyLgHu6saG6i5PswizSddZ377EjzJLxqJ-wIAtUze5RbIuAe7qxobqLk-waC6VbWziYzPzZYEsPOu6lBeWnB_GlZB0ruPgtWOLYVaXIseB1coQlNcUX8Tx6_BWmnIkrQMYyVV001NYeCx77QaJ9CkqVKWDYk-dzFplDup26fxxLi0cDamgwCGuPcFIfbtIppIJOtZklhABqdGlSn6tci3W8cVUumNv4e6Jsa79AYoCcuZQevJby7J8Rci2VoAtiLlGBIkVRKX8ZT8khpXgXWxiDfl7mMS75UiObs_cPmQ8PvpgO8gyOadhRKrH_e4sHVLWOIoaoYniTq0h_lC4l-GnLAeLfqIKDfL1UZJOz-o9DYD-roxjsJC1eyvS4MvbBsZIJDa4a_Eok4G_ulf8Gwi9xI3QGYxMr4GUVLY4zgboL1tHVOdRw6zHxG63JnlvqvTZp82d7AV1or2dUK-LG9BtoUFPBV0w0XjD81z84BWQWwTt_7VJ9kV3Yk0vswN5-ChNmoX5t3e_9B-zoL3LJqasE_Q8FVpKlHghtGXQTGxkCq4vHZaIY1a-udSzFgmY8QOetcaJ-cMDdy9pPjCYOHG27Q3GmZasY4qTHgwtUze5RbIuAe7qxobqLk-z2XHJXrFoSqU-vGEg4zU6PBeWnB_GlZB0ruPgtWOLYVUnc1s8GqvB0YPXoEkPp5nPmTrwiyoeHjcg_nRv07nfyaPBk4OYUvCvkVVAnHSDIbqD8NBes3o-Ce0dMzjVRBgYfbtIppIJOtZklhABqdGlScNkaD9ey5GwOXFSxSucsLViMOoBgvjVPmppZou5G5Oz1u2jaCL-G-9iQxe-i1zj0BHqNpdRWaYXKfEufY1_jM_cPmQ8PvpgO8gyOadhRKrH7GlnJshzgtoHSy0JW6hjS0Y71Gya6aNjlY8hGPjk2YaJDuoGirKaIGqy2d0dleyw2pQa3XTHbwOpyCpUheA7AFrTqbfLoyl3J8Nk85ayOjY1oNWlujSGtPqbH4Mc-ck9NK-xgSqFnQ4dK42nvQGsEC1BX8VG4DvOOTZvBGdh3W1l0dXhBHCfFaURcg86EWtLlFbsvCmEPdz0GvB-V7jB5awi2yagXokGer-T3duHYImsItsmoF6JBnq_k93bh2CJrCLbJqBeiQZ6v5Pd24dgi0fy9yH3cJpXYWOo6nSGwttH8vch93CaV2FjqOp0hsLaOT-BQHXXH-uznhhEs9x_Sw0tfzF6HcwwheEdKac2B-sNLX8xeh3MMIXhHSmnNgfoM2KaPI-sR5WE58gV6S3h5xnv5U9q3RmUdEcfcdtut4fcJCZU_BttKMXTDyrBfshtsU5_j_mocn2P_zfZY4qmabFOf4_5qHJ9j_832WOKpmug_cxXaULqo5K_--uRzgNIR8R--H-SzG21IeFe3_WqV2oTj14ksQ27ZtJZzx1gXZNqE49eJLENu2bSWc8dYF2TahOPXiSxDbtm0lnPHWBdk9C_Pu3wPYr2A_3dDgXogwmd09iZDTMtxv05d2hJrzm1ndPYmQ0zLcb9OXdoSa85tfCWfACzyR22c78m9rm0opXwlnwAs8kdtnO_Jva5tKKWGDrBTI6MoEsB4IrTcND0RHO90Ba4DNelbdwYVufELDtX6BfAY2sgFWzSh0EbYcfTBpmpd9hwiXKZXJsWFQCQVBsjiFrNHSK-_Gebf3rUW-DiUdeTQauTko8JT6bU5H7U4lHXk0Grk5KPCU-m1OR-1OJR15NBq5OSjwlPptTkftTiUdeTQauTko8JT6bU5H7WBDZuAVb1fiTqGwbz13XI0gQ2bgFW9X4k6hsG89d1yNIENm4BVvV-JOobBvPXdcjQoc_EAqGm2Vr9TWaHYU9GddhjhUYi9yiSqjz4yirqEtiAqptJsyQVI9zPJ_EVQb2i-PQC9ET8YNkY6cuXcGCAhqf1MrHd4wjjnlzZT7-OanKn9TKx3eMI455c2U-_jmpyp_Uysd3jCOOeXNlPv45qc4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhxo3TegpnNfA0YZyu_rcByep30ZvJV6vlji6z2sRrikTqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKROp30ZvJV6vlji6z2sRrikRAeKyhQvuA1Am1Hf99RKswWh2QKPH2KLJ2oGR8lOZM1ANe8zLs_kHddS6hlrOxdDk; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:42:40 GMT; Path=/
Set-Cookie: fc=m5RiL1vO1RqpbeR06rDSQdi-P9L6OOiujCMMWa_OuuTBhSQ9y8oNWj2jHjllm2qL9SGC6KvWqijMODBe-PTw-vU2npYFHN-QFxss5iBZjoo0A7iP8ARnu5R4osC1ayLKRfOX1MD02-o6SZ1b0c_HcdJnnDxsS-ubYBpridlzat8; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:42:40 GMT; Path=/
Set-Cookie: pf=Jd1kXf3m4CvakOPnkhxyiBgeT54GpsYPK4MHyiMybC4gFjeMd3kmKZT55Ypg5r9L3EOz12FQ-uNCAdfU7PD5Wkp-Orrqozj3BCOMbMIkasA5AgPo6YSdwT3MDItRNsVTcovE94huridJuBPk0YijKO9TlgSlxQZrmzRRzeKacbL6GKdXH5UwUKfOLcy0VcYQruMvoxOUF9diy9mNGQhlq2JtMCQ7lVq-hyJTdbqiW3DoxS652rZ4yALKekpvWmMPcz_D1A7UZdU-C4yxPwlGbTPa39d2XxGIybmmwFXlboOK1lqrs-ez7riUogPhhxgdLjdsuNkt4kilIGPDdZFqTDxcQoXd5M_X9_PRQ49Ytla1lpuVo27yABVSuxB-u3ZG0p4_mcPekRR39c8F2gKW8gNrvrHStmZqKyXyPYTcZqLGhGX7RT3sasDtmLoxu3GEsHGwkDF76-hjSCoANLicpcMQ0hGgE0Z3MU9PLDig9hx7K-2H7d7c401PVwgyIrDAG7ySaBAXZRf4sBmLP5WLg4CEJ0dOxjsRR8Pz88E6zXZ5pfjSLF7a93-Dg8KdE2uA4jtF0Bb6HP0QLqH7z3cWrAlc0sTt939bCxraXAuBqiXjg5K98Qt4G3KrZaFnMjwwL59sTCW_yVCgn2KZHtwwc_L5lem7W3ab54Dfse3tW8rWOxEtBTjdIFdbBTXS7s9G89E7LxmTNw2SS8CZLarLGvd7dCPvCGckYs7tpHOd2E5V7lqy-7Ifd1e0FiUzQ16ledghu_4tIGwvFiG2FVwrZMdMCO4KO-3ucQr2lmoU5z6fTnKKKyaYUpAZvGhHq5b6Lm9YkKQoZc-aYtdal0jXRZoOlGDcIPyHaWyPhpX3BTji5FKHM9LdERx7h_JxDFFn2JMPd782uBBQwvI9a2Zqvc02000rpaW__bSfqt8hfV8OrOabXNqyQL3_oJgh3ZKwFh3f5Y5KtIvFYHTUuAytKKL5za2o_8t9mYcO2EtYyGlYqXooYa1h3WFAwaFMVeZ3MNKOvsZ_neR7vB3FgAbmNXDKcOZrhw0Vgy6fST-VOgQTQnWhkwBbDpUeoIaXzjhU4Q5sFFyY7gYaWoDLySHXlo1ffNWVz7UEQW1NpINmSsOnTvY9_7BawSDWTKZMo_1imyLi2tPI1oo-o09_IJsH7AmkDlbdo5Nbl-8VrqJWsNMvnqaB8cNQu2Wuc9QMWNcOZ-4dnCdNf8QSGwGEu-9b9pbPeWt0Shi-R6junPcdLvGLFQOVNlMxUXa_emQvVKP8E0h6ICwfrRymwUIbtSR9F5tXkH_Ks47vlfXtW_WL_MardlQbZQY9c7dkIBGuNrg5Mc5gn6ZlcIYufHW-xFM0SVKYmkh3Ak_uFdBP8dSQujlmGGG10bAL953SS0rCyYCab1Crak338ET_hkm4WC65Ws9JsgfSpyPx0haE0ybXsp0Bwr6W_-M2ZYOpYr4LqM2HKExeIiG0FjnK52Zq8COPwLcxqEf0QVtcgYljFzopq3VDVi3n1JVa5uwc4d3D-j9K-SiC1LCMvHaMGTQa3m7kgqk8sefG6GGrltSH-snHclT7jx9mmcbv5kmzGYVtLPRW; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:42:40 GMT; Path=/
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 20 Mar 2011 12:42:39 GMT
Content-Length: 11395


var detect = navigator.userAgent.toLowerCase();

function checkIt(string) {
   return detect.indexOf(string) >= 0;
}

var naturalImages = new Array;

naturalImageOnLoad = function() {
   if (this.width
...[SNIP]...
1.64. http://ad.turn.com/server/pixel.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.turn.com
Path:   /server/pixel.htm

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /server/pixel.htm?fpid=1 HTTP/1.1
Host: ad.turn.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=Wonw4SKQzJYWGPurqxtl0nuUzYJk6jXTg2kkRxPsf5PfaqaDzVRu9ZiuBStYaftYL8XNm3b3wEFLrI-bYDGMZspa2dzalgG5fKshqZFQ0gPE-iovOq8fXLrOOSDX_7RE4aP5h09o7k3cRcJp8kFALhcUtCbH2AU91mt_IKIcvF-dnVEIXl_o2VKbCOQ18gKB3TdfaSMq8ZmQLhPF-HDmXEO0DkgoB2K7NtvRYr_WLBLd_glL1pkpHKTZt_lIPJBER1eWajsac7h1LLqoQJdxq_LVmIVMjE0CeQFu2rmZbM75ztlAPWqlo6WakHRHQDJIug3BBFPTzPZU9a_De5ObQfS-FOkT22lzSBi1SyH2rdOEyvGy9ARJOsbfKu5zwAtywK2T6I_iNDRolqjg1OzTcmOmBomBI971b1aEnAXt992jScb5ykHoHXGqgsU2JXsEhKy7DL4leWeiolkQACcMJeDFfNLII8GWE_POOZEqdvSAlwAd2SMpuXja-1oqTvA74Bv87ktR-V-CI_fBW8ozCqpHrzMG7a1O-Bw1uWV3nCTXMMhqubSRk012wJ9TI5YEXDd38XvwUG3nRYRagkvUuiCki6dv9_ZBTPOR80NtxF90Tx9NnkbuE9oFmALVgGEUfnOnpPStJvBD7eMTp4e86K9aYVqIo0QJ8uo_fgCPTXl4d6AzZ5kL0Q3seR-QMTT54aP5h09o7k3cRcJp8kFALqjI0RR666J6yMcKhWq6NL-dnVEIXl_o2VKbCOQ18gKB5OTiSkIyAtUIxcH0kc2Z_r8mFTCd5ttVGpgCWv23BFzd_glL1pkpHKTZt_lIPJBEcjaG10wigUMyya21D2XcWPLVmIVMjE0CeQFu2rmZbM6gr6LeWJgmS_GYEF0jBxMut0ENHBIEVq_lRqV1FbhAaWaIpCiKWJzFCjE_rpqGSQ_AMLkX3xVdMEoiwUWtkl_8wK2T6I_iNDRolqjg1OzTckKhKx8gNr7j1i4lKSwVZVo5786SEOCxaDqnPJjkYPAbhKy7DL4leWeiolkQACcMJcv5JGu7PR53V4XHAO3Io4OAlwAd2SMpuXja-1oqTvA7Sby-AWn9Ao08NtBsZeyI32iQebtfIQ-g95Am5CKbjjGdX9SGy_mLofSIrTkkkZy7q_kymVsfRU5lp0Pu2QVi0ARmUVnGxwLABzMMwaHgl6ZZhmeV2wkprz8192ZLKDYi5nfmk03YwEf-csTjfghefqxfpgzc1VS-2ZSEBy1bfilWXaAbFc49ghutKx-kX83sFbZDNzeTaTd_CskNnL-gJYUhrqV02c7lrfNhksNY6EUSKZoIDqD4G7bFKUqmMV-obRSQfOqKLvEIVYVzZt3x7fyt1kS60aRmpMuHWG916ExzRX1Syet26XYSL2aR6sdzgDpDtFR-MhBo4SKLASMedrNlhtwwehJKZV_vqQ6TPomFT0b0CNqL1yDov6pCERYHrjdcB3-hMeuXpkthOjrlfmpI2EXioEJjgLbV10VkcXuhwiZ-NmqDn980RgRl5YCRsSMBuuGGbFuPRJa8whW0k6IDQXAakeNb4-iGLLL6vhICsdnGaSRoEnqOcIv7G5CzrcZxzHUt8FlPxz9qsQnKe4yFw3wjTmxxOfzbjyejukYkwsYpf4klfvVA_XCLxuitV-DkChzNBAZA7664Ecm9sJ8KpnA_mwIUzpMMvoHHE8H69Nv8ZmvmIfccRX7ppIDmK81F_-m52Kk6mklb9Gkz7cULXDK_DJBsJiPg260VBuB21BharSCDQyZkIvsj3tYWKCBcgK1KIuX3WD1wJn8hu0zvl4YurMpkt_KNXf21GXmMh3NIrtrwJ-PytJzw0bCN1JbrGOVJbR84q2JjTjm8h96r_zTQjil_yu87szG0AJSpAmYGrgDwofgjre60aLEVwGQ7VXceHmC6gPGCEolElhIpmggOoPgbtsUpSqYxX6hAIdI1m55J5HPTGq2yMrwQrQe8folUTs7yHBhE3jXdIqirG5pEDTVYoLJvdXZlZ78KIcHzd1FxJAPOlCIDY7YsrjdcB3-hMeuXpkthOjrlfnsK60K6G5zIvDNin7d_-XihwiZ-NmqDn980RgRl5YCRK7JzRSpPkaFxPAb0V4qxxlETd_XsDWTPOMhkKKyRYsQCsdnGaSRoEnqOcIv7G5CzlX-q_nDsklvWZp_SxUEVsoyFw3wjTmxxOfzbjyejukagr6LeWJgmS_GYEF0jBxMulbT4k7I3RFcH9USEGB8d7ehp9hmy5VmQ13eGV0p5qLQhVwiAdydT3PpB-fIjCiWZK81F_-m52Kk6mklb9Gkz7Z0a7PGvOJoJ72EBTvuMQxml7tqppY6LFE2g2xxURyWGmrwVBz_RVN4-Di2560zu3yYkwvb4gvrvji-WnwN0XjuMh3NIrtrwJ-PytJzw0bCNnaladC9RU6ry0d69z-Zz7SkUb9qGemCfvAL5h3MLwHvc3yMGel4rk0Sx0kOS5kYLJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWZQlrT0o0JDb5JXBZDXw8ZNGElOiRir5xHZ8kAaarjTbBhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbJUxYTKvEAE3JAT4SvkHOGiVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGgqNhuM1tUzQHYZ3GHdzM7ZKjYbjNbVM0B2Gdxh3czO2XJ9Sw3jdHwwRW1AzobtH9t81_gjdGUYVukJY8YG-hGu4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhgiUFl9FgDtOej2CKmEQRocaN03oKZzXwNGGcrv63Acnqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKRPkX-td7VA8q5XtcSwY3rEtaHZAo8fYosnagZHyU5kzUakfxoAiYEuqsAs6lVyErOLNUzJM8pvIuJwp8fvrU-Bkl0_218ihPPlMqx1CDk0FmJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWYl0_218ihPPlMqx1CDk0FmUJa09KNCQ2-SVwWQ18PGTRhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbNWAVpIeQy-_rvNmNJZl0MuVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGi4IMq_Q-b1Bsvq4IHMVMMGKjYbjNbVM0B2Gdxh3czO2So2G4zW1TNAdhncYd3MztkqNhuM1tUzQHYZ3GHdzM7ZF_hnwsZOFT5I4eRW46LWcrCzHp4KI8EJF3gYURnVkXqwsx6eCiPBCRd4GFEZ1ZF6ONWHBOP2kK7zVWFthcPDncbv-tY65jMfDKTbdfT8ug3G7_rWOuYzHwyk23X0_LoNxu_61jrmMx8MpNt19Py6Dcbv-tY65jMfDKTbdfT8ug1ygQv0vtIAWYRj1Bwp4i9DzbefliSJ1pdkKBMKwCbwM7hvU7dM3_gDWrNcfv9Lfj8; fc=P8r1GRRUBPzt1rj093eSUyd0kIOGQ-01IqHp4E6nJR0sgJfvPMxam1XE0VXjRZkHDvAB7dj0g9rEc92kPRVoFw0-m0BkBmdsMbfLJKocp81E28M44OKTmpkvbjqqib7MAp1BJ3k6cxFoa6z2wZnSQRA23o3kcOf_vksOCkd4aIk; pf=UGHb8zI4aWtxtAmZyNeJNOHVFbSxqG9hsprN4v3Lz7LQ4qp2i9jCVLo21ITPxTJXB9En7PzxQcEcevWyHskThbQXXj1jA2FyUlkwwkhF7Ro2ZM7BNfD3Nrq6VH58nArltBKmEiDSJc28wBcf6WsZnUwqlFt-IvrL3Cyer2N_b_mQBT67XG3r_GqqLNCDP6TWM6QtivX9DfUZcKCbSzspOG4m4SNemiZsDiwHpMom7zAuHGj61Fo18HFz7Miw6CJ_lAToSBCIK8xd4Nhi3WZ5RVrFAd6zRhrKdfWaTudRRtzdw3uPJsigd4Z03fwI832qp0yYZ8xsq2g2JzvVLF3m0wYmvQ-7zazlMMeR5t48rmodxWJcKS5DgWnPQyOG3H9dle4JdVl67EbeBoMsCr3yKTNk5q5Z7Ye-yqAjt8FV6TEs0w1Mf61wa5sbZduLkMcmu6BxGVr1a1EtZ6VakW9qP0UsyZ23YtDx8Hp9aqDHgS7TLwotn8ChX3Ao59tcjALmIsfXlHObMd1dM-9EmR9zq1feDyJ1JsMdvufmKTEv8zYWEcVWdTIfg0R3HCs5Zgu8aqqZRUbE5cNgHLG-cyhwp9zF6bIQmuyiOkEVXhOR34lY8hTahfCesI1SII1o7GCSTkQctMdsR8ol26b8wwOWRulLcAuUbWv5XradSS5Og7yWq1NAPlM-71DUoari4r4P1Y5A3tzwkjyyX8-0gYHGU5jnzszrbJmm4ATS7VE3nQTOLZuOv6rXl3lXT98xe_hpQk1J2tMJ7uf0wgawDl5tZsTT5kN5mzq7cQ_zim8SvdxF5k8za64BvapgLtKI75QWoFdHsE8JeyafKsb518Z8yG2rlDCHXdIcSLBgYtlkloVO9_IUqGf6VJi47Jt9VzE1iUilagnqDfZezBDAgKeQJqma1IxzDiCoqn5pMBzKyly1EGZOdFA2-qArtbtQRT50YdNPvJqt7eLAf5C0e2pQiKZbm53MKuxT-xACBztAh4jFDcYPKkwR30hpsQ3QHTsbR1jwb4Tknj1lRvA_43zRPga4UleoT5uXiADlzwkOVA067MXkh4FAeKVzg1ACtjgSr5Gp6DR1BdDSotYHbfNzBgKBFuNAXObQP9_MMOI3eG1WGdO281P8amOaY7gqA06Qz3ZYqAavLj_IiDm0PZqfexb3wevMxi_3MpY_DV3nsHFBx31PTcSHvXJd2U5JBFuC4zIXCy6m3DgsRU-dDxSk0aAqkW75gcATwU4afh3aZM0faU7ttedZBHKMSUKU2-CLArzpv1sCFqKO2OO_7QHd61ElSVhkX8nCFJ8XYbO8pgqPz6rxA2zJp0kRUBjlvUbWcclJ3ktilOIca42ILmxDGq12QBEWUhzuVA36zOFcdBowxbu4TWEkjnoG3y3BQoeZ0WJ4-WctW3Z_ONfcXbWfjQNvc84m9Ucmpn2n7616Wmjkp_YRqKp502Bw_HclXEDNxATqSEvwR6YWNJOibQmjAIOFfhKbFkHTBHoHJsdi8MjHFkcfi4c9KAVErlkS3F2SFWLNhm5B3_eb2Qy3toXmjExHhirQMRh4tcgyEqZ-0Ko; rrs=undefined%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; rds=undefined%7C15038%7C15038%7C15050%7Cundefined%7C15038%7C15038%7C15038%7C15038%7C15038%7C15044%7C15044%7Cundefined%7C15044%7C15050%7C15044; rv=1; uid=8392341830659049202

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8392341830659049202; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:36:47 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Sun, 20 Mar 2011 12:36:47 GMT
Content-Length: 335

<html>
<head>
</head>
<body>
<iframe name="turn_sync_frame" width="0" height="0" frameborder="0"
   src="http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=3020778316292851933&fpid=1&nu=n&t=
...[SNIP]...
1.65. http://adclick.g.doubleclick.net/aclk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adclick.g.doubleclick.net
Path:   /aclk

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aclk HTTP/1.1
Host: adclick.g.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 20-Mar-2011 14:17:51 GMT; path=/; domain=.doubleclick.net
X-Content-Type-Options: nosniff
Date: Sun, 20 Mar 2011 14:02:51 GMT
Server: AdClickServer
Content-Length: 0
X-XSS-Protection: 1; mode=block
Connection: close

1.66. http://ads.adbrite.com/adserver/vdi/712181  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.adbrite.com
Path:   /adserver/vdi/712181

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/vdi/712181?d=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362171x0.807+1297860041x-1198401335; b=%3A%3A12cim%2C12ir6%2C127cq%2C110as; rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:753292:20858400:KH-00000000549735899:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; srh=1%3Aq64FAA%3D%3D; ut=1%3ARc5NDoMgFATgu7BmAcZa620QUEgtP09rKz7vXqRpuv0ymZmdrBXpdnLX28uDmklHpDHtGJkJyN2qmMQKOWvtg848apXRzLeIHBn9JX1GkRooGMKyvDMEPsoCUEs5lITwWOPw3CYKCYB9q6YSioO4NMi9dvFaII%2Bpsxd60fzHQrI6Y5uYPZFQ0gvnNNjynBzHBw%3D%3D; vsd="0@1@4d85f46f@www.livejournal.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:21:04 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: ut=1%3ARY5LEoIwEAXvMmsWCYWI3CaEQFJiPgOihOHuhlil235dM73DWkK7w11tL4f9DC3MPKieuNXzLRAnVkitmzEw7RNceyapJM4a8%2FgNLg0i1pht75flnYDno8wAKymHbAhHFQ3PbSowIrLvjylLYRCXmrhTNlwzSBX9eRc7Uf8rfDQqwSYyc0IooBPWKjS5HI7jAw%3D%3D; Domain=.adbrite.com; Expires=Wed, 17-Mar-2021 13:21:05 GMT; Path=/
Set-Cookie: vsd="0@1@4d85ff41@usweb.dotomi.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Set-Cookie: rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:753292:20858400:KH-00000000549735899:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; Version=1; Domain=.adbrite.com; Max-Age=7776000; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;
1.67. http://ads.adbrite.com/adserver/vdi/742697  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.adbrite.com
Path:   /adserver/vdi/742697

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/vdi/742697?d=8392341830659049202 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362171x0.807+1297860041x-1198401335; rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; b=%3A%3A12cim%2C12ir6%2C127cq%2C110as; fq=85nbv%2C1uo0%7Clhy493%2C861be%2C1uo0%7Clhy4c7%2C86d3u%2C1uo0%7Clhy495; ut=1%3ARc5BDoMgEIXhu8yaBVhjqLdBQDG1gKC24nj3Ik3T7Zc%2F8%2BaArYL2gIfeXy6oCC1IY%2FgwU%2BOR2U1RiRUyyscniWzWKqOJ9xkZUvIrXUaRmlDQ%2B2V5Z%2FBskAVCLWVfCuGwxn7dJxJSCPR7aipRFJXKuU1b5HnwxpCtjl6T6roeOtH8J30adUae6HghEOiEtTqM5X84zw8%3D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 20 Mar 2011 12:38:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: ut=1%3ARY5BDoMgEEXvMmsWYIyh3gYBhdQijtZWHO9epEm7ff9l3hywVdAecLf7a0KzQAuLmK0hEdxym0kQZ9o5OczcxQw3wzVVJLj0j98w5UGlBosd47q%2BM4hi0AVgrXVfDDVRTf1zHxkmRP5tjEXKUXOdwU41%2F2hM3mYoE%2FcXBAadCsGiL4%2FCeX4A; Domain=.adbrite.com; Expires=Wed, 17-Mar-2021 12:38:48 GMT; Path=/
Set-Cookie: fq=""; Domain=.adbrite.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: vsd="0@1@4d85f558@cdn.turn.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Set-Cookie: srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Mon, 21-Mar-2011 12:38:48 GMT; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;
1.68. http://ads.adbrite.com/adserver/vdi/753292  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.adbrite.com
Path:   /adserver/vdi/753292

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/vdi/753292?d=KH-00000000549735899 HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://d.xp1.ru4.com/meta?_o=179638&_t=cmcont&ssv_ptnr=pm
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362171x0.807+1297860041x-1198401335; rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; b=%3A%3A12cim%2C12ir6%2C127cq%2C110as; fq=85nbv%2C1uo0%7Clhy493%2C861be%2C1uo0%7Clhy4c7%2C86d3u%2C1uo0%7Clhy495; ut=1%3ARc5BDoMgEIXhu8yaBVhjqLdBQDG1gKC24nj3Ik3T7Zc%2F8%2BaArYL2gIfeXy6oCC1IY%2FgwU%2BOR2U1RiRUyyscniWzWKqOJ9xkZUvIrXUaRmlDQ%2B2V5Z%2FBskAVCLWVfCuGwxn7dJxJSCPR7aipRFJXKuU1b5HnwxpCtjl6T6roeOtH8J30adUae6HghEOiEtTqM5X84zw8%3D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 20 Mar 2011 12:38:10 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: ut=1%3ARY5BDoMgEEXvMmsWYIyh3gYBhdQijtZWHO9epEm7ff9l3hywVdAecLf7a0KzQAuLmK0hEdxym0kQZ9o5OczcxQw3wzVVJLj0j98w5UGlBosd47q%2BM4hi0AVgrXVfDDVRTf1zHxkmRP5tjEXKUXOdwU41%2F2hM3mYoE%2FcXBAadCsGiL4%2FCeX4A; Domain=.adbrite.com; Expires=Wed, 17-Mar-2021 12:38:11 GMT; Path=/
Set-Cookie: fq=""; Domain=.adbrite.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: vsd="0@1@4d85f533@d.xp1.ru4.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Set-Cookie: rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:753292:20858400:KH-00000000549735899:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; Version=1; Domain=.adbrite.com; Max-Age=7776000; Path=/
Set-Cookie: srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Mon, 21-Mar-2011 12:38:11 GMT; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;
1.69. http://ads.lfstmedia.com/exclude  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.lfstmedia.com
Path:   /exclude

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /exclude?product=2084_dot_excl HTTP/1.1
Host: ads.lfstmedia.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adu=ruWSsxM0kBCHzi8Dy6bBhN9oHWaq+PpVqWkdXpZNN6sF5swwQpwjruPiETfp0Gj6

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Sun, 20 Mar 2011 13:21:29 GMT
Content-Type: image/gif
Connection: keep-alive
Set-Cookie: adu=ruWSsxM0kBCHzi8Dy6bBhN9oHWaq+PpVqWkdXpZNN6vUKAN6TaPbDSW0JCpDs_zIMdiDqSjjYrA-; Domain=.lfstmedia.com; Expires=Wed, 17-Mar-2021 13:21:29 GMT; Path=/
Content-Length: 43
P3P: CP="CAO PSA OUR"

GIF89a.............!.......,...........L..;
1.70. http://ads.lucidmedia.com/clicksense/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.lucidmedia.com
Path:   /clicksense/pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clicksense/pixel?id=102567&t=i HTTP/1.1
Host: ads.lucidmedia.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2=2tm6jj5l0la

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-control: no-cache, no-store
Content-Type: image/png
Date: Sun, 20 Mar 2011 13:05:50 GMT
ETag: W/"118-1299187454000"
Last-Modified: Thu, 03 Mar 2011 21:24:14 GMT
P3P: CP=NOI ADM DEV CUR
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: 2=2tm6jj5l0la; Domain=.lucidmedia.com; Expires=Mon, 19-Mar-2012 13:05:50 GMT; Path=/
Content-Length: 118
Connection: keep-alive

.PNG
.
...IHDR.....................sRGB.........gAMA......a....    pHYs..........+......IDAT.Wc....    ...+..E....IEND.B`.
1.71. http://ads.pointroll.com/PortalServe/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.pointroll.com
Path:   /PortalServe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /PortalServe/?pid=1203631H30720110201170639&flash=10&time=0|9:5|-5&redir=http://ad.doubleclick.net/click%3Bh%3Dv8/3ad0/3/0/%2a/p%3B235836628%3B0-0%3B3%3B52877536%3B4307-300/250%3B40571478/40589265/1%3Bu%3Dpos-atf|cat-2|%21category-hs_the_nightlife|show-hs_the_nightlife|demo-D|tag-adj|mtype-standard|sz-300x250|tile-3%3B%7Eaopt%3D2/0/d7/0%3B%7Esscs%3D%3f$CTURL$&r=0.1189111452549696 HTTP/1.1
Host: ads.pointroll.com
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/shows/the-nightlife
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRID=D00A51F3-34D8-48E5-A65B-AEA8240476C5; PRbu=EnLjDMH8P; PRsl=11022007583617319321424330414S; S5HitachiSeq=1*1330995589; PRvt=CIJVpEnbEvypYtAK4BBeJDmEnbE3X1F4ACjBAeJcgEnehzmXD9AAVBCeIyeEndpCn0aKAPQBAeIrUEndpEM2mD!G5BAeJHsEnfjOwXZa!cxBCeIJfEnjeJXBN5!RfBCeJhKEnpgtxXiZABzBAe; PRgo=BBBAAsJvCBC_!B!BCVBF4FR; PRimp=989E0400-C52D-9978-0309-84A000730100; PRca=|AKIo*5:1|AJsP*1892:1|AKIk*492:1|AJx5*48:1|AJrW*9395:1|AJor*856:1|AIgT*1774:4|AJi6*1774:2|AJPO*396:1|AJWc*130:1|AJla*1499:2|AJ2e*1153:2|AKEA*263:3|AJeS*12722:1|AJwv*1153:3|AKEU*852:1|AJtd*1329:3|#; PRcp=|AKIoAAAF:1|AJsPAA46:1|AKIkAAHw:1|AJx5AAAm:1|AJrWAC17:1|AJorAANo:1|AIgTAA2c:4|AJi6AA2c:2|AJPOAAGY:1|AJWcAACG:1|AJ2eAC0U:1|AJlaAAYL:2|AJ2eAASb:1|AKEAAAEP:3|AJeSADTM:1|AJwvAASb:3|AKEUAANk:1|AJtdAAV1:3|#; PRpl=|FKgU:1|FBju:1|FIiy:1|ExE4:1|FHwz:1|Etmg:1|EBro:4|EwWo:2|FFCp:1|FFCm:1|E1AQ:1|Eib5:1|Ef30:1|Erny:1|Ernx:1|Ef3M:1|FFCn:1|FFI2:1|FDTA:3|FEo9:1|Es48:1|Es49:1|Es4a:1|#; PRcr=|GHNR:1|GBuk:1|GGJs:1|GAV8:1|GFdm:1|FyK3:1|F8uJ:4|FudI:1|Fvl7:1|GEH2:1|GEHe:1|FiUb:1|FwsR:1|Fq6d:1|Fx3k:1|FyJY:1|FujS:1|GEH7:1|Ft0s:1|GCq8:3|GDle:1|Fxpv:2|Fxpu:1|#; PRpc=|FKgUGHNR:1|FBjuGBuk:1|FIiyGGJs:1|ExE4GAV8:1|FHwzGFdm:1|EtmgFyK3:1|EBroF8uJ:4|EwWoFudI:1|EwWoFvl7:1|FFCpGEH2:1|FFCmGEHe:1|E1AQFiUb:1|Eib5FwsR:1|Ef30Fq6d:1|ErnyFx3k:1|ErnxFyJY:1|Ef3MFujS:1|FFCnGEH7:1|FFI2Ft0s:1|FDTAGCq8:3|FEo9GDle:1|Es48Fxpv:1|Es49Fxpv:1|Es4aFxpu:1|#

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 14:05:05 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Content-type: text/html
Content-length: 9297
Set-Cookie:PRvt=CJJVpEnbEvypYtAK4BBeJDmEnbE3X1F4ACjBAeJcgEnehzmXD9AAVBCeIyeEndpCn0aKAPQBAeIrUEndpEM2mD!G5BAeJHsEnfjOwXZa!cxBCeIJfEnjeJXBN5!RfBCeJhKEnpgtxXiZABzBAeJUREnup-fJ66AABBAe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRgo=BBBAAsJvCBC_!B!BCVBF4FR;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRimp=EA9E0400-7C7F-BA9E-0309-511000010100; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRca=|AJv5*214:1|AKIo*5:1|AJsP*1892:1|AKIk*492:1|AJx5*48:1|AJrW*9395:1|AJor*856:1|AIgT*1774:4|AJi6*1774:2|AJPO*396:1|AJWc*130:1|AJla*1499:2|AJ2e*1153:2|AKEA*263:3|AJeS*12722:1|AJwv*1153:3|AKEU*852:1|AJtd*1329:3|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcp=|AJv5AAD2:1|AKIoAAAF:1|AJsPAA46:1|AKIkAAHw:1|AJx5AAAm:1|AJrWAC17:1|AJorAANo:1|AIgTAA2c:4|AJi6AA2c:2|AJPOAAGY:1|AJWcAACG:1|AJ2eAC0U:1|AJlaAAYL:2|AJ2eAASb:1|AKEAAAEP:3|AJeSADTM:1|AJwvAASb:3|AKEUAANk:1|AJtdAAV1:3|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpl=|FDHZ:1|FKgU:1|FBju:1|FIiy:1|ExE4:1|FHwz:1|Etmg:1|EBro:4|EwWo:2|FFCp:1|FFCm:1|E1AQ:1|Eib5:1|Ef30:1|Erny:1|Ernx:1|Ef3M:1|FFCn:1|FFI2:1|FDTA:3|FEo9:1|Es48:1|Es49:1|Es4a:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcr=|GDV7:1|GHNR:1|GBuk:1|GGJs:1|GAV8:1|GFdm:1|FyK3:1|F8uJ:4|FudI:1|Fvl7:1|GEH2:1|GEHe:1|FiUb:1|FwsR:1|Fq6d:1|Fx3k:1|FyJY:1|FujS:1|GEH7:1|Ft0s:1|GCq8:3|GDle:1|Fxpv:2|Fxpu:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpc=|FDHZGDV7:1|FKgUGHNR:1|FBjuGBuk:1|FIiyGGJs:1|ExE4GAV8:1|FHwzGFdm:1|EtmgFyK3:1|EBroF8uJ:4|EwWoFudI:1|EwWoFvl7:1|FFCpGEH2:1|FFCmGEHe:1|E1AQFiUb:1|Eib5FwsR:1|Ef30Fq6d:1|ErnyFx3k:1|ErnxFyJY:1|Ef3MFujS:1|FFCnGEH7:1|FFI2Ft0s:1|FDTAGCq8:3|FEo9GDle:1|Es48Fxpv:1|Es49Fxpv:1|Es4aFxpu:1|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

var prwin=window;if(!prwin.prRefs){prwin.prRefs={};};prwin.prSet=function(n,v){if((typeof(n)!='undefined')&&(typeof(v)!='undefined')){prwin.prRefs[n]=v;}};prwin.prGet=function(n){if(typeof(prwin.prRef
...[SNIP]...
1.72. http://ai.realmedia.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ai.realmedia.com
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?01AD=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg HTTP/1.1
Host: ai.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 0
Expires: Sun, 20 Mar 2011 12:49:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 12:49:24 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; expires=Sun, 17-Apr-2011 12:49:24 GMT; path=/; domain=realmedia.com
Set-Cookie: S247S=1; expires=Sun, 24-Apr-2011 12:49:24 GMT; path=/; domain=realmedia.com
Set-Cookie: SData=,D41D8CD98F00B204E9800998ECF8427E; expires=Sun, 03-Apr-2011 12:49:24 GMT; path=/; domain=realmedia.com
Set-Cookie: SDataR=1; expires=Sun, 20-Mar-2011 18:49:24 GMT; path=/; domain=realmedia.com
P3P: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"

1.73. http://ak1.abmr.net/is/showadsak.pubmatic.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ak1.abmr.net
Path:   /is/showadsak.pubmatic.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/showadsak.pubmatic.com?U=/AdServer/AdServerServlet&V=3-%2f1Zka7QxEpNtg8FM1ink6fpvvWTNaKCDTxpARFTrpyGjo4p31smQzKrDzF3eWbi7IfnYLF5Y6Jg%3d&I=2500D83B99F60DD&D=showadsak.pubmatic.com&01AD=1&operId=2&pubId=26436&siteId=26437&adId=21762&kadwidth=300&kadheight=250&prevkadIds=21304_21306&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame32643626437&kltstamp=2011-2-20%207%3A34%3A45&ranreq=0.8810346268583089&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-72CFFF7FD6E7DA1640D64F43F7EB495FE8C8EC3460A1AA16D550EE006C54A631-D610D81F7E84DDEA6B4CD09150CD71B870335B7C7D8EE4A619321D125A5C5411

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://showadsak.pubmatic.com/AdServer/AdServerServlet?01AD=3rNQ-ViVaJXvJ7GPq101706S5RAmkXS-_pKLKMplX4uvEbh7SfNgAZA&01RI=2500D83B99F60DD&01NA=&operId=2&pubId=26436&siteId=26437&adId=21762&kadwidth=300&kadheight=250&prevkadIds=21304_21306&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame32643626437&kltstamp=2011-2-20%207%3A34%3A45&ranreq=0.8810346268583089&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1
Expires: Sun, 20 Mar 2011 12:41:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 12:41:54 GMT
Connection: close
Set-Cookie: 01AI=2-2-D94F1F7DFC8C3029CDC528018C10474044CF8B6A550F1A5F4038343681D3C517-01772CFE6B785A96A504011A5E002C93EAED08DD937B558D68657667BAC13481; expires=Mon, 19-Mar-2012 12:41:54 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

1.74. http://ak1.abmr.net/is/www.burstnet.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ak1.abmr.net
Path:   /is/www.burstnet.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is/www.burstnet.com?U=/enlightn/7641/A790/&V=3-uesDw+X0n2tAMzMT95VmkEj1X4xrXNeATfyN7pD05NhuX6RfKy4ODw%3d%3d&I=1EF804A7CAC2658&D=burstnet.com&01AD=1& HTTP/1.1
Host: ak1.abmr.net
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-55A56D6F87395C50C989EE688579604B204BEA78972D56787F117619679E9963-4482DDB253E02D0F09F5097A901CC6299A3BDBFA1377F59D55D5A836E868CEB9

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.burstnet.com/enlightn/7641/A790/?01AD=3dyNnKDSbASD36RHEA-Zb8TJq4q9Wq38zI5IUe9xq1GwgqlwNsaAhiw&01RI=1EF804A7CAC2658&01NA=
Expires: Sun, 20 Mar 2011 13:20:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 13:20:43 GMT
Connection: close
Set-Cookie: 01AI=2-2-7115A160F21A1D411BB4436470349F77C2F70F5AE1E712546B3BD614E9EE0F5F-10BCB0D7814AE21D0ECA359259B723BC8E48D025EC257EC193E5F2C4CCCC0E01; expires=Mon, 19-Mar-2012 13:20:43 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

1.75. http://altfarm.mediaplex.com/ad/js/10433-118675-1629-11  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://altfarm.mediaplex.com
Path:   /ad/js/10433-118675-1629-11

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/js/10433-118675-1629-11?mpt=1540631604&mpvc=http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=69689444/optn=64?trg= HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=879590159695; mojo3=1551:23636/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Set-Cookie: mojo3=10433:1629/1551:23636/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534; expires=Wed, 20-Mar-2013 4:28:56 GMT; path=/; domain=.mediaplex.com;
Content-Type: text/html
Content-Length: 405
Date: Sun, 20 Mar 2011 13:08:13 GMT

document.write('<a target="_blank" href="http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=696894
...[SNIP]...
1.76. http://altfarm.mediaplex.com/ad/js/1551-47634-23636-2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://altfarm.mediaplex.com
Path:   /ad/js/1551-47634-23636-2

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/js/1551-47634-23636-2?mpt=2008632&mpvc=http://ad.doubleclick.net/click%3Bh%3Dv8/3ad0/17/1ca/%2a/a%3B237863703%3B0-0%3B1%3B40342997%3B3454-728/90%3B41068898/41086685/1%3Bu%3Drmxli_2904795|surl_http%3A//rotator.adjuggler.com/servlet/ajrotator/1007517/0/vh%3Fz%3Dpdn%26dim%3D753181%26pos%3D7%26kw%3D%26click%3D|pr_0.3500|pid_298720%3B%7Esscs%3D%3fhttp://ad.yieldmanager.com/clk?2,13%3B2e75bab3029d4c42%3B12ed3431171,0%3B%3B%3B2825860846,NBAAABt0GACHloQAAAAAAAPDIQAAAAAAAgAAAAYAAAAAAP8AAAABCHmeHQAAAAAAhIAMAAAAAADbUiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAcBFD0y4BAAAAAAAAADdlNzFjN2Q0LTUyZWUtMTFlMC1hZTRjLTAwMzA0OGQ2ZDNhYwA4nyoAAAA=,,http%3A%2F%2Frotator.adjuggler.com%2Fservlet%2Fajrotator%2F1007517%2F0%2Fvh%3Fz%3Dpdn%26dim%3D753181%26pos%3D7%26kw%3D%26click%3D, HTTP/1.1
Host: altfarm.mediaplex.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NBAAABt0GACHloQAAAAAAAPDIQAAAAAAAgAAAAYAAAAAAP8AAAABCHmeHQAAAAAAhIAMAAAAAADbUiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAR7bz.dR4wT.2KFyPwvXYP-N6FK5H4co.MzMzMzMz4z9nZmZmZmbWPwAAAAAAAPA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfI8Gb.tjOCUrprrxPD33NNXpvaMrAs.Da0NhMAAAAAA==,,http%3A%2F%2Frotator.adjuggler.com%2Fservlet%2Fajrotator%2F1007517%2F0%2Fvh%3Fz%3Dpdn%26dim%3D753181%26pos%3D7%26kw%3D%26click%3D,Z%3D728x90%26s%3D1602587%26_salt%3D225907243%26B%3D10%26u%3Dhttp%253A%252F%252Frotator.adjuggler.com%252Fservlet%252Fajrotator%252F1007517%252F0%252Fvh%253Fz%253Dpdn%2526dim%253D753181%2526pos%253D7%2526kw%253D%2526click%253D%26r%3D0,7e71c7d4-52ee-11e0-ae4c-003048d6d3ac
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: svid=879590159695; mojo3=1551:9866/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Set-Cookie: mojo3=1551:23636/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534; expires=Wed, 20-Mar-2013 5:23:59 GMT; path=/; domain=.mediaplex.com;
Content-Type: text/html
Content-Length: 864
Date: Sun, 20 Mar 2011 13:02:27 GMT

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3ad0/17/1ca/*/a;237863703;0-0;1;40342997;3454-728/90;41068898/41086685/1;u=rmxli_2904795|surl_http://rotator.adjuggler.com
...[SNIP]...
1.77. http://altfarm.mediaplex.com/ad/nc/1551-47634-23636-1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://altfarm.mediaplex.com
Path:   /ad/nc/1551-47634-23636-1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/nc/1551-47634-23636-1 HTTP/1.1
Host: altfarm.mediaplex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mojo3=1551:23636/10433:1629/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534; svid=879590159695;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Set-Cookie: mojo2=1551:23636; expires=Wed, 20-Mar-2013 4:44:04 GMT; path=/; domain=.mediaplex.com;
Content-Type: text/html
Content-Length: 319
Date: Sun, 20 Mar 2011 14:02:56 GMT

<html><head><title></title>
<script language="JavaScript1.1">
<!--
window.location.replace("http://www.convergedirect.com");
//-->
</script>
<noscript>
<meta http-equiv="refresh" content="0;URL=http:/
...[SNIP]...
1.78. http://altfarm.mediaplex.com/ad/nc/1551-47634-23636-2  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://altfarm.mediaplex.com
Path:   /ad/nc/1551-47634-23636-2

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/nc/1551-47634-23636-2 HTTP/1.1
Host: altfarm.mediaplex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mojo3=1551:23636/10433:1629/3484:15222/15154:34833/12309:28674/14559:6676/12124:245/12896:1389/14302:28901/15017:13113/12525:37966/14960:18534; svid=879590159695;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Set-Cookie: mojo2=1551:23636; expires=Wed, 20-Mar-2013 4:15:01 GMT; path=/; domain=.mediaplex.com;
Content-Type: text/html
Content-Length: 319
Date: Sun, 20 Mar 2011 14:02:55 GMT

<html><head><title></title>
<script language="JavaScript1.1">
<!--
window.location.replace("http://www.convergedirect.com");
//-->
</script>
<noscript>
<meta http-equiv="refresh" content="0;URL=http:/
...[SNIP]...
1.79. http://api.choicestream.com/instr/csanywhere.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://api.choicestream.com
Path:   /instr/csanywhere.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /instr/csanywhere.js HTTP/1.1
Host: api.choicestream.com
Proxy-Connection: keep-alive
Referer: http://www.shockwave.com/home.jsp
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __cs_sp=1; CSAnywhere=a1825947-71ed-4381-8242-a0d9758579bc
If-None-Match: W/"84353-1297878940000"
If-Modified-Since: Wed, 16 Feb 2011 17:55:40 GMT

Response

HTTP/1.1 304 Not Modified
Server: Apache-Coyote/1.1
X-CS-Request-Id: d44a731d-9705-47d5-ac74-b1287d55ff7e
P3P: policyref="http://www.choicestream.com/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa PSAo PSDo OUR STP"
ETag: W/"84353-1297878940000"
Date: Sun, 20 Mar 2011 12:34:15 GMT
Connection: close
Set-Cookie: __cs_sp=1; Domain=.choicestream.com; Expires=Mon, 19-Mar-2012 12:34:15 GMT; Path=/
Set-Cookie: CSAnywhere=a1825947-71ed-4381-8242-a0d9758579bc; Domain=.choicestream.com; Expires=Mon, 19-Mar-2012 12:34:15 GMT; Path=/

1.80. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=2&c2=6036034&rn=1957755582&c7=http%3A%2F%2Fwww.shockwave.com%2Fhome.jsp&c4=%2Fhome.jsp&c5=20000&c8=Games%20%7C%20FREE%20Online%20Games%20%26%20Download%20Games%20%&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.shockwave.com/home.jsp
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=6d0f24-24.143.206.42-1297806131

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Sun, 20 Mar 2011 12:34:15 GMT
Connection: close
Set-Cookie: UID=6d0f24-24.143.206.42-1297806131; expires=Tue, 19-Mar-2013 12:34:15 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

1.81. http://b.scorecardresearch.com/p  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /p

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=6d0f24-24.143.206.42-1297806131

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:05:50 GMT
Connection: close
Set-Cookie: UID=6d0f24-24.143.206.42-1297806131; expires=Tue, 19-Mar-2013 13:05:50 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;
1.82. http://bh.contextweb.com/bh/rtset  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/rtset

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bh/rtset?do=add&pid=535461&ev=8392341830659049202 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CDSActionTracking6=rxYjeHcW6ZVB|GlchrMbA1MSR|516071|749|4426|42222|73391|56858|2|254|16|boston.com|2|8|1|0|2|1|2|DOTM5.CMST1.LOW21|1|1|0NHN21JG2RctrhRJEMBk_2cpxPqNqF8XjX2-c1AKWVc^|I|2qVT9|2BObB; C2W4=32S9hCcGYz3BhCx-4Dmhssu7xP3L1BddvcBxlQ4MHTj3TZsY_EbKppw; cr=141|1|-8589018238111413015|1; FC1-WC=^54463_2_2v0tA; __utmz=57563192.1300142889.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _jsuid=9731344706080960861; __utma=57563192.1578638003.1300142889.1300142889.1300142889.1; V=GlchrMbA1MSR; cwbh1=749%3B03%2F20%2F2011%3BDOT22%0A1485%3B03%2F19%2F2011%3BCMST1%0A2996%3B03%2F22%2F2011%3BLOW21%0A2837%3B03%2F23%2F2011%3BRCQU1%3B03%2F28%2F2011%3BRCQU9%0A357%3B03%2F25%2F2011%3BEMON1%3B03%2F30%2F2011%3BEHEX1%0A2532%3B03%2F28%2F2011%3BAMQU1%0A1931%3B04%2F16%2F2011%3BFE479%3B04%2F06%2F2011%3BFE311%3B04%2F02%2F2011%3BFE655%0A996%3B04%2F05%2F2011%3BFACO1

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web80
Cache-Control: no-cache, no-store
Set-Cookie: V=GlchrMbA1MSR; Domain=.contextweb.com; Expires=Wed, 14-Mar-2012 12:34:40 GMT; Path=/
Content-Type: image/gif
Date: Sun, 20 Mar 2011 12:34:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
1.83. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/set.aspx?action=add&advid=2452&token=TMHS1 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1803375;type=t-mob207;cat=t-moc188;ord=5131071771029.383?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CDSActionTracking6=rxYjeHcW6ZVB|GlchrMbA1MSR|516071|749|4426|42222|73391|56858|2|254|16|boston.com|2|8|1|0|2|1|2|DOTM5.CMST1.LOW21|1|1|0NHN21JG2RctrhRJEMBk_2cpxPqNqF8XjX2-c1AKWVc^|I|2qVT9|2BObB; C2W4=32S9hCcGYz3BhCx-4Dmhssu7xP3L1BddvcBxlQ4MHTj3TZsY_EbKppw; cr=141|1|-8589018238111413015|1; FC1-WC=^54463_2_2v0tA; __utmz=57563192.1300142889.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _jsuid=9731344706080960861; __utma=57563192.1578638003.1300142889.1300142889.1300142889.1; cwbh1=749%3B03%2F20%2F2011%3BDOT22%0A1485%3B03%2F19%2F2011%3BCMST1%0A2996%3B03%2F22%2F2011%3BLOW21%0A2837%3B03%2F23%2F2011%3BRCQU1%3B03%2F28%2F2011%3BRCQU9%0A357%3B03%2F25%2F2011%3BEMON1%3B03%2F30%2F2011%3BEHEX1%0A2532%3B03%2F28%2F2011%3BAMQU1%0A1931%3B04%2F16%2F2011%3BFE479%3B04%2F06%2F2011%3BFE311%3B04%2F02%2F2011%3BFE655%0A996%3B04%2F05%2F2011%3BFACO1; V=GlchrMbA1MSR

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=GlchrMbA1MSR; Domain=.contextweb.com; Expires=Wed, 14-Mar-2012 13:03:23 GMT; Path=/
Set-Cookie: cwbh1=2996%3B03%2F22%2F2011%3BLOW21%0A2837%3B03%2F23%2F2011%3BRCQU1%3B03%2F28%2F2011%3BRCQU9%0A357%3B03%2F25%2F2011%3BEMON1%3B03%2F30%2F2011%3BEHEX1%0A2532%3B03%2F28%2F2011%3BAMQU1%0A1931%3B04%2F16%2F2011%3BFE479%3B04%2F06%2F2011%3BFE311%3B04%2F02%2F2011%3BFE655%0A996%3B04%2F05%2F2011%3BFACO1%0A2452%3B04%2F19%2F2011%3BTMHS1; Domain=.contextweb.com; Expires=Mon, 22-Feb-2016 13:03:23 GMT; Path=/
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:03:22 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
1.84. http://bidder.mathtag.com/iframe/notify  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bidder.mathtag.com
Path:   /iframe/notify

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /iframe/notify?exch=pub&id=5aW95q2jLzEvTkROQk9FRkNSa0V0TnpRNU55MDBOekZCTFRsQlJqWXRNamszTkVReE4wVkdNek0xL05HUTFZakl6TnpFdE16a3lPQzAzWVRnekxUSTBabUl0WkRVeU16STRaalUyTWpSaS82NjQ5MDU0NzkyOTkyMTg5Mi8xMDk2NzUvMTAyMTc0LzMvcUNrUlV0a2tSODZTZllSNWtDMUZwb3dud0hreW5rUUl0bkxKeWNpUWlUcy8/65jF72MGHLbwsG7rxNVZ3X0o4uc&price=3.050000 HTTP/1.1
Host: bidder.mathtag.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mt_mop=10004:1299934992|1:1297862934|10001:1297818481|11:1299460723|2:1299285586|3:1299090747|4:1299460679|5:1300624477|9:1297862322; ts=1300624479; uuid=4d5b2371-3928-7a83-24fb-d52328f5624b

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:44 GMT
Set-Cookie: mt_mop=10004:1299934992|1:1297862934|10001:1297818481|11:1299460723|2:1299285586|3:1299090747|4:1299460679|5:1300624477|9:1300624484; domain=.mathtag.com; path=/; expires=Wed, 19 Mar 2014 12:34:44 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Last-Modified: Sun, 20 Mar 2011 12:34:44 GMT
x-mm-dbg: won
x-mm-host: ewr-bidder-x4, ewr-bidder-x2
Server: MMBD/3.4.6
Content-Length: 1825
Content-Type: text/html
Connection: keep-alive

<div width='1' height='1' style='display:none; overflow:hidden'><img style='left:-10px;top:-10px; position:absolute' src='http://pixel.mathtag.com/creative/img?mt_adid=70&mt_aid=66490547929921892&mt_e
...[SNIP]...
1.85. http://bp.specificclick.net/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bp.specificclick.net
Path:   /

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?pixid=99010384 HTTP/1.1
Host: bp.specificclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adp=7Rvp^0^63; smdmp=7Rw_:398012000^7Rwt:398012000^7Rwt:398012000^7Rwm:398012000^7Rwl:398012000^7Rwl:398012000^7Rwk:398012000^7Rwk:398012000^7Rwi:398012000^7Rwh:398012000^7Rwg:398012000^7Rwg:398012000^7Rwg:398012000^7Rwf:398012000^7Rwf:398012000^7Rwe:398012000^7Rwe:398012000^7Rwe:398012000^7Rwe:398012000^7Rwc:398012000^7OtF:99001627^7NUs:811200901^7IR1:99002797^7IQv:99002797^7H-1:99005244^7G_z:21011971; adf=7Rvp^0^0; ug=5NAISsfQ3YGJlB

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store,no-cache,must-revalidate
Cache-Control: post-check=0,pre-check=0
Pragma: no-cache
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUR BUS STA"
Set-Cookie: adp=7Rvp^0^63; Domain=.specificclick.net; Expires=Mon, 19-Mar-2012 13:05:22 GMT; Path=/
Set-Cookie: ug=5NAISsfQ3YGJlB; Domain=.specificclick.net; Expires=Mon, 19-Mar-2012 13:05:22 GMT; Path=/
Set-Cookie: smdmp=7SEm:99010384^7Rw_:398012000^7Rwt:398012000^7Rwt:398012000^7Rwm:398012000^7Rwl:398012000^7Rwl:398012000^7Rwk:398012000^7Rwk:398012000^7Rwi:398012000^7Rwh:398012000^7Rwg:398012000^7Rwg:398012000^7Rwg:398012000^7Rwf:398012000^7Rwf:398012000^7Rwe:398012000^7Rwe:398012000^7Rwe:398012000^7Rwe:398012000^7Rwc:398012000^7OtF:99001627^7NUs:811200901^7IR1:99002797^7IQv:99002797^7H-1:99005244^7G_z:21011971; Domain=.specificclick.net; Expires=Mon, 19-Mar-2012 13:05:22 GMT; Path=/
Set-Cookie: adf=7Rvp^0^0; Domain=.specificclick.net; Expires=Mon, 19-Mar-2012 13:05:22 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: ug=5NAISsfQ3YGJlB; Domain=.specificclick.net; Expires=Mon, 19-Mar-2012 13:05:22 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: nug=; Domain=.specificclick.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Location: http://b.scorecardresearch.com/p?c1=8&c2=2101&c3=1234567891234567891&c15=&cv=2.0&cj=1
Content-Type: text/html
Content-Length: 0
Date: Sun, 20 Mar 2011 13:05:21 GMT

1.86. http://bs.serving-sys.com/BurstingPipe/adServer.bs  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bs.serving-sys.com
Path:   /BurstingPipe/adServer.bs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2304737&PluID=0&w=300&h=250&ord=3900663&ucm=true&ncu=$$http://ad.doubleclick.net/click%3Bh%3Dv8/3ad0/17/18a/%2a/h%3B237723244%3B0-0%3B1%3B40342997%3B4307-300/250%3B41027822/41045609/1%3Bu%3Drmxli_2886211|surl_http%3A//www.therugged.com/featured/friday-link-drop-9/|pr_0.0000|pid_298720%3B%7Esscs%3D%3fhttp://ad.yieldmanager.com/clk?2,13%3Bd198d17660363695%3B12ed35ff03c,0%3B%3B%3B4256993751,qkaAABt0GAB4wYMAAAAAAGOFIQAAAAAAAgAEAAIAAAAAAP8AAAABCXmeHQAAAAAAhIAMAAAAAABDCiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAPPBf0y4BAAAAAAAAAGU2NGJjZDM4LTUyZjItMTFlMC1hNjY0LTAwMzA0OGQ3MDU3NgA4nyoAAAA=,,http%3A%2F%2Fwww.therugged.com%2Ffeatured%2Ffriday-link-drop-9%2F,$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?qkaAABt0GAB4wYMAAAAAAGOFIQAAAAAAAgAEAAIAAAAAAP8AAAABCXmeHQAAAAAAhIAMAAAAAABDCiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAAAAAAAAAAAAAAEA9KCLqPwAAAAAAAAAAAACAVkYa9D8AAAAAAAAAAAAAwPKPwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhymQ8YuDOCRUFtY7Db1JM.z9f1WkTONKzERUkAAAAAA==,,http%3A%2F%2Fwww.therugged.com%2Ffeatured%2Ffriday-link-drop-9%2F,Z%3D300x250%26s%3D1602587%26_salt%3D1250101646%26B%3D10%26u%3Dhttp%253A%252F%252Fwww.therugged.com%252Ffeatured%252Ffriday-link-drop-9%252F%26r%3D0,e64bcd38-52f2-11e0-a664-003048d70576
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C4=; u2=3a6c8499-0c84-46b7-b54f-f22315d657803GI08g; eyeblaster=BWVal=3746&BWDate=40608.545637&debuglevel=&FLV=10.2154&RES=128&WMPV=0; A3=hu3eaqHz09SF00000hvPTaiJy0c6L00001gnesamti0cbS00001hZrSaqHz0czK00001hecgas6h07pd00001hK5Samaw0bfZ00001eyx1as6d035P00001hgLkaoG50bMK00001gmUgas6f07pd00002hGiPaoG503sY00000hK5JalZa0bfZ00002hhb3aoGR0aVXaoGR1gEKaaoM009MT00000hQR+ar7h09MU00001hiGOas6h07pd00001htGGaoFg0aQh00001gimpas6Y02WG00001hUSuaq1W0cIY00001hpHlaoI503sY00001hXhvaq1W09QV00001gIlWai180aCf00001hvT0ar2P09SF00001gMGgas6f07pd00002hRW+atwy07tg00001hRMoaoFg0bfg00005heSmakII0c9M00001gEJ.aoM209MT00000gimAas6Y02WG00001hCekaqt40cmB00001hUzhaoFh0ckv00001hZsaaqHA0czK00001hKQdaq1W0cIY00000gCb0amtV08Y500001hRQzas7d092M00000gnhgai180cbS00001i6VYapQF0cbS00002gnfzamti0cbS00001; B3=8hkM0000000001ty8z6A0000000003tr7.VG0000000001ts7dNE0000000001tI8Faa0000000000tC8z2E0000000001tF86hj0000000001ts8r8g0000000001tf7Sz60000000001tF8do10000000001tM8JYZ0000000001tC88kt0000000000ty8t7R0000000005ty8IWT0000000001ty88kE0000000000ty6V.E0000000001tI8yXb0000000001tD7.VO0000000001ts7+zh0000000003tI7+zf0000000003tI8K.L0000000001tE8HIC0000000000tI8z130000000001th8y030000000000ty8K.I0000000001tE8w1t0000000001ty8Fa50000000001tC8vdX0000000001ty7.Ys0000000002tB7dPJ0000000001tI8y2H0000000000tE8qaI0000000001tn7.Ws0000000001tf

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: A3=hecgas6h07pd00001hZrSaqHz0czK00001gnesamti0cbS00001hvPTaiJy0c6L00001hu3eaqHz09SF00000i5pdatwy06UE00001hK5Samaw0bfZ00001hgLkaoG50bMK00001eyx1as6d035P00001hQR+ar7h09MU00001gEKaaoM009MT00000hhb3aoGR0aVXaoGR1hK5JalZa0bfZ00002hGiPaoG503sY00000gmUgas6f07pd00002gimpas6Y02WG00001htGGaoFg0aQh00001hiGOas6h07pd00001hUSuaq1W0cIY00001hXhvaq1W09QV00001hpHlaoI503sY00001gIlWai180aCf00001gMGgas6f07pd00002hvT0ar2P09SF00001heSmakII0c9M00001hRMoaoFg0bfg00005hRW+atwy07tg00001gEJ.aoM209MT00000hZsaaqHA0czK00001hUzhaoFh0ckv00001hCekaqt40cmB00001gimAas6Y02WG00001hRQzas7d092M00000gCb0amtV08Y500001hKQdaq1W0cIY00000i6VYapQF0cbS00002gnhgai180cbS00001gnfzamti0cbS00001; expires=Sat, 18-Jun-2011 09:06:44 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=7dNE0000000001tI7.VG0000000001ts8z6A0000000003tr8hkM0000000001ty8Faa0000000000tC7Sz60000000001tF8r8g0000000001tf86hj0000000001ts8z2E0000000001tF8JYZ0000000001tC8do10000000001tM88kE0000000000ty8IWT0000000001ty8t7R0000000005ty88kt0000000000ty8yXb0000000001tD6V.E0000000001tI8OHx0000000001tM7+zh0000000003tI7.VO0000000001ts8HIC0000000000tI8K.L0000000001tE7+zf0000000003tI8K.I0000000001tE8y030000000000ty8z130000000001th8Fa50000000001tC8w1t0000000001ty7.Ys0000000002tB8vdX0000000001ty7dPJ0000000001tI8qaI0000000001tn8y2H0000000000tE7.Ws0000000001tf; expires=Sat, 18-Jun-2011 09:06:44 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 20 Mar 2011 13:06:43 GMT
Connection: close
Content-Length: 2382

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...
1.87. http://bstats.adbrite.com/click/bstats.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bstats.adbrite.com
Path:   /click/bstats.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/bstats.gif?kid=44383002&bapid=5176&uid=712155 HTTP/1.1
Host: bstats.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.livejournal.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362171x0.807+1297860041x-1198401335; b=%3A%3A12cim%2C12ir6%2C127cq%2C110as; rb="0:682865:20838240:null:0:684339:20838240:4d5b2371-3928-7a83-24fb-d52328f5624b:0:711384:20861280:20108b4d-f8d0-4008-b157-1529097b61ab:0:712156:20861280:6pgp44i37uxw:0:712181:20838240:WH9qYVd2Q3FGAWJeBgV WQlbaXsQfgZCDFxlX1ZL:0:742697:20828160:8392341830659049202:0:753292:20858400:KH-00000000549735899:0:762701:20861280:439524AE836A5E4D157CECA302E891CB:0:806205:20861280:06bdea66-433e-11e0-b98e-00259009a9e4:0"; ut=1%3ARY5BDoMgEEXvMmsWYIyh3gYBhdQijtZWHO9epEm7ff9l3hywVdAecLf7a0KzQAuLmK0hEdxym0kQZ9o5OczcxQw3wzVVJLj0j98w5UGlBosd47q%2BM4hi0AVgrXVfDDVRTf1zHxkmRP5tjEXKUXOdwU41%2F2hM3mYoE%2FcXBAadCsGiL4%2FCeX4A; vsd="0@1@4d85f45f@cdn.turn.com"; srh=1%3Aq64FAA%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Cache-Control: no-cache, no-store, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: ut=1%3ARc5BDoMgFATQu%2Fw1CzDWWG%2BDiEJrBb7WVvzevUjTdPsymZkd1gKaHe56eznsZmhAGVMPgRtPYlo7rqggwWv7YLMIukto5msgQZz9ki6hjBVm9H5Z3gm8GFQGLJXqc0I6Kql%2FbiPDiMi%2FVWMOhV5eKhJOu9slQxrrzl5sZfUf89HqhHXk9kRg0Mpp0mjzcziODw%3D%3D; Domain=.adbrite.com; Expires=Wed, 17-Mar-2021 12:52:17 GMT; Path=/
Set-Cookie: vsd="0@1@4d85f881@www.livejournal.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Type: image/gif
Content-Length: 42
Date: Sun, 20 Mar 2011 12:52:16 GMT
Connection: close

GIF89a.............!.......,........@..D.;
1.88. http://buzz.yahoo.com/submit/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://buzz.yahoo.com
Path:   /submit/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /submit/ HTTP/1.1
Host: buzz.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:03:14 GMT
Set-Cookie: B=0a940n16oc292&b=3&s=i5; expires=Tue, 20-Mar-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: of01e2=96b12cf7d74a928009c848c824c4bd7d; path=/; domain=buzz.yahoo.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34139

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">

<html lang="en-US" id="submit_content" class="univHeader pageLang-en-US ie ie7 ie70 winvista">
<head>
   <title>Submit a Story to Yahoo! Buzz - Yahoo!
...[SNIP]...
1.89. http://c.statcounter.com/t.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://c.statcounter.com
Path:   /t.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t.php?sc_project=5083896&resolution=1920&h=1200&camefrom=&u=http%3A//therugged.com/&t=Men's%20Online%20Magazine%20%7C%20TheRugged.com&java=1&security=67163d31&sc_random=0.7063414761796594&sc_snum=1&invisible=1 HTTP/1.1
Host: c.statcounter.com
Proxy-Connection: keep-alive
Referer: http://therugged.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: is_unique=sc4135125.1298730612.3-5497442.1298049904.1-760680.1299294636.1-6641706.1299634364.0-2780000.1299788574.0-1167729.1299970404.0-4126846.1299970462.0-2158673.1299970366.0-1175700.1300298893.0-3436793.1300302854.0-6619402.1300374464.0

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:59:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.10
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: is_unique=sc4135125.1298730612.3-5497442.1298049904.1-760680.1299294636.1-6641706.1299634364.0-2780000.1299788574.0-1167729.1299970404.0-4126846.1299970462.0-2158673.1299970366.0-1175700.1300298893.0-3436793.1300302854.0-6619402.1300374464.0-5083896.1300625949.0; expires=Fri, 18-Mar-2016 12:59:09 GMT; path=/; domain=.statcounter.com
Content-Length: 49
Connection: close
Content-Type: image/gif

GIF89a...................!.......,...........T..;
1.90. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s81389546408317  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://charmingshoppes.112.2o7.net
Path:   /b/ss/csilbglobal/1/H.20.3/s81389546408317

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/csilbglobal/1/H.20.3/s81389546408317 HTTP/1.1
Host: charmingshoppes.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi=[CS]v1|26C2FA34850124E5-4000010D400F7FC9[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 14:03:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_hxxbgilgdijg=[CS]v4|0-0|4D860927[CE]; Expires=Fri, 18 Mar 2016 14:03:19 GMT; Domain=.2o7.net; Path=/
Location: http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s81389546408317?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:03:19 GMT
Last-Modified: Mon, 21 Mar 2011 14:03:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www401
Content-Length: 0
Content-Type: text/plain
Connection: close

1.91. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s82792049169074  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://charmingshoppes.112.2o7.net
Path:   /b/ss/csilbglobal/1/H.20.3/s82792049169074

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/csilbglobal/1/H.20.3/s82792049169074 HTTP/1.1
Host: charmingshoppes.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi=[CS]v1|26C2FA34850124E5-4000010D400F7FC9[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 14:03:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_hxxbgilgdijg=[CS]v4|0-0|4D860927[CE]; Expires=Fri, 18 Mar 2016 14:03:19 GMT; Domain=.2o7.net; Path=/
Location: http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s82792049169074?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:03:19 GMT
Last-Modified: Mon, 21 Mar 2011 14:03:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www401
Content-Length: 0
Content-Type: text/plain
Connection: close

1.92. http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s84338280088268  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://charmingshoppes.112.2o7.net
Path:   /b/ss/csilbglobal/1/H.20.3/s84338280088268

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/csilbglobal/1/H.20.3/s84338280088268 HTTP/1.1
Host: charmingshoppes.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi=[CS]v1|26C2FA34850124E5-4000010D400F7FC9[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 14:03:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_hxxbgilgdijg=[CS]v4|0-0|4D860927[CE]; Expires=Fri, 18 Mar 2016 14:03:19 GMT; Domain=.2o7.net; Path=/
Location: http://charmingshoppes.112.2o7.net/b/ss/csilbglobal/1/H.20.3/s84338280088268?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:03:19 GMT
Last-Modified: Mon, 21 Mar 2011 14:03:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www423
Content-Length: 0
Content-Type: text/plain
Connection: close

1.93. http://clk.redcated/CNT/go/302593025/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /CNT/go/302593025/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/302593025/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.wireless.att.com/cell-phone-service/cell-phone-details/?device=HTC+Surround+(TM)+-+Gray&q_sku=sku4980535#fbid=4YSQEBoJKuy&source=ECWD000000000000O
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629802-11810998; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=205E6D1F027848EF88A30A562ACB0DF0; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/25d1; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c410e25/25d1/12093401/bab9/4d86092a; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:22 GMT
Connection: close

1.94. http://clk.redcated/M0N/go/285781800/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/285781800/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/285781800/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://now.sprint.com/firsts/evo4g?ECID=MA:AB:20110109:EVO:LVE:CRA:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11805329; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=70DBBC6AA7614FF8AE352B761380A7D5; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bd14b18/26fc/1108af28/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:20 GMT
Connection: close

1.95. http://clk.redcated/M0N/go/285781803/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/285781803/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/285781803/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://now.sprint.com/firsts/evo4g?ECID=MA:AB:20110109:EVO:ALT:EVO:728x90
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11805509; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=0D484F2BA3DE4C439D4C4BBE2BE9298A; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bd22c25/26fc/1108af2b/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:21 GMT
Connection: close

1.96. http://clk.redcated/M0N/go/285954644/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/285954644/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/285954644/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sprint.com/landings/portcredit/index.html?ECID=MA:AB:20110228:PRT:IN:NUM:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11807459; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=4B8BEF16CEEC44FE8D82C3F22508204F; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c2a3751/26fc/110b5254/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:20 GMT
Connection: close

1.97. http://clk.redcated/M0N/go/285954646/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/285954646/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/285954646/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sprint.com/landings/portcredit/index.html?ECID=MA:AB:20110228:PRT:IN:NUM:728x90
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11803829; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=73CFEB3E7EE64036B36966AEC8D87722; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c2a4217/26fc/110b5256/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:20 GMT
Connection: close

1.98. http://clk.redcated/M0N/go/285954649/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/285954649/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/285954649/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sprint.com/landings/portcredit/index.html?ECID=MA:AB:20110228:PRT:IN:NUM:728x90
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11807189; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=76EAEA6B9EA644DAACD04EAF5DD6FD77; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c2a4217/26fc/110b5259/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:20 GMT
Connection: close

1.99. http://clk.redcated/M0N/go/287619747/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/287619747/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/287619747/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sprint.com/landings/weboffers/vero.html?ECID=MA:AB:20110109:WE:FREE:FALL:VERO:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11803499; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=5A95D273134644EEB7FF9F1C471865E7; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bd8f61a/26fc/1124baa3/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:21 GMT
Connection: close

1.100. http://clk.redcated/M0N/go/289553602/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/289553602/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/289553602/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://now.sprint.com/tab?ECID=MA:AB:20110112:TAB:SMLL:CRA:728x90
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11802779; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=F27C126E7FF84234995A99464DA2C54D; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=be6f190/26fc/11423cc2/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:19 GMT
Connection: close

1.101. http://clk.redcated/M0N/go/289553603/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/289553603/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/289553603/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://now.sprint.com/tab/?ECID=MA:AB:20110112:TAB:HLD:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11803139; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=028CAAE978E548FA87A818731E745498; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=beebe13/26fc/11423cc3/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:20 GMT
Connection: close

1.102. http://clk.redcated/M0N/go/293182495/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/293182495/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/293182495/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://smallbiz.sprint.com/#/plans/custom-connections/?ECID=MA:AB:20110303:4G:SMB:UNLM:CAB:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11807939; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=1836557A535F473CBD2EEA20086A7EE2; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26e0; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c33f843/26e0/11799c1f/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:21 GMT
Connection: close

1.103. http://clk.redcated/M0N/go/293182496/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/293182496/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/293182496/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://smallbiz.sprint.com/#/plans/custom-connections/?ECID=MA:AB:20110211:DR:SMB:UNLM:728X90
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11808149; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=88C6289F169146C786BB417294A1AABA; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26e0; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c10ae94/26e0/11799c20/de41/4d86092a; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:21 GMT
Connection: close

1.104. http://clk.redcated/M0N/go/304190340/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /M0N/go/304190340/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /M0N/go/304190340/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sprint.com/landings/portcredit/index.html?ECID=MA:AB:20110228:PRT:IN:NUM:300x250
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629801-11803259; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=A5BF673FA60F42EDBFD85AFE49F38076; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=de41/26fc; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c2a3751/26fc/12219384/de41/4d860929; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:21 GMT
Connection: close

1.105. http://clk.redcated/go/142856443/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /go/142856443/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/142856443/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://_adverserve_URLembedded
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629802-11809348; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=D15B3469B9EE483399E3217DF53D24A7; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=692f/1be49; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=9d28280/1be49/df4c143/692f/4d86092a; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:22 GMT
Connection: close

1.106. http://clk.redcated/go/302593025/direct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.redcated
Path:   /go/302593025/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/302593025/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.wireless.att.com/cell-phone-service/cell-phone-details/?device=HTC+Surround+(TM)+-+Gray&q_sku=sku4980535#fbid=4YSQEBoJKuy&source=ECWD000000000000O
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001300629802-11810608; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=E9D50660D271483796E2AEF238532CD7; expires=Thursday, 06-Oct-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/25d1; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=c410e25/25d1/12093401/bab9/4d86092a; expires=Tuesday, 19-Mar-2013 00:00:00 GMT; path=/; domain=.redcated
Date: Sun, 20 Mar 2011 14:03:22 GMT
Connection: close

1.107. http://clk.fetchback.com/serve/fb/click  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clk.fetchback.com
Path:   /serve/fb/click

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/click HTTP/1.1
Host: clk.fetchback.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Date: Sun, 20 Mar 2011 14:03:23 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1300629803_1300629803013:4065133086029240; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 14:03:23 GMT; Path=/
Set-Cookie: cre=1_1300629803; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 14:03:23 GMT; Path=/
Set-Cookie: clk=1_1300629803; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 14:03:23 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 20 Mar 2011 14:03:23 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: http://default.com
Content-Length: 0
Vary: Accept-Encoding
Connection: close
Content-Type: image/gif

1.108. http://cm.nick.overture.com/js_flat_1_0/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://cm.nick.overture.com
Path:   /js_flat_1_0/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js_flat_1_0/?source=viacom_the-n_ctxt&outputCharEnc=latin1&ctxtId=shows&ctxtUrl=http%3A%2F%2Fwww.teennick.com%2Fshows%2Fthe-nightlife&type=teennick&cb=98738&config=6694305600&maxCount=10 HTTP/1.1
Host: cm.nick.overture.com
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/shows/the-nightlife
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=enudd1d6n2v58&b=3&s=5d; UserData=02u3hs9yoaLQsFTjBpcnI2dDY3NTG2MDIwNHZUt0%2bLSi4sTU1JNbEBACNDJ1dzV0tzFxcAE8JRAg0=

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:04:59 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: UserData=02u3hs9yoaLQsFTjBpcnI2dDY3NTG2MDIwNHZUt0%2bLSi4sTU1JNbEBACNDF1dLYxNTJ3MAMxlR4Aw=; Domain=.overture.com; Path=/; Max-Age=315360000; Expires=Wed, 17-Mar-2021 14:04:59 GMT
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
Connection: close
Content-Type: text/javascript; charset=ISO-8859-1
Content-Length: 5084

zCn = "";
zRef = "";
zSr = new Array("Reach 80% of active Internet users with Yahoo!.",
"",
"",
"Ads by Yahoo!",
"http://info.yahoo.com/services/us/yahoo/ads/details.html",
"",
"100% Free & Legal. St
...[SNIP]...
1.109. http://cms.ad.yieldmanager.net/v1/cms  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://cms.ad.yieldmanager.net
Path:   /v1/cms

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /v1/cms?esig=1~6451b4a684f76cdc256978b3b9011cd5f8ab2361&nwid=10000358902&sigv=1&SIG=10vccidpm;x-cookie=6y13i316yau2y&o=4&f=8v HTTP/1.1
Host: cms.ad.yieldmanager.net
Proxy-Connection: keep-alive
Referer: http://www.lanebryant.com/user/login.jsp?dest=%2Fuser%2Fmain.jsp
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=6l13v316lnh2l&b=4&s=8i&t=61

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 13:35:22 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=6l13v316lnh2l&b=4&s=8i&t=78;path=/; expires=Tue, 02-Jun-2037 20:00:00 GMT;domain=.yieldmanager.net
Set-Cookie: S=s=729j1dp6oc0kq&t=1300628122;path=/; expires=
Location: http://admonkey.dapper.net/RMXCookieMonster?xid=UxCi9UcoAkFL11OKlcXS1.7k
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 790

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 13:35:22 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PU
...[SNIP]...
1.110. http://conv.opt.fimserve.com/conv/1345/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://conv.opt.fimserve.com
Path:   /conv/1345/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /conv/1345/?rnd=3370453428.94271 HTTP/1.1
Host: conv.opt.fimserve.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJU1d4hWhIULOQ4E0Ag==; ssrtb=0; LO=00FN6WWUm00000f500H; UI="297fc71db05673a122|79973.9.-8.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; TRG=NDAuMT04NTU1JjM5LjQ9ODEyNCY=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://www.fimserve.com/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR DELa SAMa UNRa OTRa IND UNI PUR NAV INT DEM CNT PRE"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: LO=00GV6H5Vm00008f500t1; Domain=.opt.fimserve.com; Expires=Sun, 19-Jun-2011 13:05:03 GMT; Path=/
ETag: W/"43-1160088754000"
Last-Modified: Thu, 05 Oct 2006 22:52:34 GMT
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 13:05:03 GMT

GIF89a.............!.......,...........L..;
1.111. http://d.audienceiq.com/r/dm/mkt/44/mpid//mpuid/8392341830659049202  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.audienceiq.com
Path:   /r/dm/mkt/44/mpid//mpuid/8392341830659049202

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dm/mkt/44/mpid//mpuid/8392341830659049202 HTTP/1.1
Host: d.audienceiq.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=3202893903151522379

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3202893903151522379; Domain=.audienceiq.com; Expires=Fri, 16-Sep-2011 12:34:39 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:34:39 GMT

GIF89a.............!.......,...........D..;
1.112. http://d.audienceiq.com/r/dm/mkt/73/mpid//mpuid/8392341830659049202  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.audienceiq.com
Path:   /r/dm/mkt/73/mpid//mpuid/8392341830659049202

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dm/mkt/73/mpid//mpuid/8392341830659049202 HTTP/1.1
Host: d.audienceiq.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=3202893903151522379

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3202893903151522379; Domain=.audienceiq.com; Expires=Fri, 16-Sep-2011 12:34:39 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:34:39 GMT

GIF89a.............!.......,...........D..;
1.113. http://d.mediabrandsww.com/r/dm/mkt/3/mpid//mpuid/8392341830659049202  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.mediabrandsww.com
Path:   /r/dm/mkt/3/mpid//mpuid/8392341830659049202

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dm/mkt/3/mpid//mpuid/8392341830659049202 HTTP/1.1
Host: d.mediabrandsww.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=3175309005023881395

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3175309005023881395; Domain=.mediabrandsww.com; Expires=Fri, 16-Sep-2011 12:34:44 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:34:43 GMT

GIF89a.............!.......,...........D..;
1.114. http://d.p-td.com/r/dm/mkt/4/mpid//mpuid/8392341830659049202  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.p-td.com
Path:   /r/dm/mkt/4/mpid//mpuid/8392341830659049202

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/dm/mkt/4/mpid//mpuid/8392341830659049202 HTTP/1.1
Host: d.p-td.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=3216944431975765778

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=3216944431975765778; Domain=.p-td.com; Expires=Fri, 16-Sep-2011 12:34:44 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:34:44 GMT

GIF89a.............!.......,...........D..;
1.115. http://d.xp1.ru4.com/meta  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.xp1.ru4.com
Path:   /meta

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /meta?_o=179638&_t=cmcont&ssv_ptnr=pm HTTP/1.1
Host: d.xp1.ru4.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X1ID=KH-00000000549735899; M62795-52786=1

Response

HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Sun, 20 Mar 2011 12:36:52 GMT
P3p: policyref="/w3c/p3p.xml", CP="NON DSP COR PSAa OUR STP UNI"
Expires: Mon, 01-Jan-1970 12:00:00 GMT
Pragma: no-cache
Set-cookie: 1780853-B1781017=3|1781033|0|0|0|1781015|1781012|-1; domain=.ru4.com; path=/
Set-cookie: O179638=0; domain=.ru4.com; path=/; expires=Mon, 01-Jan-1970 12:00:00 GMT
Set-cookie: C1780853=0@4; domain=.ru4.com; path=/; expires=Sun, 21-Aug-2012 00:00:00 GMT
Content-type: text/html
Content-length: 979
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent">
<script>
var xp1_
...[SNIP]...
1.116. http://d7.zedo.com/img/bh.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d7.zedo.com
Path:   /img/bh.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /img/bh.gif?n=826&g=20&a=131&s=1&l=1&t=e&e=1 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDX=29; ZEDOIDA=jhmxpQoBADYAAET@BzgAAAAW~022111; __qca=P0-1757581032-1298497085187; FFChanCap=1512B1025,1#775797#834300#580897:1083,2#647866,8#647871,7#740741,22#647878,20#647876,17#740739#668672#648495,21#668688#831213:305,944#913010|0,1,1:0,2,2:0,1,1:0,19,1:0,19,1:0,33,15:0,19,1:0,19,1:0,33,15:0,20,2:0,19,1:0,20,2:0,19,1:0,24,1; PI=h749620Za805982Zc305002290%2C305002290Zs788Zt175; FFCap=1512B933,196008:1025,196206:598,169775|0,24,1:0,1,1:1,11,1; ZFFAbh=792B826,20|798_807#380Z1585_806#379Z1083_806#379Z131_795#368Z695_792#365; FFgeo=5386156

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 100
Content-Type: image/gif
Set-Cookie: ZFFAbh=792B826,20|695_792#365Z1083_806#379Z1585_806#379Z798_807#380;expires=Mon, 19 Mar 2012 13:20:57 GMT;domain=.zedo.com;path=/;
ETag: "6c17875e-7054-4942082502f40"
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
X-Varnish: 1436770249
Cache-Control: max-age=37109
Expires: Sun, 20 Mar 2011 23:39:26 GMT
Date: Sun, 20 Mar 2011 13:20:57 GMT
Connection: close

GIF89a.............!.......,...........D..;


131_795#368GIF89a.............!.......,...........D..;
1.117. http://developers.facebook.com/plugins/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://developers.facebook.com
Path:   /plugins/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: /docs/plugins
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: lsd=F8Sp2; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.22.47.191
Connection: close
Date: Sun, 20 Mar 2011 14:03:26 GMT
Content-Length: 0

1.118. http://feedburner.google.com/fb/a/mailverify  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://feedburner.google.com
Path:   /fb/a/mailverify

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fb/a/mailverify HTTP/1.1
Host: feedburner.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Mar 2011 14:03:30 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Set-Cookie: S=feedburner-control-panel=j8s_HBxmlXtcdLkLyCamMA; Domain=.google.com; Path=/; HttpOnly
Server: GSE
Expires: Sun, 20 Mar 2011 14:03:30 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>

<head>
<meta name="r
...[SNIP]...
1.119. http://gam.adnxs.com/gtj  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://gam.adnxs.com
Path:   /gtj

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gtj?member=12&inv_codes=MYB_1x1_HBL_HPTO&within_iframe=0&flash=1&referrer=http%3A//www.myyearbook.com/ HTTP/1.1
Host: gam.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.myyearbook.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; anj=Kfw)mCZ(]G)J7/OYq=YW@cELrfOUJnP=9(mY8.0._RvV#9pqJViE@QAPRLI*E.oV1BIok3thUmoXhzPV#Wa^?QrSe?CRQ@y[b*QhcYv$6ryO_SpJCZ(veJULbFzeJ#gF#:J'<>JLq]u_spJp#I-WXgoY4q#x/54%:+D6/X@DML?fNtZm[3M1*JyB+AnN`qRl<2MMQ-yl597:a?to.!E^V:04M!)+vXp2aaL05dU3A41FF.e@x%`c>ul1y=5iRh)Q@Sb%nqS9Tm`*tQ`iA.f!tJg]>.S']XhJEcOGAB?d.J0IuvQXK>SxS-+_4%!'nybbNvv/ud<K57n:LrKn9(!LcacwrHh783Zyb_GJ4vWrCfbh$Ptz*BU]rPkYaA?+nD[M#R:C3Wb@YU9iIV7%cqpn@g:aF'=e8-A(o0Bm$'yd0n1_M5bPbI0jgJu34Q]VlTG4RdJ'(=QRH!B!K4^FUU+[ZYqsBe_')NO#7-LWMO^3S`LuDPm_g-x/CK1J9cvm2-uUNd5thQR9v%e]YC'=8A[Dy(qf)fbF0SX)f`=cRd``nL52t'^BX_0u2)*FB13-BV7vLm8od'*bdbG.oYM2fmlV$>].w_>I@uS'ntA9bG:>Tw^0N->B6Jie-w-uB:>##r@TJq-/2f9wff80NMt.3gJREOOSwb45Kqx5ls-IYmw]j$GrW#>$2hPF'?W; sess=1; uuid2=4470455573253905340

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:48:23 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:48:23 GMT; domain=.adnxs.com; HttpOnly
Date: Sun, 20 Mar 2011 12:48:23 GMT
Content-Length: 0

1.120. http://goods.adnectar.com/analytics/get_avia_js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://goods.adnectar.com
Path:   /analytics/get_avia_js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /analytics/get_avia_js?api_version=3.0.0&site_key=a9aa425c93ef5dff380c&avia_version=0.8.16 HTTP/1.1
Host: goods.adnectar.com
Proxy-Connection: keep-alive
Referer: http://www.livejournal.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.2
Date: Sun, 20 Mar 2011 12:38:24 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Status: 200
ETag: "643abe138f06b030650a5c28ca19bdb4"
X-Runtime: 1
Content-Length: 6324
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: adnectar_id=PObkQ02F9UADVwRTOEyfAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=adnectar.com; path=/
P3P: policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR STP IND DEM"

var exceptionmessage = null;
try {
var avia_already_defined = false;
if (typeof(_an_tracker) !== 'undefined') {
avia_already_defined = true;
}

// First, define JS versions of methods not
...[SNIP]...
1.121. http://haku.vizu.com/a.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://haku.vizu.com
Path:   /a.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /a.gif?cid=1458;adid=adnetworks;siteid=bwwadnetworks; HTTP/1.1
Host: haku.vizu.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ptc=1461%3Dcustombtgeo-1_demographicgeo-1%3B1458%3Dadnetworks-2%3B

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Language: en-US
Content-Type: image/gif;charset=binary
Date: Sun, 20 Mar 2011 13:34:09 GMT
ETag: W/"43-1292447358000"
Last-Modified: Wed, 15 Dec 2010 21:09:18 GMT
P3P: CP="DSP NID OTP UNR STP NON", policyref="/w3c/p3p.xml"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ptc= 1461%3Dcustombtgeo-1_demographicgeo-1%3B1458%3Dadnetworks-3%3B; expires=Mon, 19 Mar 2012 9:34:9 GMT; path=/; domain=.vizu.com;
Content-Length: 43
Connection: keep-alive

GIF89a.............!.......,...........D..;
1.122. http://i.w55c.net/ping_match.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://i.w55c.net
Path:   /ping_match.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ping_match.gif?ei=PUBMATIC&rurl=http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTU3MSZ0bD0xNTc2ODAw&piggybackCookie=uid:_wfivefivec_ HTTP/1.1
Host: i.w55c.net
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: matchadmeld=1; wfivefivec=99c93c82-afc1-4f06-bdc1-8fb83dd4c018

Response

HTTP/1.1 302 Found
Set-Cookie: wfivefivec=99c93c82-afc1-4f06-bdc1-8fb83dd4c018;Path=/;Domain=.w55c.net;Expires=Tue, 19-Mar-13 12:38:49 GMT
X-Version: DataXu Pixel Tracker v3
Cache-Control: private
Location: http://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTU3MSZ0bD0xNTc2ODAw
Server: Jetty(6.1.22)
Via: 1.1 ics_server.xpc-mii.net (XLR 2.3.0.2.23a)
Connection: keep-alive
Content-Length: 0

1.123. http://ib.adnxs.com/acb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /acb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /acb?member=311&width=300&height=250&pb=300&cb=1959147&referrer= HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/AFTRSERVER/hserver//height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1//ATCI=1297806090-11017856
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; acb697950=5_[r^208WMsKwYn20/dRQ#LFv?enc=q6qqqqqqCkAAAAAAAAAIQAAAAAAAAAhAUbgehetRD0BmZmZmZmYRQBD_V-7IrodtvNv2i6g_Cj5M9IVNAAAAAPA7AwA3AQAANQEAAAIAAAAP6wEAy10AAAEAAABVU0QAVVNEACwB-gCqFAAANAYBAgUCAAUAAAAAox1UPAAAAAA.&tt_code=cm.mtv&udj=uf%28%27a%27%2C+436%2C+1300624460%29%3Buf%28%27c%27%2C+1495%2C+1300624460%29%3Buf%28%27r%27%2C+125711%2C+1300624460%29%3Bppv%28658%2C+%277892469050005520144%27%2C+1300624460%2C+1301920460%2C+1495%2C+24011%29%3B&cnd=!OxSWFAjXCxCP1gcYACDLuwEoADFmZmZmZmYRQEITCAAQABgAIAEo_v__________AUgAUABYqilgAGi1Ag..; sess=1; uuid2=4470455573253905340; anj=Kfw)mCZ#-r-!gzo>[kYTDmkbfPca(V4mrg^)OxxeV9l(T.NP!XQ*WxW7k#=c*uhL02T<DWLF=Bs>r'<=9D4LR:=a*aLoT5r[WXz@JftAzv(`(7MIv?1rqlI<bD8LnB0g<upm/A.Rc0_RVk(@f.Hl9'CtbHxdzOX59++d4dyXN*35p9kIWX/<d>E6Lc>eIbL3w6d._dKraHc3:J75$%pV6qDQJ`^j_m[D@`C6evSqwtUjIbBm0]*g2Kn)rs]HO0[6Kx-/`.@nbgCE6Oce4)oe0<QE>]zF[n-TsUI)L?hc(hUq#sfb6#6zQjO-X7`n-q-aucvegw$$B:w#SR(p1c@<`.(>lHd4/OMAMuYc`g8g3Pl3$Hs'!u>0I`8f07n.*5#u]A9O:vZQUu-+9[m?VMRG>cBE!#d/O=.s0m<bWhzr%KOlPeW*g!_Q:`=Og9AqG]m/H5@/U!T/cs>KMF2gWwVWjdk6hDVGP#uW4-+NZ>WFgCOH]ADC]c>Hf%]jte<>E>Mw$(Z?:I/!__8WeG:/>GPA_qnaXyO9cA=cmog[8Aj=.teql<U[wDB`v.GBVE%n/:QZsf5B[dX/5Wb4GyCApaIDhvw-3:6VuDb!5L0Y(wA*bGDu1J?Ww):HVPn$O9cfo3sco$X>!qk#C#LzLVQrj(dUb+OM'vj(:sKU8qH[?ho)hVl#:

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: acb697950=; path=/; expires=Fri, 01-Jan-1980 00:00:00 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)mCZ#-r-!gzo>[kYTDmkbfPca(V4mrg^)OxxeV9l(T.NP!XQ*WxW7k#=c*uhL02T<DWLF=Bs>r'<=9D4LR:=a*aLoT5r[WXz@JftAzv(`(7MIv?1rqlI<bD8LnB0g<upm/A.Rc0_RVk(@f.Hl9'CtbHxdzOX59++d4dyXN*35p9kIWX/<d>E6Lc>eIbL3w6d._dKraHc3:J75$%pV6qDQJ`^j_m[D@`C6evSqwtUjIbBm0]*g2Kn)rs]HO0[6Kx-/`.@nbgCE6Oce4)oe0<QE>]zF[n-TsUI)L?hc(hUq#sfb6#6zQjO-X7`n-q-aucvegw$$B:w#SR(p1c@<`.(>lHd4/OMAMuYc`g8g3Pl3$Hs'!u>0I`8f07n.*5#u]A9O:vZQUu-+9[m?VMRG>cBE!#d/O=.s0m<bWhzr%KOlPeW*g!_Q:`=Og9AqG]m/H5@/U!T/cs>KMF2gWwVWjdk6hDVGP#uW4-+NZ>WFgCOH]ADC]c>Hf%]jte<>E>Mw$(Z?:I/!__8WeG:/>GPA_qnaXyO9cA=cmog[8Aj=.teql<U[wDB`v.GBVE%n/:QZsf5B[dX/5Wb4GyCApaIDhvw-3:6VuDb!5L0Y(wA*bGDu1J?Ww):HVPn$O9cfo3sco$X>!qk#C#LzLVQrj(dUb+OM'vj(:sKU8qH[?ho)hVl#:; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Date: Sun, 20 Mar 2011 12:34:32 GMT
Content-Length: 553

<a href="http://ib.adnxs.com/click/q6qqqqqqCkAAAAAAAAAIQAAAAAAAAAhAUbgehetRD0BmZmZmZmYRQBD_V-7IrodtvNv2i6g_Cj5M9IVNAAAAAPA7AwA3AQAANQEAAAIAAAAP6wEAy10AAAEAAABVU0QAVVNEACwB-gCqFAAANAYBAQUCAAUAAAAAoh1DP
...[SNIP]...
1.124. http://ib.adnxs.com/getuid  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /getuid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuid?http://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=$UID HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; sess=1; uuid2=4470455573253905340; anj=Kfw)mCZ(]G)J7/OYq=YW@cELrfOUJnP=9(mY8.0._RvV#9pqJViE@QAPRLI*E.oV1BIok3thUmoXhzPV#Wa^?QrSe?CRQ@y[b*QhcYv$6ryO_SpJCZ(veJULbFzeJ#gF#:J'<>JLq]u_spJp#I-WXgoY4q#x/54%:+D6/X@DML?fNtZm[3M1*JyB+AnN`qRl<2MMQ-yl597:a?to.!E^V:04M!)+vXp2aaL05dU3A41FF.e@x%`c>ul1y=5iRh)Q@Sb%nqS9Tm`*tQ`iA.f!tJg]>.S']XhJEcOGAB?d.J0IuvQXK>SxS-+_4%!'nybbNvv/ud<K57n:LrKn9(!LcacwrHh783Zyb_GJ4vWrCfbh$Ptz*BU]rPkYaA?+nD[M#R:C3Wb@YU9iIV7%cqpn@g:aF'=e8-A(o0Bm$'yd0n1_M5bPbI0jgJu34Q]VlTG4RdJ'(=QRH!B!K4^FUU+[ZYqsBe_')NO#7-LWMO^3S`LuDPm_g-x/CK1J9cvm2-uUNd5thQR9v%e]YC'=8A[Dy(qf)fbF0SX)f`=cRd``nL52t'^BX_0u2)*FB13-BV7vLm8od'*bdbG.oYM2fmlV$>].w_>I@uS'ntA9bG:>Tw^0N->B6Jie-w-uB:>##r@TJq-/2f9wff80NMt.3gJREOOSwb45Kqx5ls-IYmw]j$GrW#>$2hPF'?W

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:39:10 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:39:10 GMT; domain=.adnxs.com; HttpOnly
Location: http://r.turn.com/r/bd?ddc=1&pid=54&cver=1&uid=4470455573253905340
Date: Sun, 20 Mar 2011 12:39:10 GMT
Content-Length: 0

1.125. http://ib.adnxs.com/getuidnb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /getuidnb

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuidnb?http://image2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZqcz0xJmNvZGU9NzkmdGw9MTQ0MCZkcF9pZD01Nw==&vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9NzgmdGw9MTU3NjgwMCZkcF9pZD01Nw==&piggybackCookie=uid:$UID HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; sess=1; uuid2=4470455573253905340; anj=Kfw)mCZ(]G)J7/OYq=YW@cELrfOUJnP=9(mY8.0._RvV#9pqJViE@QAPRLI*E.oV1BIok3thUmoXhzPV#Wa^?QrSe?CRQ@y[b*QhcYv$6ryO_SpJCZ(veJULbFzeJ#gF#:J'<>JLq]u_spJp#I-WXgoY4q#x/54%:+D6/X@DML?fNtZm[3M1*JyB+AnN`qRl<2MMQ-yl597:a?to.!E^V:04M!)+vXp2aaL05dU3A41FF.e@x%`c>ul1y=5iRh)Q@Sb%nqS9Tm`*tQ`iA.f!tJg]>.S']XhJEcOGAB?d.J0IuvQXK>SxS-+_4%!'nybbNvv/ud<K57n:LrKn9(!LcacwrHh783Zyb_GJ4vWrCfbh$Ptz*BU]rPkYaA?+nD[M#R:C3Wb@YU9iIV7%cqpn@g:aF'=e8-A(o0Bm$'yd0n1_M5bPbI0jgJu34Q]VlTG4RdJ'(=QRH!B!K4^FUU+[ZYqsBe_')NO#7-LWMO^3S`LuDPm_g-x/CK1J9cvm2-uUNd5thQR9v%e]YC'=8A[Dy(qf)fbF0SX)f`=cRd``nL52t'^BX_0u2)*FB13-BV7vLm8od'*bdbG.oYM2fmlV$>].w_>I@uS'ntA9bG:>Tw^0N->B6Jie-w-uB:>##r@TJq-/2f9wff80NMt.3gJREOOSwb45Kqx5ls-IYmw]j$GrW#>$2hPF'?W

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:38:49 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:38:49 GMT; domain=.adnxs.com; HttpOnly
Location: http://image2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZqcz0xJmNvZGU9NzkmdGw9MTQ0MCZkcF9pZD01Nw==&vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9NzgmdGw9MTU3NjgwMCZkcF9pZD01Nw==&piggybackCookie=uid:4470455573253905340
Date: Sun, 20 Mar 2011 12:38:49 GMT
Content-Length: 0

1.126. http://ib.adnxs.com/mapuid  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /mapuid

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mapuid?member=311&user=11e4f07c0988ac7&seg_code=am.bk,cm.sportsreg,cm.sports_m,cm.ent_m,qc.ac,ex.6,bz.30,bz.51,bz.25,bz.ab,bz.ae,wfm.difi_h,iblocal.sports_h&ord=1300624460 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/hserver/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIItpsBEAoYASABKAEw3ufQ6wQQ3ufQ6wQYAA..; sess=1; uuid2=4470455573253905340; anj=Kfw)m=m<8a)J7/OYqA#I@e#eDE9=Py:WS'3:BpJ.3fNiVPfcBe9rn1aB/6H+D$XQ0gx^1'AYU`UR#oFwfHf%DH8<[[cjKwVBm*M(iqWjevsQZEt2q0oL5%0EmxK8z2_PCO6pHErdvz5r0KUET%2<YsAO_Z^s7PsD.>Bm?LyU?iq#_wUDqCS^'gH:aWk1QkZr6:NkA2]h$E7O+bJO6RMsO?dwCP@fx7k2x+rZE:PcvYUUGK<b$=!46J5RBmG!KCMY3qw<0ZsO.7m1@@J]dT?uqgHUeujm#J[F3Ic)xI:0h.IrKwLp@!nRoTs9TR.KV0HC-[aN-S.NM-..^QiGWP:tHK@c>eYPr`^5Ez$b+OpujL=?PpFw%0J9dl#KGP_e=!l<xtx<iM2697EY!itEF@@(y(ew>uw@1C]7=d?aFBLGcu`?E^7SP%Pq^pjR[>f'usl[sr#mFs%A#Lz4QOW2zZJM5$Xa2uAI<vpl^wyj]osr1=p(^NeLkR>kk*LRe'P4Y8XBZmVMx(bWFBNIBvZETU#!TWNP0xe^?..iZm#rpSqZ/9B<]t%dHA:JoO9O^4*(3[<uLv.R>7qZoqCw#Ng`=CV?vZuNc^A.l71pRb`8uQE!LK7!*Sb!Z-fE_Q(-A`z#bqz'6L)GTEX1YmmjQR+Jf!Mdu<9X_F5%v[KR(M^QzXCCpr%kkr]%b$

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)mCZ(]G)J7/OYq=[+@cELrfOUKyY2oURi9l*T+5(K0Y0JfjE9XI.L>XJJ*xO?=R3:$H-n.XM?G![ThxE5NF]JOzufE@%@/[vRJw1]_c%yu*hXY4UuaYRAm@jr9@m03<6p5X*m>IS5.jR@C$kl*1AL<P$sDuzjX1)6SsC%xyUeZ[Q8RQ.+n3yrfbxILdC6](HpAzWFXAF5P7W$.Oe67wih#[uRIpXLeuEAA+(2GhXm^K=-mQ%jOL/KC:]fcCR!()FIwB`f^L2-bqkJz`1[n6+*Q]'g]qHuZ0<YT%esFqVN#Psaf+7Yh.d/tYqwH>lo_jyqVHAE_r$[wQ>!X.!CO*#A9N33DVf+qm1?ve3KT+lKi?rgqRvb6?d*0h!xRUNi-+Uv4iZb^3wML604lq4@/+g^:[1ED5rPCm']gbtc0N)D#'cr!a-s5--3WhUXWY[ny>`?J7Le-K.aOvi)Uh@^P6[hpT=Ufs[qWz$0-CB#gfu2h8+4DAnLZZYmG2A02sa?S$WA)XGvf)I]/csu6hwoQZA$F[-9Ez#yT+SYEUP3#hlaVmPjc/80U9>hKK]FoEZbx4X?MPYR3oP=g?9=^WK4hTpPiYI%eadSxa:EkEG^1uLTaCz<cZEss$QB+miES$OqstdWFt6Y[96!_Xa_N+QZC#>>ZIsBLNLi)7rCkm8K.tb*vF>L#(!9.:g5_Rl]; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Mar 2011 12:34:21 GMT

GIF89a.............!.......,........@..L..;
1.127. http://ib.adnxs.com/ptj  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /ptj

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ptj?member=311&inv_code=cm.mtv&size=728x90&referrer=&redir=http%3A%2F%2Fad.doubleclick.net%2Fadj%2Fcm.mtv%2Fgames_010111%3Bnet%3Dcm%3Bu%3D%2Ccm-57639981_1300624460%2C11e4f07c0988ac7%2Cmusic%2Cax.{PRICEBUCKET}-am.bk-cm.sportsreg-cm.sports_m-cm.ent_m-qc.ac-ex.6-bz.30-bz.51-bz.25-bz.ab-bz.ae-wfm.difi_h-iblocal.sports_h%3B%3Bcmw%3Dnurl%3Bsz%3D728x90%3Bnet%3Dcm%3Benv%3Difr%3Bord1%3D595575%3Bcontx%3Dmusic%3Ban%3D{PRICEBUCKET}%3Bdc%3Dd%3Bbtg%3Dam.bk%3Bbtg%3Dcm.sportsreg%3Bbtg%3Dcm.sports_m%3Bbtg%3Dcm.ent_m%3Bbtg%3Dqc.ac%3Bbtg%3Dex.6%3Bbtg%3Dbz.30%3Bbtg%3Dbz.51%3Bbtg%3Dbz.25%3Bbtg%3Dbz.ab%3Bbtg%3Dbz.ae%3Bbtg%3Dwfm.difi_h%3Bbtg%3Diblocal.sports_h%3Bord%3D%5Btimestamp%5D%3F HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/hserver/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIItpsBEAoYASABKAEw3ufQ6wQQ3ufQ6wQYAA..; sess=1; uuid2=4470455573253905340; anj=Kfw)m=m<8a)J7/OYqA#I@e#eDE9=Py:WS'3:BpJ.3fNiVPfcBe9rn1aB/6H+D$XQ0gx^1'AYU`UR#oFwfHf%DH8<[[cjKwVBm*M(iqWjevsQZEt2q0oL5%0EmxK8z2_PCO6pHErdvz5r0KUET%2<YsAO_Z^s7PsD.>Bm?LyU?iq#_wUDqCS^'gH:aWk1QkZr6:NkA2]h$E7O+bJO6RMsO?dwCP@fx7k2x+rZE:PcvYUUGK<b$=!46J5RBmG!KCMY3qw<0ZsO.7m1@@J]dT?uqgHUeujm#J[F3Ic)xI:0h.IrKwLp@!nRoTs9TR.KV0HC-[aN-S.NM-..^QiGWP:tHK@c>eYPr`^5Ez$b+OpujL=?PpFw%0J9dl#KGP_e=!l<xtx<iM2697EY!itEF@@(y(ew>uw@1C]7=d?aFBLGcu`?E^7SP%Pq^pjR[>f'usl[sr#mFs%A#Lz4QOW2zZJM5$Xa2uAI<vpl^wyj]osr1=p(^NeLkR>kk*LRe'P4Y8XBZmVMx(bWFBNIBvZETU#!TWNP0xe^?..iZm#rpSqZ/9B<]t%dHA:JoO9O^4*(3[<uLv.R>7qZoqCw#Ng`=CV?vZuNc^A.l71pRb`8uQE!LK7!*Sb!Z-fE_Q(-A`z#bqz'6L)GTEX1YmmjQR+Jf!Mdu<9X_F5%v[KR(M^QzXCCpr%kkr]%b$

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: icu=ChEIs34QChgBIAEoATDN6JfsBBDN6JfsBBgA; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: acb996388=5_[r^kI/7Z)IsM>7=/CbQAhOw?enc=Oy6qRUQx6D-cKRml8MXlPwAAAAAAAAhAnCkZpfDF5T88LqpFRDHoPxpRtCPwBwBvvNv2i6g_Cj5N9IVNAAAAAPA7AwA3AQAAZAAAAAIAAAA4UAIAy10AAAEAAABVU0QAVVNEANgCWgCfGAAAsggBAgUCAAUAAAAA9x98RAAAAAA.&tt_code=cm.mtv&udj=uf%28%27a%27%2C+27%2C+1300624461%29%3Buf%28%27g%27%2C+1079%2C+1300624461%29%3Buf%28%27r%27%2C+151608%2C+1300624461%29%3Bppv%2882%2C+%277998401666182566170%27%2C+1300624461%2C+1310992461%2C+17328%2C+24011%29%3Bppv%2884%2C+%277998401666182566170%27%2C+1300624461%2C+1310992461%2C+17328%2C+24011%29%3Bppv%2811%2C+%277998401666182566170%27%2C+1300624461%2C+1310992461%2C+17328%2C+24011%29%3Bppv%2882%2C+%277998401666182566170%27%2C+1300624461%2C+1310992461%2C+17328%2C+24011%29%3Bppv%2884%2C+%277998401666182566170%27%2C+1300624461%2C+1310992461%2C+17328%2C+24011%29%3Bppv%2887%2C+%277998401666182566170%27%2C+1300624461%2C+1300710861%2C+17328%2C+24011%29%3Bppv%28619%2C+%277998401666182566170%27%2C+1300624461%2C+1300710861%2C+17328%2C+24011%29%3Bppv%28620%2C+%277998401666182566170%27%2C+1300624461%2C+1300710861%2C+17328%2C+24011%29%3Bppv%28621%2C+%277998401666182566170%27%2C+1300624461%2C+1300710861%2C+17328%2C+24011%29%3B&cnd=!1hb-_giwhwEQuKAJGAAgy7sBKAAxmREkvUMx6D9CEwgAEAAYACABKP7__________wFCCghSEAAYACADKABCCghUEAAYACADKABIAVAAWJ8xYABoZA..&custom_macro=ADV_FREQ%5E0%5EREM_USER%5E0%5ECP_ID%5E17328; path=/; expires=Mon, 21-Mar-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)m=m<8a)J7/OYr/'s=IwLU:$!UVASc>b?VIGE-N>UxOFRGr+YZ/FWNPLa6Bh9N?dv<eGA^d20uuJH/WLU-8t]Rv8(d4JJF/w:>DGr6rk41RgoZ*smVn:65s/UfZ1@>PiKfNerAIUr'2H4t8[M)4d2dvvPF$9o9++d4dySu*UHq3J8D]72n7FWvwRm7ymPwWuOn>Gj*L-CQ(0*kBs`m+(J0h%d7I*'nCR<y*iNU^Xb3G$W[g1zyDyqD/G7:gIb_'<mbJO@]Lred+Khf#0rO%^zuSU=%+y>PISEGOgn'7]jKU=n6-[hp+.._vyS57[0>ZkT5rjcqt=B=*z::$Ttv_G1*ohEc.?86_5dh>z+qG'TN-MGTl3M0:xto340:@KROI9[%y+=[bX>^BPQs3I8h7>XWjFBJ!!Bp>+-vHV^]nna`E?J3pkqePGS@IeL[=)n#WHcEB[meAr+vGF*agbW>PiuHpQ)X5n2k^hWH%9.*Q-jLf(uB14rBS/[@Iv?>J+s4<i-I1MCsIUb%5gkSeU`9/n1L6F0Jc@pmLC909x!rPw[<DsJ'NB15>SyA`)hq$W]n><h32LYK`2Nm2dvyF[V).u9QB+pj:HN/!%C^(!sUyI76!_Xb_Iu5(aFf3!a[#oOr*hBAc>5r:uaS?XC5s=RwE/Zwb:7I5j>1Mz(m3JU; path=/; expires=Sat, 18-Jun-2011 12:34:21 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/javascript
Date: Sun, 20 Mar 2011 12:34:21 GMT
Content-Length: 755

document.write('<scr'+'ipt type="text/javascript"src="http://ad.doubleclick.net/adj/cm.mtv/games_010111;net=cm;u=,cm-57639981_1300624460,11e4f07c0988ac7,music,ax.60-am.bk-cm.sportsreg-cm.sports_m-cm.e
...[SNIP]...
1.128. http://ib.adnxs.com/ptj  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /ptj

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ptj?member=311&inv_code=cm.mtv&size=300x250&referrer=http%3A%2F%2Fredcated%2FPTR%2Fiview%2F240321409%2Fdirect%3Bwi.1%3Bhi.1%2F01%3Frelocate%3Dhttp%3A%2F%2Fviacom.adbureau.net%2FAFTRSERVER%2Fhserver%2Fheight%3D250%2Fwidth%3D300%2Fsite%3DSW.NOL%2Faamsz%3D300X250%2FNCP%3D1%2F&redir=http%3A%2F%2Fad.doubleclick.net%2Fadj%2Fcm.mtv%2Fgames_010111%3Bnet%3Dcm%3Bu%3D%2Ccm-81541724_1300624460%2C11e4f07c0988ac7%2Cmusic%2Cax.{PRICEBUCKET}-am.bk-cm.sportsreg-cm.sports_m-cm.ent_m-qc.ac-ex.6-bz.30-bz.51-bz.25-bz.ab-bz.ae-wfm.difi_h-iblocal.sports_h%3B%3Bcmw%3Dowl%3Bsz%3D300x250%3Bnet%3Dcm%3Benv%3Difr%3Bord1%3D928696%3Bcontx%3Dmusic%3Ban%3D{PRICEBUCKET}%3Bdc%3Dd%3Bbtg%3Dam.bk%3Bbtg%3Dcm.sportsreg%3Bbtg%3Dcm.sports_m%3Bbtg%3Dcm.ent_m%3Bbtg%3Dqc.ac%3Bbtg%3Dex.6%3Bbtg%3Dbz.30%3Bbtg%3Dbz.51%3Bbtg%3Dbz.25%3Bbtg%3Dbz.ab%3Bbtg%3Dbz.ae%3Bbtg%3Dwfm.difi_h%3Bbtg%3Diblocal.sports_h%3Bord%3D%5Btimestamp%5D%3F HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/AFTRSERVER/hserver//height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1//ATCI=1297806090-11017856
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIItpsBEAoYASABKAEw3ufQ6wQQ3ufQ6wQYAA..; sess=1; uuid2=4470455573253905340; anj=Kfw)m=m<8a)J7/OYqA#I@e#eDE9=Py:WS'3:BpJ.3fNiVPfcBe9rn1aB/6H+D$XQ0gx^1'AYU`UR#oFwfHf%DH8<[[cjKwVBm*M(iqWjevsQZEt2q0oL5%0EmxK8z2_PCO6pHErdvz5r0KUET%2<YsAO_Z^s7PsD.>Bm?LyU?iq#_wUDqCS^'gH:aWk1QkZr6:NkA2]h$E7O+bJO6RMsO?dwCP@fx7k2x+rZE:PcvYUUGK<b$=!46J5RBmG!KCMY3qw<0ZsO.7m1@@J]dT?uqgHUeujm#J[F3Ic)xI:0h.IrKwLp@!nRoTs9TR.KV0HC-[aN-S.NM-..^QiGWP:tHK@c>eYPr`^5Ez$b+OpujL=?PpFw%0J9dl#KGP_e=!l<xtx<iM2697EY!itEF@@(y(ew>uw@1C]7=d?aFBLGcu`?E^7SP%Pq^pjR[>f'usl[sr#mFs%A#Lz4QOW2zZJM5$Xa2uAI<vpl^wyj]osr1=p(^NeLkR>kk*LRe'P4Y8XBZmVMx(bWFBNIBvZETU#!TWNP0xe^?..iZm#rpSqZ/9B<]t%dHA:JoO9O^4*(3[<uLv.R>7qZoqCw#Ng`=CV?vZuNc^A.l71pRb`8uQE!LK7!*Sb!Z-fE_Q(-A`z#bqz'6L)GTEX1YmmjQR+Jf!Mdu<9X_F5%v[KR(M^QzXCCpr%kkr]%b$

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: acb697950=5_[r^208WMsKwYn20/dRQ#LFv?enc=q6qqqqqqCkAAAAAAAAAIQAAAAAAAAAhAUbgehetRD0BmZmZmZmYRQBD_V-7IrodtvNv2i6g_Cj5M9IVNAAAAAPA7AwA3AQAANQEAAAIAAAAP6wEAy10AAAEAAABVU0QAVVNEACwB-gCqFAAANAYBAgUCAAUAAAAAox1UPAAAAAA.&tt_code=cm.mtv&udj=uf%28%27a%27%2C+436%2C+1300624460%29%3Buf%28%27c%27%2C+1495%2C+1300624460%29%3Buf%28%27r%27%2C+125711%2C+1300624460%29%3Bppv%28658%2C+%277892469050005520144%27%2C+1300624460%2C+1301920460%2C+1495%2C+24011%29%3B&cnd=!OxSWFAjXCxCP1gcYACDLuwEoADFmZmZmZmYRQEITCAAQABgAIAEo_v__________AUgAUABYqilgAGi1Ag..; path=/; expires=Mon, 21-Mar-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)m=m<8a)J7/OYr/'s=IwLU:$!UVASc>b?VIGE-N>UxOFRGr+YZ/FWNPLa6Bh9N?dv<eGA^d20uuJH/WLU-8t]Rv8(d4JJF/w:>DGr6rk41RgoZ*smVn:65s/UfZ1@>PiKfNerAIUr'2H4t8[M)4d2dvvPF$9o9++d4dySu*UHq3J8D]72n7FWvwRm7ymPwWuOn>Gj*L-CQ(0*kBs`m+(J0h%d7I*'nCR<y*iNU^Xb3G$W[g1zyDyqD/G7:gIb_'<mbJO@]Lred+Khf#0rO%^zuSU=%+y>PISEGOgn'7]jKU=n6-[hp+.._vyS57[0>ZkT5rjcqt=B=*z::$Ttv_G1*ohEc.?86_5dh>z+qG'TN-MGTl3M0:xto340:@KROI9[%y+=[bX>^BPQs3I8h7>XWjFBJ!!Bp>+-vHV^]nna`E?J3pkqePGS@IeL[=)n#WHcEB[meAr+vGF*agbW>PiuHpQ)X5n2k^hWH%9.*Q-jLf(uB14rBS/[@Iv?>J+s4<i-I1MCsIUb%5gkSeU`9/n1L6F0Jc@pmLC909x!rPw[<DsJ'NB15>SyA`)hq$W]n><h32LYK`2Nm2dvyF[V).u9QB+pj:HN/!%C^(!sUyI76!_Xb_Iu5(aFf3!a[#oOr*hBAc>5r:uaS?XC5s=RwE/Zwb:7I5j>1Mz(m3JU; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/javascript
Date: Sun, 20 Mar 2011 12:34:20 GMT
Content-Length: 757

document.write('<scr'+'ipt type="text/javascript"src="http://ad.doubleclick.net/adj/cm.mtv/games_010111;net=cm;u=,cm-81541724_1300624460,11e4f07c0988ac7,music,ax.300-am.bk-cm.sportsreg-cm.sports_m-cm.
...[SNIP]...
1.129. http://ib.adnxs.com/ptj  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /ptj

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ptj?member=311&inv_code=cm.mtv&size=728x90&referrer=&redir=http%3A%2F%2Fad.doubleclick.net%2Fadj%2Fcm.mtv%2Fgames_010111%3Bnet%3Dcm%3Bu%3D%2Ccm-57639981_1300624460%2C11e4f07c0988ac7%2Cmusic%2Cax.{PRICEBUCKET}-am.bk-cm.sportsreg-cm.sports_m-cm.ent_m-qc.ac-ex.6-bz.30-bz.51-bz.25-bz.ab-bz.ae-wfm.difi_h-iblocal.sports_h%3B%3Bcmw%3Dnurl%3Bsz%3D728x90%3Bnet%3Dcm%3Benv%3Difr%3Bord1%3D595575%3Bcontx%3Dmusic%3Ban%3D{PRICEBUCKET}%3Bdc%3Dd%3Bbtg%3Dam.bk%3Bbtg%3Dcm.sportsreg%3Bbtg%3Dcm.sports_m%3Bbtg%3Dcm.ent_m%3Bbtg%3Dqc.ac%3Bbtg%3Dex.6%3Bbtg%3Dbz.30%3Bbtg%3Dbz.51%3Bbtg%3Dbz.25%3Bbtg%3Dbz.ab%3Bbtg%3Dbz.ae%3Bbtg%3Dwfm.difi_h%3Bbtg%3Diblocal.sports_h%3Bord%3D%5Btimestamp%5D%3F HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/hserver/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIItpsBEAoYASABKAEw3ufQ6wQQ3ufQ6wQYAA..; sess=1; uuid2=4470455573253905340; anj=Kfw)m=m<8a)J7/OYqA#I@e#eDE9=Py:WS'3:BpJ.3fNiVPfcBe9rn1aB/6H+D$XQ0gx^1'AYU`UR#oFwfHf%DH8<[[cjKwVBm*M(iqWjevsQZEt2q0oL5%0EmxK8z2_PCO6pHErdvz5r0KUET%2<YsAO_Z^s7PsD.>Bm?LyU?iq#_wUDqCS^'gH:aWk1QkZr6:NkA2]h$E7O+bJO6RMsO?dwCP@fx7k2x+rZE:PcvYUUGK<b$=!46J5RBmG!KCMY3qw<0ZsO.7m1@@J]dT?uqgHUeujm#J[F3Ic)xI:0h.IrKwLp@!nRoTs9TR.KV0HC-[aN-S.NM-..^QiGWP:tHK@c>eYPr`^5Ez$b+OpujL=?PpFw%0J9dl#KGP_e=!l<xtx<iM2697EY!itEF@@(y(ew>uw@1C]7=d?aFBLGcu`?E^7SP%Pq^pjR[>f'usl[sr#mFs%A#Lz4QOW2zZJM5$Xa2uAI<vpl^wyj]osr1=p(^NeLkR>kk*LRe'P4Y8XBZmVMx(bWFBNIBvZETU#!TWNP0xe^?..iZm#rpSqZ/9B<]t%dHA:JoO9O^4*(3[<uLv.R>7qZoqCw#Ng`=CV?vZuNc^A.l71pRb`8uQE!LK7!*Sb!Z-fE_Q(-A`z#bqz'6L)GTEX1YmmjQR+Jf!Mdu<9X_F5%v[KR(M^QzXCCpr%kkr]%b$

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: acb217693=5_[r^kI/7ZsKwYn20/dRQ#LFv?enc=q6qqqqqqCkAAAAAAAAAIQAAAAAAAAAhAUbgehetRD0BmZmZmZmYRQGhgmDM5kQxGvNv2i6g_Cj5M9IVNAAAAAPA7AwA3AQAANQEAAAIAAAAK6wEAy10AAAEAAABVU0QAVVNEANgCWgCfGAAAAgkBAgUCAAUAAAAAZhuLjQAAAAA.&tt_code=cm.mtv&udj=uf%28%27a%27%2C+436%2C+1300624460%29%3Buf%28%27c%27%2C+1495%2C+1300624460%29%3Buf%28%27r%27%2C+125706%2C+1300624460%29%3Bppv%28658%2C+%275047568957240270952%27%2C+1300624460%2C+1301920460%2C+1495%2C+24011%29%3B&cnd=!MxRwEwjXCxCK1gcYACDLuwEoADFmZmZmZmYRQEITCAAQABgAIAEo_v__________AUgAUABYnzFgAGi1Ag..; path=/; expires=Mon, 21-Mar-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)m=m<8a)J7/OYr/'s=IwLU:$!UVASc>b?VIGE-N>UxOFRGr+YZ/FWNPLa6Bh9N?dv<eGA^d20uuJH/WLU-8t]Rv8(d4JJF/w:>DGr6rk41RgoZ*smVn:65s/UfZ1@>PiKfNerAIUr'2H4t8[M)4d2dvvPF$9o9++d4dySu*UHq3J8D]72n7FWvwRm7ymPwWuOn>Gj*L-CQ(0*kBs`m+(J0h%d7I*'nCR<y*iNU^Xb3G$W[g1zyDyqD/G7:gIb_'<mbJO@]Lred+Khf#0rO%^zuSU=%+y>PISEGOgn'7]jKU=n6-[hp+.._vyS57[0>ZkT5rjcqt=B=*z::$Ttv_G1*ohEc.?86_5dh>z+qG'TN-MGTl3M0:xto340:@KROI9[%y+=[bX>^BPQs3I8h7>XWjFBJ!!Bp>+-vHV^]nna`E?J3pkqePGS@IeL[=)n#WHcEB[meAr+vGF*agbW>PiuHpQ)X5n2k^hWH%9.*Q-jLf(uB14rBS/[@Iv?>J+s4<i-I1MCsIUb%5gkSeU`9/n1L6F0Jc@pmLC909x!rPw[<DsJ'NB15>SyA`)hq$W]n><h32LYK`2Nm2dvyF[V).u9QB+pj:HN/!%C^(!sUyI76!_Xb_Iu5(aFf3!a[#oOr*hBAc>5r:uaS?XC5s=RwE/Zwb:7I5j>1Mz(m3JU; path=/; expires=Sat, 18-Jun-2011 12:34:20 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/javascript
Date: Sun, 20 Mar 2011 12:34:20 GMT
Content-Length: 757

document.write('<scr'+'ipt type="text/javascript"src="http://ad.doubleclick.net/adj/cm.mtv/games_010111;net=cm;u=,cm-57639981_1300624460,11e4f07c0988ac7,music,ax.300-am.bk-cm.sportsreg-cm.sports_m-cm.
...[SNIP]...
1.130. http://ib.adnxs.com/seg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?add=17998,21295&remove=14924,17995,17996,17997,17999,18000,18001,18002,18003,18004,37689,38793&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://ib.adnxs.com/acb?member=311&width=728&height=90&pb=300&cb=1958835&referrer=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; acb697950=5_[r^208WMsKwYn20/dRQ#LFv?enc=q6qqqqqqCkAAAAAAAAAIQAAAAAAAAAhAUbgehetRD0BmZmZmZmYRQBD_V-7IrodtvNv2i6g_Cj5M9IVNAAAAAPA7AwA3AQAANQEAAAIAAAAP6wEAy10AAAEAAABVU0QAVVNEACwB-gCqFAAANAYBAgUCAAUAAAAAox1UPAAAAAA.&tt_code=cm.mtv&udj=uf%28%27a%27%2C+436%2C+1300624460%29%3Buf%28%27c%27%2C+1495%2C+1300624460%29%3Buf%28%27r%27%2C+125711%2C+1300624460%29%3Bppv%28658%2C+%277892469050005520144%27%2C+1300624460%2C+1301920460%2C+1495%2C+24011%29%3B&cnd=!OxSWFAjXCxCP1gcYACDLuwEoADFmZmZmZmYRQEITCAAQABgAIAEo_v__________AUgAUABYqilgAGi1Ag..; sess=1; uuid2=4470455573253905340; anj=Kfw)mCZ#-r-!gzo>[kYTDmkbfPca(V4mrg^)OxxeV9l(T.NP!XQ*WxW7k#=c*uhL02T<DWLF=Bs>r'<=9D4LR:=a*aLoT5r[WXz@JftAzv(`(7MIv?1rqlI<bD8LnB0g<upm/A.Rc0_RVk(@f.Hl9'CtbHxdzOX59++d4dyXN*35p9kIWX/<d>E6Lc>eIbL3w6d._dKraHc3:J75$%pV6qDQJ`^j_m[D@`C6evSqwtUjIbBm0]*g2Kn)rs]HO0[6Kx-/`.@nbgCE6Oce4)oe0<QE>]zF[n-TsUI)L?hc(hUq#sfb6#6zQjO-X7`n-q-aucvegw$$B:w#SR(p1c@<`.(>lHd4/OMAMuYc`g8g3Pl3$Hs'!u>0I`8f07n.*5#u]A9O:vZQUu-+9[m?VMRG>cBE!#d/O=.s0m<bWhzr%KOlPeW*g!_Q:`=Og9AqG]m/H5@/U!T/cs>KMF2gWwVWjdk6hDVGP#uW4-+NZ>WFgCOH]ADC]c>Hf%]jte<>E>Mw$(Z?:I/!__8WeG:/>GPA_qnaXyO9cA=cmog[8Aj=.teql<U[wDB`v.GBVE%n/:QZsf5B[dX/5Wb4GyCApaIDhvw-3:6VuDb!5L0Y(wA*bGDu1J?Ww):HVPn$O9cfo3sco$X>!qk#C#LzLVQrj(dUb+OM'vj(:sKU8qH[?ho)hVl#:

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)mCZ(]G)J7/OYq=YW@cELrfOUJnP=9(mY8.0._RvV#9pqJViE@QAPRLI*E.oV1BIok3thUmoXhzPV#Wa^?QrSe?CRQ@y[b*QhcYv$6ryO_SpJCZ(veJULbFzeJ#gF#:J'<>JLq]u_spJp#I-WXgoY4q#x/54%:+D6/X@DML?fNtZm[3M1*JyB+AnN`qRl<2MMQ-yl597:a?to.!E^V:04M!)+vXp2aaL05dU3A41FF.e@x%`c>ul1y=5iRh)Q@Sb%nqS9Tm`*tQ`iA.f!tJg]>.S']XhJEcOGAB?d.J0IuvQXK>SxS-+_4%!'nybbNvv/ud<K57n:LrKn9(!LcacwrHh783Zyb_GJ4vWrCfbh$Ptz*BU]rPkYaA?+nD[M#R:C3Wb@YU9iIV7%cqpn@g:aF'=e8-A(o0Bm$'yd0n1_M5bPbI0jgJu34Q]VlTG4RdJ'(=QRH!B!K4^FUU+[ZYqsBe_')NO#7-LWMO^3S`LuDPm_g-x/CK1J9cvm2-uUNd5thQR9v%e]YC'=8A[Dy(qf)fbF0SX)f`=cRd``nL52t'^BX_0u2)*FB13-BV7vLm8od'*bdbG.oYM2fmlV$>].w_>I@uS'ntA9bG:>Tw^0N->B6Jie-w-uB:>##r@TJq-/2f9wff80NMt.3gJREOOSwb45Kqx5ls-IYmw]j$GrW#>$2hPF'?W; path=/; expires=Sat, 18-Jun-2011 12:34:32 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Mar 2011 12:34:32 GMT

GIF89a.............!.......,........@..L..;
1.131. http://ib.adnxs.com/setuid  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /setuid

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /setuid?entity=34&code=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChEIs34QChgBIAEoATDM6JfsBBDM6JfsBBgA; anj=Kfw)mCZ(]G)J7/OYq=YW@cELrfOUJnP=9(mY8.0._RvV#9pqJViE@QAPRLI*E.oV1BIok3thUmoXhzPV#Wa^?QrSe?CRQ@y[b*QhcYv$6ryO_SpJCZ(veJULbFzeJ#gF#:J'<>JLq]u_spJp#I-WXgoY4q#x/54%:+D6/X@DML?fNtZm[3M1*JyB+AnN`qRl<2MMQ-yl597:a?to.!E^V:04M!)+vXp2aaL05dU3A41FF.e@x%`c>ul1y=5iRh)Q@Sb%nqS9Tm`*tQ`iA.f!tJg]>.S']XhJEcOGAB?d.J0IuvQXK>SxS-+_4%!'nybbNvv/ud<K57n:LrKn9(!LcacwrHh783Zyb_GJ4vWrCfbh$Ptz*BU]rPkYaA?+nD[M#R:C3Wb@YU9iIV7%cqpn@g:aF'=e8-A(o0Bm$'yd0n1_M5bPbI0jgJu34Q]VlTG4RdJ'(=QRH!B!K4^FUU+[ZYqsBe_')NO#7-LWMO^3S`LuDPm_g-x/CK1J9cvm2-uUNd5thQR9v%e]YC'=8A[Dy(qf)fbF0SX)f`=cRd``nL52t'^BX_0u2)*FB13-BV7vLm8od'*bdbG.oYM2fmlV$>].w_>I@uS'ntA9bG:>Tw^0N->B6Jie-w-uB:>##r@TJq-/2f9wff80NMt.3gJREOOSwb45Kqx5ls-IYmw]j$GrW#>$2hPF'?W; sess=1; uuid2=4470455573253905340

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 21-Mar-2011 13:21:05 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 13:21:05 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4470455573253905340; path=/; expires=Sat, 18-Jun-2011 13:21:05 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)m=m<8a)J7/OOX.Z'?fM-K)Rh%%:WS'3:BpJ.^r?D*PtC%XPja@B_v-c3d6mx9mJ)w9Ah7b(%q0rL>mZf$`$v9/dK2y>@YI.9bkY6vwxW=QcR:apKQl.1m.SA.EV!C:Ruh6$%Cijrf^1CtdONx7U:Ip2w'H*l.uz]:c?#5lC9+su3uexhX?].Io>0KH5LNW1M7s6:I9eJtb<8vMZmsqiBqY4=oCP/5m`dci+@B6HhhUJKx8U/9v>GEvMcZ.Pl8*6@+7nx'tF]4/rJmY4LPQ`Bm8tW!Jp30).<DA4!4]<RObm3KLo<vl_jz+L94BK4*i'pO%r$V>!G%eT$Q:$mvjoQLc@U2'Y3^T((.37xM)UQci26E1=?=FGfo5oD_4t%aeB_[SC^nKJ@i(kKj[<lOspMGGn*@HTKX-*Wh`a7t`!E9ZE$Nt[IHTE<aPD=7J6lX=[lu/Z/c1Ir^dtIZiU*>3be?vU]j#.c_xYTBDZPn/uX_wxn`5<^S53c1vxXfJH@u*$iN7hPRRZ3ucnYk4KoXM)B>:W[GWW'BRg[6>l*g]clL/!/rk?l3vLIE.[$uT?+]R$VUcSo6bH>:Af<YDOW<TVp(OdU6<v/:<)cXz<o<G`*n$O9keXmoPIPr*#JQ+!pPQoFRCg(<3N.$5-mW5aKEU(M$bd'^uwwD!62_k!U; path=/; expires=Sat, 18-Jun-2011 13:21:05 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:21:05 GMT

GIF89a.............!.......,........@..L..;
1.132. http://idpix.media6degrees.com/orbserv/hbpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idpix.media6degrees.com
Path:   /orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=3715 HTTP/1.1
Host: idpix.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: acs=015020a0e0f0g1lgoi03xzt1v99axzt11hdgcxzt11hdgcxzt1v99a; ipinfo=2licwa20zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; clid=2lgoi03011706pgp44i37uxw1ogae00x27030d0330j; orblb=2lgpp5n042jp10u021n94u1n75826610u011fv4u1v210u010zuoi2d410u0100000; rdrlst=41r0ig1lgs3mp0000000v27030ijvlhk64g0000000f27030fxhli5kah0000000627030hs1li5kah0000000627030jryli5kah0000000627030zyrlhpju50000000d270300jcli07ej0000000827030khali5kah0000000627030ahxli5kah00000006270310f7lhpju505kuf0041x000w3alhpju50000000d27031196lh8s3k0000000o27031195lhabm80000000l27030olwli5kah0000000627031194lh8s3o0000000n270310eylhpju505kuf0041x000zgdlhpju50000000d27030cacli5kba0000000527030faali5kah00000006270300c2li5kah0000000627031193lhc9m70000000k2703008sli5kah0000000627031192lh8s3u0000000m270310tylhjr9d0000000h270303dpli5kah0000000627030ij7lhn5jf0000000e27030xqalhk59s0000000g27030ot2li5kba0000000527030xukli5kah00000006270310polhhwg80000000i270310telh1s3s0000000r27030chclhwpdy00000009270310e2lhpju50000000d27030n39li5vgf0000000427030xwhlhpju50000000d270310rdlh8s3f0000000p27030kbxli5kah0000000627030agcli5kah00000006270300czlhpju50000000d2703111xlhpju50000000d270308ublhqxoy0000000c27030w4xli5kah0000000627030p1clhpju50000000d270311zzlhpju50000000d2703107alicwav0000000227020mjelgzmsv0000000s27030j60li5kah0000000627030i75lgpp5n0000000w27030bsdli07ek0000000727030l26lhpju505kuf0041x000okelhpju50000000d27030lw3lhpju50000000d27030l24lhpju50000000d27030a41li5kah00000006270306q3licwa20000000327030o5alhpju50000000d270301rhlhuoyb0000000b27030xw7lhpju50000000d27030afoli5kah0000000627030ojwlhpju50000000d270307o9li5kah0000000627030e4vli5kah0000000627030x1plhpju50000000d2703; sglst=2100s0solhpju50negc00d27030d0330d61hlhjr9d0000000h27030d0330h9gglhjr9d0000000h27030d0330h4tuli5kah07e0000627030d033067onlhjr9d0000000h27030d0330hag2lhjr9d0t71400h27030d0330h9zalhjr9d0000000h27030d0330hbnwlhjr9d0000000h27030d0330h8c9lhjr9d0000000h27030d0330h9q6lhjr9d0000000h27030d0330h433lhjr9d0000000h27030d0330h9gtlhjr9d0000000h27030d0330hacjlhjr9d0000000h27030d0330h0kllhjr9d0000000h27030d0330h4xclhjr9d0000000h27030d0330h68nlhjr9d0000000h27030d0330hab4lgzmsv0k4gi00s27030d0330j9zmlhjr9d0000000h27030d0330hax3licwav001zm00227020d02302b05lhjr9d0000000h27030d0330h78jlgpp5n1n94u00w27030d0330j9cblhjr9d0000000h27030d0330hc24lhjr9d0000000h27030d0330h9l8lhjr9d0000000h27030d0330h0telgyxuj1e0fy00u27030d0330j81dlhjr9d0000000h27030d0330h4wnlgzmsv0k4gi00s27030d0330j9hllhjr9d0000000h27030d0330h5q8lhjr9d0000000h27030d0330h8nblhjr9d0000000h27030d0330h70ylhjr9d0000000h27030d0330h2gglhjr9d0000000h27030d0330h4wblhjr9d0000000h27030d0330hac9lhjr9d0000000h27030d0330h8aclhjr9d0000000h27030d0330ha76lhjr9d0000000h27030d0330h; vstcnt=3lgoi03020r014exd412011bpeu1l084fclw12080ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m1201135by3roz126i135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa4exr5122h1hdkk1hdkj1hdki1hdkh1hdkg1hdkf1hdke1hdkd1hdkb1hdka1hdk91hdk81hdk71hdk61hdk51hdk41hdk31hdk21hdk11hdk01hdjz1hdjy1hdjx1hdjw1hdju1hdjr1hdjq1hdjp1hdjo1hdjn1hdjj1hdji1hdjh1hdjf1hdje1hdjd1hdjc1hdjb1hdja1hdj91hdj81hdj71hdj61hdj51hdj41hdj31hdj21hdj01hdiz1hdiy1hdix1hdiw1hdiv1hdiu1hdit1hdis1hdir1hdiq1hdip1hdio1hdin1hdih1hdig1hdif1hdid1hdic1hdib1hdia1hdi91hdi81hdi71hdi61hdi51hdi11hdhz1hdhy1hdhx1hdhw1hdhv1hdht1hdhs1hdhr1hdhq1hdhp1hdho1hdhm1hdhl1hdhi1hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: acs=015020a0e0f0g1lgoi03xzt11ogs3xzt11hdgcxzt11hdgcxzt11ogs3; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Set-Cookie: adh=""; Domain=media6degrees.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: clid=2lgoi03011706pgp44i37uxw1ogs300y27040d0430k; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Set-Cookie: orblb=2lgpp5n042jp10u021n94u1n75826610u011fv4u1v210u010zuoi2d410u0100000; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Set-Cookie: rdrlst=41s0ig1lgs3mp0000000w27040ijvlhk64g0000000g27040fxhli5kah0000000727040hs1li5kah0000000727040jryli5kah0000000727040zyrlhpju50000000e270400jcli07ej0000000927040khali5kah0000000727040ahxli5kah00000007270410f7lhpju505kuf0041x000z1clicys60000000127010w3alhpju50000000e27041196lh8s3k0000000p27041195lhabm80000000m27041194lh8s3o0000000o27040olwli5kah00000007270410eylhpju505kuf0041x000zgdlhpju50000000e27040cacli5kba00000006270400c2li5kah0000000727040faali5kah0000000727041193lhc9m70000000l27041192lh8s3u0000000n2704008sli5kah00000007270410tylhjr9d0000000i270403dpli5kah0000000727040ij7lhn5jf0000000f27040xqalhk59s0000000h27040ot2li5kba0000000627040xukli5kah00000007270410polhhwg80000000j270410telh1s3s0000000s27040chclhwpdy0000000a270410e2lhpju50000000e27040n39li5vgf0000000527040xwhlhpju50000000e270410rdlh8s3f0000000q27040kbxli5kah0000000727040agcli5kah00000007270400czlhpju50000000e2704111xlhpju50000000e270408ublhqxoy0000000d27040w4xli5kah0000000727040p1clhpju50000000e270411zzlhpju50000000e2704107alicwav0000000327030mjelgzmsv0000000t27040j60li5kah0000000727040i75lgpp5n0000000x27040bsdli07ek0000000827040okelhpju50000000e27040l26lhpju505kuf0041x000lw3lhpju50000000e27040l24lhpju50000000e27040a41li5kah00000007270406q3licwa20000000427040o5alhpju50000000e270401rhlhuoyb0000000c27040afoli5kah0000000727040xw7lhpju50000000e27040ojwlhpju50000000e270407o9li5kah0000000727040e4vli5kah0000000727040x1plhpju50000000e2704; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Set-Cookie: sglst=2200s6l3licys60000000127010d013014pclicys60000000127010d01301armlicys60000000127010d01301avulicys60000000127010d013010ixlicys60000000127010d013018e2licys60000000127010d013018h9licys60000000127010d013013kjlicys60000000127010d01301ab4lgzmsv1dbzb00t27040d0430kaojlicys60000000127010d01301bvelicys60000000127010d0130178jlgpp5n1n9mj00x27040d0430kb05lhjr9d0t7it00i27040d0430i8gulicys60000000127010d01301bnhlicys60000000127010d01301c24lhjr9d0t7it00h27000d00300bbglicys60000000127010d013018nblhjr9d0t7it00h27000d00300asqlicys60000000127010d013012gglhjr9d0t7it00i27040d0430ibqqlicys60000000127010d01301bqvlicys60000000127010d013018aclhjr9d0t7it00h27000d003008aalicys60000000127010d013010solhpju50ney100e27040d0430e61hlhjr9d0t7it00i27040d0430i9gglhjr9d0t7it00h27000d003004tuli5kah07ehp00727040d0430717ulicys60000000127010d013017onlhjr9d0t7it00h27000d00300ag2lhjr9d0t7it00i27040d0430i9zalhjr9d0t7it00h27000d00300acllicys60000000127010d01301bhalicys60000000127010d01301bnwlhjr9d0t7it00h27000d00300bnzlicys60000000127010d013018c9lhjr9d0t7it00h27000d003009q6lhjr9d0t7it00i27040d0430i8c8licys60000000127010d01301433lhjr9d0t7it00i27040d0430ibnvlicys60000000127010d013010kllhjr9d0t7it00h27000d003009gtlhjr9d0t7it00h27000d00300acjlhjr9d0t7it00h27000d003009gslicys60000000127010d013014xclhjr9d0t7it00i27040d0430i68nlhjr9d0t7it00h27000d00300bo8licys60000000127010d013019zmlhjr9d0t7it00h27000d00300ax3licwav002hb00327030d0330368olicys60000000127010d013019c9licys60000000127010d01301719licys60000000127010d013019cblhjr9d0t7it00h27000d003009l8lhjr9d0t7it00i27040d0430i0telgyxuj1e0xn00v27040d0430kbovlicys60000000127010d0130181dlhjr9d0t7it00i27040d0430i4wnlgzmsv1dbzb00s27000d003009hllhjr9d0t7it00h27000d003005q9licys60000000127010d013014wmlicys60000000127010d013015q8lhjr9d0t7it00h27000d0030070ylhjr9d0t7it00h27000d003004walicys60000000127010d013014wblhjr9d0t7it00h27000d00300ac9lhjr9d0t7it00i27040d0430ic7zlicys60000000127010d01301ac2licys60000000127010d01301a76lhjr9d0t7it00i27040d0430i45glicys60000000127010d013019gflicys60000000127010d01301; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Set-Cookie: vstcnt=3lgoi03020r014exd412011bpeu1l084fclw12080ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m1201135by3roz126i135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa4exr5122h1hdkk1hdkj1hdki1hdkh1hdkg1hdkf1hdke1hdkd1hdkb1hdka1hdk91hdk81hdk71hdk61hdk51hdk41hdk31hdk21hdk11hdk01hdjz1hdjy1hdjx1hdjw1hdju1hdjr1hdjq1hdjp1hdjo1hdjn1hdjj1hdji1hdjh1hdjf1hdje1hdjd1hdjc1hdjb1hdja1hdj91hdj81hdj71hdj61hdj51hdj41hdj31hdj21hdj01hdiz1hdiy1hdix1hdiw1hdiv1hdiu1hdit1hdis1hdir1hdiq1hdip1hdio1hdin1hdih1hdig1hdif1hdid1hdic1hdib1hdia1hdi91hdi81hdi71hdi61hdi51hdi11hdhz1hdhy1hdhx1hdhw1hdhv1hdht1hdhs1hdhr1hdhq1hdhp1hdho1hdhm1hdhl1hdhi1hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 13:28:54 GMT; Path=/
Location: http://image2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTE4MTEmdGw9MTU3NjgwMA==
Content-Length: 0
Date: Sun, 20 Mar 2011 13:28:53 GMT

1.133. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM5MCZ0bD0xMjk2MDA%3D&piggybackCookie=002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855. HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; _curtime=1300624477; pubfreq_26437_21304_990920136=243-1; PMDTSHR=; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:37:02 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; domain=pubmatic.com; expires=Tue, 19-Mar-2013 12:37:02 GMT; path=/
Set-Cookie: PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.390_1308400622; domain=pubmatic.com; expires=Tue, 04-Mar-2014 00:16:01 GMT; path=/
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D.;
1.134. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:439524AE836A5E4D157CECA302E891CB HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://ads.pubmatic.com/AdServer/js/syncuppixels.html
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubtime_26437=TMC; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881; _curtime=1300627726; pubfreq_26437_21304_1705446939=243-1; PMDTSHR=cat:

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:41:00 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_148=1699-uid:439524AE836A5E4D157CECA302E891CB; domain=pubmatic.com; expires=Tue, 19-Mar-2013 13:41:00 GMT; path=/
Set-Cookie: PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881.806_1331732460; domain=pubmatic.com; expires=Tue, 04-Mar-2014 00:16:01 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Connection: close
Content-Type: text/html
Content-Length: 1

1.135. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xNTc2ODAw&piggybackCookie=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; pubfreq_26437_21304_990920136=243-1; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881; pubfreq_26437_21306_1985489030=243-1; _curtime=1300624482; pubfreq_26437_21762_1520519208=243-1; PMDTSHR=cat:

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:20:39 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL; domain=pubmatic.com; expires=Wed, 19-Mar-2014 13:20:39 GMT; path=/
Set-Cookie: PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881; domain=pubmatic.com; expires=Tue, 04-Mar-2014 00:16:01 GMT; path=/
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D.;
1.136. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ0NSZ0bD0xMjk2MDA=&piggybackCookie=KH-00000000549735899 HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://d.xp1.ru4.com/meta?_o=179638&_t=cmcont&ssv_ptnr=pm
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; _curtime=1300624477; pubfreq_26437_21304_990920136=243-1; PMDTSHR=; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:41 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_58=1344-KH-00000000549735899; domain=pubmatic.com; expires=Tue, 19-Mar-2013 12:34:41 GMT; path=/
Set-Cookie: PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481; domain=pubmatic.com; expires=Tue, 04-Mar-2014 00:16:01 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Connection: close
Content-Type: image/gif
Content-Length: 42

GIF89a.............!.......,...........D.;
1.137. http://image2.pubmatic.com/AdServer/Pug  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://image2.pubmatic.com
Path:   /AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=pcv:1|uid:8392341830659049202 HTTP/1.1
Host: image2.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; _curtime=1300624477; pubfreq_26437_21304_990920136=243-1; PMDTSHR=; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.390_1308400476

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:36:58 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; domain=pubmatic.com; expires=Tue, 19-Mar-2013 12:36:58 GMT; path=/
Set-Cookie: PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.390_1308400476.82_1395232618; domain=pubmatic.com; expires=Wed, 19-Mar-2014 12:36:58 GMT; path=/
Content-Length: 1
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html

1.138. http://imp.fetchback.com/serve/fb/adtag.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://imp.fetchback.com
Path:   /serve/fb/adtag.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /serve/fb/adtag.js?tid=6436&type=lead&clicktrack=http%3A%2F%2Fad%2Eyieldmanager%2Ecom%2Fclk%3F2%2C13%253Bde8e87e7c08dcb01%253B12ed3430f73%2C0%253B%253B%253B3505910700%2CcLl%2DABt0GABXJh8AAAAAAArUCQAAAAAAAAAAAAYAAAAAAA0AAQABCHmeHQAAAAAAtXkMAAAAAAAACA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAcw9D0y4BAAAAAAAAADdlMjQ0MmYyLTUyZWUtMTFlMC1iMzMwLTAwMzA0OGQ1NmFhNAA4nyoAAAA%3D%2C%2Chttp%253A%252F%252Ftherugged%2Ecom%252F%2C HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?cLl-ABt0GABXJh8AAAAAAArUCQAAAAAAAAAAAAYAAAAAAA0AAQABCHmeHQAAAAAAtXkMAAAAAAAACA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAEjY8vVKW5z8NAiuHFtnwP7-fGi.dJPI.7FG4HoXr-T8.CtejcD3-P5qZmZmZmQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvvAOl.djOCUuT1BsThjs22HOeFbFpkZ8FEdeFAAAAAA==,,http%3A%2F%2Ftherugged.com%2F,Z%3D728x90%26s%3D1602587%26_salt%3D4236502337%26B%3D10%26u%3Dhttp%253A%252F%252Ftherugged.com%252F%26r%3D0,7e2442f2-52ee-11e0-b330-003048d56aa4
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=92051597.1299094491.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=92051597.1024711904.1299094491.1299094491.1299169676.2; uat=1_1299171815; cmp=1_1300411186_10164:0_10638:0_10640:0_10641:0_1437:0_8900:39_9081:108616_9085:108616_8956:108616_9083:108639_9084:108639_8956:108639_20:1241462; sit=1_1300411186_2701:39:39_719:121:0_2707:108839:108616_3225:390277:390277_828:912792:912792_11:1316717:1241462_3314:1320455:1239371_3289:1321705:1316218_2002:2548865:2547644; bpd=1_1300411186_h9i9:5WgZ; apd=1_1300411186; afl=1_1300411186; cre=1_1300549516_20053:11792:7:0_20056:11790:2:1003244_14598:11789:1:1180912; uid=1_1300549516_1297862321306:0415785655118336; kwd=1_1300549516_11317:138330_11717:138330_11718:138330_11719:138330_11722:246965_10827:246965_10842:246969_10839:246969_10824:247169; scg=1_1300549516; ppd=1_1300549516

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:01:26 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1300626086_1297862321306:0415785655118336; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:26 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 20 Mar 2011 13:01:26 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 621

document.write("<"+"iframe src='http://imp.fetchback.com/serve/fb/imp?tid=6436&type=lead&clicktrack=http%3A%2F%2Fad%2Eyieldmanager%2Ecom%2Fclk%3F2%2C13%253Bde8e87e7c08dcb01%253B12ed3430f73%2C0%253B%25
...[SNIP]...
1.139. http://imp.fetchback.com/serve/fb/hover  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://imp.fetchback.com
Path:   /serve/fb/hover

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/hover?tid=6436&crid=20056 HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://imp.fetchback.com/serve/fb/imp?tid=6436&type=lead&clicktrack=http%3A%2F%2Fad%2Eyieldmanager%2Ecom%2Fclk%3F2%2C13%253Bde8e87e7c08dcb01%253B12ed3430f73%2C0%253B%253B%253B3505910700%2CcLl%2DABt0GABXJh8AAAAAAArUCQAAAAAAAAAAAAYAAAAAAA0AAQABCHmeHQAAAAAAtXkMAAAAAAAACA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAcw9D0y4BAAAAAAAAADdlMjQ0MmYyLTUyZWUtMTFlMC1iMzMwLTAwMzA0OGQ1NmFhNAA4nyoAAAA%3D%2C%2Chttp%253A%252F%252Ftherugged%2Ecom%252F%2C
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=92051597.1299094491.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=92051597.1024711904.1299094491.1299094491.1299169676.2; uat=1_1299171815; cmp=1_1300411186_10164:0_10638:0_10640:0_10641:0_1437:0_8900:39_9081:108616_9085:108616_8956:108616_9083:108639_9084:108639_8956:108639_20:1241462; sit=1_1300411186_2701:39:39_719:121:0_2707:108839:108616_3225:390277:390277_828:912792:912792_11:1316717:1241462_3314:1320455:1239371_3289:1321705:1316218_2002:2548865:2547644; bpd=1_1300411186_h9i9:5WgZ; apd=1_1300411186; afl=1_1300411186; cre=1_1300624516_20053:6438:8:0_20056:6436:3:5_14598:11789:1:1255912; uid=1_1300624516_1297862321306:0415785655118336; kwd=1_1300624516_11317:213330_11717:213330_11718:213330_11719:213330_11722:321965_10827:321965_10842:321969_10839:321969_10824:322169; scg=1_1300624516; ppd=1_1300624516

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:05:50 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: uid=1_1300626350_1297862321306:0415785655118336; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:05:50 GMT; Path=/
Set-Cookie: eng=1_1300626350_20056:0; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:05:50 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 20 Mar 2011 13:05:50 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;
1.140. http://imp.fetchback.com/serve/fb/imp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://imp.fetchback.com
Path:   /serve/fb/imp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /serve/fb/imp?tid=6436&type=lead&clicktrack=http%3A%2F%2Fad%2Eyieldmanager%2Ecom%2Fclk%3F2%2C13%253Bde8e87e7c08dcb01%253B12ed3430f73%2C0%253B%253B%253B3505910700%2CcLl%2DABt0GABXJh8AAAAAAArUCQAAAAAAAAAAAAYAAAAAAA0AAQABCHmeHQAAAAAAtXkMAAAAAAAACA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAcw9D0y4BAAAAAAAAADdlMjQ0MmYyLTUyZWUtMTFlMC1iMzMwLTAwMzA0OGQ1NmFhNAA4nyoAAAA%3D%2C%2Chttp%253A%252F%252Ftherugged%2Ecom%252F%2C HTTP/1.1
Host: imp.fetchback.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?cLl-ABt0GABXJh8AAAAAAArUCQAAAAAAAAAAAAYAAAAAAA0AAQABCHmeHQAAAAAAtXkMAAAAAAAACA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH0QoAAAAAAAIAAwAAAAAAEjY8vVKW5z8NAiuHFtnwP7-fGi.dJPI.7FG4HoXr-T8.CtejcD3-P5qZmZmZmQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvvAOl.djOCUuT1BsThjs22HOeFbFpkZ8FEdeFAAAAAA==,,http%3A%2F%2Ftherugged.com%2F,Z%3D728x90%26s%3D1602587%26_salt%3D4236502337%26B%3D10%26u%3Dhttp%253A%252F%252Ftherugged.com%252F%26r%3D0,7e2442f2-52ee-11e0-b330-003048d56aa4
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=92051597.1299094491.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=92051597.1024711904.1299094491.1299094491.1299169676.2; uat=1_1299171815; cmp=1_1300411186_10164:0_10638:0_10640:0_10641:0_1437:0_8900:39_9081:108616_9085:108616_8956:108616_9083:108639_9084:108639_8956:108639_20:1241462; sit=1_1300411186_2701:39:39_719:121:0_2707:108839:108616_3225:390277:390277_828:912792:912792_11:1316717:1241462_3314:1320455:1239371_3289:1321705:1316218_2002:2548865:2547644; bpd=1_1300411186_h9i9:5WgZ; apd=1_1300411186; afl=1_1300411186; cre=1_1300549516_20053:11792:7:0_20056:11790:2:1003244_14598:11789:1:1180912; kwd=1_1300549516_11317:138330_11717:138330_11718:138330_11719:138330_11722:246965_10827:246965_10842:246969_10839:246969_10824:247169; scg=1_1300549516; ppd=1_1300549516; uid=1_1300624511_1297862321306:0415785655118336

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:01:40 GMT
Server: Apache/2.2.3 (CentOS)
Set-Cookie: cre=1_1300626100_20056:6436:3:0_20053:11792:7:76584_14598:11789:1:1257496; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:41 GMT; Path=/
Set-Cookie: uid=1_1300626100_1297862321306:0415785655118336; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:41 GMT; Path=/
Set-Cookie: kwd=1_1300626100_11317:214914_11717:214914_11718:214914_11719:214914_11722:323549_10827:323549_10842:323553_10839:323553_10824:323753; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:41 GMT; Path=/
Set-Cookie: scg=1_1300626100; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:41 GMT; Path=/
Set-Cookie: ppd=1_1300626100; Domain=.fetchback.com; Expires=Fri, 18-Mar-2016 13:01:41 GMT; Path=/
Cache-Control: max-age=0, no-store, must-revalidate, no-cache
Expires: Sun, 20 Mar 2011 13:01:41 GMT
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 2983

<style type="text/css">body {margin: 0px; padding: 0px;}</style>
<a href="http://imp.fetchback.com/serve/fb/overlay?fa35dbde8b4105ae9a6d0a82c2ec233b057002bf056beb6a3fc2fe0137078f71c6a58967fba80cd61467
...[SNIP]...
1.141. http://leadback.advertising.com/adcedge/lb  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://leadback.advertising.com
Path:   /adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=tmowinterwindow_cs=1&betq=13027=434822 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; GUID=MTMwMDMxNTUwODsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; C2=oRfhNZK9FYVVGkXBaVlB5JpwHg02F72BdbdxudQshXsbHkZ4F72BYGexudgihXsbHQW4F72BfGexudw7NYsbHEY4F72BjGexudAghXsbHATiG72BvGexudgJjasbHgJaG72BoopxudA2kXsbH8Y4F72BdDmxudQRgasbHY4dG72sEDwQpaUlT+NA5ydRcaK+AoWVG1trUBgZAaU3Y6gAxMihaKbnCUUoGWNslQwhNagjmiQBp/jRBD7uEMpkG9Tr1Rge1ZgjuyEB/AoRmDr8Eo2kGxVr+BDBhacqz2tBapqx5xqjHo4bGPlr5fwkLa4X; F1=BgG9F2EBAAAABAAAAEAAgEA; BASE=gKQkRmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqE!; ROLL=AfAif6NQKVcMvoB!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:03:38 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=qsfhNZK9FYVVGfXBaVlx3JpwHg02F22BdbdhtdQshXYbHkZ4F22BYGehtdgihXYbHQW4F22BfGehtdw7NYYbHEY4F22BjGehtdAghXYbHATiG22BvGehtdgJjaYbHgJaG22BoophtdA2kXYbH8Y4F22BdDmhtdQRgaYbHY4dG22sEDwQpaAlT+NA5ydBbaK+AoWVGwtrUBgZAaA3Y6gAxMiRZKbnCUUoGRNslQwhNaMjmiQBp/jBAD7uEMpkG4Tr1Rge1ZMjuyEB/AoBlDr8Eo2kGsVr+BDBhaIqz2tBapqh4xqjHo4bGKlr5fwkLakXyOOCGKqBwB; domain=advertising.com; expires=Tue, 19-Mar-2013 13:03:38 GMT; path=/
Set-Cookie: GUID=MTMwMDYyNjIxODsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; domain=advertising.com; expires=Tue, 19-Mar-2013 13:03:38 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 05:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Sun, 20 Mar 2011 14:03:38 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;
1.142. http://map.media6degrees.com/orbserv/aopix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://map.media6degrees.com
Path:   /orbserv/aopix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/aopix?pixId=1102&cb=97154716610&topHref=http%3A%2F%2Fwww.livejournal.com%2F&topRefer=&parHref=http%3A%2F%2Fwww.livejournal.com%2F&parRefer=&winHref=http%3A%2F%2Fwww.livejournal.com%2F&winRefer= HTTP/1.1
Host: map.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://www.livejournal.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ipinfo=2lhhwdf0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; acs=015020a0e0f0g1lgoi03xzt1v99axzt11hdgcxzt11hdgcxzt1v99a; clid=2lgoi03011706pgp44i37uxw1hdgc00u23030c0530g; orblb=2lgpp5n0326610u011fv4u1v210u010zuoi2d410u0100000; rdrlst=41p0ig1lgs3mp0000000s23030ijvlhk64g0000000c23030fxhli5kah0000000323030hs1li5kah0000000323030jryli5kah0000000323030zyrlhpju50000000a230300jcli07ej0000000523030khali5kah0000000323030ahxli5kah00000003230310f7lhpju505kuf0041x000w3alhpju50000000a23031196lh8s3k0000000l23031195lhabm80000000i23031194lh8s3o0000000k23030olwli5kah00000003230310eylhpju505kuf0041x000zgdlhpju50000000a23030cacli5kba00000002230200c2li5kah0000000323030faali5kah0000000323031193lhc9m70000000h23031192lh8s3u0000000j2303008sli5kah00000003230310tylhjr9d0000000e230303dpli5kah0000000323030ij7lhn5jf0000000b23030xqalhk59s0000000d23030ot2li5kba0000000223020xukli5kah00000003230310polhhwg80000000f230310telh1s3s0000000o23030chclhwpdy00000006230310e2lhpju50000000a23030n39li5vgf0000000123010xwhlhpju50000000a230310rdlh8s3f0000000m23030kbxli5kah0000000323030agcli5kah00000003230300czlhpju50000000a2303111xlhpju50000000a230308ublhqxoy0000000923030w4xli5kah0000000323030p1clhpju50000000a230311zzlhpju50000000a23030mjelgzmsv0000000p23030j60li5kah0000000323030i75lgpp5n0000000t23030bsdli07ek0000000423030okelhpju50000000a23030l26lhpju505kuf0041x000lw3lhpju50000000a23030l24lhpju50000000a23030a41li5kah0000000323030o5alhpju50000000a230301rhlhuoyb0000000823030afoli5kah0000000323030xw7lhpju50000000a23030ojwlhpju50000000a230307o9li5kah0000000323030e4vli5kah0000000323030x1plhpju50000000a2303; sglst=21f0savklgzmsv0k4gi00b1q000a003009brlgzmsv0k4gi00b1q000a00300ab4lgzmsv0k4gi00p23030c0530g943lgzmsv0k4gi00b1q000a003008ndlgzmsv0k4gi00b1q000a0030078jlgpp5n1g6as00t23030c0530gb05lhjr9d0000000e23030c0530eb04lgzmsv0k4gi00b1q000a00300c24lhjr9d0000000e23030c0530e8nblhjr9d0000000e23030c0530e2gglhjr9d0000000e23030c0530ebqslgzmsv0k4gi00b1q000a003008aclhjr9d0000000e23030c0530ebfalgzmsv0k4gi00b1q000a0030061hlhjr9d0000000e23030c0530e0solhpju50gbma00a23030c0530a9gglhjr9d0000000e23030c0530e4tuli5kah00b5y00323030c03303ag2lhjr9d0m47200e23030c0530e7onlhjr9d0000000e23030c0530ebnxlgzmsv0k4gi00b1q000a003009zalhjr9d0000000e23030c0530ebnwlhjr9d0000000e23030c0530e8c9lhjr9d0000000e23030c0530e9q6lhjr9d0000000e23030c0530e433lhjr9d0000000e23030c0530eacjlhjr9d0000000e23030c0530e9gtlhjr9d0000000e23030c0530e0kllhjr9d0000000e23030c0530e4xclhjr9d0000000e23030c0530eb1algzmsv0k4gi00b1q000a0030068nlhjr9d0000000e23030c0530e71jlgzmsv0k4gi00b1q000a00300b0olgzmsv0k4gi00b1q000a003008y9lgzmsv0k4gi00b1q000a003009zmlhjr9d0000000e23030c0530e9cblhjr9d0000000e23030c0530e9l8lhjr9d0000000e23030c0530e0telgyxuj16xlw00r23030c0530gbcxlgzmsv0k4gi00b1q000a0030081dlhjr9d0000000e23030c0530e4wnlgzmsv0k4gi00p23030c0530g9hllhjr9d0000000e23030c0530e5q8lhjr9d0000000e23030c0530e70ylhjr9d0000000e23030c0530ebhhlgzmsv0k4gi00b1q000a00300acflgzmsv0k4gi00b1q000a00300bhflgzmsv0k4gi00b1q000a00300ac9lhjr9d0000000e23030c0530e4wblhjr9d0000000e23030c0530ea76lhjr9d0000000e23030c0530e; vstcnt=3lgoi03020r014exd412011bpeu1l084fclw120a0ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn0ynmj0ynmg4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m120k135by0v9ac0v9ab0v9aa0v9a80v9a70v9a50v9a30v9a20v9a10v9a00v99z0v99w0v99v0v99u0v99t0v99r0v99q0v99p0v99n3roz128d135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa0yno90yno80yno70yno60yno50yno40yno20yno10yno00ynnz0ynny0ynnx0ynnw0ynnv0ynnu0ynns0ynnr0ynnq0ynnp0ynno0ynnn0ynnm0ynnl0ynnk0ynnj0ynnh0ynng0ynnf0ynne0ynnd0ynnc0ynnb0ynna0ynn90ynn80ynn60ynn50ynn40ynn30ynn20ynn10ynmh0ynme0ynmd0ynmc0ynmb0ynma0ynm90ynm80ynm70ynm60ynm20ynm00ynlz0ynly0ynlx0ynlw0ynlt0ynls0ynlr0ynlq0ynlp0ynlo0ynln0ynlm0ynli0ynjc4exr512011hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: acs=015020a0e0f0g1lgoi03xzt11of2bxzt11hdgcxzt11hdgcxzt11of2b; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Set-Cookie: clid=2lgoi03011706pgp44i37uxw1of2b00v27010d0130h; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Set-Cookie: ipinfo=2licx2e0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Set-Cookie: rdrlst=429120ylicx2e0000000127011254licx2e0000000127010ig1lgs3mp0000000t27010ijvlhk64g0000000d27010fxhli5kah0000000427010zp5licx2e0000000127010hs1li5kah0000000427010jryli5kah0000000427010zyrlhpju50000000b270100jcli07ej0000000627010khali5kah0000000427010ahxli5kah00000004270110f7lhpju505kuf0041x000w3alhpju50000000b27011196lh8s3k0000000m27011195lhabm80000000j27010olwli5kah0000000427011194lh8s3o0000000l270110eylhpju505kuf0041x000zgdlhpju50000000b27010cacli5kba0000000327010faali5kah00000004270100c2li5kah0000000427011193lhc9m70000000i2701125slicx2e000000012701008sli5kah0000000427011192lh8s3u0000000k270110tylhjr9d0000000f270103dpli5kah0000000427010ij7lhn5jf0000000c27010xqalhk59s0000000e27010l7blicx2e0000000127010ot2li5kba00000003270111k0licx2e0000000127010xukli5kah00000004270110polhhwg80000000g270110telh1s3s0000000p27010chclhwpdy00000007270110e2lhpju50000000b27010n39li5vgf0000000227010xwhlhpju50000000b270110rdlh8s3f0000000n27010kbxli5kah0000000427010agcli5kah0000000427010xwrlicx2e00000001270100czlhpju50000000b2701111xlhpju50000000b2701111wlicx2e00000001270108ublhqxoy0000000a27010w4xli5kah0000000427010p1clhpju50000000b270111zzlhpju50000000b270111zylicx2e0000000127010zqylicx2e0000000127010mjelgzmsv0000000q270111zklicx2e0000000127010j60li5kah0000000427010i75lgpp5n0000000u27010za0licx2e0000000127010l22licx2e000000012701120blicx2e0000000127010kotlicx2e0000000127010bsdli07ek0000000527010l26lhpju505kuf0041x000okelhpju50000000b27010lw3lhpju50000000b27010l24lhpju50000000b27010okdlicx2e0000000127010a41li5kah0000000427011202licx2e000000012701137plicx2e0000000127010o58licx2e0000000127010o5alhpju50000000b27010ojvlicx2e00000001270101rhlhuoyb0000000927010xw7lhpju50000000b27010afoli5kah0000000427010ojwlhpju50000000b270107o9li5kah0000000427010e4vli5kah0000000427010x1plhpju50000000b2701; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Set-Cookie: sglst=21s0s6l3licx2e0000000127010d01301armlicx2e0000000127010d013018e2licx2e0000000127010d013018h9licx2e0000000127010d013013kjlicx2e0000000127010d01301ab4lgzmsv1da9j00q27010d0130haojlicx2e0000000127010d0130178jlgpp5n1n7wr00u27010d0130hb05lhjr9d0t5t100f27010d0130f8gulicx2e0000000127010d01301bnhlicx2e0000000127010d01301c24lhjr9d0t5t100e23000c00300bbglicx2e0000000127010d01301asqlicx2e0000000127010d013018nblhjr9d0t5t100e23000c003002gglhjr9d0t5t100f27010d0130fbqqlicx2e0000000127010d01301bqvlicx2e0000000127010d013018aclhjr9d0t5t100e23000c003008aalicx2e0000000127010d013010solhpju50nd8900b27010d0130b61hlhjr9d0t5t100f27010d0130f9gglhjr9d0t5t100e23000c0030017ulicx2e0000000127010d013014tuli5kah07crx00427010d013047onlhjr9d0t5t100e23000c00300ag2lhjr9d0t5t100f27010d0130facllicx2e0000000127010d01301bhalicx2e0000000127010d013019zalhjr9d0t5t100e23000c00300bnwlhjr9d0t5t100e23000c00300bnzlicx2e0000000127010d013019q6lhjr9d0t5t100f27010d0130f8c9lhjr9d0t5t100e23000c00300433lhjr9d0t5t100f27010d0130fbnvlicx2e0000000127010d01301acjlhjr9d0t5t100e23000c003009gtlhjr9d0t5t100e23000c003000kllhjr9d0t5t100e23000c003009gslicx2e0000000127010d013014xclhjr9d0t5t100f27010d0130f68nlhjr9d0t5t100e23000c00300bo8licx2e0000000127010d013019zmlhjr9d0t5t100e23000c0030068olicx2e0000000127010d01301719licx2e0000000127010d013019c9licx2e0000000127010d013019cblhjr9d0t5t100e23000c003009l8lhjr9d0t5t100f27010d0130fbovlicx2e0000000127010d013010telgyxuj1dz7v00s27010d0130h81dlhjr9d0t5t100f27010d0130f4wnlgzmsv1da9j00p23000c003009hllhjr9d0t5t100e23000c003004wmlicx2e0000000127010d013015q8lhjr9d0t5t100e23000c0030070ylhjr9d0t5t100e23000c003004walicx2e0000000127010d013014wblhjr9d0t5t100e23000c00300ac9lhjr9d0t5t100f27010d0130fc7zlicx2e0000000127010d01301a76lhjr9d0t5t100f27010d0130f45glicx2e0000000127010d013019gflicx2e0000000127010d01301; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Set-Cookie: vstcnt=3lgoi03020r014exd412011bpeu1l084fclw12080ynsu0ynst0ynss0ynsr0ynsq0ynsp0ynso0ynsn4exd4120s1bpfm1bpfl1bpfj1bpfi1bpfh1bpfg1bpfe1bpfd1bpfb1bpfa1bpf91bpf81bpf71bpf21bpf01bpez1bpey1bpex1bpew1bpeu1bpes1bper1bpeq1bpep1bpeo1bpen1bpeh1bpeg4hl2m1201135by3roz126i135c3135bu135br135bo135bl135bk135bh135bf135be135bc135b8135b3135b0135ax135aw135at135am135ah135ae135ab135a9135a8135a5135a21359s1359r12fws12fwr12fwq12fwp12fwo12fwn12fwm12fwl12fwj12fwi12fwh12fwg12fwe12fwc12fwb12fwa12fw912fw712fw612fw512fw412fw312fw212fw112fw012fvz12fvv12fvu12fvt12fvs12fvr12fvq12fvp12fvn12fvm12fvl12fvk12fvj12fvi12fvh12fvg12fve12fvd12fvc12fvb12fva12fv912fv812fv712fv612fv412fv312fv212fv112fv012fuy12fux12fuw12fuq12fum12ful12fuk12fuj12fuh12fug12fuf12fue12fud12fuc12fu912fu712fu612fu512fu412fu212fu112fu012ftz12fty12ftx12ftw12ftu12ftr12fov0ynsl0ynsk0ynsj0ynsi0ynsh0ynsg0ynsf0ynse0ynsd0ynsc0ynsa0yns90yns80yns70yns60yns50yns40yns30yns20yns10yns00ynrz0ynry0ynrx0ynrw0ynru0ynrt0ynrs0ynrr0ynrq0ynrp0ynro0ynrn0ynrm0ynrl0ynrj0ynri0ynrh0ynrg0ynrf0ynre0ynrd0ynrc0ynrb0ynr90ynr80ynr70ynr60ynr50ynr40ynr30ynr10ynr00ynqz0ynqy0ynqx0ynqw0ynqv0ynqo0ynqn0ynqm0ynqf0ynq50ynq40ynq30ynq20ynq10ynpz0ynpy0ynpx0ynpw0ynpv0ynpu0ynpt0ynps0ynpr0ynpq0ynpp0ynpn0ynpm0ynpl0ynpk0ynpj0ynpi0ynph0ynpg0ynpf0ynpe0ynpc0ynpb0ynpa0ynp90ynp80ynp70ynp60ynp50ynp40ynp20ynp10ynp00ynoz0ynoy0ynox0ynow0ynov0ynou0ynot0ynor0ynoq0ynop0ynoo0ynon0ynom0ynol0ynok0ynoj0ynoi0ynoh0ynof0ynoe0ynod0ynoc0ynob0ynoa4exr5122h1hdkk1hdkj1hdki1hdkh1hdkg1hdkf1hdke1hdkd1hdkb1hdka1hdk91hdk81hdk71hdk61hdk51hdk41hdk31hdk21hdk11hdk01hdjz1hdjy1hdjx1hdjw1hdju1hdjr1hdjq1hdjp1hdjo1hdjn1hdjj1hdji1hdjh1hdjf1hdje1hdjd1hdjc1hdjb1hdja1hdj91hdj81hdj71hdj61hdj51hdj41hdj31hdj21hdj01hdiz1hdiy1hdix1hdiw1hdiv1hdiu1hdit1hdis1hdir1hdiq1hdip1hdio1hdin1hdih1hdig1hdif1hdid1hdic1hdib1hdia1hdi91hdi81hdi71hdi61hdi51hdi11hdhz1hdhy1hdhx1hdhw1hdhv1hdht1hdhs1hdhr1hdhq1hdhp1hdho1hdhm1hdhl1hdhi1hdgc4oz53125v16nyp16nyo16nyn16nym16nyl16nyk16nyj16nyi16nyh16nyg16nyf16nye16nyc16nyb16nya16ny916ny816ny716ny616ny516ny416ny316ny216ny016nxz16nxy16nxx16nxw16nxt16nxs16nxr16nxq16nxp16nxn16nxm16nxl16nxk16nxj16nxi16nxh16nxg16nxc16nxb16nxa16nx916nx716nx616nx516nx416nx316nx216nx116nx016nwz16nwy16nws16nwq16nwp16nwo16nwn16nwl16nwk16nwj16nwi16nwe16nwd16nwc16nwb16nwa16nw816nw616nw516nw416nw316nw216nw116nw016nvx16nvw16n8n16n8m16n8l16n8k16n8j16n8i16n8h16n8f16n8e16n8d16n8c16n8b16n8a16n8916n8816n8616n8516n8416n8316n8216n8116n8016n7z16n7y16n7x16n7v16n7s16n7r16n7p16n7o16n7n16n7m16n7l16n7k16n7j16n7i16n7h16n7g16n7f16n7e16n7d16n7c16n7b16n7a16n7916n7716n7616n7516n7416n7316n7216n7116n7016n6w16n6u16n6t16n6s16n6r16n6p16n6o16n6m16n6l16n6k16n6f16n6e16n6d16n6c16n6a16n6916n6716n6616n6516n6416n6316n6116n601679t1679s1679r1679p1679o1679n1679m1679k1679j1679i1679g1679f1679e1679d1679916798167971679516791167901678z1678y1678u1678t1678s1678q1678p1674c1674b1674a167491674816746167441674316742167411673w1673v1673u1673t1673s1673m1673l1673k1673j1673i1673g1673f1673e1673c1673b1673a1673916736166y84cgq7120612fwx12fww12fwv12fwu12fur12fuo4null12011bpf1; Domain=media6degrees.com; Expires=Fri, 16-Sep-2011 12:51:50 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?t=2&id=1230286&id=1201806&id=1204652&id=1200200&id=1200176&id=1200163&id=1200149&id=1200167&id=1192385&id=1169799&id=1124648&id=1124603&id=1097676&id=1087277&id=1045446&id=1052516&id=1052503&id=987653&id=993646&id=994606
Content-Length: 0
Date: Sun, 20 Mar 2011 12:51:49 GMT

1.143. http://media.fastclick.net/w/tre  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media.fastclick.net
Path:   /w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=24328;evt=17076;cat1=21132;cat2=21133;rand=[CACHEBUSTER] HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vt=11265:284275:530846:49860:0:1299284979:0|; pjw=BAEAAAACIAMD7b18TSAGAQABQAMBPgRgBwR76gcAOCAPAwIAAAA=; adv_ic=BxEAAADtvXxNIAYGAAFJAAApXiAHIAtAAALN2nbgABcA2OACFwDE4AIXBJFdAAAEQCwgAAC74AIXARVT4AFHALXgAhcB2FLgARcAr+ACFwE3R+ABFwCp4AIXAYxO4AEXAKTgAhcAouACRwCc4AIXACcgscC/AJfgAhcBaVrgARcAk+ACFwB4IL/ALwCO4AIXATRf4AEXAU/T4QEHAblR4AEXACzgAhcA6+ACjwAq4AIXAU9B4AEvABrgAhcBG1ngARcCFoRxILUgDyF/ACghZwAFIAsDAAAAAA==; lyc=CAAAAAQEb3tNACAAAQFXIASgAAYdUwAAqGJ5YBcB3kygFCAABNcxAACH4AoXQAACNNp2YC8BaVpADYAABF5SAAAL4AoXQAAC+LuAYC8BgVZADYAABeBCAAAHvOAJF+ADAOAFLwEAAA==; pluto=879590159695|v1

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:05:51 GMT
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: image/gif
Content-Length: 43
Set-Cookie: lyc=CQAAAAQPvoBNACAAAYFWIASgAAXgQgAAh73gCRdAAAIEb3tgLwEBV0ANgAAGHVMAAKhieWAXAd5MgBNAAAHXMSBH4AoXQAACNNp2YC8BaVpADYAABF5SAAAL4AoXQAACiPSFYC8BCF9ADYAAAI0gL8AA4AUXAQAA; domain=.fastclick.net; path=/; expires=Tue, 19-Mar-2013 13:05:51 GMT
Set-Cookie: pluto=879590159695|v1; domain=.fastclick.net; path=/; expires=Tue, 19-Mar-2013 13:05:51 GMT

GIF89a.............!.......,...........D..;
1.144. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1060813121@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1060813121@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1060813121@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:07:19 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10179T; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3252
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0f45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:08:19 GMT;path=/;httponly

document.write ('\n');
document.write ('        \n');
document.write ('\n');
document.write ('\n');
document.write ('\n');
document.write ('<script type="text/javascript">\n');
document.write ('//<![CDATA[\
...[SNIP]...
1.145. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1089778095@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1089778095@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1089778095@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10179T|O10179n; BCN2010110741=2

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:19:21 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O10179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3116
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0f45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:20:21 GMT;path=/;httponly

document.write ('\n');
document.write ('\n');
document.write ('        \n');
document.write ('\n');
document.write ('\n');
document.write ('\n');
document.write ('<script type="text/javascript">\n');
docume
...[SNIP]...
1.146. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1192949115@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1192949115@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1192949115@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000ade90
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO10170Y; NSC_o1efm_qppm_iuuq=ffffffff09499e0d45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:38:01 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 871
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0d45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:39:01 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.78739.9674.302br.net/jss/M0N/jview/304190340/direct;wi.300;hi.250/01/1244207516?click=http://network.re
...[SNIP]...
1.147. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1347059161@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1347059161@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1347059161@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:43:19 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016oj|O1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1224
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0f45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:44:19 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70771.9596.302br.net/jss/M0N/jview/287619747/direct;wi.300;hi.250/01/1531065393?click=http://network.re
...[SNIP]...
1.148. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1370404784@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1370404784@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1370404784@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10179T

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:10:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yV|O1016yW|O10170Y|O10179T; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1002
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0a45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:11:20 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70803.9528.302br.net/jss/M0N/jview/285954644/direct;wi.300;hi.250/01/1719473945?click=http://network.re
...[SNIP]...
1.149. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1440296334@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1440296334@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1440296334@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016oj|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:46:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oj|O1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1071
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0a45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:47:20 GMT;path=/;httponly

document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3340.247realmedia.com/B5245409
...[SNIP]...
1.150. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1498193368@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1498193368@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1498193368@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016x1|O10170Y; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:55:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1069
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09419e0f45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 04:45:58 GMT;path=/;httponly

document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3340.247realmedia.com/B4872659
...[SNIP]...
1.151. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1553265252@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1553265252@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1553265252@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016kC|O1016oj|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:49:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1628
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09419e3045525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 04:39:58 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70795.9541.302br.net/jss/M0N/jview/285781800/direct;wi.300;hi.250/01/2026858973?click=http://network.re
...[SNIP]...
1.152. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1707718303@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1707718303@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1707718303@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10171t|O10179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:16:21 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1164
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e3145525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:17:21 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.76561.9645.302br.net/jss/M0N/jview/293182495/direct;wi.300;hi.250/01/574659390?click=http://network.rea
...[SNIP]...
1.153. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1919814581@x15  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1919814581@x15

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/300x250/jx/ss/a/1919814581@x15 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Pzr6xO1016v9

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:37:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1006
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0d45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:38:20 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70783.9546.302br.net/jss/M0N/jview/289553603/direct;wi.300;hi.250/01/763487989?click=http://network.rea
...[SNIP]...
1.154. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1226497562@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1226497562@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1226497562@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10179T

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:10:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1595
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e3145525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:11:20 GMT;path=/;httponly

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N4518.247RealMedia/B4955444.24;sz=728x90;click0=http://network.realmedia.com/RealMedia/ads/click_lx.ads/msngames/ros/728x90/jx/ss/a/L27/2030
...[SNIP]...
1.155. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1268323048@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1268323048@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1268323048@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:58:19 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 999
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09419e0c45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 04:48:58 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70809.9528.302br.net/jss/M0N/jview/285954649/direct;wi.728;hi.90/01/69900028?click=http://network.realm
...[SNIP]...
1.156. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1537585327@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1537585327@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1537585327@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016oj|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:46:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016oj|O1016x1|O1016yV|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 999
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:47:20 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70801.9528.302br.net/jss/M0N/jview/285954646/direct;wi.728;hi.90/01/1753683003?click=http://network.rea
...[SNIP]...
1.157. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1603656518@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1603656518@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1603656518@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Pzr6xO1016v9

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:37:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1099
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e3145525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 12:38:20 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript"\n');
document.write ('src="http://view.atdmt.com.72972.9546.302br.net/jss/M0N/jview/289553602/direct;wi.728;hi.90/01?click=http://
...[SNIP]...
1.158. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1675436300@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1675436300@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1675436300@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; BCN2010110741=2; RMFD=011Q1HsmO2016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O20179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:28:23 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO2016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O20171t|O10172C|O20179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1874
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0c45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:29:23 GMT;path=/;httponly

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N5853.3630.1790008898421/B5154579.5;sz=728x90;click0=http://network.realmedia.com/RealMedia/ads/click_lx.ads/msngames/ros/728x90/jx/ss/a/L27
...[SNIP]...
1.159. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1712827513@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1712827513@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1712827513@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; S247S=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; RMFD=011Q1HsmO1016kC|O1016oj|O1016x1|O10170Y

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:49:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016x1|O10170Y; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1618
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09419e0e45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 04:39:58 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.70797.9541.302br.net/jss/M0N/jview/285781803/direct;wi.728;hi.90/01/716021695?click=http://network.real
...[SNIP]...
1.160. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1806760340@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1806760340@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1806760340@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; BCN2010110741=2; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O20179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:25:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO2016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O20179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1062
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:26:20 GMT;path=/;httponly

document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3340.247realmedia.com/B5245409
...[SNIP]...
1.161. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1819946762@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1819946762@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1819946762@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10171t|O10179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:16:21 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1167
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0a45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:17:21 GMT;path=/;httponly

document.write ('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com.76559.9645.302br.net/jss/M0N/jview/293182496/direct;wi.728;hi.90/01/1379005222?click=http://network.rea
...[SNIP]...
1.162. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1974512687@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1974512687@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1974512687@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; BCN2010110741=2; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O10179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:22:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016xy|O1016yW|O10170Y|O10171t|O10172C|O20179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3298
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0d45525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:23:20 GMT;path=/;httponly

document.write ('\n');
document.write ('        \n');
document.write ('\n');
document.write ('\n');
document.write ('\n');
document.write ('<script type="text/javascript">\n');
document.write ('//<![CDATA[\
...[SNIP]...
1.163. http://network.realmedia.com/RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1987467131@Top1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1987467131@Top1

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_jx.ads/msngames/ros/728x90/jx/ss/a/1987467131@Top1 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW801i4doAAvyI; BCN2010110741=1; RMFL=011Pxp1fU10KeT; NXCLICK2=011Pxp1fNX_TRACK_Nationalgeographic/Retarget_Natgeorealhomepage_Nonsecure!y!B3!KeT!ppm3; S247=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg; S247S=1; SData=,D41D8CD98F00B204E9800998ECF8427E; SDataR=1; RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10179T|O10179n

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:13:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: RMFD=011Q1HsmO1016kC|O1016oi|O1016oj|O1016vE|O1016x1|O1016yW|O10170Y|O10171t|O10179T|O10179n; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 1881
Content-Type: application/x-javascript
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0445525d5f4f58455e445a4a423660;expires=Sun, 20-Mar-2011 13:14:20 GMT;path=/;httponly

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N5853.3630.1790008898421/B5154579.5;sz=728x90;click0=http://network.realmedia.com/RealMedia/ads/click_lx.ads/msngames/ros/728x90/jx/ss/a/L27
...[SNIP]...
1.164. http://p.opt.fimserve.com/bht/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://p.opt.fimserve.com
Path:   /bht/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bht/?r=p&px=3068&v=1&rnd=6544772402.849049 HTTP/1.1
Host: p.opt.fimserve.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=998766;type=tmobi838;cat=tmobi392;ord=4678929757792.503?
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJU1d4hWhIULOQ4E0Ag==; ssrtb=0; LO=00FN6WWUm00000f500H; UI="297fc71db05673a122|79973.9.-8.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; TRG=NDAuMT04NTU1JjM5LjQ9ODEyNCY=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://www.fimserve.com/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR DELa SAMa UNRa OTRa IND UNI PUR NAV INT DEM CNT PRE"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: LO=00MW6n4Vm1k008f500900Fn8yO; Domain=.opt.fimserve.com; Expires=Sun, 19-Jun-2011 12:35:20 GMT; Path=/
Set-Cookie: UI="297fc71db05673a122|79973.9.-5.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"; Domain=.opt.fimserve.com; Expires=Wed, 17-Mar-2021 12:35:20 GMT; Path=/
ETag: W/"43-1160088754000"
Last-Modified: Thu, 05 Oct 2006 22:52:34 GMT
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:35:20 GMT

GIF89a.............!.......,...........L..;
1.165. http://pixel.mathtag.com/creative/img  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.mathtag.com
Path:   /creative/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /creative/img?mt_adid=70&mt_aid=66490547929921892&mt_exid=3&mt_mop=Mzo0M0E4QUJGQS03NDk3LTQ3MUEtOUFGNi0yOTc0RDE3RUYzMzU&mt_uuid=4d5b2371-3928-7a83-24fb-d52328f5624b HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://bidder.mathtag.com/iframe/notify?exch=pub&id=5aW95q2jLzEvTkROQk9FRkNSa0V0TnpRNU55MDBOekZCTFRsQlJqWXRNamszTkVReE4wVkdNek0xL05HUTFZakl6TnpFdE16a3lPQzAzWVRnekxUSTBabUl0WkRVeU16STRaalUyTWpSaS82NjQ5MDU0NzkyOTkyMTg5Mi8xMDk2NzUvMTAyMTc0LzMvcUNrUlV0a2tSODZTZllSNWtDMUZwb3dud0hreW5rUUl0bkxKeWNpUWlUcy8/65jF72MGHLbwsG7rxNVZ3X0o4uc&price=3.050000
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ts=1300624479; uuid=4d5b2371-3928-7a83-24fb-d52328f5624b; mt_mop=10004:1299934992|1:1297862934|10001:1297818481|11:1299460723|2:1299285586|3:1299090747|4:1299460679|5:1300624477|9:1300624484

Response

HTTP/1.1 200 OK
Server: mt2/2.0.8.3.1263 Feb 15 2011 21:29:18 ewr-pixel-n1a pid 0x1c1 449
Cache-Control: no-cache
Content-Type: image/gif
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Sun, 20 Mar 2011 12:34:45 GMT
Etag: 4d5b2371-3928-7a83-24fb-d52328f5624b
Connection: Keep-Alive
Set-Cookie: ts=1300624485; domain=.mathtag.com; path=/; expires=Mon, 19-Mar-2012 12:34:45 GMT
Set-Cookie: uuid=4d5b2371-3928-7a83-24fb-d52328f5624b; domain=.mathtag.com; path=/; expires=Mon, 19-Mar-2012 12:34:45 GMT
Content-Length: 43

GIF89a.............!.......,...........D..;
1.166. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=4212&nid=1185&put=8392341830659049202&expires=60 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GKFXS0FR-AL95-10.250.119.239; put_1994=6pgp44i37uxw; put_2100=usr3fe6528d7df33180; put_1902=pFrKmPYNzMy9Ccea81vSnagHy5-9D53Np1zmR_H3; __utmz=58628265.1299283361.1.1.utmcsr=assets.rubiconproject.com|utmccn=(referral)|utmcmd=referral|utmcct=/; put_1512=4d5b2371-3928-7a83-24fb-d52328f5624b; put_1185=8392341830659049202; put_1986=4470455573253905340; put_2132=439524AE836A5E4D157CECA302E891CB; put_1197=3346767141746773094; lm="5 Mar 2011 00:09:20 GMT"; put_1430=20108b4d-f8d0-4008-b157-1529097b61ab; __unam=84b15f2-12e8352bcfa-25f8d37f-6; __utma=58628265.419258632.1299283361.1299283361.1299330390.2; __qca=P0-813227877-1299460762554; put_2081=KH-00000000549735899; khaos=GKFXT7RL-D-D539; put_2025=a7d02798-393f-4104-ada5-fc2c44a755c0; csi2=3186470.js^2^1300020749^1300036800&3172640.js^1^1300036512^1300036512&3170652.js^1^1300036505^1300036505; cd=false; ruid=dd0a2"-alert(document.cookie)-"693757dd992^6^1300279607^2915161843; put_2146=xexq5xz5a6ux9fhfpyiuh3nymj7npi95; rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264222%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%265671%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1; rpx=4222%3D9869%2C395%2C2%2C%2C%265671%3D9998%2C338%2C2%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:38:59 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264222%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%265671%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%264212%3D1; expires=Tue, 19-Apr-2011 12:38:59 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4222%3D9869%2C395%2C2%2C%2C%265671%3D9998%2C338%2C2%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C%264212%3D10636%2C0%2C1%2C%2C; expires=Tue, 19-Apr-2011 12:38:59 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_1185=8392341830659049202; expires=Thu, 19-May-2011 12:38:59 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
1.167. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=5671&nid=2081&put=KH-00000000549735899&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://d.xp1.ru4.com/meta?_o=179638&_t=cmcont&ssv_ptnr=pm
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GKFXS0FR-AL95-10.250.119.239; put_1994=6pgp44i37uxw; put_2100=usr3fe6528d7df33180; put_1902=pFrKmPYNzMy9Ccea81vSnagHy5-9D53Np1zmR_H3; __utmz=58628265.1299283361.1.1.utmcsr=assets.rubiconproject.com|utmccn=(referral)|utmcmd=referral|utmcct=/; put_1512=4d5b2371-3928-7a83-24fb-d52328f5624b; put_1185=8392341830659049202; put_1986=4470455573253905340; put_2132=439524AE836A5E4D157CECA302E891CB; put_1197=3346767141746773094; lm="5 Mar 2011 00:09:20 GMT"; put_1430=20108b4d-f8d0-4008-b157-1529097b61ab; __unam=84b15f2-12e8352bcfa-25f8d37f-6; __utma=58628265.419258632.1299283361.1299283361.1299330390.2; __qca=P0-813227877-1299460762554; put_2081=KH-00000000549735899; khaos=GKFXT7RL-D-D539; put_2025=a7d02798-393f-4104-ada5-fc2c44a755c0; csi2=3186470.js^2^1300020749^1300036800&3172640.js^1^1300036512^1300036512&3170652.js^1^1300036505^1300036505; cd=false; ruid=dd0a2"-alert(document.cookie)-"693757dd992^6^1300279607^2915161843; put_2146=xexq5xz5a6ux9fhfpyiuh3nymj7npi95; rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264222%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%265671%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1; rpx=4222%3D9869%2C395%2C2%2C%2C%265671%3D9998%2C338%2C2%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264222%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%265671%3D1; expires=Tue, 19-Apr-2011 12:34:44 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4222%3D9869%2C395%2C2%2C%2C%265671%3D9998%2C638%2C3%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C; expires=Tue, 19-Apr-2011 12:34:44 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2081=KH-00000000549735899; expires=Tue, 19-Apr-2011 12:34:44 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
1.168. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=4222&nid=1512&put=4d5b2371-3928-7a83-24fb-d52328f5624b&expires=28] HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://bidder.mathtag.com/iframe/notify?exch=pub&id=5aW95q2jLzEvTkROQk9FRkNSa0V0TnpRNU55MDBOekZCTFRsQlJqWXRNamszTkVReE4wVkdNek0xL05HUTFZakl6TnpFdE16a3lPQzAzWVRnekxUSTBabUl0WkRVeU16STRaalUyTWpSaS82NjQ5MDU0NzkyOTkyMTg5Mi8xMDk2NzUvMTAyMTc0LzMvcUNrUlV0a2tSODZTZllSNWtDMUZwb3dud0hreW5rUUl0bkxKeWNpUWlUcy8/65jF72MGHLbwsG7rxNVZ3X0o4uc&price=3.050000
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GKFXS0FR-AL95-10.250.119.239; put_1994=6pgp44i37uxw; put_2100=usr3fe6528d7df33180; put_1902=pFrKmPYNzMy9Ccea81vSnagHy5-9D53Np1zmR_H3; __utmz=58628265.1299283361.1.1.utmcsr=assets.rubiconproject.com|utmccn=(referral)|utmcmd=referral|utmcct=/; put_1512=4d5b2371-3928-7a83-24fb-d52328f5624b; put_1986=4470455573253905340; put_2132=439524AE836A5E4D157CECA302E891CB; put_1197=3346767141746773094; lm="5 Mar 2011 00:09:20 GMT"; put_1430=20108b4d-f8d0-4008-b157-1529097b61ab; __unam=84b15f2-12e8352bcfa-25f8d37f-6; __utma=58628265.419258632.1299283361.1299283361.1299330390.2; __qca=P0-813227877-1299460762554; khaos=GKFXT7RL-D-D539; put_2025=a7d02798-393f-4104-ada5-fc2c44a755c0; csi2=3186470.js^2^1300020749^1300036800&3172640.js^1^1300036512^1300036512&3170652.js^1^1300036505^1300036505; cd=false; ruid=dd0a2"-alert(document.cookie)-"693757dd992^6^1300279607^2915161843; put_2146=xexq5xz5a6ux9fhfpyiuh3nymj7npi95; put_1185=8392341830659049202; rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264222%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%265671%3D1; rpx=4222%3D9869%2C395%2C2%2C%2C%265671%3D9998%2C638%2C3%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C; put_2081=KH-00000000549735899

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:43:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%265671%3D1%264222%3D1; expires=Tue, 19-Apr-2011 12:43:13 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4222%3D9869%2C767%2C3%2C%2C%265671%3D9998%2C638%2C3%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C; expires=Tue, 19-Apr-2011 12:43:13 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_1512=4d5b2371-3928-7a83-24fb-d52328f5624b; expires=Sun, 17-Apr-2011 12:43:13 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
1.169. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=5364&nid=2046&expires=90&put=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GKFXS0FR-AL95-10.250.119.239; put_1994=6pgp44i37uxw; put_2100=usr3fe6528d7df33180; put_1902=pFrKmPYNzMy9Ccea81vSnagHy5-9D53Np1zmR_H3; __utmz=58628265.1299283361.1.1.utmcsr=assets.rubiconproject.com|utmccn=(referral)|utmcmd=referral|utmcct=/; put_1986=4470455573253905340; put_2132=439524AE836A5E4D157CECA302E891CB; put_1197=3346767141746773094; lm="5 Mar 2011 00:09:20 GMT"; put_1430=20108b4d-f8d0-4008-b157-1529097b61ab; __unam=84b15f2-12e8352bcfa-25f8d37f-6; __utma=58628265.419258632.1299283361.1299283361.1299330390.2; __qca=P0-813227877-1299460762554; khaos=GKFXT7RL-D-D539; put_2025=a7d02798-393f-4104-ada5-fc2c44a755c0; csi2=3186470.js^2^1300020749^1300036800&3172640.js^1^1300036512^1300036512&3170652.js^1^1300036505^1300036505; cd=false; ruid=dd0a2"-alert(document.cookie)-"693757dd992^6^1300279607^2915161843; put_2146=xexq5xz5a6ux9fhfpyiuh3nymj7npi95; put_1185=8392341830659049202; put_2081=KH-00000000549735899; rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%265671%3D1%264222%3D1; rpx=4222%3D9869%2C767%2C3%2C%2C%265671%3D9998%2C638%2C3%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C; put_1512=4d5b2371-3928-7a83-24fb-d52328f5624b

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 13:21:14 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=4940%3D1%262341%3D1%265557%3D1%263049%3D1%266147%3D1%265901%3D1%264894%3D1%266286%3D1%264214%3D1%264554%3D1%265573%3D1%265575%3D1%262188%3D1%263748%3D1%262028%3D1%262372%3D1%265328%3D1%266195%3D1%262939%3D1%266198%3D1%265671%3D1%264222%3D1%265364%3D1; expires=Tue, 19-Apr-2011 13:21:14 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=4222%3D9869%2C767%2C3%2C%2C%265671%3D9998%2C638%2C3%2C%2C%264894%3D9998%2C266%2C2%2C%2C%265328%3D9998%2C338%2C2%2C%2C%266198%3D10067%2C558%2C7%2C%2C%264940%3D10116%2C0%2C1%2C%2C%266195%3D10136%2C417%2C7%2C%2C%262341%3D10210%2C0%2C1%2C%2C%265557%3D10210%2C0%2C1%2C%2C%263049%3D10211%2C21%2C5%2C%2C%266147%3D10263%2C0%2C1%2C%2C%265901%3D10263%2C0%2C1%2C%2C%262188%3D10264%2C40%2C4%2C%2C%264554%3D10264%2C13%2C2%2C%2C%266286%3D10264%2C0%2C1%2C%2C%264214%3D10264%2C0%2C1%2C%2C%262372%3D10277%2C0%2C1%2C%2C%265573%3D10290%2C0%2C1%2C%2C%265575%3D10290%2C0%2C1%2C%2C%263748%3D10304%2C0%2C1%2C%2C%262028%3D10334%2C0%2C1%2C%2C%262939%3D10577%2C0%2C7%2C%2C%265364%3D10637%2C0%2C1%2C%2C; expires=Tue, 19-Apr-2011 13:21:14 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2046=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL; expires=Sat, 18-Jun-2011 13:21:14 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
1.170. http://r.openx.net/set  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.openx.net
Path:   /set

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set?pid=21a19823-5de3-4917-bc81-a4edea5127ff&rtb=8392341830659049202 HTTP/1.1
Host: r.openx.net
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rp=H4sIAAAAAAAAAONlYOTgYAABAFIvYgUKAAAA; p=1300282350; i=212f8689-e963-4366-a0bb-ea2023fbb3e4

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:44 GMT
Server: Apache
Cache-Control: public, max-age=30, proxy-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: i=212f8689-e963-4366-a0bb-ea2023fbb3e4; expires=Tue, 19-Mar-2013 12:34:44 GMT; path=/; domain=.openx.net
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;
1.171. http://r.turn.com/r/bd  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/bd

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r/bd?ddc=1&pid=18&uid=CAESEH-HQ_x4I2dNiNCm8_bY604&cver=1 HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://cdn.turn.com/server/ddc.htm?uid=8392341830659049202&rnd=7699189076381337126&fpid=1&nu=n&t=&sp=n&purl=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=Wonw4SKQzJYWGPurqxtl0nuUzYJk6jXTg2kkRxPsf5PfaqaDzVRu9ZiuBStYaftYL8XNm3b3wEFLrI-bYDGMZspa2dzalgG5fKshqZFQ0gPE-iovOq8fXLrOOSDX_7RE4aP5h09o7k3cRcJp8kFALhcUtCbH2AU91mt_IKIcvF-dnVEIXl_o2VKbCOQ18gKB3TdfaSMq8ZmQLhPF-HDmXEO0DkgoB2K7NtvRYr_WLBLd_glL1pkpHKTZt_lIPJBER1eWajsac7h1LLqoQJdxq_LVmIVMjE0CeQFu2rmZbM75ztlAPWqlo6WakHRHQDJIug3BBFPTzPZU9a_De5ObQfS-FOkT22lzSBi1SyH2rdOEyvGy9ARJOsbfKu5zwAtywK2T6I_iNDRolqjg1OzTcmOmBomBI971b1aEnAXt992jScb5ykHoHXGqgsU2JXsEhKy7DL4leWeiolkQACcMJeDFfNLII8GWE_POOZEqdvSAlwAd2SMpuXja-1oqTvA74Bv87ktR-V-CI_fBW8ozCqpHrzMG7a1O-Bw1uWV3nCTXMMhqubSRk012wJ9TI5YEXDd38XvwUG3nRYRagkvUuiCki6dv9_ZBTPOR80NtxF90Tx9NnkbuE9oFmALVgGEUfnOnpPStJvBD7eMTp4e86K9aYVqIo0QJ8uo_fgCPTXl4d6AzZ5kL0Q3seR-QMTT54aP5h09o7k3cRcJp8kFALqjI0RR666J6yMcKhWq6NL-dnVEIXl_o2VKbCOQ18gKB5OTiSkIyAtUIxcH0kc2Z_r8mFTCd5ttVGpgCWv23BFzd_glL1pkpHKTZt_lIPJBEcjaG10wigUMyya21D2XcWPLVmIVMjE0CeQFu2rmZbM6gr6LeWJgmS_GYEF0jBxMut0ENHBIEVq_lRqV1FbhAaWaIpCiKWJzFCjE_rpqGSQ_AMLkX3xVdMEoiwUWtkl_8wK2T6I_iNDRolqjg1OzTckKhKx8gNr7j1i4lKSwVZVo5786SEOCxaDqnPJjkYPAbhKy7DL4leWeiolkQACcMJcv5JGu7PR53V4XHAO3Io4OAlwAd2SMpuXja-1oqTvA7Sby-AWn9Ao08NtBsZeyI32iQebtfIQ-g95Am5CKbjjGdX9SGy_mLofSIrTkkkZy7q_kymVsfRU5lp0Pu2QVi0ARmUVnGxwLABzMMwaHgl6ZZhmeV2wkprz8192ZLKDYi5nfmk03YwEf-csTjfghefqxfpgzc1VS-2ZSEBy1bfilWXaAbFc49ghutKx-kX83sFbZDNzeTaTd_CskNnL-gJYUhrqV02c7lrfNhksNY6EUSKZoIDqD4G7bFKUqmMV-obRSQfOqKLvEIVYVzZt3x7fyt1kS60aRmpMuHWG916ExzRX1Syet26XYSL2aR6sdzgDpDtFR-MhBo4SKLASMedrNlhtwwehJKZV_vqQ6TPomFT0b0CNqL1yDov6pCERYHrjdcB3-hMeuXpkthOjrlfmpI2EXioEJjgLbV10VkcXuhwiZ-NmqDn980RgRl5YCRsSMBuuGGbFuPRJa8whW0k6IDQXAakeNb4-iGLLL6vhICsdnGaSRoEnqOcIv7G5CzrcZxzHUt8FlPxz9qsQnKe4yFw3wjTmxxOfzbjyejukYkwsYpf4klfvVA_XCLxuitV-DkChzNBAZA7664Ecm9sJ8KpnA_mwIUzpMMvoHHE8H69Nv8ZmvmIfccRX7ppIDmK81F_-m52Kk6mklb9Gkz7cULXDK_DJBsJiPg260VBuB21BharSCDQyZkIvsj3tYWKCBcgK1KIuX3WD1wJn8hu0zvl4YurMpkt_KNXf21GXmMh3NIrtrwJ-PytJzw0bCN1JbrGOVJbR84q2JjTjm8h96r_zTQjil_yu87szG0AJSpAmYGrgDwofgjre60aLEVwGQ7VXceHmC6gPGCEolElhIpmggOoPgbtsUpSqYxX6hAIdI1m55J5HPTGq2yMrwQrQe8folUTs7yHBhE3jXdIqirG5pEDTVYoLJvdXZlZ78KIcHzd1FxJAPOlCIDY7YsrjdcB3-hMeuXpkthOjrlfnsK60K6G5zIvDNin7d_-XihwiZ-NmqDn980RgRl5YCRK7JzRSpPkaFxPAb0V4qxxlETd_XsDWTPOMhkKKyRYsQCsdnGaSRoEnqOcIv7G5CzlX-q_nDsklvWZp_SxUEVsoyFw3wjTmxxOfzbjyejukagr6LeWJgmS_GYEF0jBxMulbT4k7I3RFcH9USEGB8d7ehp9hmy5VmQ13eGV0p5qLQhVwiAdydT3PpB-fIjCiWZK81F_-m52Kk6mklb9Gkz7Z0a7PGvOJoJ72EBTvuMQxml7tqppY6LFE2g2xxURyWGmrwVBz_RVN4-Di2560zu3yYkwvb4gvrvji-WnwN0XjuMh3NIrtrwJ-PytJzw0bCNnaladC9RU6ry0d69z-Zz7SkUb9qGemCfvAL5h3MLwHvc3yMGel4rk0Sx0kOS5kYLJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWZQlrT0o0JDb5JXBZDXw8ZNGElOiRir5xHZ8kAaarjTbBhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbJUxYTKvEAE3JAT4SvkHOGiVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGgqNhuM1tUzQHYZ3GHdzM7ZKjYbjNbVM0B2Gdxh3czO2XJ9Sw3jdHwwRW1AzobtH9t81_gjdGUYVukJY8YG-hGu4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhgiUFl9FgDtOej2CKmEQRocaN03oKZzXwNGGcrv63Acnqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKRPkX-td7VA8q5XtcSwY3rEtaHZAo8fYosnagZHyU5kzUakfxoAiYEuqsAs6lVyErOLNUzJM8pvIuJwp8fvrU-Bkl0_218ihPPlMqx1CDk0FmJdP9tfIoTz5TKsdQg5NBZiXT_bXyKE8-UyrHUIOTQWYl0_218ihPPlMqx1CDk0FmUJa09KNCQ2-SVwWQ18PGTRhJTokYq-cR2fJAGmq402wYSU6JGKvnEdnyQBpquNNsGElOiRir5xHZ8kAaarjTbNWAVpIeQy-_rvNmNJZl0MuVMWEyrxABNyQE-Er5BzholTFhMq8QATckBPhK-Qc4aJUxYTKvEAE3JAT4SvkHOGi4IMq_Q-b1Bsvq4IHMVMMGKjYbjNbVM0B2Gdxh3czO2So2G4zW1TNAdhncYd3MztkqNhuM1tUzQHYZ3GHdzM7ZF_hnwsZOFT5I4eRW46LWcrCzHp4KI8EJF3gYURnVkXqwsx6eCiPBCRd4GFEZ1ZF6ONWHBOP2kK7zVWFthcPDncbv-tY65jMfDKTbdfT8ug3G7_rWOuYzHwyk23X0_LoNxu_61jrmMx8MpNt19Py6Dcbv-tY65jMfDKTbdfT8ug1ygQv0vtIAWYRj1Bwp4i9DzbefliSJ1pdkKBMKwCbwM7hvU7dM3_gDWrNcfv9Lfj8; fc=P8r1GRRUBPzt1rj093eSUyd0kIOGQ-01IqHp4E6nJR0sgJfvPMxam1XE0VXjRZkHDvAB7dj0g9rEc92kPRVoFw0-m0BkBmdsMbfLJKocp81E28M44OKTmpkvbjqqib7MAp1BJ3k6cxFoa6z2wZnSQRA23o3kcOf_vksOCkd4aIk; pf=UGHb8zI4aWtxtAmZyNeJNOHVFbSxqG9hsprN4v3Lz7LQ4qp2i9jCVLo21ITPxTJXB9En7PzxQcEcevWyHskThbQXXj1jA2FyUlkwwkhF7Ro2ZM7BNfD3Nrq6VH58nArltBKmEiDSJc28wBcf6WsZnUwqlFt-IvrL3Cyer2N_b_mQBT67XG3r_GqqLNCDP6TWM6QtivX9DfUZcKCbSzspOG4m4SNemiZsDiwHpMom7zAuHGj61Fo18HFz7Miw6CJ_lAToSBCIK8xd4Nhi3WZ5RVrFAd6zRhrKdfWaTudRRtzdw3uPJsigd4Z03fwI832qp0yYZ8xsq2g2JzvVLF3m0wYmvQ-7zazlMMeR5t48rmodxWJcKS5DgWnPQyOG3H9dle4JdVl67EbeBoMsCr3yKTNk5q5Z7Ye-yqAjt8FV6TEs0w1Mf61wa5sbZduLkMcmu6BxGVr1a1EtZ6VakW9qP0UsyZ23YtDx8Hp9aqDHgS7TLwotn8ChX3Ao59tcjALmIsfXlHObMd1dM-9EmR9zq1feDyJ1JsMdvufmKTEv8zYWEcVWdTIfg0R3HCs5Zgu8aqqZRUbE5cNgHLG-cyhwp9zF6bIQmuyiOkEVXhOR34lY8hTahfCesI1SII1o7GCSTkQctMdsR8ol26b8wwOWRulLcAuUbWv5XradSS5Og7yWq1NAPlM-71DUoari4r4P1Y5A3tzwkjyyX8-0gYHGU5jnzszrbJmm4ATS7VE3nQTOLZuOv6rXl3lXT98xe_hpQk1J2tMJ7uf0wgawDl5tZsTT5kN5mzq7cQ_zim8SvdxF5k8za64BvapgLtKI75QWoFdHsE8JeyafKsb518Z8yG2rlDCHXdIcSLBgYtlkloVO9_IUqGf6VJi47Jt9VzE1iUilagnqDfZezBDAgKeQJqma1IxzDiCoqn5pMBzKyly1EGZOdFA2-qArtbtQRT50YdNPvJqt7eLAf5C0e2pQiKZbm53MKuxT-xACBztAh4jFDcYPKkwR30hpsQ3QHTsbR1jwb4Tknj1lRvA_43zRPga4UleoT5uXiADlzwkOVA067MXkh4FAeKVzg1ACtjgSr5Gp6DR1BdDSotYHbfNzBgKBFuNAXObQP9_MMOI3eG1WGdO281P8amOaY7gqA06Qz3ZYqAavLj_IiDm0PZqfexb3wevMxi_3MpY_DV3nsHFBx31PTcSHvXJd2U5JBFuC4zIXCy6m3DgsRU-dDxSk0aAqkW75gcATwU4afh3aZM0faU7ttedZBHKMSUKU2-CLArzpv1sCFqKO2OO_7QHd61ElSVhkX8nCFJ8XYbO8pgqPz6rxA2zJp0kRUBjlvUbWcclJ3ktilOIca42ILmxDGq12QBEWUhzuVA36zOFcdBowxbu4TWEkjnoG3y3BQoeZ0WJ4-WctW3Z_ONfcXbWfjQNvc84m9Ucmpn2n7616Wmjkp_YRqKp502Bw_HclXEDNxATqSEvwR6YWNJOibQmjAIOFfhKbFkHTBHoHJsdi8MjHFkcfi4c9KAVErlkS3F2SFWLNhm5B3_eb2Qy3toXmjExHhirQMRh4tcgyEqZ-0Ko; uid=8392341830659049202; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; rds=15054%7C15054%7C15054%7C15050%7Cundefined%7C15054%7C15054%7C15038%7C15054%7C15054%7C15054%7C15054%7Cundefined%7C15054%7C15050%7C15054; rv=1

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8392341830659049202; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:40:48 GMT; Path=/
Content-Type: image/gif
Content-Length: 43
Date: Sun, 20 Mar 2011 12:40:48 GMT

GIF89a.............!.......,...........D..;
1.172. http://r.turn.com/r/beacon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/beacon

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/beacon?b2=1nQDmgx-ioCVF-rYXxu_HoBa_2gfzWMwdYEyIOrBROq03_Y86yLq7uu3PPVLuSSsBeNZcjtgqDuPA_-FABFnjw&cid= HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; rds=15054%7C15054%7C15054%7C15050%7Cundefined%7C15054%7C15054%7C15038%7C15054%7C15054%7C15054%7C15054%7Cundefined%7C15054%7C15050%7C15054; rv=1; uid=8392341830659049202; adImpCount=aWm1M4LjK5VIpxyiby4XYxEDYW1PshQ3vpBZa8uxHEph-L3XcPmT4hHXOQgApIlYh1NXgtHFGzzHzNFmm-KzX_9FnfDLNktuAMS6JsTomdlVpY3HjWkw231zQDelLH8_7MDefgoTZqF-bd3v_Qfs6OEZRtFGqduPVkD_gkg8VfV0ExsZAquLx2WiGNWvrnUszuICt27wBWASQBET6OeAytEy0WeBXOvyGLo3g2RyRxPMuJkSor3PooeE5HOb8MagG3H1Yh6KJus8Al0Tyl-_P0B_pSthw6Osds3vCU1DTz-z4otjDK2ixFI9HIYofu_jbt-1znRWuv4f0NnBSjg_DEGifQpKlSlg2JPncxaZQ7rJS-D340zJ0KEew_mwtQGaH27SKaSCTrWZJYQAanRpUpKgERJUW1YdGsZik0-okt7FAHdoDG0wmwYyeCzPe0spi39LGtEsLYa2RHjeXVKaXwxjz621UnXRIPElrss_9Bf3D5kPD76YDvIMjmnYUSqxgxaji_-otMFqmG9mmaQliekdOq3dCdMpBBYB6oxrLl9pdFEKrE3dKUxNz_PPP_A0oljWnUH_uUv0DheX3sKsfdGakli0ckXet5HgWuGAxOwjSx4LjXgDbmHu6Eh19fbovGRasNivyUiC-5nZMh1vJZclJZpWuXGcTDMvl_OekRPjS2MhCKHwMNU_BYoLCyOP7MDefgoTZqF-bd3v_Qfs6KVd2oSKolIwwEiITDQU2Lx0ExsZAquLx2WiGNWvrnUsd_PYU2DwATVpcslEDyf8hqiet1AIT80-jJlBpoUU7boLVM3uUWyLgHu6saG6i5PsBUqFp4KiueJFiSLkI0xYhQXlpwfxpWQdK7j4LVji2FVRCmp-Ng4uMeq-zvqbvux36ic_sEQwn-Xt_ClqlX8t_6DGXbcfdjdN_4BNnqMpaZCNRQCl9OpEhGua7KdmVMA9H27SKaSCTrWZJYQAanRpUjDmKTcPQFqbSQ5GlElX4-OPXp3pozvJlBPwzvc_9CbX0Eax0_okMfml7XV2gTBl77zbnfMNJ_ejhUj1ijcB8BL3D5kPD76YDvIMjmnYUSqxVTm50zwheMZKXjYTELCaRTMB1dlAsjcT9rVrLvj2jmVUL-jDhuW_PG6kDXW49rX2tzfWChaLz8qHVMsj8mXTQ5X_BsIvcSN0BmMTK-BlFS19ozX7FlWqx06TTt3zJMoidpDfoquYgeQVRQJMAHbPNzKbdG5BDLNqFInvCReDtR22Ma4NnjcBIUkCx_bHhhCO7MDefgoTZqF-bd3v_Qfs6BrVkQpn3sMfisSjNFR6Lph0ExsZAquLx2WiGNWvrnUsxG4zdt6QMXamb0MlO9-6e1Et3epiS-kFwEUk3ma5DYQLVM3uUWyLgHu6saG6i5PsCif1zoSmfZSqcudOf2tI_AtUze5RbIuAe7qxobqLk-whOajgwxbhQ2etCzicpyVTBeWnB_GlZB0ruPgtWOLYVT4g_J2kF4TffMfKOos7tSGYqdD0JO4s0XymPmMJRJDcQaJ9CkqVKWDYk-dzFplDuqwCXV-t7S-pFZ84tfYt394fbtIppIJOtZklhABqdGlSk3kOykyDTiOMXrl_1hSXbVPgP28vTqELfpOybpGjlbL1u2jaCL-G-9iQxe-i1zj0qnIvgJ1Cs1GitaawX0kTqPcPmQ8PvpgO8gyOadhRKrGUhUdZl_uWemjmxoBkqtZPlC4l-GnLAeLfqIKDfL1UZBu13BiEoKhy1nfBN8OlmthGyJL9eBp3R0ktcXzadt6Dlf8Gwi9xI3QGYxMr4GUVLSGbq4jqoA2S5xXIqloiZ1rJnlvqvTZp82d7AV1or2dUFOEFVYJjQMgMb7lS0C-xbKEPGbIcW-yfL1eczIB0nv7swN5-ChNmoX5t3e_9B-zo4ADEFwcAd4j4QaxZfExMqHQTGxkCq4vHZaIY1a-udSxde4MjDw009tPzSo6eSSgxdwNGJND06t-bjtn5J7KDlQtUze5RbIuAe7qxobqLk-zD_xVADK1Q9dfnRiJgoiDiBeWnB_GlZB0ruPgtWOLYVWRtxKwDSHoQbxPxzfXop_PGqBSQ6KpYW-OwrvDg8i80oMZdtx92N03_gE2eoylpkOa03F8PGEVyWKeOTLdjQBsfbtIppIJOtZklhABqdGlSTAOVu8HAwVUaLipJ9sHGrk8xcWupMSKM_8JiETgP7y2Lf0sa0SwthrZEeN5dUppfBHqNpdRWaYXKfEufY1_jM_cPmQ8PvpgO8gyOadhRKrEH2jhGaC4HJh3Lvv-bHhjZXJrqY1uo21_GLL5pntP7d1Qv6MOG5b88bqQNdbj2tfZUQpq4yPuFsSVWlf6dSHtGLEWhr4abofxDhC7P6sGwew4euBkqrCOJYGXaH5f2No8_2RdAhJaMbFOWHdRsIhatZ3trG8hf0eQqY8g-UGnErVl0dXhBHCfFaURcg86EWtLlFbsvCmEPdz0GvB-V7jB5awi2yagXokGer-T3duHYImsItsmoF6JBnq_k93bh2CJrCLbJqBeiQZ6v5Pd24dgi0fy9yH3cJpXYWOo6nSGwttH8vch93CaV2FjqOp0hsLaOT-BQHXXH-uznhhEs9x_Sw0tfzF6HcwwheEdKac2B-sNLX8xeh3MMIXhHSmnNgfoM2KaPI-sR5WE58gV6S3h5xnv5U9q3RmUdEcfcdtut4fcJCZU_BttKMXTDyrBfshtsU5_j_mocn2P_zfZY4qmabFOf4_5qHJ9j_832WOKpmug_cxXaULqo5K_--uRzgNIR8R--H-SzG21IeFe3_WqV2oTj14ksQ27ZtJZzx1gXZNqE49eJLENu2bSWc8dYF2TahOPXiSxDbtm0lnPHWBdk9C_Pu3wPYr2A_3dDgXogwmd09iZDTMtxv05d2hJrzm1ndPYmQ0zLcb9OXdoSa85tfCWfACzyR22c78m9rm0opXwlnwAs8kdtnO_Jva5tKKWGDrBTI6MoEsB4IrTcND0RHO90Ba4DNelbdwYVufELDtX6BfAY2sgFWzSh0EbYcfTBpmpd9hwiXKZXJsWFQCQVBsjiFrNHSK-_Gebf3rUW-DiUdeTQauTko8JT6bU5H7U4lHXk0Grk5KPCU-m1OR-1OJR15NBq5OSjwlPptTkftTiUdeTQauTko8JT6bU5H7WBDZuAVb1fiTqGwbz13XI0gQ2bgFW9X4k6hsG89d1yNIENm4BVvV-JOobBvPXdcjQoc_EAqGm2Vr9TWaHYU9GddhjhUYi9yiSqjz4yirqEttGX0otsn1Eo9ASeAp22-RzCmJKLA4L8yqghdd3XRDx7qf1MrHd4wjjnlzZT7-OanKn9TKx3eMI455c2U-_jmpyp_Uysd3jCOOeXNlPv45qc4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhxo3TegpnNfA0YZyu_rcByep30ZvJV6vlji6z2sRrikTqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKROp30ZvJV6vlji6z2sRrikRAeKyhQvuA1Am1Hf99RKswWh2QKPH2KLJ2oGR8lOZM1ANe8zLs_kHddS6hlrOxdDk; fc=k01_H3DQgin2gUWbqEfHVnEgVJOySuH7g303wn-3ThPBhSQ9y8oNWj2jHjllm2qL9SGC6KvWqijMODBe-PTw-vVibMqUG0iKKCPAs_vD_eA0A7iP8ARnu5R4osC1ayLKRfOX1MD02-o6SZ1b0c_HcdJnnDxsS-ubYBpridlzat8; pf=iOSm4jWzkK1eBsanX_Zvyrj_v8l1Pk_8sHmv_UQh7c7Q4qp2i9jCVLo21ITPxTJXhUysT6tP_1ec7xFTzmyTOvZhkC75wKwc88nuAokFvQ82ZM7BNfD3Nrq6VH58nArltBKmEiDSJc28wBcf6WsZnUwqlFt-IvrL3Cyer2N_b_mQBT67XG3r_GqqLNCDP6TWM6QtivX9DfUZcKCbSzspOG4m4SNemiZsDiwHpMom7zAuHGj61Fo18HFz7Miw6CJ_lAToSBCIK8xd4Nhi3WZ5RVrFAd6zRhrKdfWaTudRRtzdw3uPJsigd4Z03fwI832qp0yYZ8xsq2g2JzvVLF3m0wYmvQ-7zazlMMeR5t48rmodxWJcKS5DgWnPQyOG3H9dle4JdVl67EbeBoMsCr3yKTNk5q5Z7Ye-yqAjt8FV6TEs0w1Mf61wa5sbZduLkMcmu6BxGVr1a1EtZ6VakW9qP0UsyZ23YtDx8Hp9aqDHgS7TLwotn8ChX3Ao59tcjALmIsfXlHObMd1dM-9EmR9zq1feDyJ1JsMdvufmKTEv8zYWEcVWdTIfg0R3HCs5Zgu8aqqZRUbE5cNgHLG-cyhwp9zF6bIQmuyiOkEVXhOR34lY8hTahfCesI1SII1o7GCSTkQctMdsR8ol26b8wwOWRulLcAuUbWv5XradSS5Og7yWq1NAPlM-71DUoari4r4P1Y5A3tzwkjyyX8-0gYHGU5jnzszrbJmm4ATS7VE3nQTOLZuOv6rXl3lXT98xe_hpQk1J2tMJ7uf0wgawDl5tZsTT5kN5mzq7cQ_zim8SvdxF5k8za64BvapgLtKI75QWoFdHsE8JeyafKsb518Z8yG2rlDCHXdIcSLBgYtlkloVO9_IUqGf6VJi47Jt9VzE1iUilagnqDfZezBDAgKeQJqma1IxzDiCoqn5pMBzKyly1EGZOdFA2-qArtbtQRT50YdNPvJqt7eLAf5C0e2pQiKZbm53MKuxT-xACBztAh4jFDcYPKkwR30hpsQ3QHTsbR1jwb4Tknj1lRvA_43zRPga4UleoT5uXiADlzwkOVA067MXkh4FAeKVzg1ACtjgSr5Gp6DR1BdDSotYHbfNzBgKBFuNAXObQP9_MMOI3eG1WGdO281P8amOaY7gqA06Qz3ZYqAavLj_IiDm0PZqfexb3wevMxi_3MpY_DV3nsHFBx31PTcSHvXJd2U5JBFuC4zIXCy6m3DgsRU-dDxSk0aAqkW75gcATwU4afh3aZM0faU7ttedZBHKMSUKU2-CLArzpv1sCFqKO2OO_7QHd61ElSVhkX8nCFJ8XYbO8pgqPz6rxA2zJp0kRUBjlvUbWcclJ3ktilOIca42ILmxDGq12QBEWUhzuVA36zOFcdBowxbu4TWEkjnoG3y3BQoeZ0WJ4-WctW3Z_ONfcXbWfjQNvc84m9Ucmpn2n7616Wmjkp_YRqKp502Bw_HclXEDNxATqSEvwR6YWNJOibQmjAIOFfhKbFkHTBHoHJsdi8MjHFkcfi4c9KAVErlkS3F2SFWLNhm5B3_eb2Qy3toXmjExHhirQMRh4tcgyEqZ-0Ko

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=8392341830659049202; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:47:34 GMT; Path=/
Set-Cookie: pf=zeVxLX4Qm3VAv6-nf2r68gAkEdfzOyhVz05Wpv4r_7yal2rmbM27pmeWwPOJE-47Dxjv0qYpbGhPD_GiNvTT3_ZhkC75wKwc88nuAokFvQ9I-_Bzw4xVQzHLvpJw8-CNE_c1mxhekR9Zlluhx2w6wuJ1PvnMBkNGLWQu1I6YOmwLwp8xzr_7bYRBuJLHLf8Aspqs0IVyCOwNX_srcENCjgxkPpRikPds_LdJtDZOGVO11_e8lvLQAPd8geXGJ7rRaHzc7xGpwXNj9eey9hWZ_MDCYTO2LZ1Rl0g8nVGvRqLjJU0daqXcW1-iMoogvKvcAvuI2sZUQTxDPFv2L3NJqlFLnt2ogZidkG5s1idOEYA9-nHYGF_c39AoWEyUlPbz1xogSWoPxMxLUFByIz99mAnsN9sxE9JtdZksgFBaQ-PvcihCfgPpX_AHOa_-6oVRyf9fzgTcGeNT0Z3mReWUUpHbs1HfaG2Mc6_OyZZrYqNe9p1X7-eyG8ncWz2jcX098EbcmuSkEyyjij3cZgcC26L1Td45YmTQOTW1MmnICiAcYN_OmMmpfAiXya2HpII0Uyhjqpobw8VD83PQSZVwBp5tnq90x8QRGwbWhJz3ipO8NAcMKcm4l8d4Ty4sjaBkLRPtan0OSQvoYIGLV_1Zceg8ggkpAHys_SNLejl2CTEYyHoNhF8mEszVveALbtZBq68qtPCPohvYMAxz2wsRRQ04hOtqi4esPKvi26aGAPpNCgQU1QzT8e2wc9IIXS5gjKKcSslgSg82UjMlNntFwrVQBtsFlJqmhfJVwDFHnWM2K62_2NfI0IiBoKpOKfsrO_O_XMPLlLm_I0h9bH-vaVFmgo-bTNXwG8QVZlIvwvBMCbFqe719buZbI0fnOVCsYbb31rc7jcnqfNTKh6ZYUr8ntzFGcpjQUoIN6AcxZE9TQOgEAFertYbCptEoAuDMoqPXh_xPmWs62ulvAOD8zsm4DLfLaj5H3Qfwh5mWaaRwHnUGWTgD7OmxnCJXZo3e7tuy9uvkEEXNjXk4yBXu14amrfH4BtsydJBfI3SZ0WLqpE07JjWbZ6ZV2sR5O7yqJvxB6dyJWyOADOk2IEhpZKXyNGsx6kWj_ew883uLUjSvY92OW5QKNAS9PozhXD2Jm-niriVqPGCS_q13nGpkYurrpnLKuT-nUuvaw9svocG52pdjjppzHjxZba03TIn6VAj5xut4W1J5JicgRe-LPfCsqOjgZ1cmAoX94xp7gPYMxYEU_OpT-BT3G3BK4ukhnnXhQRazDtWZWjkxRNynAiQcG1RRa7FxjEcNSgQ59zCnOm_e8t_c3I3Em87AcTjtkKYOBWc0E_cfaGV7h2TLIUUwSyqRgPlPY7I8F4N3FceUP2VvI_eGkxGiYrbiyC5yKA3XFBxFn2LhWhUDAfEmxg8tLig8PjLnisbVyXpsCKI7SkbBHW5Mu7hMbSTQCO8furSmmtFn-Hk_FQbUgYBVaaYm0GXzowkxMNCHaWl9jy4T5RBrEDvYzmcxSQ35fcfiB_1I3ARrn8aHMAhLjbBQjZzZq3jDS_B_8N7YN5jz4XCU07LqPsULXHkehLcA6D-8; Domain=.turn.com; Expires=Fri, 16-Sep-2011 12:47:34 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1238628&t=2
Content-Length: 0
Date: Sun, 20 Mar 2011 12:47:33 GMT

1.173. http://r.turn.com/r/tpclick/id/tm7NsgCBljeFlAgAcwABAA/3c/http:/ad.yieldmanager.com/clk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/tpclick/id/tm7NsgCBljeFlAgAcwABAA/3c/http:/ad.yieldmanager.com/clk

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/tpclick/id/tm7NsgCBljeFlAgAcwABAA/3c/http:/ad.yieldmanager.com/clk HTTP/1.1
Host: r.turn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: uid=8392341830659049202; adImpCount=aWm1M4LjK5VIpxyiby4XYxEDYW1PshQ3vpBZa8uxHEph-L3XcPmT4hHXOQgApIlYh1NXgtHFGzzHzNFmm-KzX_9FnfDLNktuAMS6JsTomdlVpY3HjWkw231zQDelLH8_7MDefgoTZqF-bd3v_Qfs6OEZRtFGqduPVkD_gkg8VfV0ExsZAquLx2WiGNWvrnUszuICt27wBWASQBET6OeAytEy0WeBXOvyGLo3g2RyRxPMuJkSor3PooeE5HOb8MagG3H1Yh6KJus8Al0Tyl-_P0B_pSthw6Osds3vCU1DTz-z4otjDK2ixFI9HIYofu_jbt-1znRWuv4f0NnBSjg_DEGifQpKlSlg2JPncxaZQ7rJS-D340zJ0KEew_mwtQGaH27SKaSCTrWZJYQAanRpUpKgERJUW1YdGsZik0-okt7FAHdoDG0wmwYyeCzPe0spi39LGtEsLYa2RHjeXVKaXwxjz621UnXRIPElrss_9Bf3D5kPD76YDvIMjmnYUSqxgxaji_-otMFqmG9mmaQliekdOq3dCdMpBBYB6oxrLl9pdFEKrE3dKUxNz_PPP_A0oljWnUH_uUv0DheX3sKsfdGakli0ckXet5HgWuGAxOwjSx4LjXgDbmHu6Eh19fbovGRasNivyUiC-5nZMh1vJZclJZpWuXGcTDMvl_OekRPjS2MhCKHwMNU_BYoLCyOP7MDefgoTZqF-bd3v_Qfs6KVd2oSKolIwwEiITDQU2Lx0ExsZAquLx2WiGNWvrnUsd_PYU2DwATVpcslEDyf8hqiet1AIT80-jJlBpoUU7boLVM3uUWyLgHu6saG6i5PsBUqFp4KiueJFiSLkI0xYhQXlpwfxpWQdK7j4LVji2FVRCmp-Ng4uMeq-zvqbvux36ic_sEQwn-Xt_ClqlX8t_6DGXbcfdjdN_4BNnqMpaZCNRQCl9OpEhGua7KdmVMA9H27SKaSCTrWZJYQAanRpUjDmKTcPQFqbSQ5GlElX4-OPXp3pozvJlBPwzvc_9CbX0Eax0_okMfml7XV2gTBl77zbnfMNJ_ejhUj1ijcB8BL3D5kPD76YDvIMjmnYUSqxVTm50zwheMZKXjYTELCaRTMB1dlAsjcT9rVrLvj2jmVUL-jDhuW_PG6kDXW49rX2tzfWChaLz8qHVMsj8mXTQ5X_BsIvcSN0BmMTK-BlFS19ozX7FlWqx06TTt3zJMoidpDfoquYgeQVRQJMAHbPNzKbdG5BDLNqFInvCReDtR22Ma4NnjcBIUkCx_bHhhCO7MDefgoTZqF-bd3v_Qfs6BrVkQpn3sMfisSjNFR6Lph0ExsZAquLx2WiGNWvrnUsxG4zdt6QMXamb0MlO9-6e1Et3epiS-kFwEUk3ma5DYQLVM3uUWyLgHu6saG6i5PsCif1zoSmfZSqcudOf2tI_AtUze5RbIuAe7qxobqLk-whOajgwxbhQ2etCzicpyVTBeWnB_GlZB0ruPgtWOLYVT4g_J2kF4TffMfKOos7tSGYqdD0JO4s0XymPmMJRJDcQaJ9CkqVKWDYk-dzFplDuqwCXV-t7S-pFZ84tfYt394fbtIppIJOtZklhABqdGlSk3kOykyDTiOMXrl_1hSXbVPgP28vTqELfpOybpGjlbL1u2jaCL-G-9iQxe-i1zj0qnIvgJ1Cs1GitaawX0kTqPcPmQ8PvpgO8gyOadhRKrGUhUdZl_uWemjmxoBkqtZPlC4l-GnLAeLfqIKDfL1UZBu13BiEoKhy1nfBN8OlmthGyJL9eBp3R0ktcXzadt6Dlf8Gwi9xI3QGYxMr4GUVLSGbq4jqoA2S5xXIqloiZ1rJnlvqvTZp82d7AV1or2dUFOEFVYJjQMgMb7lS0C-xbKEPGbIcW-yfL1eczIB0nv7swN5-ChNmoX5t3e_9B-zo4ADEFwcAd4j4QaxZfExMqHQTGxkCq4vHZaIY1a-udSxde4MjDw009tPzSo6eSSgxdwNGJND06t-bjtn5J7KDlQtUze5RbIuAe7qxobqLk-zD_xVADK1Q9dfnRiJgoiDiBeWnB_GlZB0ruPgtWOLYVWRtxKwDSHoQbxPxzfXop_PGqBSQ6KpYW-OwrvDg8i80oMZdtx92N03_gE2eoylpkOa03F8PGEVyWKeOTLdjQBsfbtIppIJOtZklhABqdGlSTAOVu8HAwVUaLipJ9sHGrk8xcWupMSKM_8JiETgP7y2Lf0sa0SwthrZEeN5dUppfBHqNpdRWaYXKfEufY1_jM_cPmQ8PvpgO8gyOadhRKrEH2jhGaC4HJh3Lvv-bHhjZXJrqY1uo21_GLL5pntP7d1Qv6MOG5b88bqQNdbj2tfZUQpq4yPuFsSVWlf6dSHtGLEWhr4abofxDhC7P6sGwew4euBkqrCOJYGXaH5f2No8_2RdAhJaMbFOWHdRsIhatZ3trG8hf0eQqY8g-UGnErVl0dXhBHCfFaURcg86EWtLlFbsvCmEPdz0GvB-V7jB5awi2yagXokGer-T3duHYImsItsmoF6JBnq_k93bh2CJrCLbJqBeiQZ6v5Pd24dgi0fy9yH3cJpXYWOo6nSGwttH8vch93CaV2FjqOp0hsLaOT-BQHXXH-uznhhEs9x_Sw0tfzF6HcwwheEdKac2B-sNLX8xeh3MMIXhHSmnNgfoM2KaPI-sR5WE58gV6S3h5xnv5U9q3RmUdEcfcdtut4fcJCZU_BttKMXTDyrBfshtsU5_j_mocn2P_zfZY4qmabFOf4_5qHJ9j_832WOKpmug_cxXaULqo5K_--uRzgNIR8R--H-SzG21IeFe3_WqV2oTj14ksQ27ZtJZzx1gXZNqE49eJLENu2bSWc8dYF2TahOPXiSxDbtm0lnPHWBdk9C_Pu3wPYr2A_3dDgXogwmd09iZDTMtxv05d2hJrzm1ndPYmQ0zLcb9OXdoSa85tfCWfACzyR22c78m9rm0opXwlnwAs8kdtnO_Jva5tKKWGDrBTI6MoEsB4IrTcND0RHO90Ba4DNelbdwYVufELDtX6BfAY2sgFWzSh0EbYcfTBpmpd9hwiXKZXJsWFQCQVBsjiFrNHSK-_Gebf3rUW-DiUdeTQauTko8JT6bU5H7U4lHXk0Grk5KPCU-m1OR-1OJR15NBq5OSjwlPptTkftTiUdeTQauTko8JT6bU5H7WBDZuAVb1fiTqGwbz13XI0gQ2bgFW9X4k6hsG89d1yNIENm4BVvV-JOobBvPXdcjQoc_EAqGm2Vr9TWaHYU9GddhjhUYi9yiSqjz4yirqEttGX0otsn1Eo9ASeAp22-RzCmJKLA4L8yqghdd3XRDx7qf1MrHd4wjjnlzZT7-OanKn9TKx3eMI455c2U-_jmpyp_Uysd3jCOOeXNlPv45qc4FfPONitGRcGxKttYjNpmYIlBZfRYA7Tno9giphEEaGCJQWX0WAO056PYIqYRBGhxo3TegpnNfA0YZyu_rcByep30ZvJV6vlji6z2sRrikTqd9GbyVer5Y4us9rEa4pE6nfRm8lXq-WOLrPaxGuKROp30ZvJV6vlji6z2sRrikRAeKyhQvuA1Am1Hf99RKswWh2QKPH2KLJ2oGR8lOZM1ANe8zLs_kHddS6hlrOxdDk; rds=15054%7C15054%7C15054%7C15050%7Cundefined%7C15054%7C15054%7C15038%7C15054%7C15054%7C15054%7C15054%7Cundefined%7C15054%7C15050%7C15054; pf=QNmKTCt50B8Kpjg3isR9W_Ir3yoWOiSMkKJqMqoVPY2F1SOb8aRLeTLNl-G3fsUKhUysT6tP_1ec7xFTzmyTOvZhkC75wKwc88nuAokFvQ9ZYY2MlOzDLPTu4F-Uvdt_4YcdqwNhq09cj3lKBwXbCI3NqI2oQask0RxIcweDv6GMvGOoSAiXlEejBUI4bVTZiG0CD7SN4iQwbZFOht5_PcUKhyzjZJcScR_VHmzU_n_fhPhtP5eGOnqRNnt1-OV92xXlB7VgscrJbhGIf_JilPRDCeImrEZCGkpU4h_63CxWG5zEusESadpgYRYL2p5MG_RdoPtoKDEjrNYQG7__lKjDMABh_QQeaoDba2RSMKg6e-hV0PbjfU-R5RsfY_iXHHJjlc65ejsfGk_Bhi8TLHmektSTNGWFbueds9H23VJFfVN5kj-_puNaGveyJPzS0OWMGE9a6E0drdXZhYMeXsC4vcynPn9Dotf0EEwoLz7AbGDzP165MyHrx4tSx2B8O9qIPoIdnpPJQCQT3fsKxMAWYsdDJ5k_sdNi8uFJSCQ255k6vYnNOgM7sltoObfRe7Nfdm5bvla8XcCi8mpJcxR9SWcdexG9cU6HZV_VJhdn40SIet0iwwqKbdSj4CL2bkG8vxygw5PYjAzgbfXuQGcN6QW2n8XRLy7UoAmSdBRnwSKp2TDgd2Lcz_qJvz2UQIXGjoBZ78Wshqhm4tb0CSAVFfu30wLyYuo1y7aS82LTLnxA3ggK2gyTUssar2d0VZEEXq24P2id3ypkSYZxDaGrEW4mATCBJcdbUsS6U6WlB0V5Jnrj8cA_1KNYNCmayGOF0nn5E6TLc-A2frbzWLZ78bJLnb6L0KoAtnvLV2pP81X4ANdqArViOJeQtd_KBgfW6zrQLmaDIleZdb-lWXaspIKRhbM6EZgcd53-A29aOa0ye1UD40069XkSXwnuCh-RAXxtefbOimbdrtxWQwySgP2B497OTuJjk4h_xz7h1RsCnD2sD6SzTA6FS0L5qaDwuUB-gusjbKGTbdorNQKIus_NVuwacB_n_GJkCjDeRWnTTHOTAUzRX7jz2Dtha6IYgwK4KHy8_huNe8GKEihRoyUkOlvRlegTV48BDCOJkf60Zr6_RPbt9P03q9zqXbkMIiHhRyraLmWVTI7LPDO0V_cWY7-ccITIWG4cEAVOX3OaMNRzdBC4-0RsvFyXuRiJhp9j10eguQj26V8UKLkQP0cLS8-CaS_G0biaU-lkiE1m1Xn_hKe9NfZLnwyCK2ncrj6VabuuuFr6c_o5qaCQ6oN7sH1l3MIGQoK8X6stp0kTmdEXBwprTQawoH105HoGs1Q83lthTB7Fi-VTyyXy_vCtpJySQt4PX48ZzIpuwEShzbmTtAHP6iCkM-HhsMYZ7YWC2tZwu4Tb45eBwQ2XRr6BMB9fSsap5sDS6rpQ2bGi-sM44BgEdgBbOlmMluxfbyihgyJXJzx1jJXLpuPXHdjanaO2pJ8yqKNT5UMTIw2oYtTZbgmSLFmFfbvQzRfufLqyfgPcMtBAkmyxKq4X6cfi80nt471PDAY1h5rLy4hs1GeJifs51BsOk2bX; rv=1; rrs=1%7C2%7C3%7C4%7Cundefined%7C6%7C7%7C8%7C9%7C1001%7C1002%7C1003%7Cundefined%7C1004%7C1005%7C12; fc=k01_H3DQgin2gUWbqEfHVnEgVJOySuH7g303wn-3ThPBhSQ9y8oNWj2jHjllm2qL9SGC6KvWqijMODBe-PTw-vVibMqUG0iKKCPAs_vD_eA0A7iP8ARnu5R4osC1ayLKRfOX1MD02-o6SZ1b0c_HcdJnnDxsS-ubYBpridlzat8;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://ad.turn.com/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: clk=-aXo4lUnq_7j1611_xLXI7ieTmSTufCU35JEJfovC57ED8lYMqmaterqQLDesEiWpZpNpu6c4Oh1GYJxuqOt08J1iEBwWnDz1TOUbTr3SEj50eIKJ_CMEcZpuuoeEp_6-dHiCifwjBHGabrqHhKf-vnR4gon8IwRxmm66h4Sn_oXobd4rwZ894cKMPF2lBOl; Domain=.turn.com; Expires=Fri, 16-Sep-2011 14:01:16 GMT; Path=/
Set-Cookie: pf=CN4Eh-o7pZc211ryI3igoJ9KjlslyNfQEAlmVcZi9UVSbm-egMofX4Hb6CzVWQMmL9ngnRK1ACtC5uYN_cIOvv8xC1hjcPhxSGGEcy69FsEmhrUcekPc3e2dEJ3OWPonr9hPTfpI4XROkGbm7emqqqAAtbjx0taUMyz5ePgQfryi9ha1WCLua-tVHMxeNyG2_4I8WASOavTQUFttCoHzRydhZQQcNExgrQZW8GyDot5C6XYz30aixEAwPKDVq-kYa3h76oykl30O6Sr1CYF2g4L53lUdMQKfO4WgaqR0FnZab_6IU8do3kvG92bfSJcrTUIDyzpnlrFIrCU0eEwmFQSbbhAJSBhfKZUNCw465MN174iuztWT-VtoKV9pmxL7zbxV6fFCZpUy6zejDtVru4EruqiqzVXalU_Ih9NqFIj3Jg-r_h6eJ2zs6iKfMpdIR1e_66xGpjTD1rOHR1njK1PKuY2d-61p6g77x3ONnmIHukVrZDkFezZ6qAAg36T6ZxDVDFoaDoPfYAWYoHD9W03lY7XiZmFqIjhLdYok0WeaO4k7UDGAwa9HijS4k2TsefmYeQAHzUcGuVvmahmq7BSzb3_dUSGXINJkYEIEEG6okOvdyL-q5FDa3RoTiPAhsrViMTZO_i2g1B3mshTiv3NgagaIxWzidE0gLTcxlSli1tbcHKMaMwrQS5jp3anYtAjfYBo0I5y61WkG9uuxV2Enwpa1yaM1g5KxzlJBJHqAcjd8bYuWNOB1clpWC41oExcS5NJbVolwln2HeTSvvvhK5RfBPNe1wWrB9zEuHYuLw02xudQnom2jZweHBVCnFpGQlfjsyy5rvD1tf_xgk3HasLIQnHjPRoDIkSA3BdbhNfc0J0bK2Xg6CSA5SYC8T7clrur3s3mYgObf3MDK93190tlAmS7Tr_RA_2RXdBDgsQFrchNLbXiCOCGLIbH1QQc0a95SktWhCFb0RgPAYCECa-iyjcukvUDCclnQSsWfG9Q_LCDe9k1lmb6YxstfprUa9Q3mFZGeZzTV5sd9mvPEgsfFQmD1F7e3R-r14pFlc651joiF_S1WCCkz1T0f_ciVZ7lKUmv56N9sf32zuuTunGiNZEZnTLzGe-76RLU7AxehiM2_RebUBwjuFkZz1iJ7i4dyi8zLGG8laH1AptYdaCnn_v2kXxoBahTsklRn-n7vMIe4UpjtYgQjAoH_Bveq4KpXwR3nBf3iuPQf68Dd-Ee4_v4m5_-l8mc7fyt5P52bAQH1Zevbr1YFgsnVBHUvy6lhhBktAJP1sVY3uVOm7vos1HRkK-iHbWqDiiIIHNI24kmetcHd-7CmF9SYzH_lsfU1-CIGO8qv-N8kquMup7pp9sCy98IjI6FVXYIMB86WHiwFAT7RCJcFgEQ0gmTwQ56C_Xp0zRK--IOkURxzk5afCZqLQLL-rlv2qGeDo9zBW1B-Qutjt-1rr0_nZCCMttPOBefDEpw44D1LkfkaOvtd9Zw4hdxgWeU85h6-BiOUTEeNRMiyvcWkxHkU6xlkYzF6ssTtzAWR0gX8E7fIezMJmwM3-WSOeEJiJdtBBf97YXuHPTGhSiBNl9agqjjTwHFH25rMHyMpIOcu-Q; Domain=.turn.com; Expires=Fri, 16-Sep-2011 14:01:16 GMT; Path=/
Location: http://r.turn.com/server/click.htm?3c=http%3A%2Fad.yieldmanager.com%2Fclk&url=
Content-Length: 0
Date: Sun, 20 Mar 2011 14:01:15 GMT
Connection: close

1.174. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000884204/cstr=20240822=_4d860041,3743237811,787693^884204^1183^0,1_/xsxdata=$xsxdata/bnum=20240822/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787693/mnum=0000884204/cstr=20240822=_4d860041,3743237811,787693^884204^1183^0,1_/xsxdata=$xsxdata/bnum=20240822/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787693/mnum=0000884204/cstr=20240822=_4d860041,3743237811,787693^884204^1183^0,1_/xsxdata=$xsxdata/bnum=20240822/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=tighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohiDr8Eo2kGiVr+BDBhagpz2tBapqB2xqjHo4bGAlr5fwkLa8Wk6CCaYjRsZmDJaEpBcPqGRvgigQvJVAc; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:17 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:17 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 3743237811=_4d860041,3743237811,787693^884204^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.175. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=21883119=_4d85ff8c,0550568154,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=21883119/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787693/mnum=0000981637/cstr=21883119=_4d85ff8c,0550568154,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=21883119/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787693/mnum=0000981637/cstr=21883119=_4d85ff8c,0550568154,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=21883119/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=sighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohiDr8Eo2kGiVr+BDBhagpz2tBapqB2xqjHo4bGAlr5fwkLa8Wk6CCaYjRsZmDJaEpBcPqGRvgigQvJVAc; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 0550568154=_4d85ff8c,0550568154,787693^981637^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.176. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=25446075=_4d85f9eb,2610684043,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=25446075/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787693/mnum=0000981637/cstr=25446075=_4d85f9eb,2610684043,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=25446075/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787693/mnum=0000981637/cstr=25446075=_4d85f9eb,2610684043,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=25446075/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=sighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohiDr8Eo2kGiVr+BDBhagpz2tBapqB2xqjHo4bGAlr5fwkLa8Wk6CCaYjRsZmDJaEpBcPqGRvgigQvJVAc; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 2610684043=_4d85f9eb,2610684043,787693^981637^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.177. http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000981637/cstr=45191372=_4d8600f7,7766046076,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=45191372/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787693/mnum=0000981637/cstr=45191372=_4d8600f7,7766046076,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=45191372/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787693/mnum=0000981637/cstr=45191372=_4d8600f7,7766046076,787693^981637^1183^0,1_/xsxdata=$xsxdata/bnum=45191372/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=tighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohiDr8Eo2kGiVr+BDBhagpz2tBapqB2xqjHo4bGAlr5fwkLa8Wk6CCaYjRsZmDJaEpBcPqGRvgigQvJVAc; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:17 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:17 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 7766046076=_4d8600f7,7766046076,787693^981637^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.178. http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000759958/cstr=16369623=_4d85fc08,4560463311,787694^759958^1183^0,1_/xsxdata=$xsxdata/bnum=16369623/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787694/mnum=0000759958/cstr=16369623=_4d85fc08,4560463311,787694^759958^1183^0,1_/xsxdata=$xsxdata/bnum=16369623/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787694/mnum=0000759958/cstr=16369623=_4d85fc08,4560463311,787694^759958^1183^0,1_/xsxdata=$xsxdata/bnum=16369623/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=sighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohiDr8Eo2kGiVr+BDBhagpz2tBapqB2xqjHo4bGAlr5fwkLa8Wk6CCaYjRsZmDJaEpBcPqGRvgigQvJVAc; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 4560463311=_4d85fc08,4560463311,787694^759958^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.179. http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=69689444/optn=64  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=69689444/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000787694/mnum=0000985691/cstr=69689444=_4d85f5b3,1540631604,787694^985691^1183^0,1_/xsxdata=$XSXDATA/bnum=69689444/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; ACID=er080012979743200010; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; F1=BcPAG2EBAAAABAAAAgAASEA; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_;

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 20 Mar 2011 14:01:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Set-Cookie: C2=sighNZK9FYVVGVXBaVlR1JpwHg02Fs2BdbdBrdQshXwaHkZ4Fs2BYGeBrdgihXwaHQW4Fs2BfGeBrdw7NYwaHEY4Fs2BjGeBrdAghXwaHATiGs2BvGeBrdgJjawaHgJaGs2BoopBrdA2kXwaH8Y4Fs2BdDmBrdQRgawaHY4dGs2sEDwQpaYkT+NA5ydhYaK+AoWVGmtrUBgZAaY2Y6gAxMixWKbnCUUoGHNslQwhNakimiQBp/jh9C7uEMpkGuTr1Rge1ZkiuyEB/AohibWGJaAqwKPBqNphY1qfwQQoGY6sdbgWqagds64BK+mBQ5a+HM5iGvFpuggG2YEbm5QiGRaA3jqR0LoII0bSFAH; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBzXDIpcc8jL5ZWW6n/PFt7Rp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 14:01:16 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 1540631604=_4d85f5b3,1540631604,787694^985691^1183^0,1_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 14:01:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>
1.180. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=20240822/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787693/size=300250/u=2/bnum=20240822/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787693/size=300250/u=2/bnum=20240822/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=Y7fhNZK9FYVVGdXBaVlR3JpwHg02F02BdbdBtdQshXQbHkZ4F02BYGeBtdgihXQbHQW4F02BfGeBtdw7NYQbHEY4F02BjGeBtdAghXQbHATiG02BvGeBtdgJjaQbHgJaG02BoopBtdA2kXQbH8Y4F02BdDmBtdQRgaQbHY4dG02sEDwQpa4kT+NA5ydhaaK+AoWVGutrUBgZAa42Y6gAxMixYKbnCUUoGPNslQwhNaEjmiQBp/jh/C7uEMpkG2Tr1Rge1ZEjuyEB/AohkDr8Eo2kGqVr+BDBhaAqz2tBapqB4xqjHo4bGIlr5fwkLacXk6CCaYjRuZmDJakpBcPqGZP; F1=Bw4/F2EBAAAABAAAAYAASEA; BASE=gKQkdmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtBod/9cIfMmhhUJYd3tXzN!; ROLL=AfAiY6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7Biz6NewZ63L0fJYH!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:25:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.884204.787693.0XMC
Set-Cookie: C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; domain=advertising.com; expires=Tue, 19-Mar-2013 13:25:21 GMT; path=/
Set-Cookie: F1=BEEAG2EBAAAABAAAAcAASEA; domain=advertising.com; expires=Tue, 19-Mar-2013 13:25:21 GMT; path=/
Set-Cookie: BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtBod/9cIfMmhhUJYd3tXzd8Z082dFA!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:25:21 GMT; path=/
Set-Cookie: ROLL=AfAiZ6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7Biz6NewZ63L0fJYHB31rhrOM!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:25:21 GMT; path=/
Set-Cookie: 20240822=_4d860041,3743237811,787693^884204^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 13:25:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 604

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3175.272756.AOL-ADVERTISING2/B4640114.3;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000787693/
...[SNIP]...
1.181. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=21883119/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787693/size=300250/u=2/bnum=21883119/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787693/size=300250/u=2/bnum=21883119/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=Y7fhNZK9FYVVGdXBaVlR3JpwHg02F02BdbdBtdQshXQbHkZ4F02BYGeBtdgihXQbHQW4F02BfGeBtdw7NYQbHEY4F02BjGeBtdAghXQbHATiG02BvGeBtdgJjaQbHgJaG02BoopBtdA2kXQbH8Y4F02BdDmBtdQRgaQbHY4dG02sEDwQpa4kT+NA5ydhaaK+AoWVGutrUBgZAa42Y6gAxMixYKbnCUUoGPNslQwhNaEjmiQBp/jh/C7uEMpkG2Tr1Rge1ZEjuyEB/AohkDr8Eo2kGqVr+BDBhaAqz2tBapqB4xqjHo4bGIlr5fwkLacXk6CCaYjRuZmDJakpBcPqGZP; F1=Bgt/F2EBAAAABAAAAUAASEA; BASE=gKQkdmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/9cIfMmhhUJYd3tXzN!; ROLL=AfAib6NQKVcMvoBPR9Ipbc8jL5ZWh7nZfpv7oo7Tdg4NbwJ!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:22:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.981637.787693.0XMC
Set-Cookie: F1=Bw4/F2EBAAAABAAAAYAASEA; domain=advertising.com; expires=Tue, 19-Mar-2013 13:22:20 GMT; path=/
Set-Cookie: BASE=gKQkdmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtBod/9cIfMmhhUJYd3tXzN!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:22:20 GMT; path=/
Set-Cookie: ROLL=AfAiY6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7Biz6NewZ63L0fJYH!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:22:20 GMT; path=/
Set-Cookie: 21883119=_4d85ff8c,0550568154,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 13:22:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 595

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N884.AOL-Advertising/B5290576.2;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000
...[SNIP]...
1.182. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=25446075/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787693/size=300250/u=2/bnum=25446075/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787693/size=300250/u=2/bnum=25446075/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=zWfhNZK9FYVVGjXBaVlx4JpwHg02F62BdbdhudQshXobHkZ4F62BYGehudgihXobHQW4F62BfGehudw7NYobHEY4F62BjGehudAghXobHATiG62BvGehudgJjaobHgJaG62BoophudA2kXobH8Y4F62BdDmhudQRgaobHY4dG62sEDwQpaQlT+NA5ydBcaK+AoWVG0trUBgZAaQ3Y6gAxMiRaKbnCUUoGVNslQwhNacjmiQBp/jBBD7uEMpkG8Tr1Rge1ZcjuyEB/AoBmDr8Eo2kGwVr+BDBhaYqz2tBapqh5xqjHo4bGOlr5fwkLa0Xk6CCaYjxvZmDJa8pBcPqGfP; F1=BMb9F2EBAAAABAAAAIAAeEA; BASE=gKQkQmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV9I!; ROLL=AfAic6NQKVcMvoBPR9IpbcM!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 12:58:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.981637.787693.0XMC
Set-Cookie: C2=rnfhNZK9FYVVGgXBaVlB4JpwHg02F32BdbdxtdQshXcbHkZ4F32BYGextdgihXcbHQW4F32BfGextdw7NYcbHEY4F32BjGextdAghXcbHATiG32BvGextdgJjacbHgJaG32BoopxtdA2kXcbH8Y4F32BdDmxtdQRgacbHY4dG32sEDwQpaElT+NA5ydRbaK+AoWVGxtrUBgZAaE3Y6gAxMihZKbnCUUoGSNslQwhNaQjmiQBp/jRAD7uEMpkG5Tr1Rge1ZQjuyEB/AoRlDr8Eo2kGtVr+BDBhaMqz2tBapqx4xqjHo4bGLlr5fwkLaoXk6CCaYjBvZmDJawpBcPqGcP; domain=advertising.com; expires=Tue, 19-Mar-2013 12:58:19 GMT; path=/
Set-Cookie: F1=Bse+F2EBAAAABAAAAMAAYEA; domain=advertising.com; expires=Tue, 19-Mar-2013 12:58:19 GMT; path=/
Set-Cookie: BASE=gKQkfmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/N!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:58:19 GMT; path=/
Set-Cookie: ROLL=AfAid6NQKVcMvoBPR9Ipbc8jL5ZWh7H!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:58:19 GMT; path=/
Set-Cookie: 25446075=_4d85f9eb,2610684043,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 12:58:19 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 595

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N884.AOL-Advertising/B5290576.2;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000
...[SNIP]...
1.183. http://r1-ads.ace.advertising.com/site=787693/size=300250/u=2/bnum=45191372/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787693/size=300250/u=2/bnum=45191372/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787693/size=300250/u=2/bnum=45191372/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D250%252Fwidth%253D300%252Fsite%253DSW.NOL%252Faamsz%253D300X250%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856443/direct;wi.300;hi.250/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=000014700000000000000000/height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=BBghNZK9FYVVGcXBaVlB3JpwHg02Fz2BdbdxsdQshXMbHkZ4Fz2BYGexsdgihXMbHQW4Fz2BfGexsdw7NYMbHEY4Fz2BjGexsdAghXMbHATiGz2BvGexsdgJjaMbHgJaGz2BoopxsdA2kXMbH8Y4Fz2BdDmxsdQRgaMbHY4dGz2sEDwQpa0kT+NA5ydRaaK+AoWVGttrUBgZAa02Y6gAxMihYKbnCUUoGONslQwhNaAjmiQBp/jR/C7uEMpkG1Tr1Rge1ZAjuyEB/AoRkDr8Eo2kGpVr+BDBha8pz2tBapqx3xqjHo4bGHlr5fwkLaYXk6CCaYjBuZmDJagpBcPqGYP; F1=BEEAG2EBAAAABAAAAcAASEA; BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtBod/9cIfMmhhUJYd3tXzd8Z082dFA!; ROLL=AfAiZ6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7Biz6NewZ63L0fJYHB31rhrOM!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:28:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.981637.787693.0XMC
Set-Cookie: F1=BcPAG2EBAAAABAAAAgAASEA; domain=advertising.com; expires=Tue, 19-Mar-2013 13:28:23 GMT; path=/
Set-Cookie: BASE=gKQkcmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtJod/9cIfMmhhUJYd3tXzd8Z082dFA!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:28:23 GMT; path=/
Set-Cookie: ROLL=AfAiW6NQKVcMvoBPR9Ipbc8jL5ZWh7n/PFt7Sp7nyf4NnxZoIY2fMYHnj6qhWPsjA+z5ZPD!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:28:23 GMT; path=/
Set-Cookie: 45191372=_4d8600f7,7766046076,787693^981637^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 13:28:23 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 595

document.write('<SCRIPT language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N884.AOL-Advertising/B5290576.2;sz=300x250;click=http://r1-ads.ace.advertising.com/click/site=0000787693/mnum=0000
...[SNIP]...
1.184. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=16369623/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787694/size=728090/u=2/bnum=16369623/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787694/size=728090/u=2/bnum=16369623/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=rnfhNZK9FYVVGgXBaVlB4JpwHg02F32BdbdxtdQshXcbHkZ4F32BYGextdgihXcbHQW4F32BfGextdw7NYcbHEY4F32BjGextdAghXcbHATiG32BvGextdgJjacbHgJaG32BoopxtdA2kXcbH8Y4F32BdDmxtdQRgacbHY4dG32sEDwQpaElT+NA5ydRbaK+AoWVGxtrUBgZAaE3Y6gAxMihZKbnCUUoGSNslQwhNaQjmiQBp/jRAD7uEMpkG5Tr1Rge1ZQjuyEB/AoRlDr8Eo2kGtVr+BDBhaMqz2tBapqx4xqjHo4bGLlr5fwkLaoXk6CCaYjBvZmDJawpBcPqGcP; F1=Bse+F2EBAAAABAAAAMAAYEA; BASE=gKQkfmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/N!; ROLL=AfAid6NQKVcMvoBPR9Ipbc8jL5ZWh7H!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:07:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.759958.787694.0XMC
Set-Cookie: C2=IwfhNZK9FYVVGfXBaVlx3JpwHg02F22BdbdhtdQshXYbHkZ4F22BYGehtdgihXYbHQW4F22BfGehtdw7NYYbHEY4F22BjGehtdAghXYbHATiG22BvGehtdgJjaYbHgJaG22BoophtdA2kXYbH8Y4F22BdDmhtdQRgaYbHY4dG22sEDwQpaAlT+NA5ydBbaK+AoWVGwtrUBgZAaA3Y6gAxMiRZKbnCUUoGRNslQwhNaMjmiQBp/jBAD7uEMpkG4Tr1Rge1ZMjuyEB/AoBlDr8Eo2kGsVr+BDBhaIqz2tBapqh4xqjHo4bGKlr5fwkLakXk6CCaYjxuZmDJaspBcPqGbP; domain=advertising.com; expires=Tue, 19-Mar-2013 13:07:20 GMT; path=/
Set-Cookie: F1=BgA/F2EBAAAABAAAAQAAWEA; domain=advertising.com; expires=Tue, 19-Mar-2013 13:07:20 GMT; path=/
Set-Cookie: BASE=gKQkemhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/9cIfMmhhE!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:07:20 GMT; path=/
Set-Cookie: ROLL=AfAia6NQKVcMvoBPR9Ipbc8jL5ZWh7nZfpv7ooL!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:07:20 GMT; path=/
Set-Cookie: 16369623=_4d85fc08,4560463311,787694^759958^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 13:07:20 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1612

document.write('<IFRAME SRC="http://ad.doubleclick.net/adi/N1558.advertising.com/B3897970.13;sz=728x90;click=http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000759958/cstr=16369623=_4d85
...[SNIP]...
1.185. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=5805484/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787694/size=728090/u=2/bnum=5805484/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787694/size=728090/u=2/bnum=5805484/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; C2=IwfhNZK9FYVVGfXBaVlx3JpwHg02F22BdbdhtdQshXYbHkZ4F22BYGehtdgihXYbHQW4F22BfGehtdw7NYYbHEY4F22BjGehtdAghXYbHATiG22BvGehtdgJjaYbHgJaG22BoophtdA2kXYbH8Y4F22BdDmhtdQRgaYbHY4dG22sEDwQpaAlT+NA5ydBbaK+AoWVGwtrUBgZAaA3Y6gAxMiRZKbnCUUoGRNslQwhNaMjmiQBp/jBAD7uEMpkG4Tr1Rge1ZMjuyEB/AoBlDr8Eo2kGsVr+BDBhaIqz2tBapqh4xqjHo4bGKlr5fwkLakXk6CCaYjxuZmDJaspBcPqGbP; F1=BgA/F2EBAAAABAAAAQAAWEA; BASE=gKQkemhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/9cIfMmhhE!; ROLL=AfAia6NQKVcMvoBPR9Ipbc8jL5ZWh7nZfpv7ooL!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 13:19:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.984959.787694.0XMC
Set-Cookie: C2=Y7fhNZK9FYVVGdXBaVlR3JpwHg02F02BdbdBtdQshXQbHkZ4F02BYGeBtdgihXQbHQW4F02BfGeBtdw7NYQbHEY4F02BjGeBtdAghXQbHATiG02BvGeBtdgJjaQbHgJaG02BoopBtdA2kXQbH8Y4F02BdDmBtdQRgaQbHY4dG02sEDwQpa4kT+NA5ydhaaK+AoWVGutrUBgZAa42Y6gAxMixYKbnCUUoGPNslQwhNaEjmiQBp/jh/C7uEMpkG2Tr1Rge1ZEjuyEB/AohkDr8Eo2kGqVr+BDBhaAqz2tBapqB4xqjHo4bGIlr5fwkLacXk6CCaYjRuZmDJakpBcPqGZP; domain=advertising.com; expires=Tue, 19-Mar-2013 13:19:21 GMT; path=/
Set-Cookie: F1=Bgt/F2EBAAAABAAAAUAASEA; domain=advertising.com; expires=Tue, 19-Mar-2013 13:19:21 GMT; path=/
Set-Cookie: BASE=gKQkdmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV94DQtZod/9cIfMmhhUJYd3tXzN!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:19:21 GMT; path=/
Set-Cookie: ROLL=AfAib6NQKVcMvoBPR9Ipbc8jL5ZWh7nZfpv7oo7Tdg4NbwJ!; domain=advertising.com; expires=Tue, 19-Mar-2013 13:19:21 GMT; path=/
Set-Cookie: 5805484=_4d85fed8,0052813613,787694^984959^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 13:19:21 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1852

document.write('<HTML>');document.write('<HEAD>');document.write('<TITLE>&nbsp;</TITLE>');document.write('</HEAD>');document.write('<BODY>');document.write('<OBJECT classid=\'clsid:D27CDB6E-AE6D-11cf-
...[SNIP]...
1.186. http://r1-ads.ace.advertising.com/site=787694/size=728090/u=2/bnum=69689444/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=787694/size=728090/u=2/bnum=69689444/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=787694/size=728090/u=2/bnum=69689444/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=2/r=1/optn=1/fv=10/aolexp=0/dref=http%253A%252F%252Fviacom.adbureau.net%252Fhserver%252Fheight%253D90%252Fwidth%253D728%252Fsite%253DSW.NOL%252Faamsz%253D728X90%252FNCP%253D1 HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; F1=BgG9F2EBAAAABAAAAEAAgEA; BASE=gKQkRmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqE!; ROLL=AfAif6NQKVcMvoB!; C2=ISfhNZK9FYVVGkXBaVlB5JpwHg02F72BdbdxudQshXsbHkZ4F72BYGexudgihXsbHQW4F72BfGexudw7NYsbHEY4F72BjGexudAghXsbHATiG72BvGexudgJjasbHgJaG72BoopxudA2kXsbH8Y4F72BdDmxudQRgasbHY4dG72sEDwQpaUlT+NA5ydRcaK+AoWVG1trUBgZAaU3Y6gAxMihaKbnCUUoGWNslQwhNagjmiQBp/jRBD7uEMpkG9Tr1Rge1ZgjuyEB/AoRmDr8Eo2kGxVr+BDBhacqz2tBapqx5xqjHo4bGPlr5fwkLa4Xk6CCaYjBwZmDJaAqBcPqGgP; GUID=MTMwMDYyNDUyMDsxOjE2bHNxaWkxbjFhM2NyOjM2NQ

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 12:40:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.985691.787694.0XMC
Set-Cookie: C2=zWfhNZK9FYVVGjXBaVlx4JpwHg02F62BdbdhudQshXobHkZ4F62BYGehudgihXobHQW4F62BfGehudw7NYobHEY4F62BjGehudAghXobHATiG62BvGehudgJjaobHgJaG62BoophudA2kXobH8Y4F62BdDmhudQRgaobHY4dG62sEDwQpaQlT+NA5ydBcaK+AoWVG0trUBgZAaQ3Y6gAxMiRaKbnCUUoGVNslQwhNacjmiQBp/jBBD7uEMpkG8Tr1Rge1ZcjuyEB/AoBmDr8Eo2kGwVr+BDBhaYqz2tBapqh5xqjHo4bGOlr5fwkLa0Xk6CCaYjxvZmDJa8pBcPqGfP; domain=advertising.com; expires=Tue, 19-Mar-2013 12:40:19 GMT; path=/
Set-Cookie: F1=BMb9F2EBAAAABAAAAIAAeEA; domain=advertising.com; expires=Tue, 19-Mar-2013 12:40:19 GMT; path=/
Set-Cookie: BASE=gKQkQmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqUqLkoHV9I!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:40:19 GMT; path=/
Set-Cookie: ROLL=AfAic6NQKVcMvoBPR9IpbcM!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:40:19 GMT; path=/
Set-Cookie: 69689444=_4d85f5b3,1540631604,787694^985691^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 12:40:19 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 553

document.write('<script type="text/javascript" src="http://altfarm.mediaplex.com/ad/js/10433-118675-1629-11?mpt=1540631604&mpvc=http://r1-ads.ace.advertising.com/click/site=0000787694/mnum=0000985691/
...[SNIP]...
1.187. http://r1-ads.ace.advertising.com/site=797066/size=300250/u=2/bnum=53391539/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.livejournal.com%252F  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=797066/size=300250/u=2/bnum=53391539/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.livejournal.com%252F

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=797066/size=300250/u=2/bnum=53391539/hr=7/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.livejournal.com%252F HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.livejournal.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=er080012979743200010; BASE=gKQkSmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RA!; ROLL=AfAie6N!; GUID=MTMwMDMxNTUwODsxOjE2bHNxaWkxbjFhM2NyOjM2NQ; aceRTB=rm%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cam%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Cdc%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Can%3DTue%2C%2022%20Mar%202011%2015%3A51%3A32%20GMT%7Crub%3DMon%2C%2018%20Apr%202011%2013%3A48%3A43%20GMT%7C; C2=bVLhNZK9FYVVG0bBaVlB9KoIA0bSFfhkCfASbXssH0t1FL7BxGexyeQmhXssHgZ4FL7BKGexyeAZhXssH8Z4FL7Bv3gxyeQghXssHMa4FL7BAGexyeAMJassH8a4FL7BmMqxyeAmoZssHgimGL7BYTexyewjhXssH0NYGL7BFBqxyegh3ZsszSMADlqRZP53AkL3FBup4HgaVZUIuSVAmBoRhgpDCEzIG6tsdOQRhaYGwWCBH2oBSbKCGk+PGVAs7SwkSa0gtWHB6VnBS7KTF8DgGpCsyTgaTaEot6HMEEqxtPb3GolqG3LrOegivZ8lum/BTuohjC; F1=BsVtE2kAAAAAynADAEAAgEgAAAAA0nADAIAAfEABAAAABAAAAMAAfEA

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Mar 2011 12:34:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.961923.797066.0XMC
Set-Cookie: C2=oRfhNZK9FYVVGkXBaVlB5JpwHg02F72BdbdxudQshXsbHkZ4F72BYGexudgihXsbHQW4F72BfGexudw7NYsbHEY4F72BjGexudAghXsbHATiG72BvGexudgJjasbHgJaG72BoopxudA2kXsbH8Y4F72BdDmxudQRgasbHY4dG72sEDwQpaUlT+NA5ydRcaK+AoWVG1trUBgZAaU3Y6gAxMihaKbnCUUoGWNslQwhNagjmiQBp/jRBD7uEMpkG9Tr1Rge1ZgjuyEB/AoRmDr8Eo2kGxVr+BDBhacqz2tBapqx5xqjHo4bGPlr5fwkLa4X; domain=advertising.com; expires=Tue, 19-Mar-2013 12:34:48 GMT; path=/
Set-Cookie: F1=BgG9F2EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Tue, 19-Mar-2013 12:34:48 GMT; path=/
Set-Cookie: BASE=gKQkRmhpjJjpy24mVRcoq4SdsN4DbAQwMFaeqnfwaxhNqD6gryqB6EvxQXY2KV5lL8PiUafUl/jd3CaTb8zQcHMAUV3HWkGbQWfZDNNgjsbfnuO9nV0Nlc61bCpIG8T/su4h8sC0cazEnP1KoTJVPzXGhkFlOjx42bzuO8yI3jmN9RQwSzfIwqE!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:34:48 GMT; path=/
Set-Cookie: ROLL=AfAif6NQKVcMvoB!; domain=advertising.com; expires=Tue, 19-Mar-2013 12:34:48 GMT; path=/
Set-Cookie: 53391539=_4d85f468,1608651028,797066^961923^1183^0,0_; domain=advertising.com; path=/click
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 20 Mar 2011 12:34:48 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1645

document.write('<HTML>');document.write('<HEAD>');document.write('<TITLE>&nbsp;</TITLE>');document.write('</HEAD>');document.write('<BODY>');document.write('<OBJECT classid=\'clsid:D27CDB6E-AE6D-11cf-
...[SNIP]...
1.188. http://safebrowsing.clients.google.com/safebrowsing/downloads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://safebrowsing.clients.google.com
Path:   /safebrowsing/downloads

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /safebrowsing/downloads?client=googlechrome&appver=10.0.648.151&pver=2.2&wrkey=AKEgNiu2mFE63FMw496NljDbfuqWVUHfR5aspR9G78SPoDGBnjDblFO5_v3By_lHgdefi2qYWL0qQkqRPEgqQcEZbPgzqr3RaA== HTTP/1.1
Host: safebrowsing.clients.google.com
Proxy-Connection: keep-alive
Content-Type: text/plain
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NID=45=Rfuz3c-QdDh67JrdwMPuXsU5Oq1I5GGl_qZdUqYVqqoRJIFCVvI8SKpQqrUXyIIOS11ZSdeQAZ9gdkb4wiW88lOTdRZ27hVOn1dgNQe_Q1Ddp0W7lPZAN4Vwn0qNiNNN; PREF=ID=4c7d4f16a5b7a597:U=0328aad31bd46b73:FF=4:LD=en:CR=2:TM=1300551593:LM=1300584410:GM=1:SG=1:S=EY6q6zqBPS8POHLi
Content-Length: 104

goog-malware-shavar;a:27633-34322:s:40278-46895:mac
goog-phish-shavar;a:130025-133623:s:66912-68351:mac

Response

HTTP/1.1 200 OK
Content-Type: application/vnd.google.safebrowsing-update
Set-Cookie: PREF=ID=4c7d4f16a5b7a597:U=0328aad31bd46b73:FF=4:LD=en:CR=2:TM=1300551593:LM=1300624484:GM=1:SG=1:S=QzZNJ4oUOwst03r2; expires=Tue, 19-Mar-2013 12:34:44 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Sun, 20 Mar 2011 12:34:44 GMT
Server: Chunked Update Server
Content-Length: 858
X-XSS-Protection: 1; mode=block
Expires: Sun, 20 Mar 2011 12:34:44 GMT
Cache-Control: private

m:L3hyttoTaSfTein1nJzy-ixKU1Y=
n:1749
i:goog-malware-shavar
u:safebrowsing-cache.google.com/safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAEYoe4CIMDvAioTSrcAAP__________________fzIKIbcAAP______AQ,6FvRi
...[SNIP]...
1.189. http://sales.liveperson.net/hc/51764537/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://sales.liveperson.net
Path:   /hc/51764537/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hc/51764537/?&site=51764537&cmd=mTagStartPage&lpCallId=668626214843-943241656990&protV=20&lpjson=1&page=http%3A//www.reliant.com/en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp%3Fbc968%27-alert%28document.cookie%29-%27fdd40018f76%3D1%26msg_code%3D%7Cbrowser_support&id=9155320794&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-residential-sales-english&activePlugin=none&cobrowse=true&PV%21unit=residential-sales&PV%21SubNav=NO_DEFAULT&PV%21Section=ShopHome&PV%21residential-sales_Section=ShopHome&PV%21visitorActive=1&SV%21language=english&SV%21PromoCode=undefined&SV%21residential-sales_PromoCode=undefined&SV%21ZipCode=undefined&SV%21residential-sales_ZipCode=undefined&SV%21DwellingType=undefined&SV%21residential-sales_DwellingType=undefined&VV%21VisitorID=F3E703A189A9026310F9CC3DA2E5179F&VV%21residential-sales_VisitorID=F3E703A189A9026310F9CC3DA2E5179F&referrer=http%3A//www.reliant.com/en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp%3Fbc968%27-alert%28document.cookie%29-%27fdd40018f76%3D1 HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.reliant.com/en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp?bc968'-alert(document.cookie)-'fdd40018f76=1&msg_code=|browser_support
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=8513174724422740229; LivePersonID=LP i=44502044936234,d=1297806164; HumanClickACTIVE=1300629988535

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:06:30 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickSiteContainerID_51764537=STANDALONE; path=/hc/51764537
Set-Cookie: LivePersonID=-44502044936234-1300629989:-1:-1:-1:-1; expires=Mon, 19-Mar-2012 14:06:30 GMT; path=/hc/51764537; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Sun, 20 Mar 2011 14:06:30 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1998

lpConnLib.Process({"ResultSet": {"lpCallId":"668626214843-943241656990","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton
...[SNIP]...
1.190. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?code=VID_49058906_S&clientID=3581&key=segment&returnType=js HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://www.lanebryant.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=002d9af2-d1e0-46f3-a4d5-a4e3b437adec; dp_rec="{\"2\": 1299945154}"; subID="{}"; impressions="{\"430436\": [1298206796+ \"TWEQSwABRq4K5X4e_EJrqQ==\"+ 78868+ 35674+ 1731]+ \"482972\": [1299945155+ \"6ef01ee1-d0cb-3382-9a63-cbfcfe5aab57\"+ 142729+ 86413+ 46]}"; camp_freq_p1=eJzjkuFoXc8iwChxeO271ywKjBqndwNpA0YLMJ9LhOP5d2ag7JkFLUBZBg0GAwYLBgD7qRH+; io_freq_p1="eJzjEua47i3AKHF47bvXLAaMFmCaS5jjkhtQ8MyCltcsCgwaDAYMFgwAOzwNaQ=="; partnerUID=eyIxOTkiOiBbIkE5NkM3OEUwNDA1NzQ0Qzc4MDYyMTNENTczNTFBMTA0IiwgdHJ1ZV0sICI3OSI6IFsiNGRlMzBhNTAwYzhjNmI4YmY5Y2JhNzU5OTUwNWI1MjkiLCB0cnVlXSwgIjg0IjogWyJkcHZIRUh6OTk5ZWZJUG9CIiwgdHJ1ZV19; exchange_uid=eyIyIjogWyI0NDcwNDU1NTczMjUzOTA1MzQwIiwgNzM0MjE1XSwgIjQiOiBbIkNBRVNFUG9xYnJjUXIxTjBuR1NrM2x0SlNOOCIsIDczNDE4OF19; segments_p1="eJzjYuZojOBi4Wjdy8jFzNFmCmQ2vmXkYuLgAHJvVwKJ6cZAsRnbmYDM2X5AYo4fFxfHx21MAv+mXX7DAhRYrARUsBGsYIMVkNjIAeQf3ATiH80BEidAxEmQeadBrHMg4rEUFyfHuSqB1Y+b37IAlT9eC1J+2xto9L0pzAK7Hi4DCnNxPACyf3yYCFEygRFIPu8HkS/aQOTLg4xANR+2MAm8vz7/DUjNiwMg8U/bQIb94wBK/u1jFjj/acFbkDv/hQOJ/z4AtB9FkQ=="

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Sun, 20 Mar 2011 12:49:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Sun, 20-Mar-2011 12:49:30 GMT
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: segments_p1="eJzjYuZojOBi4Xg8gRFItu5l5GLmaDMFMhvfMnIxcXAAudONgdwZ25mAzNl+QGIOiFisBBTcCBbcYAUkNnJwcXHcm8IssOvhsrcsQLkXB0AGHtzEBCQPrQYZezQHSJwAESdBxp4Gsc7lgOxey8TFyXGuSmD142agXmaO25Ugwhto4gOgiT8+TASLPpYCqn3eDzL2RRuIfHmQEajkwxYmgffX579hAbI/bmMS+Dft8huQAz5tAznuXzhQ+G8fs8D5TwvApvwD2f3fBwCIO0cV"; Domain=invitemedia.com; expires=Mon, 19-Mar-2012 12:49:50 GMT; Path=/
Content-Length: 343

makePixelRequest("http://ad.yieldmanager.com/pixel?id=941490&t=2","image");

function makePixelRequest(pixelURL,pixelType){

if(pixelType == "javascript")
{
document.write('<script src
...[SNIP]...
1.191. http://segments.adap.tv/data/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segments.adap.tv
Path:   /data/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /data/?p=cadreon&type=gif&segment=11&add=true HTTP/1.1
Host: segments.adap.tv
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: rtbData0="key=tidaltv:value=87e5218a-1e64-42a5-9305-a376b8bbd26f:expiresAt=Thu+May+05+18%3A00%3A13+PDT+2011:32-Compatible=true"; audienceData="{\"v\":2,\"providers\":{\"2\":{\"f\":1301986800,\"e\":1301986800,\"s\":[431,754,753],\"a\":[]},\"10\":{\"f\":1301295600,\"e\":1301295600,\"s\":[],\"a\":[]},\"9\":{\"f\":1301900400,\"e\":1301900400,\"s\":[529,528],\"a\":[]},\"24\":{\"f\":1302591600,\"e\":1302591600,\"s\":[1583,1581,1579,1593,1591,1588,1587,1585],\"a\":[]},\"13\":{\"f\":1302591600,\"e\":1302591600,\"s\":[524],\"a\":[]},\"14\":{\"f\":1302591600,\"e\":1302591600,\"s\":[],\"a\":[{\"val\":\"000\",\"id\":5}]}}}"; marketTransaction="true__TIME__2011-03-13+10%3A20%3A09"; asptvw1="as7401%2C1%2C2011-03-13%2F11-20-13+ap2078%2C2%2C2011-03-13%2F11-15-07"; adsrcvw1="17494%2C1%2C2011-03-14%2F10-20-13"; unique_ad_source_impression="9894%2C17293%2C8521__TIME__2011-03-06+17%3A00%3A22"; creativeViews="{\"v\":1,\"views\":[{\"id\":6363,\"ts\":1300036813,\"cts\":null}]}"; adaptv_unique_user_cookie="5951245120132160017__TIME__2011-03-13+10%3A22%3A58"

Response

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
p3p: CP="DEM"
Cache-Control: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="5951245120132160017__TIME__2011-03-20+05%3A34%3A46";Path=/;Domain=.adap.tv;Expires=Wed, 26-Nov-2042 14:21:26 GMT
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"2\":{\"f\":1301986800,\"e\":1301986800,\"s\":[431,754,753],\"a\":[]},\"10\":{\"f\":1301295600,\"e\":1301295600,\"s\":[],\"a\":[]},\"9\":{\"f\":1303196400,\"e\":1303196400,\"s\":[529,528],\"a\":[]},\"24\":{\"f\":1302591600,\"e\":1302591600,\"s\":[1583,1581,1579,1593,1591,1588,1587,1585],\"a\":[]},\"13\":{\"f\":1302591600,\"e\":1302591600,\"s\":[524],\"a\":[]},\"14\":{\"f\":1302591600,\"e\":1302591600,\"s\":[],\"a\":[{\"val\":\"000\",\"id\":5}]}}}";Path=/;Domain=.adap.tv;Expires=Wed, 26-Nov-2042 14:21:26 GMT
Content-Type: image/gif
Server: Jetty(6.1.26)
Content-Length: 42

GIF89a.............!.......,...........D.;
1.192. http://showads.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showads.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21306&kadwidth=300&kadheight=250&prevkadIds=21304&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame22643626437&kltstamp=2011-2-20%207%3A34%3A44&ranreq=0.6170628282707185&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; _curtime=1300624477; pubfreq_26437_21304_990920136=243-1; PMDTSHR=; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:38:55 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26437_21306_584251591=207-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:18:55 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:38:55 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1677

document.write('<div id="http_www_woot_comkomli_ads_frame22643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA6UwAAAAAAAAAAAA
...[SNIP]...
1.193. http://showads.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showads.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21304&kadwidth=300&kadheight=250&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame12643626437&kltstamp=2011-2-20%207%3A34%3A37&ranreq=0.7504880619235337&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:35:32 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KADUSERCOOKIE=B391BFC7-DF10-4056-9466-14707AB94934; domain=pubmatic.com; expires=Mon, 19-Mar-2012 12:35:32 GMT; path=/
Set-Cookie: pubfreq_26437=; domain=pubmatic.com; expires=Tue, 22-Mar-2011 12:35:32 GMT; path=/
Set-Cookie: pubtime_26437=TMC; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:35:32 GMT; path=/
Set-Cookie: _curtime=1300624532; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:45:32 GMT; path=/
Set-Cookie: pubfreq_26437_21304_1005004847=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:15:32 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:35:32 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1822

document.write('<div id="http_www_woot_comkomli_ads_frame12643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA4UwAA3AEAAAAAAA
...[SNIP]...
1.194. http://showads.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showads.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21306&kadwidth=300&kadheight=250&prevkadIds=21304&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame22643626437&kltstamp=2011-2-20%207%3A34%3A44&ranreq=0.6170628282707185&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; _curtime=1300624477; pubfreq_26437_21304_990920136=243-1; PMDTSHR=; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:37 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: _curtime=1300624477; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:44:37 GMT; path=/
Set-Cookie: pubfreq_26437_21306_1985489030=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:14:37 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:34:37 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1804

document.write('<div id="http_www_woot_comkomli_ads_frame22643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA6UwAAwAQAAAAAAA
...[SNIP]...
1.195. http://showads.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showads.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21304&kadwidth=300&kadheight=250&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame12643626437&kltstamp=2011-2-20%207%3A34%3A37&ranreq=0.7504880619235337&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:34:37 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; domain=pubmatic.com; expires=Mon, 19-Mar-2012 12:34:37 GMT; path=/
Set-Cookie: pubfreq_26437=; domain=pubmatic.com; expires=Tue, 22-Mar-2011 12:34:37 GMT; path=/
Set-Cookie: pubtime_26437=TMC; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:34:37 GMT; path=/
Set-Cookie: _curtime=1300624477; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:44:37 GMT; path=/
Set-Cookie: pubfreq_26437_21304_990920136=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:14:37 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:34:37 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1800

document.write('<div id="http_www_woot_comkomli_ads_frame12643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA4UwAAwAQAAAAAAA
...[SNIP]...
1.196. http://showadsak.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showadsak.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21304&kadwidth=300&kadheight=250&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame12643626437&kltstamp=2011-2-20%208%3A28%3A56&ranreq=0.209514970658347&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x458&adVisibility=1 HTTP/1.1
Host: showadsak.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubtime_26437=TMC; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PMAT=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q; _curtime=1300624482; PMDTSHR=cat:; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Content-Type: text/html
Date: Sun, 20 Mar 2011 13:28:54 GMT
Connection: close
Set-Cookie: _curtime=1300627726; domain=pubmatic.com; expires=Sun, 20-Mar-2011 14:38:46 GMT; path=/
Set-Cookie: pubfreq_26437_21304_1705446939=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 14:08:46 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 13:28:46 GMT; path=/
Content-Length: 1799

document.write('<div id="http_www_woot_comkomli_ads_frame12643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA4UwAAwAQAAAAAAA
...[SNIP]...
1.197. http://showadsak.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showadsak.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?01AD=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q&01RI=2500D83B99F60DD&01NA=&operId=2&pubId=26436&siteId=26437&adId=21762&kadwidth=300&kadheight=250&prevkadIds=21304_21306&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame32643626437&kltstamp=2011-2-20%207%3A34%3A45&ranreq=0.8810346268583089&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showadsak.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; pubfreq_26437_21304_990920136=243-1; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881; _curtime=1300624477; pubfreq_26437_21306_1985489030=243-1; PMDTSHR=cat:; PMAT=CT-1

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Content-Type: text/html
Date: Sun, 20 Mar 2011 12:42:03 GMT
Connection: close
Set-Cookie: PMAT=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q; expires=Sun, 17-Apr-2011 12:42:03 GMT; path=/; domain=showadsak.pubmatic.com
Set-Cookie: _curtime=1300624924; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:52:04 GMT; path=/
Set-Cookie: pubfreq_26437_21762_427065418=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:22:04 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:42:04 GMT; path=/
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
Content-Length: 2038

document.writeln('<'+'script type="text/javascript" src="http://ad.turn.com/server/ads.js?pub=5757398&cch=5766863&code=5766875&l=300x250&aid=25369308&ahcid=535345&bimpd=dBaahwzrbNZVmQvfgxL2kLpdzXGBtxb
...[SNIP]...
1.198. http://showadsak.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showadsak.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?01AD=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q&01RI=2500D83B99F60DD&01NA=&operId=2&pubId=26436&siteId=26437&adId=21762&kadwidth=300&kadheight=250&prevkadIds=21304_21306&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame32643626437&kltstamp=2011-2-20%207%3A34%3A45&ranreq=0.8810346268583089&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x450&adVisibility=1 HTTP/1.1
Host: showadsak.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV+WQlbaXsQfgZCDFxlX1ZL; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubfreq_26437=; pubtime_26437=TMC; pubfreq_26437_21304_990920136=243-1; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881; _curtime=1300624477; pubfreq_26437_21306_1985489030=243-1; PMDTSHR=cat:; PMAT=CT-1

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Content-Type: text/html
Date: Sun, 20 Mar 2011 12:34:46 GMT
Connection: close
Set-Cookie: PMAT=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q; expires=Sun, 17-Apr-2011 12:34:46 GMT; path=/; domain=showadsak.pubmatic.com
Set-Cookie: _curtime=1300624482; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:44:42 GMT; path=/
Set-Cookie: pubfreq_26437_21762_1520519208=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 13:14:42 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 12:34:42 GMT; path=/
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"
Content-Length: 2038

document.writeln('<'+'script type="text/javascript" src="http://ad.turn.com/server/ads.js?pub=5757398&cch=5766863&code=5766875&l=300x250&aid=25369308&ahcid=535345&bimpd=ZjNFN2hZ4i-YlydCdXsT0zZTuD8IubL
...[SNIP]...
1.199. http://showadsak.pubmatic.com/AdServer/AdServerServlet  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://showadsak.pubmatic.com
Path:   /AdServer/AdServerServlet

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26436&siteId=26437&adId=21304&kadwidth=300&kadheight=250&kbgColor=ffffff&ktextColor=000000&klinkColor=FFFFFF&pageURL=http://www.woot.com/&frameName=http_www_woot_comkomli_ads_frame12643626437&kltstamp=2011-2-20%208%3A28%3A56&ranreq=0.209514970658347&timezone=-5&screenResolution=1920x1200&inIframe=0&adPosition=458x458&adVisibility=1 HTTP/1.1
Host: showadsak.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.woot.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KRTBCOOKIE_57=476-uid:4470455573253905340; KRTBCOOKIE_133=1873-6pgp44i37uxw; KRTBCOOKIE_27=1216-uid:4d5b2371-3928-7a83-24fb-d52328f5624b; KRTBCOOKIE_53=424-20108b4d-f8d0-4008-b157-1529097b61ab; KRTBCOOKIE_97=3385-uid:3c8eb88b-c9c1-47d0-9235-2d5e32a3350f; KADUSERCOOKIE=43A8ABFA-7497-471A-9AF6-2974D17EF335; pubtime_26437=TMC; KTPCACOOKIE=YES; KRTBCOOKIE_80=1336-002d9af2-d1e0-46f3-a4d5-a4e3b437adec.11265.18531.24197.6790.30337.8.6551.39832.10011.10012.4387.39857.7472.1073.51806.24680.39233.13893.13896.1097.13899.13902.38627.15694.15579.9691.51808.3427.18407.17256.24809.39536.39793.39794.11262.51069.1150.9855.; KRTBCOOKIE_22=488-pcv:1|uid:8392341830659049202; KRTBCOOKIE_58=1344-KH-00000000549735899; PMAT=3q_xFPysNRRq5P6VdKt7tDWS4UmVb8m-YrrvHMmRPMfrin7Yk44Nd-Q; _curtime=1300624482; PMDTSHR=cat:; KRTBCOOKIE_32=1386-WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL; PUBRETARGET=78_1392641239.461_1392901736.403_1393381248.401_1393381248.1039_1301416785.1340_1393698747.362_1301682747.1469_1393892161.70_1301922274.1928_1302874361.375_1302874358.1376_1302874361.445_1308400481.79_1300710881

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Content-Type: text/html
Date: Sun, 20 Mar 2011 13:41:00 GMT
Connection: close
Set-Cookie: _curtime=1300628453; domain=pubmatic.com; expires=Sun, 20-Mar-2011 14:50:53 GMT; path=/
Set-Cookie: pubfreq_26437_21304_1506748993=243-1; domain=pubmatic.com; expires=Sun, 20-Mar-2011 14:20:53 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Mon, 21-Mar-2011 13:40:53 GMT; path=/
Content-Length: 1824

document.write('<div id="http_www_woot_comkomli_ads_frame12643626437" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=RGcAAEVnAAA4UwAA3AEAAAAAAA
...[SNIP]...
1.200. http://syndication.mmismm.com/mmtnt.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://syndication.mmismm.com
Path:   /mmtnt.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mmtnt.php HTTP/1.1
Host: syndication.mmismm.com
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: G=10104000001069486483

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:49:22 GMT
Server: Apache
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR BUS COM NAV"
Set-Cookie: G=10104000001069486483; expires=Sat, 19-Mar-2016 18:49:22 GMT; path=/; domain=.mmismm.com
Content-Length: 462
Content-Type: text/javascript

document.write('<script type="text/javascript">var D=new Date();var Z=D.getTimezoneOffset();var R="";if(typeof document.referrer!=="undefined"){R="&ref="+encodeURIComponent(document.referrer);}</'+'sc
...[SNIP]...
1.201. http://tags.bluekai.com/site/2731  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://tags.bluekai.com
Path:   /site/2731

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/2731 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://viacom.adbureau.net/AFTRSERVER/hserver//height=250/width=300/site=SW.NOL/aamsz=300X250/NCP=1//ATCI=1297806090-11017856
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bkp1=; bku=3yG99W4pVANemJaB; bko=KJhn8sPQTBMET1F/T9N7EVJMRwidFXsUi6snCTWCmfdSkTAC9zbu8/mytOCAGuymOkVQUFb+ZD955T9LEFz1UNRs9sDeWAX=; bkw5=KJhNALLF9NWDhgIjwZ56W9r3xZJOSYnPDEa2EHIuCFAchOg5uRC/nYpWCGt/Cz54TYXxuyAgulrJCjtPPTZkzI5KFq4Do7Bp4FKfll4mb4ARQ/xcAp8eKWQOsQppbCx/JbkAzMv/HTPWDApMIvxekRyAptA3GRSsOkMLumxAXJDa2Z6QvLicnV2NBV2azXekBBDBelzHP7mpfe5re4xO/y8xBHh4GtWgeIiAKSWqU1k8PrWdpr1mK2wsgKIpZK5ovpFDHTf7RYxCzoMVf3isj/b7jVHYmDdbYF8VVYQIRTzjeDr1YwX/DiUrdNGcPCxuxk3xB0vgwrW2bSiV8OpVa/tOHDcKuqmrS9JRW/EBRPFHCeaUACwxY2HOMJwgQoh2jXFLqhHiBQ7p2/30bb9QM5QO5UN4kaF+zKV+D1+LKCViY2J+7HaJr7/edz6BcBzNqnMLjSfCAfWaPdNgqxMl7s2e5v+OrflyuStaXv6wkIAzqmKpHbxK2feLN8fvX7282v2Z3F/fQuTuzeTpIpzcpdTBXhhpKy==; bkst=KJhBMgav96WDHSz/vsbYCUSYkKl9pc+F5ZqvvesOjP1RY0+kjt4VAWCWixS+nWHLd90dyuSQI9UIC5g8YzTra+f3zKdCl5+i0pUsP+MPqeGfUXhVkl58ifNsS8Bk90fIo1C3P1qS8vlmltmIyTHUxjnNlWWCm9Agra1xKsog7LG0RnZwHKxddk5XEGbM2Hm+eRRQD6+WvvNVmkPSZ8zZUA2RN1BE4K5JQ0/vqSV/YYWjYS9KZdQI3zKxPy8xuTTVeBKaxx8DmKTP/JCvoDer3l72cwA+++4+MUG2DN6wL3wHBcKfJ27aXcj0Yw36lH2cqnFeVJFNpXghjKbb1CX5p/zl64drNcDoOiMMaa8CAJ0X9s8Y99bo2aVHD+pGapew4yWMTamN; bkou=KJhMRsOQRsq/pupQjp96B2Rp+eEV1p/66E101ublq4xa9WR8Oz6=; bklc=4d84b3b6; bk=oaoF7VrPtkPh4f95; bkc=KJh5NDN/PaWDOdepjMEcsu1n/iA63JKt6zDGTHijDCx+oA6RWCsBoHPZ/kCGVG64kz76H5McgGDrx+Jve1G0ZSvGaZtYPrPDu9PvoivNbmwXlXhofg6n7dBMdr4z5I2f2X8CitClYkcgzsKxwNvlMtQbpSnmZojQY+lnQfXqHkfXmTl/gisbwhuFCNzqHkfzf0DSsi/StNzPEvVqc4eb6f3Hap2Co6KJ4sBCoh8IkSXqKUcVx3vlB0p0w9GcUjEoIsLPSE8kKcmVfCUn5a+g2c8Asmmn/fyILfhK10whITa7eY1F23xE4Ke8E0krmbRfqOMNTkpIvpNO2vv8JKiZF6FC7Pf5aRjHndqhd5+IiIbw+Mg2TWYOHKmwVlAIqLzhVl48m5v14rvEc3nD+Hjkapu0rtpTEMNocMY1KMcbg4nchlwKHh4HOof4BBIFtJIFsdBEMUfiVg81nuWSPEhoscZhkX4F3qsG+Mfo2k0nX+QrLC0wtf3hc3gHEppYpI+j1bIgT3Ks745U3RXDhF+Mds3I2Y6ZSFxlXFmv8zY2CkWFfkM9SfYn8lXAUQ2F2IktNi4CYmdwqaf4FKssROoazIs0wqGlsAS2Iv3qbcQJf2s+OlZd2ZbewRS79fG7ea2KodruRR07Koqwk6UeCliIljFQsz1dewX1Jc6gQd4EuG+i48oTFuL+Ic6NSzjTTActsz8dzgpe14v3AH47Xwmg8w1ChrKUZ8bcTW7K5v35dQ7lzl6f2dda2zf8ZmiFs77hUURU8pXgHkTNXrnqfWfmFNs1FsgAhzwLYmzFvWjKB4niqp04iMbnMF3h4IBI6WtSAH5crVCym5cj+QS7cCTyMn0TMidr1BsUMNPzc03+ulyFfrBlrXHMDxSdcXMehRSHafFT4rj8w8zaxFX2jdi5gHFfVpUbiK58wKjfnn/PU0pud5gVMUb36DXXhdj5LKCCz5JKyIKn5nI65SmdSFxUHdZLpme460tauj4b5Y1FprE8Ur4heZusIcN+zMhCbXjT3kWFEr5IG24iHM2T4T4rXgOrdO4d9NavyYG=; bkdc=res

Response

HTTP/1.0 200 OK
Date: Sun, 20 Mar 2011 12:34:32 GMT
Set-Cookie: bklc=4d85f458; expires=Tue, 22-Mar-2011 12:34:32 GMT; path=/; domain=.bluekai.com
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Expires: Mon, 21 Mar 2011 12:34:32 GMT
Cache-Control: max-age=86400, private
Set-Cookie: bk=1QWl1trPtkPh4f95; expires=Fri, 16-Sep-2011 12:34:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJh5NDN/PaWDOdepjFyRjTyLivExGafSHCKMCsBAuks6ZejCuWx6kkSRiVYCSEPIPYqEatcVUCzCSuDvjDNiDPunBAsg6Q3ox1kDoOj27wIqmzt25Iap4Lpd7wFr4KdKmVRHfDLiSC7rYwJcbF/HpSjSNac5cW0iIf7y5Xw/ilI7W+7PHYBeLUoT7VcAh4NKG3WCGgsekzWDiFq9ZXfoHkfXCJ6tErxqYpFNXvLXlzin18zxFqNkAK5Hmmiie154v67pVzwq17VFU37qV3dl/X1RUhpC2j772jGqM56wwszRKqW7MKQepl2szK+JlVce3O47XadJSS/UEzNOBdN59KdhbiTlMc3hMId42kL6WZNhILsO4/LZcg4y4B0mJtl5jH5J1d3Jpli/AM5RkJU4ymb6Tq+Noc791mgabn4VchFwKH25HJ+84gBXFtJd7Zf1EpUbiVFT1gmzvvoTtMe0RiIwlNN+DDN5yZ68arV0UVx87gONRpNDG82TkJdUL0jKPXPweEFFgN/4vRMNhdCP4mkqH+EQqIe7BjAB2hosFqQ2C55QnXddKvyKlrUEfShwlOcK7NZXFQ4Y2zaDsLIOud4glZ/R2K/qq3JEhqhc5hyJJkwFE+CMKeSQKXgy+RtbghgsKvg7IUhjm70D82rNajTpd1wyp6eY+2B8wbthSwJw/b2lCxVdg0nBsWXX0efwIDIm5p+sUMU0TZhI4CPXwAp0IKVZ80aTZMK5S35dlwNzlXq24ls2zpfsIb+sU70wlz78pT3HPTtXI9bfQdBFaYmFs77h1eFYIzrvAPKBFwQqpbKXpb/E4rp4ZO26AVqAhKBzBnivbWJgFP1wehCsUkpnalKRb1Fcu3Twk5EsFh4lXq+5fnWG75Xw8mWiyXinUUydif04uymCdNTyd1fVM4t+sFlWifyKi26VtR3FamoIqK+sw2UGJN8QIb8q2n9GRSdCuTVbU23b6PXNIGFcISh182dEfxDJkdC6/0dmTw7K8wWmjTET4VN6wsUgh7i3Du2mTlfH7oMHepfDggLLgOFdh4X9JYc9yy==; expires=Fri, 16-Sep-2011 12:34:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkou=KJhMRsOQRsq/pupQjp96B2Rp+eEV1p/66E101RfT6rGn9W43OZA=; expires=Fri, 16-Sep-2011 12:34:32 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Mon, 21-Mar-2011 12:34:32 GMT; path=/; domain=.bluekai.com
BK-Server: 8d9f
Content-Length: 62
Content-Type: image/gif
Connection: keep-alive

GIF89a.............!..NETSCAPE2.0.....!..    ....,...........L..;
1.202. http://the-n.112.2o7.net/b/ss/the-n/0/FAS-2.7.1-AS3/s84684399310499  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://the-n.112.2o7.net
Path:   /b/ss/the-n/0/FAS-2.7.1-AS3/s84684399310499

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/the-n/0/FAS-2.7.1-AS3/s84684399310499?AQB=1&ndh=1&t=20/2/2011%209%3A6%3A44%200%20300&ce=ISO-8859-1&pageName=video/net/The%20Nightlife%3A%20Landon%20Liboiron%20of%20Degrassi_653053&g=http%3A//www.teennick.com/shows/the-nightlife&r=http%3A//burp/show/22&events=event15%2Cevent25%2Cevent50&products=%3B%3B%3B%3Bevent25%3D0.002&c18=clip&v26=hs_the_nightlife&v27=nick.com&v28=clip&c30=mgid%3Acms%3Aitem%3Anick.com%3A653053&v31=teennickCoverFlowPlayer&v33=The%20Nightlife%3A%20Landon%20Liboiron%20of%20Degrassi_653053&v34=the_nightlife__landon_liboiron_of_degrassi&c35=653053%3A%20hs_the_nightlife%3A%20SINGLECLIP&c36=hs_the_nightlife&c38=nick.com&c43=the_nightlife__landon_liboiron_of_degrassi&c45=clip&c48=teennickCoverFlowPlayer&c50=The%20Nightlife%3A%20Landon%20Liboiron%20of%20Degrassi_653053&pe=m_s&pev3=The%20Nightlife%3A%20Landon%20Liboiron%20of%20Degrassi_653053--**--166--**--teennickCoverFlowPlayer--**--0--**--1300630004--**--S0L0&s=1920x1200&AQE=1 HTTP/1.1
Host: the-n.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/assets/swf/Fan.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_qmx60x28k=[CS]v4|26C304C68514AE44-6000018BC00031AE|4D86098B[CE]

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:06:39 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_qmx60x28k=[CS]v4|26C304C68514AE44-6000018BC00031AE|4D86098B[CE]; Expires=Fri, 18 Mar 2016 14:06:39 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:06:39 GMT
Last-Modified: Mon, 21 Mar 2011 14:06:39 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4D8609EF-350E-31A86B89"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www637
Content-Length: 1
Content-Type: text/html

1.203. http://then.112.2o7.net/b/ss/the-n/1/H.20.3/s84437876590527  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://then.112.2o7.net
Path:   /b/ss/the-n/1/H.20.3/s84437876590527

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/the-n/1/H.20.3/s84437876590527?AQB=1&ndh=1&t=20/2/2011%209%3A5%3A49%200%20300&ce=ISO-8859-1&pageName=/shows/the-nightlife/&g=http%3A//www.teennick.com/shows/the-nightlife&r=http%3A//burp/show/22&ch=shows&events=event16&h1=shows/the-nightlife/index&h2=shows/the-nightlife/index.html&c5=non-member&c6=not%20logged-in&c11=hs-the-nightlife&c41=New&v49=shows&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1112&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: then.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/shows/the-nightlife
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_qmx60x28k=[CS]v4|26C304C68514AE44-6000018BC00031AE|4D86098B[CE]

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:05:43 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_qmx60x28k=[CS]v4|26C304C68514AE44-6000018BC00031AE|4D86098B[CE]; Expires=Fri, 18 Mar 2016 14:05:43 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:05:43 GMT
Last-Modified: Mon, 21 Mar 2011 14:05:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4D8609B7-6C86-674F6CEC"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www661
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
1.204. http://then.112.2o7.net/b/ss/the-n/1/H.20.3/s86924710085149  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://then.112.2o7.net
Path:   /b/ss/the-n/1/H.20.3/s86924710085149

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/the-n/1/H.20.3/s86924710085149?AQB=1&pccr=true&&ndh=1&t=20/2/2011%209%3A5%3A6%200%20300&ce=ISO-8859-1&pageName=/shows/the-nightlife/&g=http%3A//www.teennick.com/shows/the-nightlife&r=http%3A//burp/show/21&ch=shows&events=event16&h1=shows/the-nightlife/index&h2=shows/the-nightlife/index.html&c5=non-member&c6=not%20logged-in&c11=hs-the-nightlife&c41=New&v49=shows&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1112&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava%28TM%29%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: then.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/shows/the-nightlife
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]; s_vi_qmx60x28k=[CS]v4|0-0|4D86098B[CE]

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:05:02 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_qmx60x28k=[CS]v4|26C304C705161A8E-600001A4A000D4BD|4D86098B[CE]; Expires=Fri, 18 Mar 2016 14:05:02 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 14:05:02 GMT
Last-Modified: Mon, 21 Mar 2011 14:05:02 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4D86098E-350E-4EF31E5A"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www637
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
1.205. http://trgc.opt.fimserve.com/fp.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://trgc.opt.fimserve.com
Path:   /fp.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fp.gif?pixelid=738-027083&rnd=776148473873 HTTP/1.1
Host: trgc.opt.fimserve.com
Proxy-Connection: keep-alive
Referer: http://therugged.com/
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pfuid=ClIoJU1d4hWhIULOQ4E0Ag==; ssrtb=0; TRG=NDAuMT01NzIxJjM5LjE9NzE4MyY=; LO=00FN6WWUm00000f500H; UI="297fc71db05673a122|79973.9.-8.fh.wx.f.488@@gc@@dzhsrmtglm@@-4_9@@hlugozbvi gvxsmloltrvh rmx_@@xln@@nrw zgozmgrx"

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 12:59:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Server: PR/1.4.0.0/0.7.61
P3P: policyref="http://www.fimserve.com/w3c/p3p.xml",CP="CAO DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR DELa SAMa UNRa OTRa IND UNI PUR NAV INT DEM CNT PRE"
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: TRG=NDAuMT04NTU1JjM5LjQ9ODEyNCY=; domain=.fimserve.com; path=/; expires= Wednesday, 22-Apr-2020 12:22:20 GMT

GIF89a.............!.......,...........L..;
1.206. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s83280030332971  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://viashockwave.112.2o7.net
Path:   /b/ss/viashockwave/1/H.22.1/s83280030332971

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/viashockwave/1/H.22.1/s83280030332971?AQB=1&ndh=1&t=20%2F2%2F2011%207%3A36%3A12%200%20300&ce=UTF-8&g=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&r=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&pageType=errorPage&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pe=lnk_o&pev2=404_notFoundErrorPage&AQE=1 HTTP/1.1
Host: viashockwave.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.shockwave.com/member/avatarViewer.jsp48e63%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eecdcc990455?p=1&size=small&screenname=cbardezbain&mid=251037782
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 13:06:45 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85FBE5[CE]; Expires=Fri, 18 Mar 2016 13:06:45 GMT; Domain=.2o7.net; Path=/
Location: http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s83280030332971?AQB=1&pccr=true&&ndh=1&t=20%2F2%2F2011%207%3A36%3A12%200%20300&ce=UTF-8&g=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&r=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&pageType=errorPage&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pe=lnk_o&pev2=404_notFoundErrorPage&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 13:06:45 GMT
Last-Modified: Mon, 21 Mar 2011 13:06:45 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www258
Content-Length: 0
Content-Type: text/plain

1.207. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s87646805769763  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://viashockwave.112.2o7.net
Path:   /b/ss/viashockwave/1/H.22.1/s87646805769763

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/viashockwave/1/H.22.1/s87646805769763?AQB=1&ndh=1&t=20%2F2%2F2011%207%3A36%3A12%200%20300&ce=UTF-8&pageName=%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455&g=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&r=http%3A%2F%2Fburp%2Fshow%2F0&pageType=errorPage&events=event16&h1=%2Findex&c2=notLoggedIn&c5=non-member&c6=not%20logged-in&v13=%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455&c21=%2Fhome.jsp&c24=31&c33=Sunday&c34=7%3A30AM&c41=New&v45=Sunday&v46=7%3A30AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pid=%2Fhome.jsp&pidt=1&oid=http%3A%2F%2Fwww.shockwave.com%2Fhome.jsp%23&ot=A&AQE=1 HTTP/1.1
Host: viashockwave.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.shockwave.com/member/avatarViewer.jsp48e63%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eecdcc990455?p=1&size=small&screenname=cbardezbain&mid=251037782
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]; s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85F447[CE]

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 13:06:44 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_zemx7Fdcogx7Bmzi=[CS]v4|26C2FA24050124B4-60000106000036A0|4D85FBE4[CE]; Expires=Fri, 18 Mar 2016 13:06:44 GMT; Domain=.2o7.net; Path=/
Location: http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s87646805769763?AQB=1&pccr=true&&ndh=1&t=20%2F2%2F2011%207%3A36%3A12%200%20300&ce=UTF-8&pageName=%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455&g=http%3A%2F%2Fwww.shockwave.com%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455%3Fp%3D1%26size%3Dsmall%26screenname%3Dcbardezbain%26mid%3D251037782&r=http%3A%2F%2Fburp%2Fshow%2F0&pageType=errorPage&events=event16&h1=%2Findex&c2=notLoggedIn&c5=non-member&c6=not%20logged-in&v13=%2Fmember%2FavatarViewer.jsp48e63%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Eecdcc990455&c21=%2Fhome.jsp&c24=31&c33=Sunday&c34=7%3A30AM&c41=New&v45=Sunday&v46=7%3A30AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&pid=%2Fhome.jsp&pidt=1&oid=http%3A%2F%2Fwww.shockwave.com%2Fhome.jsp%23&ot=A&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 13:06:44 GMT
Last-Modified: Mon, 21 Mar 2011 13:06:44 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www611
Content-Length: 0
Content-Type: text/plain

1.208. http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s89657289509195  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://viashockwave.112.2o7.net
Path:   /b/ss/viashockwave/1/H.22.1/s89657289509195

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/viashockwave/1/H.22.1/s89657289509195?AQB=1&ndh=1&t=20%2F2%2F2011%207%3A34%3A14%200%20300&ce=UTF-8&pageName=%2Fhome.jsp&g=http%3A%2F%2Fwww.shockwave.com%2Fhome.jsp&events=event16&h1=%2Findex&c2=notLoggedIn&c5=non-member&c6=not%20logged-in&v13=%2Fhome.jsp&c33=Sunday&c34=7%3A30AM&c41=New&v45=Sunday&v46=7%3A30AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: viashockwave.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.shockwave.com/home.jsp
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_hddx60mexxx7Fdyn=[CS]v4|26B089AF05161C88-6000018280340219|4D61135D[CE]; s_vi_x7Dmx7Cgx7Ex7Ex7Dhaajmac=[CS]v4|26B08A8405161367-60000182C010AD84|4D611507[CE]; s_vi_x7Fox7Eex7Cx7Cx7Fjcchx3E=[CS]v4|26B08A9B05012A5C-600001058002D0CE|4D611534[CE]; s_vi_fvgx7Ceefvzzx7Ex7Cx7Brvx7Dtx7Bx7Bpy=[CS]v4|26B08B0B0515A83A-60000170E002473D|4D611615[CE]; s_vi_brcxxaabwx7Ex7Eux7Ftex7Ftf=[CS]v4|26B0882E85013EE2-4000011300003B32|4D6133AD[CE]; s_vi_brcxxaabwx7Ex7Euvx7Dx7Espx7D=[CS]v4|26B0882E85013EE2-4000011300003B36|4D6133AD[CE]; s_vi_djbjfni=[CS]v4|26B1E6568516110F-600001A22005DD5C|4D63CCAC[CE]; s_vi_px7Dx7Epx7Dx7Epx7Dx7Ex7Dx7Cozjvvwupwx7Cx2Bx29x28x29=[CS]v4|26B5D066050116F7-4000010C00002CBB|4D6BA0CB[CE]; s_vi_qsbuwx7Fx7Bx7Cx7Bqx7Dx7Fux7Ex7Dpsx7E=[CS]v4|26B5F02705011A74-6000010E6043A45F|4D6BE04C[CE]; s_vi_omx7Ckiaebeoca=[CS]v4|26B5F02705011A74-6000010E6043A461|4D6BE04C[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26B9D0678515890C-60000171A02DCBAE|4D739CD1[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26B9D06E8515B179-60000176C01BF3F8|4D739CD1[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26B9D07605158B72-4000017460083EC0|4D739CD1[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26B4C61605010DDC-4000010DA0030A5A|4D739CD1[CE]; s_vi_x7Ecprx7Dtxxx7Fetcprexxgt=[CS]v4|26B9D08D0515B42B-40000170E02E3A2E|4D739CD1[CE]; s_vi_ax7Combkckzobgx60e=[CS]v4|26B9D09D05010FBB-60000107202074F9|4D73A139[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26B4C51405012F9D-6000010720241BA0|4D73A139[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26B4C51405012F9D-6000010720241BA3|4D73A139[CE]; s_vi_x60ozikafackx7Eoik=[CS]v4|26BCAD6B05161FAA-40000182C009BFF6|4D795AD4[CE]; s_vi_ghx7Dnlfx7Cnj=[CS]v4|26BCC3520516355B-40000178801C7B4D|4D7986A3[CE]; s_vi_bmxxkickx60cnmx60=[CS]v4|26BCAD6B05161FAA-40000182C009BFF8|4D7986A3[CE]; s_vi_pogthb=[CS]v4|26BDBCFD85161ABA-4000018420047463|4D7B79FA[CE]; s_vi_x7Fx60hgx60jbcx7B=[CS]v4|26BDBCEC85013187-60000105A00E1118|4D7B80FF[CE]; s_vi_x7Bx7Bmxxodocayx7Fm=[CS]v4|26BE5F0A05012AAD-60000105A02058BD|4D7CBE13[CE]; s_vi_tfickhs=[CS]v4|26C083AB85161C76-600001A10000EC06|4D810756[CE]; s_vi_sx7Fx7Dx60edubgx7Fbx7Ctsx7Fx7D=[CS]v4|26C0B25C85162AD9-60000182E0076929|4D8164B8[CE]; s_vi_cjyhdexxx7Efny=[CS]v4|26C050B605011E14-600001088001EFAB|4D84B3A8[CE]; s_vi_elx7Fx7Flex7Ejabola=[CS]v4|26C050B605011E14-600001088001EFAD|4D84B3A8[CE]

Response

HTTP/1.1 302 Found
Date: Sun, 20 Mar 2011 12:34:16 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_zemx7Fdcogx7Bmzi=[CS]v4|0-0|4D85F448[CE]; Expires=Fri, 18 Mar 2016 12:34:16 GMT; Domain=.2o7.net; Path=/
Location: http://viashockwave.112.2o7.net/b/ss/viashockwave/1/H.22.1/s89657289509195?AQB=1&pccr=true&&ndh=1&t=20%2F2%2F2011%207%3A34%3A14%200%20300&ce=UTF-8&pageName=%2Fhome.jsp&g=http%3A%2F%2Fwww.shockwave.com%2Fhome.jsp&events=event16&h1=%2Findex&c2=notLoggedIn&c5=non-member&c6=not%20logged-in&v13=%2Fhome.jsp&c33=Sunday&c34=7%3A30AM&c41=New&v45=Sunday&v46=7%3A30AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1017&bh=916&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.240.7%3BJava(TM)%20Platform%20SE%206%20U24%3BSilverlight%20Plug-In%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Sat, 19 Mar 2011 12:34:16 GMT
Last-Modified: Mon, 21 Mar 2011 12:34:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www9
Content-Length: 0
Content-Type: text/plain

1.209. http://www.abmr.net/is2ncp/ai.realmedia.com  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.abmr.net
Path:   /is2ncp/ai.realmedia.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /is2ncp/ai.realmedia.com?U=/&V=4-js3BtFWKMGraw99884wXKxyPOdnZQ%2fi7nh9BOVwD4Xx31aSVUi3FQ7wLREsF+N0t&01AD=1& HTTP/1.1
Host: www.abmr.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/142856445/direct;wi.728;hi.90/01?click=http://viacom.adbureau.net/accipiter/adclick/CID=0000133c0000000000000000/height=90/width=728/site=SW.NOL/aamsz=728X90/NCP=1/relocate=
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 01AI=2-2-67CF0B075EBF8203031FFF6378AEA8396C84721A0DCC5C53432CE5213855312D-D4C07C2EC05E5DCDADBAA995908C8CA4B63AF9D01A6A06B0BB3BA79AF1DE211E

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://ai.realmedia.com/?01AD=3SHMdODZXwiULLqkivponR9TFGKNXO3633WY_nuhPf0QQPdf7d3Vdqg
Expires: Sun, 20 Mar 2011 12:49:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 12:49:24 GMT
Connection: close
Set-Cookie: 01AI=2-2-55A56D6F87395C50C989EE688579604B204BEA78972D56787F117619679E9963-4482DDB253E02D0F09F5097A901CC6299A3BDBFA1377F59D55D5A836E868CEB9; expires=Mon, 19-Mar-2012 12:49:24 GMT; path=/; domain=.abmr.net
P3P: policyref="http://www.abmr.net/w3c/policy.xml", CP="NON DSP COR CURa ADMa DEVa OUR SAMa IND"

1.210. http://www.burstnet.com/enlightn/7641//A790/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/7641//A790/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/7641//A790/ HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D18%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D728%26rheight%3D90%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16lnk0k1bqnmuj; 56Q8=3dCBXYPRlsHICIFLLT2QiDVixt9mJ41SduX8WUIgcVa5JXp9HqXCELA; CMS=/; CMP=_m.1EGQ^13r.1DqB^qE.1DqW^16g.1EPA^18z.1Drt^118.1EPZ^q0.1DsI^yX.1DsJ^112.1EPw

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
P3P: policyref="http://www.burstnet.com/w3c/p3p.xml", CP="NOI DSP LAW PSAa PSDa OUR IND UNI COM NAV STA"
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:07:14 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=_m.1EGQ^13r.1DqB^qE.1DqW^16g.1EPA^18z.1Drt^118.1EPZ^q0.1DsI^yX.1DsJ^112.1EPw; path=/; expires=Tue, 20-Mar-2012 13:07:13 GMT; domain=.burstnet.com

GIF89a.............!.......,...........D..;
1.211. http://www.burstnet.com/enlightn/7641/A790/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.burstnet.com
Path:   /enlightn/7641/A790/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /enlightn/7641/A790/?01AD=3dCBXYPRlsHICIFLLT2QiDVixt9mJ41SduX8WUIgcVa5JXp9HqXCELA&01RI=1EF804A7CAC2658&01NA= HTTP/1.1
Host: www.burstnet.com
Proxy-Connection: keep-alive
Referer: http://usweb.dotomi.com/renderer/delPublishersCookies.html?pid=13200&rurl=http%3A%2F%2Fads.dotomi.com%2Fads.php%3Fpid%3D13200%26mtg%3D0%26ms%3D11%26btg%3D1%26mp%3D1%26dres%3Diframe%26rwidth%3D300%26rheight%3D250%26pp%3D0%26cg%3D2084%26tz%3D300&u=WH9qYVd2Q3FGAWJeBgV%2BWQlbaXsQfgZCDFxlX1ZL&mpc=0&p=13200&pcg=2084&cg=2084&o=2084
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TID=16lnk0k1bqnmuj; CMP=_m.1EGQ^13r.1DqB^qE.1DqW^16g.1EPA^18z.1Drt^118.1EPZ^q0.1DsI^yX.1DsJ^112.1EPw; 56Q8=CT-1

Response

HTTP/1.1 200 OK
Server: Apache (Unix)
Pragma: no-cache
Cache-Control: no-cache
Content-Type: image/gif
Date: Sun, 20 Mar 2011 13:20:52 GMT
Content-Length: 43
Connection: close
Set-Cookie: 56Q8=3dCBXYPRlsHICIFLLT2QiDVixt9mJ41SduX8WUIgcVa5JXp9HqXCELA; expires=Sun, 17-Apr-2011 13:20:52 GMT; path=/; domain=.www.burstnet.com
Set-Cookie: CMS=/; path=/; domain=.burstnet.com
Set-Cookie: CMP=_m.1EGQ^13r.1DqB^qE.1DqW^16g.1EPA^18z.1Drt^118.1EPZ^q0.1DsI^yX.1DsJ^112.1EPw; path=/; expires=Tue, 20-Mar-2012 13:20:51 GMT; domain=.burstnet.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

GIF89a.............!.......,...........D..;
1.212. http://www.facebook.com/share.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /share.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /share.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gz=1; datr=VV5oTas0hG1hzk6eclVNNMGO; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Donline.wsj.com%26placement%3Drecommendations%26extra_1%3Dhttp%253A%252F%252Fonline.wsj.com%252Fhome-page%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=7zozL; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fshare.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.132.63
Connection: close
Date: Sun, 20 Mar 2011 13:59:29 GMT
Content-Length: 10159

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
1.213. http://www.facebook.com/sharer.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /sharer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gz=1; datr=VV5oTas0hG1hzk6eclVNNMGO; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Donline.wsj.com%26placement%3Drecommendations%26extra_1%3Dhttp%253A%252F%252Fonline.wsj.com%252Fhome-page%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=gnmbc; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.106.49
Connection: close
Date: Sun, 20 Mar 2011 13:59:30 GMT
Content-Length: 10164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
1.214. https://www.facebook.com/login.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.facebook.com
Path:   /login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: gz=1; datr=VV5oTas0hG1hzk6eclVNNMGO; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Donline.wsj.com%26placement%3Drecommendations%26extra_1%3Dhttp%253A%252F%252Fonline.wsj.com%252Fhome-page%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=VV5oTas0hG1hzk6eclVNNMGO; expires=Tue, 19-Mar-2013 13:59:31 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=sP6uX; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.43.143.81
X-Cnection: close
Date: Sun, 20 Mar 2011 13:59:31 GMT
Connection: close
Content-Length: 15659

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
1.215. http://www.linkedin.com/groups  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.linkedin.com
Path:   /groups

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /groups HTTP/1.1
Host: www.linkedin.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Apache-Coyote/1.1
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Expires: 0
Pragma: no-cache
Cache-control: no-cache, must-revalidate, max-age=0
Location: http://www.linkedin.com/directory/groups/
Set-Cookie: leo_auth_token="GST:UGGUy-u5wvaphYF9RsDAYhDOCw55WWM92YuqvoPuo-5ueBS9h3RJWa:1300629575:28acc21cf6e24edbc3db83752f31c177d2efad5f"; Version=1; Max-Age=1799; Expires=Sun, 20-Mar-2011 14:29:34 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: JSESSIONID="ajax:8925970186117670255"; Version=1; Path=/
Set-Cookie: visit=G; Expires=Fri, 07-Apr-2079 17:13:42 GMT; Path=/
Set-Cookie: bcookie="v=1&876ccdca-ab88-4996-852d-263c1e16d0b2"; Version=1; Domain=linkedin.com; Max-Age=2147483647; Expires=Fri, 07-Apr-2079 17:13:42 GMT; Path=/
Set-Cookie: lang="v=2&lang=en&c="; Version=1; Domain=linkedin.com; Path=/
Content-Length: 0
Date: Sun, 20 Mar 2011 13:59:35 GMT
Set-Cookie: NSC_MC_QH_MFP=ffffffffaf19965a45525d5f4f58455e445a4a42198c;expires=Sun, 20-Mar-2011 14:30:18 GMT;path=/;httponly

1.216. http://www.nick.com/sbcom/data/json/poll_to_json.jhtml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.nick.com
Path:   /sbcom/data/json/poll_to_json.jhtml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sbcom/data/json/poll_to_json.jhtml?callback=NICK.request.lstnrs[%22wwwnickcomsbcomdatajsonpoll_to_jsonjhtml1%22]&_=1300629912260 HTTP/1.1
Host: www.nick.com
Proxy-Connection: keep-alive
Referer: http://www.teennick.com/shows/the-nightlife
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.151 Safari/534.16
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Length: 178
Content-Type: text/html
Set-Cookie: app-instance=nick-com-1-kids-jboss-135; Path=/
Set-Cookie: server=rugrats4; Domain=.nick.com; Path=/
Set-Cookie: MTV_ID=24.143.206.71.1300629905375; Domain=.nick.com; Expires=Wed, 17-Mar-2021 14:05:05 GMT; Path=/
Set-Cookie: JSESSIONID=B27F5B9A0DCA62EDB5F959514A876B8C.kids-jboss-135-811-mtvi-com-28851; Path=/
MTVi-Edge-control: no-cache-downstream
Vary: Accept-Encoding
Expires: Sun, 20 Mar 2011 14:05:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 20 Mar 2011 14:05:05 GMT
Connection: close

NICK.request.lstnrs["wwwnickcomsbcomdatajsonpoll_to_jsonjhtml1"]({"code":"ok","voteSubmitted":"false","data":[

{"name":"null","texts":["null","null","null"],"ballots":[

]}]});
1.217. http://www.reddit.com/submit  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reddit.com
Path:   /submit

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /submit HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Location: http://www.reddit.com/login?dest=%2Fsubmit
Set-Cookie: reddit_first=%7B%22firsttime%22%3A%20%22first%22%7D; Domain=reddit.com; expires=Thu, 31 Dec 2037 23:59:59 GMT; Path=/
Server: '; DROP TABLE servertypes; --
Content-Length: 0
Date: Sun, 20 Mar 2011 14:00:09 GMT
Connection: close

1.218. http://www.reliant.com/en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.reliant.com
Path:   /en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en_US/Page/Shop/Public/misc_LockedandLow_100_landingpage.jsp HTTP/1.1
Host: www.reliant.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Sun, 20 Mar 2011 14:00:10 GMT
Content-type: text/html;charset=utf-8
Cache-control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-cookie: UserSessionFilterCookieID=6406DAD9-4C03-016D-EE3B-B76E76D395E6; Expires=Mon, 19-Mar-2012 14:00:10 GMT; Path=/
Set-cookie: JSESSIONID=B6810346BF0DE2ACC17D98141AEEF69B; Path=/
Set-cookie: language_code=en_US; Domain=.reliant.com; Path=/
Set-cookie: i_chronicle_id=090175228036daba
Set-cookie: site_location=Shop; Domain=.reliant.com; Path=/
Set-cookie: CurrentAccountSegment=Generic; Domain=.reliant.com; Path=/
Pragma: no-cache
Via: 1.1 https-www.reliant.com
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
...[SNIP]...
1.219. https://www.riftgame.com/en/products/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.riftgame.com
Path:   /en/products/index.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/index.php HTTP/1.1
Host: www.riftgame.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 20 Mar 2011 14:00:10 GMT
Server: Apache/2.2.8 (CentOS)
X-Powered-By: PHP/5.2.10
Set-Cookie: region_pref=deleted; expires=Sat, 20-Mar-2010 14:00:09 GMT; path=/; domain=.riftgame.com
Set-Cookie: locale_pref=en; expires=Tue, 19-Apr-2011 14:00:10 GMT; path=/; domain=.riftgame.com
Set-Cookie: _ctia=1; expires=Tue, 19-Apr-2011 14:00:10 GMT; path=/; domain=.riftgame.com
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 23553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>RIFT - Products</title>
<meta co
...[SNIP]...
1.220. http://www.t-mobile.com/Discover/DiscoverSubContent.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /Discover/DiscoverSubContent.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Discover/DiscoverSubContent.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Location: http://www.t-mobile.com/
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a26+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:26 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:26 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:26 GMT; path=/
Date: Sun, 20 Mar 2011 14:00:26 GMT
Connection: close
Content-Length: 141

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.t-mobile.com/">here</a>.</h2>
</body></html>
1.221. http://www.t-mobile.com/Popup/Generic_Popup.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /Popup/Generic_Popup.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Popup/Generic_Popup.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Location: /500.aspx?aspxerrorpath=/Popup/Generic_Popup.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a38+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:38 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:38 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:38 GMT; path=/
Date: Sun, 20 Mar 2011 14:00:37 GMT
Connection: close
Content-Length: 176

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f500.aspx%3faspxerrorpath%3d%2fPopup%2fGeneric_Popup.aspx">here</a>.</h2>
</body></html>
1.222. http://www.t-mobile.com/Templates/Popup.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /Templates/Popup.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Templates/Popup.aspx HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Location: /500.aspx?aspxerrorpath=/Templates/Popup.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a58+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:58 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:58 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:58 GMT; path=/
Date: Sun, 20 Mar 2011 14:00:58 GMT
Connection: close
Content-Length: 172

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2f500.aspx%3faspxerrorpath%3d%2fTemplates%2fPopup.aspx">here</a>.</h2>
</body></html>
1.223. http://www.t-mobile.com/shop/plans/  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.t-mobile.com
Path:   /shop/plans/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shop/plans/ HTTP/1.1
Host: www.t-mobile.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TMobileSpanish=IsSpanishUser=false; fsr.s={"v":1,"rid":"1300628812323_364495","ru":"http://burp/show/20","r":"burp","st":"","pv":2,"to":5,"c":"http://www.t-mobile.com/shop/phones/Default.aspx","lc":{"d4":{"v":2,"s":false}},"cd":4,"sd":4,"f":1300628818187}; TMobileGeo=UserCurrentLocation=75207&UserCurrentCity=Dallas&UserCurrentCountry=United+States&GeoMarketId=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&NeighborhoodName=Dallas&StateAbbreviation=TX&GeoMarketCode=DAT; PartnerExpiration=; TMobileUSStore=MarketUniqueID=8eb5dca0-f21b-4b24-8dc8-49933c6ff5d3&MarketCode=DAT&NeighborhoodName=Dallas&StateAbbreviation=TX&CityName=Dallas&StateName=Texas&ZIP=75207; 53643872-SKEY=4772067767537568202; fsr.a=1300628846480; TMobileCommon=TeaId=d676b058-7b88-48e0-a1a7-a54f7fb0806d; TMobileSession=WT=&DCS=&ZIPISVALID=True&UCCID=U&SessionId=8e375ee9-b73b-43f6-8b5e-aba1334ba862; TMobilePartner=; mr_referredVisitor=0; mbox=PC#1300624507874-511379.17#1301838444|session#1300627094627-816279#1300630704|check#true#1300628904|behaveSegmentCookie#phones#1332164809; WT_FPC=id=10.134.111.248-1143909120.30140155:lv=1300618046267:ss=1300616298452; HumanClickSiteContainerID_53643872=STANDALONE; cmTPSet=Y; 53643872-VID=44502044936234; TMobileSegmentation=UserId=182ea6ae-2179-409b-9a61-125b87fb8307; ASP.NET_SessionId=qquvpt55xmlorbb04afdz055; TMobileShop=manufacturerCookie=&typeCookie=&priceRangeCookie=&featureCookie=&pageIndexCookie=1&phoneHeaderCookie=$;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: -1
Last-Modified: Mon, 01 Sep 1997 01:03:33 GMT
Location: /shop/plans/Cell-Phone-Plans-Overview.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: PartnerExpiration=PARTNER=!4%2f3%2f2011+2%3a00%3a47+PM; domain=.t-mobile.com; expires=Tue, 20-Mar-2012 14:00:47 GMT; path=/
Set-Cookie: TMobilePartner=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Set-Cookie: PartnerExpiration=; domain=.t-mobile.com; expires=Mon, 20-Mar-2006 14:00:47 GMT; path=/
Date: Sun, 20 Mar 2011 14:00:46 GMT
Connection: close
Content-Length: 0

Report generated by XSS.CX at Sun Mar 20 09:19:03 CDT 2011.